Merged in ENGINE-294
authorKrista Bennett <krista@pep-project.org>
Wed, 28 Feb 2018 14:56:00 +0100
changeset 255002d3455902ba
parent 2546 2e72f9667438
parent 2549 5fc5d6be0b36
child 2551 a5ea813f1315
Merged in ENGINE-294
     1.1 --- a/src/keymanagement.c	Wed Feb 28 10:07:05 2018 +0100
     1.2 +++ b/src/keymanagement.c	Wed Feb 28 14:56:00 2018 +0100
     1.3 @@ -43,7 +43,7 @@
     1.4  }
     1.5  
     1.6  PEP_STATUS elect_pubkey(
     1.7 -        PEP_SESSION session, pEp_identity * identity
     1.8 +        PEP_SESSION session, pEp_identity * identity, bool check_blacklist
     1.9      )
    1.10  {
    1.11      PEP_STATUS status;
    1.12 @@ -76,10 +76,10 @@
    1.13                  if (identity->comm_type == PEP_ct_unknown ||
    1.14                      _comm_type_key > identity->comm_type)
    1.15                  {
    1.16 -                    bool blacklisted;
    1.17 -                    bool mistrusted;
    1.18 +                    bool blacklisted = false;
    1.19 +                    bool mistrusted = false;
    1.20                      status = is_mistrusted_key(session, _keylist->value, &mistrusted);
    1.21 -                    if (status == PEP_STATUS_OK)
    1.22 +                    if (status == PEP_STATUS_OK && check_blacklist)
    1.23                          status = blacklist_is_listed(session, _keylist->value, &blacklisted);
    1.24                      if (status == PEP_STATUS_OK && !mistrusted && !blacklisted) {
    1.25                          identity->comm_type = _comm_type_key;
    1.26 @@ -106,7 +106,8 @@
    1.27  }
    1.28  
    1.29  static PEP_STATUS validate_fpr(PEP_SESSION session, 
    1.30 -                               pEp_identity* ident) {
    1.31 +                               pEp_identity* ident,
    1.32 +                               bool check_blacklist) {
    1.33      
    1.34      PEP_STATUS status = PEP_STATUS_OK;
    1.35      
    1.36 @@ -173,7 +174,7 @@
    1.37          if (status != PEP_STATUS_OK)
    1.38              return status;
    1.39  
    1.40 -        if ((ct | PEP_ct_confirmed) == PEP_ct_OpenPGP &&
    1.41 +        if (check_blacklist && IS_PGP_CT(ct) &&
    1.42              !ident->me) {
    1.43              status = blacklist_is_listed(session, 
    1.44                                           fpr, 
    1.45 @@ -274,7 +275,8 @@
    1.46                           pEp_identity* stored_identity,
    1.47                           bool* is_identity_default,
    1.48                           bool* is_user_default,
    1.49 -                         bool* is_address_default) {
    1.50 +                         bool* is_address_default,
    1.51 +                         bool check_blacklist) {
    1.52      
    1.53      PEP_STATUS status = PEP_STATUS_OK;
    1.54  
    1.55 @@ -291,7 +293,7 @@
    1.56      // Input: stored identity retrieved from database
    1.57      // if stored identity contains a default key
    1.58      if (!EMPTYSTR(stored_fpr)) {
    1.59 -        status = validate_fpr(session, stored_identity);    
    1.60 +        status = validate_fpr(session, stored_identity, check_blacklist);    
    1.61          if (status == PEP_STATUS_OK && !EMPTYSTR(stored_identity->fpr)) {
    1.62              *is_identity_default = *is_address_default = true;
    1.63              return status;
    1.64 @@ -311,7 +313,7 @@
    1.65      if (!EMPTYSTR(user_fpr)) {             
    1.66          // There exists a default key for user, so validate
    1.67          stored_identity->fpr = user_fpr;
    1.68 -        status = validate_fpr(session, stored_identity);
    1.69 +        status = validate_fpr(session, stored_identity, check_blacklist);
    1.70          if (status == PEP_STATUS_OK && stored_identity->fpr) {
    1.71              *is_user_default = true;
    1.72              *is_address_default = key_matches_address(session, 
    1.73 @@ -325,10 +327,10 @@
    1.74          }
    1.75      }
    1.76      
    1.77 -    status = elect_pubkey(session, stored_identity);
    1.78 +    status = elect_pubkey(session, stored_identity, check_blacklist);
    1.79      if (status == PEP_STATUS_OK) {
    1.80          if (!EMPTYSTR(stored_identity->fpr))
    1.81 -            validate_fpr(session, stored_identity);
    1.82 +            validate_fpr(session, stored_identity, false); // blacklist already filtered of needed
    1.83      }    
    1.84      else if (status != PEP_KEY_NOT_FOUND && first_reject_status != PEP_KEY_NOT_FOUND) {
    1.85          first_reject_status = status;
    1.86 @@ -348,6 +350,11 @@
    1.87              stored_identity->comm_type = first_reject_comm_type;
    1.88              break;    
    1.89          default:
    1.90 +            if (check_blacklist && status == PEP_KEY_BLACKLISTED) {
    1.91 +                free(stored_identity->fpr);
    1.92 +                stored_identity->fpr = NULL;
    1.93 +                stored_identity->comm_type = PEP_ct_key_not_found;
    1.94 +            }
    1.95              break;
    1.96      }
    1.97      return status;
    1.98 @@ -398,7 +405,8 @@
    1.99      status = get_valid_pubkey(session, stored_ident,
   1.100                                  &is_identity_default,
   1.101                                  &is_user_default,
   1.102 -                                &is_address_default);
   1.103 +                                &is_address_default,
   1.104 +                              false);
   1.105                                  
   1.106      if (status == PEP_STATUS_OK && stored_ident->fpr && *(stored_ident->fpr) != '\0') {
   1.107      // set identity comm_type from trust db (user_id, FPR)
   1.108 @@ -599,7 +607,7 @@
   1.109              //      (this is the input id without the fpr + comm type!)
   1.110  
   1.111              if (status == PEP_STATUS_OK) {
   1.112 -                elect_pubkey(session, identity);
   1.113 +                elect_pubkey(session, identity, false);
   1.114              }
   1.115                          
   1.116              //    * We've already checked and retrieved
   1.117 @@ -694,7 +702,7 @@
   1.118                  //      any applicable temporary identities above. If we're 
   1.119                  //      here, none of them fit.
   1.120                  
   1.121 -                status = elect_pubkey(session, identity);
   1.122 +                status = elect_pubkey(session, identity, false);
   1.123                               
   1.124                  //    * call set_identity() to store
   1.125                  if (identity->fpr)
   1.126 @@ -762,7 +770,7 @@
   1.127              identity->fpr = NULL;
   1.128              identity->comm_type = PEP_ct_unknown;
   1.129  
   1.130 -            status = elect_pubkey(session, identity);
   1.131 +            status = elect_pubkey(session, identity, false);
   1.132                           
   1.133              if (identity->fpr)
   1.134                  status = get_key_rating(session, identity->fpr, &identity->comm_type);
   1.135 @@ -858,19 +866,10 @@
   1.136  PEP_STATUS _has_usable_priv_key(PEP_SESSION session, char* fpr,
   1.137                                  bool* is_usable) {
   1.138      
   1.139 -    bool dont_use_fpr = true;
   1.140 +    bool has_private = false;
   1.141 +    PEP_STATUS status = contains_priv_key(session, fpr, &has_private);
   1.142      
   1.143 -    PEP_STATUS status = blacklist_is_listed(session, fpr, &dont_use_fpr);
   1.144 -    if (status == PEP_STATUS_OK && !dont_use_fpr) {
   1.145 -        // Make sure there is a *private* key associated with this fpr
   1.146 -        bool has_private = false;
   1.147 -        status = contains_priv_key(session, fpr, &has_private);
   1.148 -
   1.149 -        if (status == PEP_STATUS_OK)
   1.150 -            dont_use_fpr = !has_private;
   1.151 -    }
   1.152 -    
   1.153 -    *is_usable = !dont_use_fpr;
   1.154 +    *is_usable = has_private;
   1.155      
   1.156      return status;
   1.157  }
   1.158 @@ -962,7 +961,7 @@
   1.159      // check stored identity
   1.160      if (stored_identity && !EMPTYSTR(stored_identity->fpr)) {
   1.161          // Fall back / retrieve
   1.162 -        status = validate_fpr(session, stored_identity);
   1.163 +        status = validate_fpr(session, stored_identity, false);
   1.164          if (status == PEP_OUT_OF_MEMORY)
   1.165              goto pep_free;
   1.166          if (status == PEP_STATUS_OK) {
   1.167 @@ -1355,7 +1354,7 @@
   1.168  
   1.169      // First, set up a temp trusted identity for the input fpr without a comm type;
   1.170      tmp_id = new_identity(ident->address, ident->fpr, ident->user_id, NULL);
   1.171 -    status = validate_fpr(session, tmp_id);
   1.172 +    status = validate_fpr(session, tmp_id, false);
   1.173          
   1.174      if (status == PEP_STATUS_OK) {
   1.175          // Validate fpr gets trust DB or, when that fails, key comm type. we checked
   1.176 @@ -1414,7 +1413,7 @@
   1.177                      if (!tmp_user_ident)
   1.178                          status = PEP_OUT_OF_MEMORY;
   1.179                      else {
   1.180 -                        status = validate_fpr(session, tmp_user_ident);
   1.181 +                        status = validate_fpr(session, tmp_user_ident, false);
   1.182                          
   1.183                          if (status != PEP_STATUS_OK ||
   1.184                              tmp_user_ident->comm_type < PEP_ct_strong_but_unconfirmed ||
   1.185 @@ -1678,7 +1677,7 @@
   1.186      if (!me->fpr)
   1.187          return PEP_OUT_OF_MEMORY;
   1.188  
   1.189 -    status = validate_fpr(session, me);
   1.190 +    status = validate_fpr(session, me, false);
   1.191      if (status)
   1.192          return status;
   1.193  
   1.194 @@ -1869,4 +1868,3 @@
   1.195      return status;
   1.196  }
   1.197  #endif // USE_GPG
   1.198 -
     2.1 --- a/src/keymanagement.h	Wed Feb 28 10:07:05 2018 +0100
     2.2 +++ b/src/keymanagement.h	Wed Feb 28 14:56:00 2018 +0100
     2.3 @@ -364,6 +364,16 @@
     2.4  PEP_STATUS delete_mistrusted_key(PEP_SESSION session, const char* fpr);
     2.5  PEP_STATUS is_mistrusted_key(PEP_SESSION session, const char* fpr, bool* mistrusted);
     2.6  
     2.7 +// Only call on retrieval of previously stored identity!
     2.8 +// Also, we presume that if the stored_identity was sent in
     2.9 +// without an fpr, there wasn't one in the trust DB for this
    2.10 +// identity.
    2.11 +PEP_STATUS get_valid_pubkey(PEP_SESSION session,
    2.12 +                            pEp_identity* stored_identity,
    2.13 +                            bool* is_identity_default,
    2.14 +                            bool* is_user_default,
    2.15 +                            bool* is_address_default,
    2.16 +                            bool check_blacklist);
    2.17  
    2.18  #ifdef __cplusplus
    2.19  }
     3.1 --- a/src/message_api.c	Wed Feb 28 10:07:05 2018 +0100
     3.2 +++ b/src/message_api.c	Wed Feb 28 14:56:00 2018 +0100
     3.3 @@ -6,6 +6,7 @@
     3.4  
     3.5  #include "platform.h"
     3.6  #include "mime.h"
     3.7 +#include "blacklist.h"
     3.8  
     3.9  #include <assert.h>
    3.10  #include <string.h>
    3.11 @@ -1533,6 +1534,26 @@
    3.12                  _il->ident->comm_type = PEP_ct_key_not_found;
    3.13                  _status = PEP_STATUS_OK;
    3.14              }
    3.15 +            bool is_blacklisted = false;
    3.16 +            if (_il->ident->fpr && IS_PGP_CT(_il->ident->comm_type)) {
    3.17 +                _status = blacklist_is_listed(session, _il->ident->fpr, &is_blacklisted);
    3.18 +                if (_status != PEP_STATUS_OK) {
    3.19 +                    // DB error
    3.20 +                    status = PEP_UNENCRYPTED;
    3.21 +                    goto pep_error;
    3.22 +                }
    3.23 +                if (is_blacklisted) {
    3.24 +                    bool user_default, ident_default, address_default; 
    3.25 +                    _status = get_valid_pubkey(session, _il->ident,
    3.26 +                                               &ident_default, &user_default,
    3.27 +                                               &address_default,
    3.28 +                                               true);
    3.29 +                    if (_status != PEP_STATUS_OK || _il->ident->fpr == NULL) {
    3.30 +                        _il->ident->comm_type = PEP_ct_key_not_found;
    3.31 +                        _status = PEP_STATUS_OK;                        
    3.32 +                    }
    3.33 +                }    
    3.34 +            }
    3.35              if (!has_pep_user && !EMPTYSTR(_il->ident->user_id))
    3.36                  is_pep_user(session, _il->ident, &has_pep_user);
    3.37          }
    3.38 @@ -1565,6 +1586,26 @@
    3.39                      _il->ident->comm_type = PEP_ct_key_not_found;
    3.40                      _status = PEP_STATUS_OK;
    3.41                  }
    3.42 +                bool is_blacklisted = false;
    3.43 +                if (_il->ident->fpr && IS_PGP_CT(_il->ident->comm_type)) {
    3.44 +                    _status = blacklist_is_listed(session, _il->ident->fpr, &is_blacklisted);
    3.45 +                    if (_status != PEP_STATUS_OK) {
    3.46 +                        // DB error
    3.47 +                        status = PEP_UNENCRYPTED;
    3.48 +                        goto pep_error;
    3.49 +                    }
    3.50 +                    if (is_blacklisted) {
    3.51 +                        bool user_default, ident_default, address_default; 
    3.52 +                        _status = get_valid_pubkey(session, _il->ident,
    3.53 +                                                   &ident_default, &user_default,
    3.54 +                                                   &address_default,
    3.55 +                                                   true);
    3.56 +                        if (_status != PEP_STATUS_OK || _il->ident->fpr == NULL) {
    3.57 +                            _il->ident->comm_type = PEP_ct_key_not_found;
    3.58 +                            _status = PEP_STATUS_OK;                        
    3.59 +                        }
    3.60 +                    }    
    3.61 +                }
    3.62                  if (!has_pep_user && !EMPTYSTR(_il->ident->user_id))
    3.63                      is_pep_user(session, _il->ident, &has_pep_user);
    3.64              }
    3.65 @@ -1596,6 +1637,26 @@
    3.66                      _il->ident->comm_type = PEP_ct_key_not_found;
    3.67                      _status = PEP_STATUS_OK;
    3.68                  }
    3.69 +                bool is_blacklisted = false;
    3.70 +                if (_il->ident->fpr && IS_PGP_CT(_il->ident->comm_type)) {
    3.71 +                    _status = blacklist_is_listed(session, _il->ident->fpr, &is_blacklisted);
    3.72 +                    if (_status != PEP_STATUS_OK) {
    3.73 +                        // DB error
    3.74 +                        status = PEP_UNENCRYPTED;
    3.75 +                        goto pep_error;
    3.76 +                    }
    3.77 +                    if (is_blacklisted) {
    3.78 +                        bool user_default, ident_default, address_default; 
    3.79 +                        _status = get_valid_pubkey(session, _il->ident,
    3.80 +                                                   &ident_default, &user_default,
    3.81 +                                                   &address_default,
    3.82 +                                                   true);
    3.83 +                        if (_status != PEP_STATUS_OK || _il->ident->fpr == NULL) {
    3.84 +                            _il->ident->comm_type = PEP_ct_key_not_found;
    3.85 +                            _status = PEP_STATUS_OK;                        
    3.86 +                        }
    3.87 +                    }    
    3.88 +                }
    3.89                  if (!has_pep_user && !EMPTYSTR(_il->ident->user_id))
    3.90                      is_pep_user(session, _il->ident, &has_pep_user);
    3.91              }
    3.92 @@ -2919,7 +2980,22 @@
    3.93                  status = update_identity(session, il->ident);
    3.94              else
    3.95                  status = myself(session, il->ident);
    3.96 -                
    3.97 +            
    3.98 +            bool is_blacklisted = false;
    3.99 +            if (il->ident->fpr && IS_PGP_CT(il->ident->comm_type)) {
   3.100 +                status = blacklist_is_listed(session, il->ident->fpr, &is_blacklisted);
   3.101 +                if (is_blacklisted) {
   3.102 +                    bool user_default, ident_default, address_default; 
   3.103 +                    status = get_valid_pubkey(session, il->ident,
   3.104 +                                              &ident_default, &user_default,
   3.105 +                                              &address_default,
   3.106 +                                              true);
   3.107 +                    if (status != PEP_STATUS_OK || il->ident->fpr == NULL) {
   3.108 +                        il->ident->comm_type = PEP_ct_key_not_found;
   3.109 +                    }
   3.110 +                }    
   3.111 +            }
   3.112 +    
   3.113              // check for the return statuses which might not a representative
   3.114              // value in the comm_type
   3.115              if (status == PEP_ILLEGAL_VALUE || status == PEP_CANNOT_SET_PERSON ||
   3.116 @@ -3002,6 +3078,26 @@
   3.117      else
   3.118          status = update_identity(session, ident);
   3.119  
   3.120 +    bool is_blacklisted = false;
   3.121 +    
   3.122 +    if (ident->fpr && IS_PGP_CT(ident->comm_type)) {
   3.123 +        status = blacklist_is_listed(session, ident->fpr, &is_blacklisted);
   3.124 +        if (status != PEP_STATUS_OK) {
   3.125 +            return status; // DB ERROR
   3.126 +        }
   3.127 +        if (is_blacklisted) {
   3.128 +            bool user_default, ident_default, address_default; 
   3.129 +            status = get_valid_pubkey(session, ident,
   3.130 +                                       &ident_default, &user_default,
   3.131 +                                       &address_default,
   3.132 +                                       true);
   3.133 +            if (status != PEP_STATUS_OK || ident->fpr == NULL) {
   3.134 +                ident->comm_type = PEP_ct_key_not_found;
   3.135 +                status = PEP_STATUS_OK;                        
   3.136 +            }
   3.137 +        }    
   3.138 +    }
   3.139 +
   3.140      if (status == PEP_STATUS_OK)
   3.141          *rating = _rating(ident->comm_type, PEP_rating_undefined);
   3.142  
     4.1 --- a/src/pEpEngine.c	Wed Feb 28 10:07:05 2018 +0100
     4.2 +++ b/src/pEpEngine.c	Wed Feb 28 14:56:00 2018 +0100
     4.3 @@ -2385,21 +2385,8 @@
     4.4  
     4.5      PEP_STATUS status = PEP_STATUS_OK;
     4.6      
     4.7 -    bool listed;
     4.8 -
     4.9      bool has_fpr = (!EMPTYSTR(identity->fpr));
    4.10      
    4.11 -    if (has_fpr) {    
    4.12 -        // blacklist check - FIXME: ENGINE-294 will remove
    4.13 -        status = blacklist_is_listed(session, identity->fpr, &listed);
    4.14 -        assert(status == PEP_STATUS_OK);
    4.15 -        if (status != PEP_STATUS_OK)
    4.16 -            return status;
    4.17 -
    4.18 -        if (listed)
    4.19 -            return PEP_KEY_BLACKLISTED;
    4.20 -    }
    4.21 -
    4.22      sqlite3_exec(session->db, "BEGIN TRANSACTION ;", NULL, NULL, NULL);
    4.23  
    4.24      if (identity->lang[0]) {
     5.1 --- a/src/pEpEngine.h	Wed Feb 28 10:07:05 2018 +0100
     5.2 +++ b/src/pEpEngine.h	Wed Feb 28 14:56:00 2018 +0100
     5.3 @@ -600,7 +600,6 @@
     5.4  //        PEP_CANNOT_SET_PGP_KEYPAIR    writing to table pgp_keypair failed
     5.5  //        PEP_CANNOT_SET_IDENTITY       writing to table identity failed
     5.6  //        PEP_COMMIT_FAILED             SQL commit failed
     5.7 -//        PEP_KEY_BLACKLISTED           Key blacklisted, cannot set identity
     5.8  //
     5.9  //    caveat:
    5.10  //        address, fpr, user_id and username must be given
     6.1 --- a/src/pEp_internal.h	Wed Feb 28 10:07:05 2018 +0100
     6.2 +++ b/src/pEp_internal.h	Wed Feb 28 14:56:00 2018 +0100
     6.3 @@ -408,6 +408,10 @@
     6.4  #define EMPTYSTR(STR) ((STR) == NULL || (STR)[0] == '\0')
     6.5  #endif
     6.6  
     6.7 +#ifndef IS_PGP_CT
     6.8 +#define IS_PGP_CT(CT) (((CT) | PEP_ct_confirmed) == PEP_ct_OpenPGP)
     6.9 +#endif
    6.10 +
    6.11  #ifndef _MIN
    6.12  #define _MIN(A, B) ((B) > (A) ? (A) : (B))
    6.13  #endif
     7.1 --- a/test/blacklist_accept_new_key_test.cc	Wed Feb 28 10:07:05 2018 +0100
     7.2 +++ b/test/blacklist_accept_new_key_test.cc	Wed Feb 28 14:56:00 2018 +0100
     7.3 @@ -48,7 +48,22 @@
     7.4      PEP_STATUS status8 = update_identity(session, blacklisted_identity);
     7.5      PEP_STATUS status9 = blacklist_add(session, bl_fpr_1);
     7.6      PEP_STATUS status10 = blacklist_is_listed(session, bl_fpr_1, &is_blacklisted);
     7.7 +    assert(is_blacklisted);
     7.8      PEP_STATUS status11 = update_identity(session, blacklisted_identity);
     7.9 +    assert(status11 == PEP_STATUS_OK);
    7.10 +    assert(_streq(bl_fpr_1, blacklisted_identity->fpr));
    7.11 +    
    7.12 +    bool id_def, us_def, addr_def;
    7.13 +    status11 = get_valid_pubkey(session, blacklisted_identity,
    7.14 +                                &id_def, &us_def, &addr_def, true);
    7.15 +    assert(blacklisted_identity->comm_type == PEP_ct_unknown);
    7.16 +                        
    7.17 +    if (!(blacklisted_identity->fpr))
    7.18 +        cout << "OK! blacklisted_identity->fpr is empty. Yay!" << endl;
    7.19 +    else
    7.20 +        cout << "Not OK. blacklisted_identity->fpr is " << blacklisted_identity->fpr << "." << endl
    7.21 +             << "Expected it to be empty." << endl;
    7.22 +    assert(!(blacklisted_identity->fpr) || blacklisted_identity->fpr[0] == '\0');
    7.23  
    7.24      /* identity is blacklisted. Now let's read in a message which contains a new key for that ID. */
    7.25      
    7.26 @@ -67,7 +82,8 @@
    7.27      assert(status == PEP_STATUS_OK);
    7.28      status = decrypt_message(session, msg_ptr, &dest_msg, &keylist, &rating, &flags);
    7.29  
    7.30 -    PEP_STATUS status12 = update_identity(session, blacklisted_identity);
    7.31 +    PEP_STATUS status12 = get_valid_pubkey(session, blacklisted_identity,
    7.32 +                                           &id_def, &us_def, &addr_def, true);
    7.33  
    7.34      assert(strcasecmp(blacklisted_identity->fpr, new_key) == 0);
    7.35  
     8.1 --- a/test/blacklist_test.cc	Wed Feb 28 10:07:05 2018 +0100
     8.2 +++ b/test/blacklist_test.cc	Wed Feb 28 14:56:00 2018 +0100
     8.3 @@ -92,7 +92,7 @@
     8.4                                                        "Blacklist Keypair");
     8.5  
     8.6      PEP_STATUS status8 = update_identity(session, blacklisted_identity);
     8.7 -    
     8.8 +        
     8.9      // THERE IS NO BLACKLISTING OF PEP KEYS
    8.10      //blacklisted_identity->comm_type = PEP_ct_pEp;
    8.11      blacklisted_identity->comm_type = PEP_ct_OpenPGP_unconfirmed;
    8.12 @@ -108,6 +108,15 @@
    8.13      PEP_STATUS status9 = blacklist_add(session, bl_fpr_1);
    8.14      status10 = blacklist_is_listed(session, bl_fpr_1, &is_blacklisted);
    8.15      PEP_STATUS status11 = update_identity(session, blacklisted_identity);
    8.16 +    /* new!!! */
    8.17 +    assert(is_blacklisted);
    8.18 +    assert(status11 == PEP_STATUS_OK);
    8.19 +    assert(_streq(bl_fpr_1, blacklisted_identity->fpr));
    8.20 +    
    8.21 +    bool id_def, us_def, addr_def;
    8.22 +    status11 = get_valid_pubkey(session, blacklisted_identity,
    8.23 +                                &id_def, &us_def, &addr_def, true);
    8.24 +    
    8.25      if (!(blacklisted_identity->fpr))
    8.26          cout << "OK! blacklisted_identity->fpr is empty. Yay!" << endl;
    8.27      else if (strcmp(blacklisted_identity->fpr, bl_fpr_2) == 0)
    8.28 @@ -120,7 +129,6 @@
    8.29               << "Expected it to be empty or (possibly) " << bl_fpr_2 << endl;
    8.30      assert(!(blacklisted_identity->fpr) || blacklisted_identity->fpr[0] == '\0'|| (strcmp(blacklisted_identity->fpr, bl_fpr_2) == 0));
    8.31  
    8.32 -
    8.33      const string keytext2 = slurp("blacklisted_pub2.asc");
    8.34      PEP_STATUS status14 = import_key(session, keytext2.c_str(), keytext2.length(), NULL);
    8.35      
    8.36 @@ -129,25 +137,25 @@
    8.37                                                          NULL,
    8.38                                                         "Blacklist Keypair");
    8.39      PEP_STATUS status15 = update_identity(session, blacklisted_identity2);
    8.40 -
    8.41 -    assert(blacklisted_identity2->fpr && strcmp(blacklisted_identity2->fpr, bl_fpr_2) == 0);
    8.42 -    if (blacklisted_identity2->fpr && strcmp(blacklisted_identity2->fpr, bl_fpr_2) == 0)
    8.43 -        cout << "blacklisted identity's fpr successfully replaced by the unblacklisted one" << endl;
    8.44 -    // else
    8.45 -    //     cout << "blacklisted_identity->fpr should be " << bl_fpr_2 << " but is " << blacklisted_identity->fpr << endl;
    8.46 -    
    8.47 -    PEP_STATUS status12 = blacklist_delete(session, bl_fpr_1);
    8.48 -    PEP_STATUS status13 = update_identity(session, blacklisted_identity);
    8.49 -        
    8.50 -    pEp_identity* stored_identity = new_identity("blacklistedkeys@kgrothoff.org",
    8.51 -                                                  NULL,
    8.52 -                                                  blacklisted_identity->user_id,
    8.53 -                                                  "Blacklist Keypair");
    8.54 -     
    8.55 -    PEP_STATUS status00 = update_identity(session, stored_identity);
    8.56 -    
    8.57 -    // FIXME
    8.58 -    // assert(stored_identity->comm_type == PEP_ct_pEp);    
    8.59 +    // 
    8.60 +    // assert(blacklisted_identity2->fpr && strcmp(blacklisted_identity2->fpr, bl_fpr_2) == 0);
    8.61 +    // if (blacklisted_identity2->fpr && strcmp(blacklisted_identity2->fpr, bl_fpr_2) == 0)
    8.62 +    //     cout << "blacklisted identity's fpr successfully replaced by the unblacklisted one" << endl;
    8.63 +    // // else
    8.64 +    // //     cout << "blacklisted_identity->fpr should be " << bl_fpr_2 << " but is " << blacklisted_identity->fpr << endl;
    8.65 +    // 
    8.66 +    // PEP_STATUS status12 = blacklist_delete(session, bl_fpr_1);
    8.67 +    // PEP_STATUS status13 = update_identity(session, blacklisted_identity);
    8.68 +    //     
    8.69 +    // pEp_identity* stored_identity = new_identity("blacklistedkeys@kgrothoff.org",
    8.70 +    //                                               NULL,
    8.71 +    //                                               blacklisted_identity->user_id,
    8.72 +    //                                               "Blacklist Keypair");
    8.73 +    //  
    8.74 +    // PEP_STATUS status00 = update_identity(session, stored_identity);
    8.75 +    // 
    8.76 +    // // FIXME
    8.77 +    // // assert(stored_identity->comm_type == PEP_ct_pEp);    
    8.78      
    8.79      PEP_STATUS status16 = delete_keypair(session, bl_fpr_1);
    8.80      update_identity(session, blacklisted_identity);