just to be sure sync
authorVolker Birk <vb@pep-project.org>
Sun, 14 Apr 2019 14:47:13 +0200
branchsync
changeset 35192b360f5f1d30
parent 3518 673f89ac1def
child 3520 cff778fa5330
just to be sure
sync/gen_statemachine.ysl2
sync/sync.fsm
     1.1 --- a/sync/gen_statemachine.ysl2	Sun Apr 14 13:04:34 2019 +0200
     1.2 +++ b/sync/gen_statemachine.ysl2	Sun Apr 14 14:47:13 2019 +0200
     1.3 @@ -501,6 +501,42 @@
     1.4                              break;
     1.5  
     1.6                      `` for "fsm/message[@security='attach_own_keys']" |>>> case «../@name»_PR_«yml:mixedCase(@name)»:
     1.7 +                            assert(session->«yml:lcase(@name)»_state.common.signature_fpr &&
     1.8 +                                session->«yml:lcase(@name)»_state.common.from &&
     1.9 +                                session->«yml:lcase(@name)»_state.common.from->user_id);
    1.10 +                            if (!(session->«yml:lcase(@name)»_state.common.signature_fpr &&
    1.11 +                                    session->«yml:lcase(@name)»_state.common.from &&
    1.12 +                                    session->«yml:lcase(@name)»_state.common.from->user_id))
    1.13 +                            {
    1.14 +                                status = PEP_«yml:ucase(@name)»_CANNOT_ENCRYPT;
    1.15 +                                goto the_end;
    1.16 +                            }
    1.17 +                            
    1.18 +                            // double check if we fully trust this comm partner
    1.19 +                            {
    1.20 +                                pEp_identity *ident = new_identity(NULL,
    1.21 +                                        session->«yml:lcase(@name)»_state.common.signature_fpr,
    1.22 +                                        session->«yml:lcase(@name)»_state.common.from->user_id,
    1.23 +                                        NULL
    1.24 +                                    );
    1.25 +                                if (!ident) {
    1.26 +                                    status = PEP_OUT_OF_MEMORY;
    1.27 +                                    goto the_end;
    1.28 +                                }
    1.29 +                                status = get_trust(session, ident);
    1.30 +                                if (status) {
    1.31 +                                    free_identity(ident);
    1.32 +                                    goto the_end;
    1.33 +                                }
    1.34 +                                assert(ident->comm_type == PEP_ct_pEp); // we don't deliver otherwise
    1.35 +                                if (ident->comm_type != PEP_ct_pEp) {
    1.36 +                                    free_identity(ident);
    1.37 +                                    status = PEP_«yml:ucase(@name)»_CANNOT_ENCRYPT;
    1.38 +                                    goto the_end;
    1.39 +                                }
    1.40 +                                free_identity(ident);
    1.41 +                            }
    1.42 +
    1.43                              status = base_prepare_message(
    1.44                                      session,
    1.45                                      li->ident,
    1.46 @@ -516,12 +552,6 @@
    1.47                                  goto the_end;
    1.48                              }
    1.49  
    1.50 -                            assert(session->«yml:lcase(@name)»_state.common.signature_fpr);
    1.51 -                            if (!session->«yml:lcase(@name)»_state.common.signature_fpr) {
    1.52 -                                status = PEP_«yml:ucase(@name)»_CANNOT_ENCRYPT;
    1.53 -                                goto the_end;
    1.54 -                            }
    1.55 -
    1.56                              extra = new_stringlist(session->«yml:lcase(@name)»_state.common.signature_fpr);
    1.57                              if (extra) {
    1.58                                  status = encrypt_message(session, _m, extra, &m, PEP_enc_PEP, 0);
     2.1 --- a/sync/sync.fsm	Sun Apr 14 13:04:34 2019 +0200
     2.2 +++ b/sync/sync.fsm	Sun Apr 14 14:47:13 2019 +0200
     2.3 @@ -264,6 +264,7 @@
     2.4                  go HandshakingGrouped;
     2.5          }
     2.6  
     2.7 +        // sole device handshaking with group
     2.8          state HandshakingWithGroup {
     2.9              on Init
    2.10                  do showJoinGroupHandshake;
    2.11 @@ -297,7 +298,7 @@
    2.12              }
    2.13  
    2.14              on CommitAcceptForGroup if sameTransaction
    2.15 -                go HandshakingJoinPhase1Own;
    2.16 +                go HandshakingJoinPhase2;
    2.17          }
    2.18  
    2.19          state HandshakingJoinPhase1 {
    2.20 @@ -313,7 +314,7 @@
    2.21                  go JoinGroup;
    2.22          }
    2.23  
    2.24 -        state HandshakingJoinPhase1Own {
    2.25 +        state HandshakingJoinPhase2 {
    2.26              on Cancel {
    2.27                  send Rollback;
    2.28                  go Sole;
    2.29 @@ -451,11 +452,11 @@
    2.30              field TID transaction;
    2.31          }
    2.32  
    2.33 -        message CommitAccept 7 {
    2.34 +        message CommitAccept 7, security=untrusted {
    2.35              field TID transaction;
    2.36          }
    2.37  
    2.38 -        message CommitAcceptForGroup 8 {
    2.39 +        message CommitAcceptForGroup 8, security=untrusted {
    2.40              field TID transaction;
    2.41          }
    2.42