ENGINE-140 changed identities flags update policy ENGINE-140_exclude_identity_from_sync
authorEdouard Tisserant <edouard@pep-project.org>
Fri, 18 Nov 2016 00:13:40 +0100
branchENGINE-140_exclude_identity_from_sync
changeset 14068d8ae9657388
parent 1405 dbb4866e1b6c
child 1407 10c67fc4e3a7
ENGINE-140 changed identities flags update policy
src/keymanagement.c
src/keymanagement.h
src/message_api.c
src/pEpEngine.c
src/pEpEngine.h
     1.1 --- a/src/keymanagement.c	Wed Nov 16 17:38:27 2016 +0100
     1.2 +++ b/src/keymanagement.c	Fri Nov 18 00:13:40 2016 +0100
     1.3 @@ -73,7 +73,7 @@
     1.4      return PEP_STATUS_OK;
     1.5  }
     1.6  
     1.7 -PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen);
     1.8 +PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen, bool ignore_flags);
     1.9  
    1.10  DYNAMIC_API PEP_STATUS update_identity(
    1.11          PEP_SESSION session, pEp_identity * identity
    1.12 @@ -92,7 +92,7 @@
    1.13  
    1.14      if (identity->me || (identity->user_id && strcmp(identity->user_id, PEP_OWN_USERID) == 0)) {
    1.15          identity->me = true;
    1.16 -        return _myself(session, identity, false);
    1.17 +        return _myself(session, identity, false, true);
    1.18      }
    1.19  
    1.20      int _no_user_id = EMPTYSTR(identity->user_id);
    1.21 @@ -104,7 +104,7 @@
    1.22                  &stored_identity);
    1.23          if (status == PEP_STATUS_OK) {
    1.24              free_identity(stored_identity);
    1.25 -            return _myself(session, identity, false);
    1.26 +            return _myself(session, identity, false, true);
    1.27          }
    1.28  
    1.29          free(identity->user_id);
    1.30 @@ -400,7 +400,7 @@
    1.31      return status;
    1.32  }
    1.33  
    1.34 -PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen)
    1.35 +PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen, bool ignore_flags)
    1.36  {
    1.37      pEp_identity *stored_identity;
    1.38      PEP_STATUS status;
    1.39 @@ -419,6 +419,8 @@
    1.40  
    1.41      identity->comm_type = PEP_ct_pEp;
    1.42      identity->me = true;
    1.43 +    if(ignore_flags)
    1.44 +        identity->flags = 0;
    1.45      
    1.46      if (EMPTYSTR(identity->user_id))
    1.47      {
    1.48 @@ -463,7 +465,7 @@
    1.49              }
    1.50          }
    1.51          
    1.52 -        identity->flags = stored_identity->flags;
    1.53 +        identity->flags = (identity->flags & 255) | stored_identity->flags;
    1.54  
    1.55          free_identity(stored_identity);
    1.56      }
    1.57 @@ -483,7 +485,6 @@
    1.58          
    1.59          // N.B. has_private is never true if the returned status is not PEP_STATUS_OK
    1.60          if (has_private) {
    1.61 -            identity->flags = 0;
    1.62              dont_use_input_fpr = false;
    1.63          }
    1.64      }
    1.65 @@ -510,7 +511,6 @@
    1.66          }
    1.67          
    1.68          if (has_private) {
    1.69 -            identity->flags = 0;
    1.70              dont_use_input_fpr = false;
    1.71          }
    1.72          else { // OK, we've tried everything. Time to generate new keys.
    1.73 @@ -621,7 +621,7 @@
    1.74  
    1.75  DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
    1.76  {
    1.77 -    return _myself(session, identity, true);
    1.78 +    return _myself(session, identity, true, false);
    1.79  }
    1.80  
    1.81  DYNAMIC_API PEP_STATUS register_examine_function(
     2.1 --- a/src/keymanagement.h	Wed Nov 16 17:38:27 2016 +0100
     2.2 +++ b/src/keymanagement.h	Fri Nov 18 00:13:40 2016 +0100
     2.3 @@ -43,12 +43,10 @@
     2.4  //      it can need a decent amount of time to return
     2.5  //      if you need to do this asynchronous, you need to return an identity
     2.6  //      with retrieve_next_identity() where pEp_identity.me is true
     2.7 -//      myself() never writes flags; use set_identity_flags() for writing
     2.8  
     2.9  DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity);
    2.10  
    2.11 -PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen);
    2.12 -
    2.13 +PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen, bool ignore_flags);
    2.14  
    2.15  // retrieve_next_identity() - callback being called by do_keymanagement()
    2.16  //
     3.1 --- a/src/message_api.c	Wed Nov 16 17:38:27 2016 +0100
     3.2 +++ b/src/message_api.c	Fri Nov 18 00:13:40 2016 +0100
     3.3 @@ -1858,7 +1858,7 @@
     3.4          return PEP_ILLEGAL_VALUE;
     3.5  
     3.6      if (ident->me)
     3.7 -        status = _myself(session, ident, false);
     3.8 +        status = _myself(session, ident, false, true);
     3.9      else
    3.10          status = update_identity(session, ident);
    3.11  
     4.1 --- a/src/pEpEngine.c	Wed Nov 16 17:38:27 2016 +0100
     4.2 +++ b/src/pEpEngine.c	Fri Nov 18 00:13:40 2016 +0100
     4.3 @@ -339,13 +339,15 @@
     4.4                             " ?1,"
     4.5                             " upper(replace(?2,' ','')),"
     4.6                             " ?3,"
     4.7 -                           " (select"
     4.8 -                           "   coalesce("
     4.9 -                           "    (select flags from identity"
    4.10 -                           "     where address = ?1 and"
    4.11 -                           "           user_id = ?3),"
    4.12 -                           "    0)"
    4.13 -                           " ) | (?4 & 255)"
    4.14 +                           // " (select"
    4.15 +                           // "   coalesce("
    4.16 +                           // "    (select flags from identity"
    4.17 +                           // "     where address = ?1 and"
    4.18 +                           // "           user_id = ?3),"
    4.19 +                           // "    0)"
    4.20 +                           // " ) | (?4 & 255)"
    4.21 +                           /* set_identity ignores previous flags, and doesn't filter machine flags */
    4.22 +                           " ?4"
    4.23                             ");";
    4.24          
    4.25          sql_set_identity_flags = "update identity set flags = "
    4.26 @@ -1246,7 +1248,7 @@
    4.27      if (result != SQLITE_DONE)
    4.28          return PEP_CANNOT_SET_IDENTITY;
    4.29  
    4.30 -    identity->flags = flags;
    4.31 +    identity->flags |= flags;
    4.32      return PEP_STATUS_OK;
    4.33  }
    4.34  
    4.35 @@ -1277,7 +1279,7 @@
    4.36      if (result != SQLITE_DONE)
    4.37          return PEP_CANNOT_SET_IDENTITY;
    4.38  
    4.39 -    identity->flags = flags;
    4.40 +    identity->flags &= ~flags;
    4.41      return PEP_STATUS_OK;
    4.42  }
    4.43  
     5.1 --- a/src/pEpEngine.h	Wed Nov 16 17:38:27 2016 +0100
     5.2 +++ b/src/pEpEngine.h	Fri Nov 18 00:13:40 2016 +0100
     5.3 @@ -590,6 +590,25 @@
     5.4          unsigned int flags
     5.5      );
     5.6  
     5.7 +// unset_identity_flags() - update identity flags on existing identity
     5.8 +//
     5.9 +//    parameters:
    5.10 +//        session (in)        session handle
    5.11 +//        identity (in,out)   pointer to pEp_identity structure
    5.12 +//        flags (in)          new value for flags
    5.13 +//
    5.14 +//    return value:
    5.15 +//        PEP_STATUS_OK = 0             encryption and signing succeeded
    5.16 +//        PEP_CANNOT_SET_IDENTITY       update of identity failed
    5.17 +//
    5.18 +//    caveat:
    5.19 +//        address and user_id must be given in identity
    5.20 +
    5.21 +DYNAMIC_API PEP_STATUS unset_identity_flags(
    5.22 +        PEP_SESSION session,
    5.23 +        pEp_identity *identity,
    5.24 +        unsigned int flags
    5.25 +    );
    5.26  
    5.27  // mark_as_compromized() - mark key in trust db as compromized
    5.28  //