ENGINE-340: fixed persistence issues caused by removing mistrusted keys as defaults in ENGINE-332 branch ENGINE-332
authorKrista Bennett <krista@pep-project.org>
Wed, 24 Jan 2018 10:54:04 +0100
branchENGINE-332
changeset 24389e20316df746
parent 2435 66750e44dc49
child 2439 dcb337e68add
ENGINE-340: fixed persistence issues caused by removing mistrusted keys as defaults in ENGINE-332 branch
src/keymanagement.c
src/message_api.c
src/pEpEngine.c
src/pEpEngine.h
src/pEp_internal.h
     1.1 --- a/src/keymanagement.c	Mon Jan 22 17:40:44 2018 +0100
     1.2 +++ b/src/keymanagement.c	Wed Jan 24 10:54:04 2018 +0100
     1.3 @@ -15,20 +15,8 @@
     1.4  #include "sync_fsm.h"
     1.5  #include "blacklist.h"
     1.6  
     1.7 -#ifndef EMPTYSTR
     1.8 -#define EMPTYSTR(STR) ((STR) == NULL || (STR)[0] == '\0')
     1.9 -#endif
    1.10 -
    1.11  #define KEY_EXPIRE_DELTA (60 * 60 * 24 * 365)
    1.12  
    1.13 -#ifndef _MIN
    1.14 -#define _MIN(A, B) ((B) > (A) ? (A) : (B))
    1.15 -#endif
    1.16 -#ifndef _MAX
    1.17 -#define _MAX(A, B) ((B) > (A) ? (B) : (A))
    1.18 -#endif
    1.19 -
    1.20 -
    1.21  static bool key_matches_address(PEP_SESSION session, const char* address,
    1.22                                  const char* fpr) {
    1.23      if (!session || !address || !fpr)
    1.24 @@ -1063,7 +1051,16 @@
    1.25          if (session->cached_mistrusted)
    1.26              free(session->cached_mistrusted);
    1.27          session->cached_mistrusted = identity_dup(ident);
    1.28 +        
    1.29 +        // set mistrust for this user_id/keypair (even if there's not an
    1.30 +        // identity set yet, this is important, as we need to record the mistrust
    1.31 +        // action)
    1.32          status = set_trust(session, ident->user_id, ident->fpr, PEP_ct_mistrusted);
    1.33 +        if (status == PEP_STATUS_OK)
    1.34 +            // cascade that mistrust for anyone using this key
    1.35 +            status = mark_as_compromized(session, ident->fpr);
    1.36 +        if (status == PEP_STATUS_OK)
    1.37 +            status = remove_fpr_as_default(session, ident->fpr);
    1.38      }
    1.39  
    1.40      return status;
     2.1 --- a/src/message_api.c	Mon Jan 22 17:40:44 2018 +0100
     2.2 +++ b/src/message_api.c	Wed Jan 24 10:54:04 2018 +0100
     2.3 @@ -1215,6 +1215,12 @@
     2.4              continue;
     2.5  
     2.6          PEP_rating _rating_ = key_rating(session, _kl->value);
     2.7 +
     2.8 +        // check for mistrust
     2.9 +        bool is_mistrusted = false;
    2.10 +        fpr_has_mistrust(session, _kl->value, &is_mistrusted); // not sure what to do with status
    2.11 +        if (is_mistrusted)
    2.12 +            _rating_ = PEP_rating_mistrust;
    2.13           
    2.14          if (_rating_ <= PEP_rating_mistrust)
    2.15              return _rating_;
    2.16 @@ -2029,7 +2035,7 @@
    2.17              status = get_trust(session, _sender);
    2.18              if (_sender->comm_type == PEP_ct_unknown) {
    2.19                  get_key_rating(session, fpr, &_sender->comm_type);
    2.20 -                
    2.21 +                // check mistrust
    2.22              }
    2.23              if (_sender->comm_type != PEP_ct_unknown) {
    2.24                  *rating = keylist_rating(session, recipients, 
     3.1 --- a/src/pEpEngine.c	Mon Jan 22 17:40:44 2018 +0100
     3.2 +++ b/src/pEpEngine.c	Wed Jan 24 10:54:04 2018 +0100
     3.3 @@ -196,6 +196,11 @@
     3.4  static const char *sql_mark_as_compromized = 
     3.5      "update trust not indexed set comm_type = 15"
     3.6      " where pgp_keypair_fpr = upper(replace(?1,' ','')) ;";
     3.7 +    
     3.8 +static const char *sql_fpr_has_mistrust =
     3.9 +    "select count(*) from trust "
    3.10 +    "   where pgp_keypair_fpr = upper(replace(?1,' ','')) "
    3.11 +    "       and comm_type = 15 ; ";
    3.12  
    3.13  static const char *sql_crashdump = 
    3.14      "select timestamp, title, entity, description, comment"
    3.15 @@ -918,6 +923,11 @@
    3.16              NULL);
    3.17      assert(int_result == SQLITE_OK);
    3.18  
    3.19 +    int_result = sqlite3_prepare_v2(_session->db, sql_fpr_has_mistrust,
    3.20 +            (int)strlen(sql_fpr_has_mistrust), &_session->fpr_has_mistrust,
    3.21 +            NULL);
    3.22 +    assert(int_result == SQLITE_OK);
    3.23 +
    3.24      int_result = sqlite3_prepare_v2(_session->db, sql_crashdump,
    3.25              (int)strlen(sql_crashdump), &_session->crashdump, NULL);
    3.26      assert(int_result == SQLITE_OK);
    3.27 @@ -2275,6 +2285,42 @@
    3.28      free(p);
    3.29  }
    3.30  
    3.31 +PEP_STATUS fpr_has_mistrust(PEP_SESSION session, 
    3.32 +                            const char* fpr,
    3.33 +                            bool* has_mistrust) {
    3.34 +    assert(session);
    3.35 +    assert(!EMPTYSTR(fpr));                            
    3.36 +    assert(has_mistrust);
    3.37 +    
    3.38 +    if (!session || EMPTYSTR(fpr) || has_mistrust == NULL)
    3.39 +        return PEP_ILLEGAL_VALUE;
    3.40 +        
    3.41 +    *has_mistrust = false;
    3.42 +    
    3.43 +    PEP_STATUS status = PEP_STATUS_OK;
    3.44 +    int result;
    3.45 +
    3.46 +    sqlite3_reset(session->fpr_has_mistrust);
    3.47 +    sqlite3_bind_text(session->fpr_has_mistrust, 1, fpr, -1,
    3.48 +            SQLITE_STATIC);
    3.49 +
    3.50 +    result = sqlite3_step(session->fpr_has_mistrust);
    3.51 +    switch (result) {
    3.52 +    case SQLITE_ROW: {
    3.53 +        *has_mistrust = (PEP_comm_type) sqlite3_column_int(session->fpr_has_mistrust,
    3.54 +                         0);
    3.55 +        break;
    3.56 +    }
    3.57 + 
    3.58 +    default:
    3.59 +        status = PEP_UNKNOWN_ERROR; // DB error??
    3.60 +    }
    3.61 +
    3.62 +    sqlite3_reset(session->fpr_has_mistrust);
    3.63 +    return status;
    3.64 +
    3.65 +}
    3.66 +
    3.67  PEP_STATUS set_trust(PEP_SESSION session, 
    3.68                       const char* user_id,
    3.69                       const char* fpr, 
     4.1 --- a/src/pEpEngine.h	Mon Jan 22 17:40:44 2018 +0100
     4.2 +++ b/src/pEpEngine.h	Wed Jan 24 10:54:04 2018 +0100
     4.3 @@ -1229,6 +1229,10 @@
     4.4      
     4.5  PEP_STATUS refresh_userid_default_key(PEP_SESSION session, const char* user_id);
     4.6  
     4.7 +PEP_STATUS fpr_has_mistrust(PEP_SESSION session, 
     4.8 +                            const char* fpr,
     4.9 +                            bool* has_mistrust);
    4.10 +
    4.11  #ifdef __cplusplus
    4.12  }
    4.13  #endif
     5.1 --- a/src/pEp_internal.h	Mon Jan 22 17:40:44 2018 +0100
     5.2 +++ b/src/pEp_internal.h	Wed Jan 24 10:54:04 2018 +0100
     5.3 @@ -142,6 +142,7 @@
     5.4      sqlite3_stmt *get_trust;
     5.5      sqlite3_stmt *least_trust;
     5.6      sqlite3_stmt *mark_compromized;
     5.7 +    sqlite3_stmt *fpr_has_mistrust;
     5.8      sqlite3_stmt *reset_trust;
     5.9      sqlite3_stmt *crashdump;
    5.10      sqlite3_stmt *languagelist;
    5.11 @@ -390,6 +391,18 @@
    5.12      return retval;
    5.13  }
    5.14  
    5.15 +#ifndef EMPTYSTR
    5.16 +#define EMPTYSTR(STR) ((STR) == NULL || (STR)[0] == '\0')
    5.17 +#endif
    5.18 +
    5.19 +#ifndef _MIN
    5.20 +#define _MIN(A, B) ((B) > (A) ? (A) : (B))
    5.21 +#endif
    5.22 +#ifndef _MAX
    5.23 +#define _MAX(A, B) ((B) > (A) ? (B) : (A))
    5.24 +#endif
    5.25 +
    5.26 +
    5.27  // These are globals used in generating message IDs and should only be
    5.28  // computed once, as they're either really constants or OS-dependent
    5.29