merged ENGINE-137
authorEdouard Tisserant <edouard@pep-project.org>
Tue, 20 Dec 2016 14:46:38 +0100
changeset 1504a7a459dc4752
parent 1503 0f86dbd30df1
parent 1502 ab5de5449d7d
child 1505 6fdd515a8ff3
child 1515 a4ac7c1c53d7
merged ENGINE-137
     1.1 --- a/src/keymanagement.c	Tue Dec 20 14:21:00 2016 +0100
     1.2 +++ b/src/keymanagement.c	Tue Dec 20 14:46:38 2016 +0100
     1.3 @@ -127,71 +127,70 @@
     1.4      if (status == PEP_OUT_OF_MEMORY)
     1.5          goto exit_free;
     1.6  
     1.7 -    /* We elect a pubkey first in case there's no acceptable stored fpr */
     1.8      temp_id = identity_dup(identity);
     1.9      
    1.10 -    status = elect_pubkey(session, temp_id);
    1.11 -    if (status != PEP_STATUS_OK)
    1.12 -        goto exit_free;
    1.13 +    /* We don't take given fpr. 
    1.14 +       In case there's no acceptable stored fpr, it will be elected. */
    1.15 +    free(temp_id->fpr);
    1.16 +    temp_id->fpr = NULL;
    1.17 +    temp_id->comm_type = PEP_ct_unknown;
    1.18 +            
    1.19 +    if (stored_identity) {
    1.20          
    1.21 -    if (stored_identity) {
    1.22 -        PEP_comm_type _comm_type_key;
    1.23 -        
    1.24 -        bool dont_use_fpr = true;
    1.25 +        bool dont_use_stored_fpr = true;
    1.26  
    1.27          /* if we have a stored_identity fpr */
    1.28 -        if (!EMPTYSTR(stored_identity->fpr) && !EMPTYSTR(temp_id->fpr)) {
    1.29 -            status = blacklist_is_listed(session, stored_identity->fpr, &dont_use_fpr);
    1.30 +        if (!EMPTYSTR(stored_identity->fpr)) {
    1.31 +            status = blacklist_is_listed(session, stored_identity->fpr, &dont_use_stored_fpr);
    1.32              if (status != PEP_STATUS_OK)
    1.33 -                dont_use_fpr = true; 
    1.34 +                dont_use_stored_fpr = true; 
    1.35          }
    1.36              
    1.37  
    1.38 -        if (!dont_use_fpr) {
    1.39 -            free(temp_id->fpr);
    1.40 +        if (!dont_use_stored_fpr) {
    1.41              temp_id->fpr = strdup(stored_identity->fpr);
    1.42              assert(temp_id->fpr);
    1.43              if (temp_id->fpr == NULL) {
    1.44                  status = PEP_OUT_OF_MEMORY;
    1.45                  goto exit_free;
    1.46              }
    1.47 -        }
    1.48 -        else if (!EMPTYSTR(temp_id->fpr)) {
    1.49 -            status = blacklist_is_listed(session, temp_id->fpr, &dont_use_fpr);
    1.50 -            if (dont_use_fpr) {
    1.51 -                free(temp_id->fpr);
    1.52 -                temp_id->fpr = strdup("");
    1.53 -            }
    1.54 -            else {
    1.55 -                _did_elect_new_key = 1;
    1.56 -            }
    1.57 -        }
    1.58 -        else {
    1.59 -            if (temp_id->fpr == NULL)
    1.60 -                temp_id->fpr = strdup("");
    1.61 -        }
    1.62 -        
    1.63 -        /* ok, from here on out, use temp_id */
    1.64 -        
    1.65 -        
    1.66 -        /* At this point, we either have a non-blacklisted fpr we can work */
    1.67 -        /* with, or we've got nada.                                        */        
    1.68 -        if (!EMPTYSTR(temp_id->fpr)) {
    1.69 +
    1.70 +            /* Check stored comm_type */
    1.71 +            PEP_comm_type _comm_type_key;
    1.72              status = get_key_rating(session, temp_id->fpr, &_comm_type_key);
    1.73              assert(status != PEP_OUT_OF_MEMORY);
    1.74              if (status == PEP_OUT_OF_MEMORY)
    1.75                  goto exit_free;
    1.76              if (_comm_type_key < PEP_ct_unconfirmed_encryption) {
    1.77 +                /* if key not good anymore, 
    1.78 +                   downgrade eventually trusted comm_type */
    1.79                  temp_id->comm_type = _comm_type_key;
    1.80 -            } else{
    1.81 +            } else {
    1.82 +                /* otherwise take stored comm_type as-is */
    1.83                  temp_id->comm_type = stored_identity->comm_type;
    1.84                  if (temp_id->comm_type == PEP_ct_unknown) {
    1.85 +                    /* except if unknown */
    1.86                      temp_id->comm_type = _comm_type_key;
    1.87                  }
    1.88              }
    1.89          }
    1.90          else {
    1.91 -            /* Set comm_type accordingly */
    1.92 +            status = elect_pubkey(session, temp_id);
    1.93 +            if (status != PEP_STATUS_OK)
    1.94 +                goto exit_free;
    1.95 +            else {
    1.96 +                _did_elect_new_key = 1;
    1.97 +            }
    1.98 +        }
    1.99 +        
   1.100 +        /* ok, from here on out, use temp_id */
   1.101 +        
   1.102 +        
   1.103 +        /* At this point, we either have a non-blacklisted fpr we can work */
   1.104 +        /* with, or we've got nada.                                        */        
   1.105 +
   1.106 +        if (EMPTYSTR(temp_id->fpr)) {
   1.107 +            /* nada : set comm_type accordingly */
   1.108              temp_id->comm_type = PEP_ct_key_not_found;
   1.109          }
   1.110          
   1.111 @@ -216,40 +215,35 @@
   1.112      else /* stored_identity == NULL */ {
   1.113          temp_id->flags = 0;
   1.114  
   1.115 -        /* Work with the elected key from above */
   1.116 +        /* We elect a pubkey */
   1.117 +        status = elect_pubkey(session, temp_id);
   1.118 +        if (status != PEP_STATUS_OK)
   1.119 +            goto exit_free;
   1.120 +        
   1.121 +        /* Work with the elected key */
   1.122          if (!EMPTYSTR(temp_id->fpr)) {
   1.123              
   1.124 -            bool dont_use_fpr = true;
   1.125 -            status = blacklist_is_listed(session, temp_id->fpr, &dont_use_fpr);
   1.126 -            if (status != PEP_STATUS_OK)
   1.127 -                dont_use_fpr = true; 
   1.128 +            PEP_comm_type _comm_type_key = temp_id->comm_type;
   1.129 +            
   1.130 +            _did_elect_new_key = 1;
   1.131  
   1.132 -            if (!dont_use_fpr) {
   1.133 -                PEP_comm_type _comm_type_key;
   1.134 -                
   1.135 -                // We don't want to lose a previous trust entry!!!
   1.136 -                status = get_trust(session, temp_id);
   1.137 +            // We don't want to lose a previous trust entry!!!
   1.138 +            status = get_trust(session, temp_id);
   1.139  
   1.140 -                bool has_trust_status = (status == PEP_STATUS_OK);
   1.141 -                
   1.142 -                status = get_key_rating(session, temp_id->fpr, &_comm_type_key);
   1.143 -            
   1.144 -                assert(status != PEP_OUT_OF_MEMORY);
   1.145 -                if (status == PEP_OUT_OF_MEMORY)
   1.146 -                    goto exit_free;
   1.147 +            bool has_trust_status = (status == PEP_STATUS_OK);
   1.148  
   1.149 -                if (!has_trust_status || _comm_type_key > temp_id->comm_type)
   1.150 -                    temp_id->comm_type = _comm_type_key;
   1.151 -            }
   1.152 -            else {
   1.153 -                free(temp_id->fpr);
   1.154 -                temp_id->fpr = strdup("");
   1.155 -            }
   1.156 +            if (!has_trust_status)
   1.157 +                temp_id->comm_type = _comm_type_key;
   1.158          }
   1.159      }
   1.160  
   1.161 -    if (temp_id->fpr == NULL)
   1.162 +    if (temp_id->fpr == NULL) {
   1.163          temp_id->fpr = strdup("");
   1.164 +        if (temp_id->fpr == NULL) {
   1.165 +            status = PEP_OUT_OF_MEMORY;
   1.166 +            goto exit_free;
   1.167 +        }
   1.168 +    }
   1.169      
   1.170      
   1.171      status = PEP_STATUS_OK;