ENGINE-112: updated get_trust in update_identity and stopped set_identity from setting empty fprs as keypairs and trust entries ENGINE-112
authorKrista Grothoff <krista@pep-project.org>
Mon, 28 Nov 2016 17:48:05 +0100
branchENGINE-112
changeset 1449c4874b0a2501
parent 1448 205274ce42b4
child 1450 ed4cb23e3932
ENGINE-112: updated get_trust in update_identity and stopped set_identity from setting empty fprs as keypairs and trust entries
src/keymanagement.c
src/pEpEngine.c
test/blacklist_test.cc
     1.1 --- a/src/keymanagement.c	Fri Nov 25 10:05:00 2016 +0100
     1.2 +++ b/src/keymanagement.c	Mon Nov 28 17:48:05 2016 +0100
     1.3 @@ -226,13 +226,20 @@
     1.4  
     1.5              if (!dont_use_fpr) {
     1.6                  PEP_comm_type _comm_type_key;
     1.7 +                
     1.8 +                // We don't want to lose a previous trust entry!!!
     1.9 +                status = get_trust(session, temp_id);
    1.10  
    1.11 +                bool has_trust_status = (status == PEP_STATUS_OK);
    1.12 +                
    1.13                  status = get_key_rating(session, temp_id->fpr, &_comm_type_key);
    1.14 +            
    1.15                  assert(status != PEP_OUT_OF_MEMORY);
    1.16                  if (status == PEP_OUT_OF_MEMORY)
    1.17                      goto exit_free;
    1.18  
    1.19 -                temp_id->comm_type = _comm_type_key;
    1.20 +                if (!has_trust_status || _comm_type_key > temp_id->comm_type)
    1.21 +                    temp_id->comm_type = _comm_type_key;
    1.22              }
    1.23              else {
    1.24                  free(temp_id->fpr);
     2.1 --- a/src/pEpEngine.c	Fri Nov 25 10:05:00 2016 +0100
     2.2 +++ b/src/pEpEngine.c	Mon Nov 28 17:48:05 2016 +0100
     2.3 @@ -1065,9 +1065,10 @@
     2.4          return PEP_ILLEGAL_VALUE;
     2.5  
     2.6      bool listed;
     2.7 +
     2.8 +    bool has_fpr = (identity->fpr && identity->fpr[0] != '\0');
     2.9      
    2.10 -    if (identity->fpr && identity->fpr[0] != '\0') {
    2.11 -        
    2.12 +    if (has_fpr) {    
    2.13          // blacklist check
    2.14          PEP_STATUS status = blacklist_is_listed(session, identity->fpr, &listed);
    2.15          assert(status == PEP_STATUS_OK);
    2.16 @@ -1076,7 +1077,6 @@
    2.17  
    2.18          if (listed)
    2.19              return PEP_KEY_BLACKLISTED;
    2.20 -        
    2.21      }
    2.22  
    2.23      sqlite3_exec(session->db, "BEGIN ;", NULL, NULL, NULL);
    2.24 @@ -1106,17 +1106,18 @@
    2.25          return PEP_CANNOT_SET_PERSON;
    2.26      }
    2.27  
    2.28 -    sqlite3_reset(session->set_pgp_keypair);
    2.29 -    sqlite3_bind_text(session->set_pgp_keypair, 1, identity->fpr, -1,
    2.30 -            SQLITE_STATIC);
    2.31 -    result = sqlite3_step(session->set_pgp_keypair);
    2.32 -    sqlite3_reset(session->set_pgp_keypair);
    2.33 -    if (result != SQLITE_DONE) {
    2.34 -        sqlite3_exec(session->db, "ROLLBACK ;", NULL, NULL, NULL);
    2.35 -        return PEP_CANNOT_SET_PGP_KEYPAIR;
    2.36 +    if (has_fpr) {
    2.37 +        sqlite3_reset(session->set_pgp_keypair);
    2.38 +        sqlite3_bind_text(session->set_pgp_keypair, 1, identity->fpr, -1,
    2.39 +                SQLITE_STATIC);
    2.40 +        result = sqlite3_step(session->set_pgp_keypair);
    2.41 +        sqlite3_reset(session->set_pgp_keypair);
    2.42 +        if (result != SQLITE_DONE) {
    2.43 +            sqlite3_exec(session->db, "ROLLBACK ;", NULL, NULL, NULL);
    2.44 +            return PEP_CANNOT_SET_PGP_KEYPAIR;
    2.45 +        }
    2.46      }
    2.47  
    2.48 -
    2.49      sqlite3_reset(session->set_identity);
    2.50      sqlite3_bind_text(session->set_identity, 1, identity->address, -1,
    2.51              SQLITE_STATIC);
    2.52 @@ -1132,34 +1133,35 @@
    2.53          return PEP_CANNOT_SET_IDENTITY;
    2.54      }
    2.55  
    2.56 -    if(strcmp(identity->user_id, PEP_OWN_USERID) == 0 &&
    2.57 -       identity->fpr && identity->fpr[0] != '\0') {
    2.58 -        sqlite3_reset(session->set_own_key);
    2.59 -        sqlite3_bind_text(session->set_own_key, 1, identity->address, -1,
    2.60 -            SQLITE_STATIC);
    2.61 -        sqlite3_bind_text(session->set_own_key, 2, identity->fpr, -1,
    2.62 -            SQLITE_STATIC);
    2.63 -        result = sqlite3_step(session->set_own_key);
    2.64 -        sqlite3_reset(session->set_own_key);
    2.65 +    if (has_fpr) {
    2.66 +        if(strcmp(identity->user_id, PEP_OWN_USERID) == 0) {
    2.67 +            sqlite3_reset(session->set_own_key);
    2.68 +            sqlite3_bind_text(session->set_own_key, 1, identity->address, -1,
    2.69 +                SQLITE_STATIC);
    2.70 +            sqlite3_bind_text(session->set_own_key, 2, identity->fpr, -1,
    2.71 +                SQLITE_STATIC);
    2.72 +            result = sqlite3_step(session->set_own_key);
    2.73 +            sqlite3_reset(session->set_own_key);
    2.74 +            if (result != SQLITE_DONE) {
    2.75 +                sqlite3_exec(session->db, "ROLLBACK ;", NULL, NULL, NULL);
    2.76 +                return PEP_CANNOT_SET_PGP_KEYPAIR;
    2.77 +            }
    2.78 +        }
    2.79 +
    2.80 +        sqlite3_reset(session->set_trust);
    2.81 +        sqlite3_bind_text(session->set_trust, 1, identity->user_id, -1,
    2.82 +                SQLITE_STATIC);
    2.83 +        sqlite3_bind_text(session->set_trust, 2, identity->fpr, -1,
    2.84 +                SQLITE_STATIC);
    2.85 +        sqlite3_bind_int(session->set_trust, 3, identity->comm_type);
    2.86 +        result = sqlite3_step(session->set_trust);
    2.87 +        sqlite3_reset(session->set_trust);
    2.88          if (result != SQLITE_DONE) {
    2.89              sqlite3_exec(session->db, "ROLLBACK ;", NULL, NULL, NULL);
    2.90 -            return PEP_CANNOT_SET_PGP_KEYPAIR;
    2.91 +            return PEP_CANNOT_SET_TRUST;
    2.92          }
    2.93      }
    2.94 -
    2.95 -    sqlite3_reset(session->set_trust);
    2.96 -    sqlite3_bind_text(session->set_trust, 1, identity->user_id, -1,
    2.97 -            SQLITE_STATIC);
    2.98 -    sqlite3_bind_text(session->set_trust, 2, identity->fpr, -1,
    2.99 -            SQLITE_STATIC);
   2.100 -    sqlite3_bind_int(session->set_trust, 3, identity->comm_type);
   2.101 -    result = sqlite3_step(session->set_trust);
   2.102 -    sqlite3_reset(session->set_trust);
   2.103 -    if (result != SQLITE_DONE) {
   2.104 -        sqlite3_exec(session->db, "ROLLBACK ;", NULL, NULL, NULL);
   2.105 -        return PEP_CANNOT_SET_TRUST;
   2.106 -    }
   2.107 -
   2.108 +    
   2.109      result = sqlite3_exec(session->db, "COMMIT ;", NULL, NULL, NULL);
   2.110      if (result == SQLITE_OK)
   2.111          return PEP_STATUS_OK;
   2.112 @@ -2170,4 +2172,3 @@
   2.113  
   2.114      return PEP_STATUS_OK;
   2.115  }
   2.116 -
     3.1 --- a/test/blacklist_test.cc	Fri Nov 25 10:05:00 2016 +0100
     3.2 +++ b/test/blacklist_test.cc	Mon Nov 28 17:48:05 2016 +0100
     3.3 @@ -86,12 +86,28 @@
     3.4                                                        bl_fpr_1,
     3.5                                                        NULL,
     3.6                                                        "Blacklist Keypair");
     3.7 +
     3.8      PEP_STATUS status8 = update_identity(session, blacklisted_identity);
     3.9 +    
    3.10 +    blacklisted_identity->comm_type = PEP_ct_pEp;
    3.11 +
    3.12 +    PEP_STATUS status99 = set_identity(session, blacklisted_identity);
    3.13 +        
    3.14 +    trust_personal_key(session, blacklisted_identity);
    3.15 +
    3.16 +    PEP_STATUS status999 = update_identity(session, blacklisted_identity);
    3.17 +
    3.18 +    assert(blacklisted_identity->comm_type == PEP_ct_pEp);
    3.19  
    3.20      PEP_STATUS status9 = blacklist_add(session, bl_fpr_1);
    3.21      PEP_STATUS status10 = blacklist_is_listed(session, bl_fpr_1, &is_blacklisted);
    3.22      PEP_STATUS status11 = update_identity(session, blacklisted_identity);
    3.23  
    3.24 +    if (strcmp(blacklisted_identity->fpr, ""))
    3.25 +        cout << "blacklisted_identity-> fpr should be empty, but is " << blacklisted_identity->fpr << endl;
    3.26 +    else
    3.27 +        cout << "blacklisted identity's fpr successfully wiped by update_identity" << endl;
    3.28 +
    3.29      /* read the key into memory */
    3.30      ifstream infile2("blacklisted_pub2.asc");
    3.31      string keytext2;
    3.32 @@ -111,7 +127,22 @@
    3.33      PEP_STATUS status15 = update_identity(session, blacklisted_identity2);
    3.34      PEP_STATUS status12 = blacklist_delete(session, bl_fpr_1);
    3.35      PEP_STATUS status13 = update_identity(session, blacklisted_identity);
    3.36 +
    3.37 +    if (strcmp(blacklisted_identity->fpr, bl_fpr_2))
    3.38 +        cout << "blacklisted identity's fpr successfully replaced by the unblacklisted one" << endl;
    3.39 +    else
    3.40 +        cout << "blacklisted_identity->fpr should be " << bl_fpr_2 << " but is " << blacklisted_identity->fpr << endl;
    3.41              
    3.42 +    pEp_identity* stored_identity = new_identity("blacklistedkeys@kgrothoff.org",
    3.43 +                                                  NULL,
    3.44 +                                                  blacklisted_identity->user_id,
    3.45 +                                                  "Blacklist Keypair");
    3.46 +     
    3.47 +    PEP_STATUS status00 = update_identity(session, stored_identity);
    3.48 +    
    3.49 +    // Following should be true because bl_fpr_1's trust is set higher
    3.50 +    assert(stored_identity->comm_type == PEP_ct_pEp && (strcmp(stored_identity->fpr, bl_fpr_1) == 0));    
    3.51 +    
    3.52      PEP_STATUS status16 = delete_keypair(session, bl_fpr_1);
    3.53      update_identity(session, blacklisted_identity);
    3.54      PEP_STATUS status17 = delete_keypair(session, bl_fpr_2);
    3.55 @@ -124,4 +155,3 @@
    3.56      release(session);
    3.57      return 0;
    3.58  }
    3.59 -