Added blacklist
authorfdik
Thu, 03 Mar 2016 19:27:46 +0100
changeset 494ddf4130d00a0
parent 493 ebe4ed001a0c
child 495 79cdc1bcf26c
Added blacklist
src/blacklist.c
src/blacklist.h
src/pEpEngine.c
src/pEp_internal.h
test/blacklist_test.cc
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/src/blacklist.c	Thu Mar 03 19:27:46 2016 +0100
     1.3 @@ -0,0 +1,175 @@
     1.4 +#include "blacklist.h"
     1.5 +#include "pEp_internal.h"
     1.6 +
     1.7 +DYNAMIC_API PEP_STATUS blacklist_add(PEP_SESSION session, const char *fpr)
     1.8 +{
     1.9 +    PEP_STATUS status = PEP_STATUS_OK;
    1.10 +
    1.11 +    assert(session && fpr && fpr[0]);
    1.12 +
    1.13 +    if (!(session && fpr && fpr[0]))
    1.14 +        return PEP_ILLEGAL_VALUE;
    1.15 +
    1.16 +    sqlite3_reset(session->blacklist_add);
    1.17 +	sqlite3_bind_text(session->blacklist_add, 1, fpr, -1, SQLITE_STATIC);
    1.18 +
    1.19 +    int result;
    1.20 +
    1.21 +    result = sqlite3_step(session->blacklist_add);
    1.22 +    switch (result) {
    1.23 +    case SQLITE_DONE:
    1.24 +        status = PEP_STATUS_OK;
    1.25 +        break;
    1.26 +
    1.27 +    default:
    1.28 +        status = PEP_UNKNOWN_ERROR;
    1.29 +    }
    1.30 +
    1.31 +    sqlite3_reset(session->blacklist_add);
    1.32 +    goto the_end;
    1.33 +
    1.34 +enomem:
    1.35 +    status = PEP_OUT_OF_MEMORY;
    1.36 +
    1.37 +the_end:
    1.38 +    return status;
    1.39 +}
    1.40 +
    1.41 +DYNAMIC_API PEP_STATUS blacklist_delete(PEP_SESSION session, const char *fpr)
    1.42 +{
    1.43 +    PEP_STATUS status = PEP_STATUS_OK;
    1.44 +
    1.45 +    assert(session && fpr && fpr[0]);
    1.46 +
    1.47 +    if (!(session && fpr && fpr[0]))
    1.48 +        return PEP_ILLEGAL_VALUE;
    1.49 +
    1.50 +    sqlite3_reset(session->blacklist_delete);
    1.51 +	sqlite3_bind_text(session->blacklist_delete, 1, fpr, -1, SQLITE_STATIC);
    1.52 +
    1.53 +    int result;
    1.54 +
    1.55 +    result = sqlite3_step(session->blacklist_delete);
    1.56 +    switch (result) {
    1.57 +    case SQLITE_DONE:
    1.58 +        status = PEP_STATUS_OK;
    1.59 +        break;
    1.60 +
    1.61 +    default:
    1.62 +        status = PEP_UNKNOWN_ERROR;
    1.63 +    }
    1.64 +
    1.65 +    sqlite3_reset(session->blacklist_delete);
    1.66 +    goto the_end;
    1.67 +
    1.68 +enomem:
    1.69 +    status = PEP_OUT_OF_MEMORY;
    1.70 +
    1.71 +the_end:
    1.72 +    return status;
    1.73 +}
    1.74 +
    1.75 +DYNAMIC_API PEP_STATUS blacklist_is_listed(
    1.76 +        PEP_SESSION session,
    1.77 +        const char *fpr,
    1.78 +        bool *listed
    1.79 +    )
    1.80 +{
    1.81 +    PEP_STATUS status = PEP_STATUS_OK;
    1.82 +    int count;
    1.83 +
    1.84 +    assert(session && fpr && fpr[0] && listed);
    1.85 +
    1.86 +    if (!(session && fpr && fpr[0] && listed))
    1.87 +        return PEP_ILLEGAL_VALUE;
    1.88 +
    1.89 +    *listed = false;
    1.90 +
    1.91 +    sqlite3_reset(session->blacklist_is_listed);
    1.92 +    sqlite3_bind_text(session->blacklist_is_listed, 1, fpr, -1, SQLITE_STATIC);
    1.93 +
    1.94 +    int result;
    1.95 +
    1.96 +    result = sqlite3_step(session->blacklist_is_listed);
    1.97 +    switch (result) {
    1.98 +    case SQLITE_ROW:
    1.99 +        count = sqlite3_column_int(session->blacklist_is_listed, 0);
   1.100 +        *listed = count > 0;
   1.101 +        status = PEP_STATUS_OK;
   1.102 +        break;
   1.103 +
   1.104 +    default:
   1.105 +        status = PEP_UNKNOWN_ERROR;
   1.106 +    }
   1.107 +
   1.108 +    sqlite3_reset(session->blacklist_is_listed);
   1.109 +    goto the_end;
   1.110 +
   1.111 +enomem:
   1.112 +    status = PEP_OUT_OF_MEMORY;
   1.113 +
   1.114 +the_end:
   1.115 +    return status;
   1.116 +}
   1.117 +
   1.118 +DYNAMIC_API PEP_STATUS blacklist_retrieve(
   1.119 +        PEP_SESSION session,
   1.120 +        stringlist_t **blacklist
   1.121 +    )
   1.122 +{
   1.123 +    PEP_STATUS status = PEP_STATUS_OK;
   1.124 +
   1.125 +    assert(session);
   1.126 +    assert(blacklist);
   1.127 +
   1.128 +    if (!(session && blacklist))
   1.129 +        return PEP_ILLEGAL_VALUE;
   1.130 +
   1.131 +    *blacklist = NULL;
   1.132 +    stringlist_t *_blacklist = new_stringlist(NULL);
   1.133 +    if (_blacklist == NULL)
   1.134 +        goto enomem;
   1.135 +
   1.136 +    sqlite3_reset(session->blacklist_retrieve);
   1.137 +
   1.138 +    int result;
   1.139 +    const char *fpr = NULL;
   1.140 +
   1.141 +    stringlist_t *_bl = _blacklist;
   1.142 +    do {
   1.143 +        result = sqlite3_step(session->blacklist_retrieve);
   1.144 +        switch (result) {
   1.145 +        case SQLITE_ROW:
   1.146 +            fpr = (const char *) sqlite3_column_text(session->blacklist_retrieve, 0);
   1.147 +
   1.148 +            _bl = stringlist_add(_bl, fpr);
   1.149 +            if (_bl == NULL)
   1.150 +                goto enomem;
   1.151 +
   1.152 +            break;
   1.153 +
   1.154 +        case SQLITE_DONE:
   1.155 +            break;
   1.156 +
   1.157 +        default:
   1.158 +            status = PEP_UNKNOWN_ERROR;
   1.159 +            result = SQLITE_DONE;
   1.160 +        }
   1.161 +    } while (result != SQLITE_DONE);
   1.162 +
   1.163 +    sqlite3_reset(session->blacklist_retrieve);
   1.164 +    if (status == PEP_STATUS_OK)
   1.165 +        *blacklist = _blacklist;
   1.166 +    else
   1.167 +        free_stringlist(_blacklist);
   1.168 +
   1.169 +    goto the_end;
   1.170 +
   1.171 +enomem:
   1.172 +    free_stringlist(_blacklist);
   1.173 +    status = PEP_OUT_OF_MEMORY;
   1.174 +
   1.175 +the_end:
   1.176 +    return status;
   1.177 +}
   1.178 +
     2.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     2.2 +++ b/src/blacklist.h	Thu Mar 03 19:27:46 2016 +0100
     2.3 @@ -0,0 +1,58 @@
     2.4 +#pragma once
     2.5 +
     2.6 +#include "pEpEngine.h"
     2.7 +
     2.8 +#ifdef __cplusplus
     2.9 +extern "C" {
    2.10 +#endif
    2.11 +
    2.12 +// blacklist_add() - add to blacklist
    2.13 +//
    2.14 +//  parameters:
    2.15 +//      session (in)        session to use
    2.16 +//      fpr (in)            fingerprint of key to blacklist
    2.17 +
    2.18 +DYNAMIC_API PEP_STATUS blacklist_add(PEP_SESSION session, const char *fpr);
    2.19 +
    2.20 +
    2.21 +// blacklist_delete() - delete from blacklist
    2.22 +//
    2.23 +//  parameters:
    2.24 +//      session (in)        session to use
    2.25 +//      fpr (in)            fingerprint of key to blacklist
    2.26 +
    2.27 +DYNAMIC_API PEP_STATUS blacklist_delete(PEP_SESSION session, const char *fpr);
    2.28 +
    2.29 +
    2.30 +// blacklist_is_listed() - is_listed from blacklist
    2.31 +//
    2.32 +//  parameters:
    2.33 +//      session (in)        session to use
    2.34 +//      fpr (in)            fingerprint of key to blacklist
    2.35 +
    2.36 +DYNAMIC_API PEP_STATUS blacklist_is_listed(
    2.37 +        PEP_SESSION session,
    2.38 +        const char *fpr,
    2.39 +        bool *listed
    2.40 +    );
    2.41 +
    2.42 +
    2.43 +// blacklist_retrieve() - retrieve full blacklist of key fingerprints
    2.44 +//
    2.45 +//  parameters:
    2.46 +//      session (in)        session to use
    2.47 +//      blacklist (out)     copy of blacklist
    2.48 +//
    2.49 +//  caveat:
    2.50 +//      the ownership of the copy of blacklist goes to the caller
    2.51 +
    2.52 +DYNAMIC_API PEP_STATUS blacklist_retrieve(
    2.53 +        PEP_SESSION session,
    2.54 +        stringlist_t **blacklist
    2.55 +    );
    2.56 +
    2.57 +
    2.58 +#ifdef __cplusplus
    2.59 +}
    2.60 +#endif
    2.61 +
     3.1 --- a/src/pEpEngine.c	Thu Mar 03 13:24:24 2016 +0100
     3.2 +++ b/src/pEpEngine.c	Thu Mar 03 19:27:46 2016 +0100
     3.3 @@ -20,10 +20,14 @@
     3.4      static const char *sql_least_trust;
     3.5      static const char *sql_mark_as_compromized;
     3.6      static const char *sql_crashdump;
     3.7 -    static const char *sql_blacklist_keys;
     3.8      static const char *sql_languagelist;
     3.9      static const char *sql_i18n_token;
    3.10 -    static const char *sql_peptest_hack;
    3.11 +
    3.12 +    // blacklist
    3.13 +    static const char *sql_blacklist_add;
    3.14 +    static const char *sql_blacklist_delete;
    3.15 +    static const char *sql_blacklist_is_listed;
    3.16 +    static const char *sql_blacklist_retrieve;
    3.17  
    3.18      bool in_first = false;
    3.19  
    3.20 @@ -158,6 +162,7 @@
    3.21                  "   user_id,\n"
    3.22                  "   pgp_keypair_fpr\n"
    3.23                  ");\n"
    3.24 +                // blacklist
    3.25                  "create table if not exists blacklist_keys (\n"
    3.26                  "   fpr text primary key\n"
    3.27                  ");\n"
    3.28 @@ -170,7 +175,7 @@
    3.29  
    3.30          int_result = sqlite3_exec(
    3.31              _session->db,
    3.32 -            "insert or replace into version_info (id, version) values (1, '1.0');",
    3.33 +            "insert or replace into version_info (id, version) values (1, '1.1');",
    3.34              NULL,
    3.35              NULL,
    3.36              NULL
    3.37 @@ -218,7 +223,12 @@
    3.38  
    3.39          sql_i18n_token = "select phrase from i18n_token where lang = lower(?1) and id = ?2 ;";
    3.40  
    3.41 -        sql_peptest_hack = "delete from identity where address like '%@peptest.ch' ;";
    3.42 +        // blacklist
    3.43 +
    3.44 +        sql_blacklist_add = "insert or replace into blacklist_keys (fpr) values (?1) ;";
    3.45 +        sql_blacklist_delete = "delete from blacklist_keys where fpr = ?1 ;";
    3.46 +        sql_blacklist_is_listed = "select count(*) from blacklist_keys where fpr = ?1 ;";
    3.47 +        sql_blacklist_retrieve = "select * from blacklist_keys ;";
    3.48      }
    3.49  
    3.50      int_result = sqlite3_prepare_v2(_session->db, sql_log, (int)strlen(sql_log),
    3.51 @@ -273,8 +283,22 @@
    3.52              (int)strlen(sql_i18n_token), &_session->i18n_token, NULL);
    3.53  	assert(int_result == SQLITE_OK);
    3.54  
    3.55 -    int_result = sqlite3_prepare_v2(_session->db, sql_peptest_hack,
    3.56 -            (int)strlen(sql_peptest_hack), &_session->peptest_hack, NULL);
    3.57 +    // blacklist
    3.58 +
    3.59 +    int_result = sqlite3_prepare_v2(_session->db, sql_blacklist_add,
    3.60 +            (int)strlen(sql_blacklist_add), &_session->blacklist_add, NULL);
    3.61 +    assert(int_result == SQLITE_OK);
    3.62 +
    3.63 +    int_result = sqlite3_prepare_v2(_session->db, sql_blacklist_delete,
    3.64 +            (int)strlen(sql_blacklist_delete), &_session->blacklist_delete, NULL);
    3.65 +    assert(int_result == SQLITE_OK);
    3.66 +
    3.67 +    int_result = sqlite3_prepare_v2(_session->db, sql_blacklist_is_listed,
    3.68 +            (int)strlen(sql_blacklist_is_listed), &_session->blacklist_is_listed, NULL);
    3.69 +    assert(int_result == SQLITE_OK);
    3.70 +
    3.71 +    int_result = sqlite3_prepare_v2(_session->db, sql_blacklist_retrieve,
    3.72 +            (int)strlen(sql_blacklist_retrieve), &_session->blacklist_retrieve, NULL);
    3.73      assert(int_result == SQLITE_OK);
    3.74  
    3.75      status = init_cryptotech(_session, in_first);
    3.76 @@ -1311,35 +1335,20 @@
    3.77  
    3.78  DYNAMIC_API PEP_STATUS reset_peptest_hack(PEP_SESSION session)
    3.79  {
    3.80 -    PEP_STATUS status = PEP_STATUS_OK;
    3.81 -
    3.82      assert(session);
    3.83  
    3.84      if (!session)
    3.85          return PEP_ILLEGAL_VALUE;
    3.86  
    3.87 -    sqlite3_reset(session->peptest_hack);
    3.88 +    int int_result = sqlite3_exec(
    3.89 +        session->db,
    3.90 +        "delete from identity where address like '%@peptest.ch' ;",
    3.91 +        NULL,
    3.92 +        NULL,
    3.93 +        NULL
    3.94 +    );
    3.95 +    assert(int_result == SQLITE_OK);
    3.96  
    3.97 -    int result;
    3.98 -
    3.99 -    result = sqlite3_step(session->peptest_hack);
   3.100 -    switch (result) {
   3.101 -    case SQLITE_ROW:
   3.102 -    case SQLITE_DONE:
   3.103 -        status = PEP_STATUS_OK;
   3.104 -        break;
   3.105 -
   3.106 -    default:
   3.107 -        status = PEP_UNKNOWN_ERROR;
   3.108 -    }
   3.109 -
   3.110 -    sqlite3_reset(session->peptest_hack);
   3.111 -    goto the_end;
   3.112 -
   3.113 -enomem:
   3.114 -    status = PEP_OUT_OF_MEMORY;
   3.115 -
   3.116 -the_end:
   3.117 -    return status;
   3.118 +    return PEP_STATUS_OK;
   3.119  }
   3.120  
     4.1 --- a/src/pEp_internal.h	Thu Mar 03 13:24:24 2016 +0100
     4.2 +++ b/src/pEp_internal.h	Thu Mar 03 19:27:46 2016 +0100
     4.3 @@ -97,10 +97,14 @@
     4.4      sqlite3_stmt *mark_compromized;
     4.5      sqlite3_stmt *reset_trust;
     4.6      sqlite3_stmt *crashdump;
     4.7 -    sqlite3_stmt *blacklist_keys;
     4.8      sqlite3_stmt *languagelist;
     4.9      sqlite3_stmt *i18n_token;
    4.10 -    sqlite3_stmt *peptest_hack;
    4.11 +
    4.12 +    // blacklist
    4.13 +    sqlite3_stmt *blacklist_add;
    4.14 +    sqlite3_stmt *blacklist_delete;
    4.15 +    sqlite3_stmt *blacklist_is_listed;
    4.16 +    sqlite3_stmt *blacklist_retrieve;
    4.17  
    4.18      examine_identity_t examine_identity;
    4.19      void *examine_management;
     5.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     5.2 +++ b/test/blacklist_test.cc	Thu Mar 03 19:27:46 2016 +0100
     5.3 @@ -0,0 +1,62 @@
     5.4 +#include <iostream>
     5.5 +#include <string>
     5.6 +#include <assert.h>
     5.7 +#include "blacklist.h"
     5.8 +
     5.9 +using namespace std;
    5.10 +
    5.11 +int main() {
    5.12 +    cout << "\n*** blacklist_test ***\n\n";
    5.13 +
    5.14 +    PEP_SESSION session;
    5.15 +    
    5.16 +    cout << "calling init()\n";
    5.17 +    PEP_STATUS status1 = init(&session);   
    5.18 +    assert(status1 == PEP_STATUS_OK);
    5.19 +    assert(session);
    5.20 +    cout << "init() completed.\n";
    5.21 +
    5.22 +    // blacklist test code
    5.23 +
    5.24 +    cout << "adding 23 to blacklist\n";
    5.25 +    PEP_STATUS status2 = blacklist_add(session, "23");
    5.26 +    assert(status2 == PEP_STATUS_OK);
    5.27 +    cout << "added.\n";
    5.28 +
    5.29 +    bool listed;
    5.30 +    PEP_STATUS status3 = blacklist_is_listed(session, "23", &listed);
    5.31 +    assert(status3 == PEP_STATUS_OK);
    5.32 +    assert(listed);
    5.33 +    cout << "23 is listed.\n";
    5.34 +
    5.35 +    stringlist_t *blacklist;
    5.36 +    PEP_STATUS status6 = blacklist_retrieve(session, &blacklist);
    5.37 +    assert(status6 == PEP_STATUS_OK);
    5.38 +    assert(blacklist);
    5.39 +
    5.40 +    bool in23 = false;
    5.41 +    cout << "the blacklist contains now: ";
    5.42 +    for (stringlist_t *bl = blacklist; bl && bl->value; bl = bl->next) {
    5.43 +        cout << bl->value << ", ";
    5.44 +        if (strcmp(bl->value, "23") == 0)
    5.45 +            in23 = true;
    5.46 +    }
    5.47 +    cout << "END\n";
    5.48 +    assert(in23);
    5.49 +    free_stringlist(blacklist);
    5.50 +
    5.51 +    cout << "deleting 23 from blacklist\n";
    5.52 +    PEP_STATUS status4 = blacklist_delete(session, "23");
    5.53 +    assert(status4 == PEP_STATUS_OK);
    5.54 +    cout << "deleted.\n";
    5.55 +    
    5.56 +    PEP_STATUS status5 = blacklist_is_listed(session, "23", &listed);
    5.57 +    assert(status5 == PEP_STATUS_OK);
    5.58 +    assert(!listed);
    5.59 +    cout << "23 is not listed any more.\n";
    5.60 +
    5.61 +    cout << "calling release()\n";
    5.62 +    release(session);
    5.63 +    return 0;
    5.64 +}
    5.65 +