Browse Source

Merge branch 'master' into IPS-9

IPS-9
Dirk Zimmermann 4 weeks ago
parent
commit
7b15c48309
50 changed files with 4628 additions and 464 deletions
  1. +86
    -6
      .gitlab-ci.yml
  2. +2
    -1
      DEPENDENCIES
  3. +72
    -19
      Makefile.conf
  4. +17
    -7
      asn.1/message.asn1
  5. +2
    -1
      asn.1/pEp.asn1
  6. +24
    -0
      build-mac/Subprojects/pEpASN1/pEpASN1.xcodeproj/project.pbxproj
  7. +72
    -0
      build-mac/pEpEngine.xcodeproj/project.pbxproj
  8. +7
    -2
      codegen/gen_codec.ysl2
  9. +1
    -1
      codegen/gen_statemachine.ysl2
  10. +5
    -2
      db/Makefile
  11. +67
    -29
      doc/build-debian.md
  12. +13
    -10
      scripts/centos8/Makefile
  13. +3
    -0
      scripts/centos8/deps.pEpEngine.centos8.Dockerfile
  14. +2
    -1
      scripts/common/build.pEpEngine.Dockerfile
  15. +24
    -5
      scripts/debian10/Makefile
  16. +8
    -14
      scripts/debian10/deps.pEpEngine.debian10.Dockerfile
  17. +46
    -16
      src/Makefile
  18. +3
    -2
      src/cryptotech.c
  19. +26
    -1
      src/engine_sql.c
  20. +1
    -1
      src/engine_sql.h
  21. +6
    -1
      src/etpan_mime.c
  22. +3
    -69
      src/keymanagement.c
  23. +7
    -86
      src/keymanagement.h
  24. +232
    -13
      src/map_asn1.c
  25. +82
    -1
      src/map_asn1.h
  26. +13
    -5
      src/message_api.c
  27. +3
    -1
      src/openpgp_compat.h
  28. +16
    -0
      src/pEpEngine.c
  29. +59
    -3
      src/pEpEngine.h
  30. +2
    -12
      src/pEp_internal.h
  31. +1802
    -0
      src/pgp_netpgp.c
  32. +426
    -0
      src/pgp_netpgp.h
  33. +10
    -14
      src/pgp_sequoia.c
  34. +481
    -93
      src/platform_unix.c
  35. +36
    -12
      src/platform_unix.h
  36. +14
    -0
      src/platform_windows.cpp
  37. +1
    -1
      src/sqlite3.c
  38. +8
    -0
      src/stdlib.h
  39. +10
    -0
      src/string.h
  40. +8
    -1
      src/timestamp.c
  41. +5
    -4
      src/transport.h
  42. +37
    -8
      test/Makefile
  43. +65
    -14
      test/README.md
  44. +2
    -0
      test/src/ElevatedAttachmentsTest.cc
  45. +17
    -6
      test/src/Engine.cc
  46. +467
    -0
      test/src/Engine619Test.cc
  47. +2
    -1
      test/src/GroupEncryptionTest.cc
  48. +116
    -0
      test/src/IdentEncFormatTest.cc
  49. +9
    -1
      test/src/TestUtilities.h
  50. +208
    -0
      test/test_mails/ExtraKeyPrivateKeyAttached.eml

+ 86
- 6
.gitlab-ci.yml View File

@ -4,14 +4,33 @@ include:
stages:
- deps
- build
- build-docker
- packages
# Debian
debian10:build:
debian10:deps:
extends: .make_in_docker
stage: deps
variables:
MAKE_TARGET: "deps"
CI_DISTRO_TARGET: "debian10"
DEBIAN_FRONTEND: "noninteractive"
rules:
- changes:
- DEPENDENCIES
- scripts/debian10/deps.pEpEngine.debian10.Dockerfile
- scripts/common/build_pEpEngine_deps.sh
debian10:build:
tags:
- linux
stage: build
image: ${DOCKER_REGISTRY_HOST}/pep-debian10-engine-deps:latest
script:
- cd scripts/${CI_DISTRO_TARGET}
- make ${MAKE_TARGET}
variables:
MAKE_TARGET: "build"
CI_DISTRO_TARGET: "debian10"
@ -20,8 +39,13 @@ debian10:build:
- if: '$CI_COMMIT_TAG !~ /^Release_[0-9]+\.[0-9]+\.[0-9]+$/'
debian10:tagged-build:
extends: .make_in_docker
tags:
- linux
stage: build
image: ${DOCKER_REGISTRY_HOST}/pep-debian10-engine-deps:latest
script:
- cd scripts/${CI_DISTRO_TARGET}
- make ${MAKE_TARGET}
variables:
MAKE_TARGET: "build"
CI_DISTRO_TARGET: "debian10"
@ -30,6 +54,29 @@ debian10:tagged-build:
rules:
- if: '$CI_COMMIT_TAG =~ /^Release_[0-9]+\.[0-9]+\.[0-9]+$/'
debian10:build-docker:
extends: .make_in_docker
stage: build-docker
needs: ["debian10:build"]
variables:
MAKE_TARGET: "build-docker"
CI_DISTRO_TARGET: "debian10"
DEBIAN_FRONTEND: "noninteractive"
rules:
- if: '$CI_COMMIT_TAG !~ /^Release_[0-9]+\.[0-9]+\.[0-9]+$/'
debian10:tagged-build-docker:
extends: .make_in_docker
stage: build-docker
needs: ["debian10:tagged-build"]
variables:
MAKE_TARGET: "build-docker"
CI_DISTRO_TARGET: "debian10"
DEBIAN_FRONTEND: "noninteractive"
TAGGED_BUILD: "true"
rules:
- if: '$CI_COMMIT_TAG =~ /^Release_[0-9]+\.[0-9]+\.[0-9]+$/'
# CentOS
centos8:deps:
@ -41,11 +88,18 @@ centos8:deps:
rules:
- changes:
- DEPENDENCIES
- scripts/centos8/deps.pEpEngine.centos8.Dockerfile
- scripts/common/build_pEpEngine_deps.sh
centos8:build:
extends: .make_in_docker
tags:
- linux
stage: build
image: ${DOCKER_REGISTRY_HOST}/pep-centos8-engine-deps:latest
script:
- cd scripts/${CI_DISTRO_TARGET}
- make ${MAKE_TARGET}
variables:
MAKE_TARGET: "build"
CI_DISTRO_TARGET: "centos8"
@ -53,8 +107,13 @@ centos8:build:
- if: '$CI_COMMIT_TAG !~ /^Release_[0-9]+\.[0-9]+\.[0-9]+$/'
centos8:tagged-build:
extends: .make_in_docker
tags:
- linux
stage: build
image: ${DOCKER_REGISTRY_HOST}/pep-centos8-engine-deps:latest
script:
- cd scripts/${CI_DISTRO_TARGET}
- make ${MAKE_TARGET}
variables:
MAKE_TARGET: "build"
CI_DISTRO_TARGET: "centos8"
@ -62,10 +121,31 @@ centos8:tagged-build:
rules:
- if: '$CI_COMMIT_TAG =~ /^Release_[0-9]+\.[0-9]+\.[0-9]+$/'
centos8:build-docker:
extends: .make_in_docker
stage: build-docker
needs: ["centos8:build"]
variables:
MAKE_TARGET: "build-docker"
CI_DISTRO_TARGET: "centos8"
rules:
- if: '$CI_COMMIT_TAG !~ /^Release_[0-9]+\.[0-9]+\.[0-9]+$/'
centos8:tagged-build-docker:
extends: .make_in_docker
stage: build-docker
needs: ["centos8:tagged-build"]
variables:
MAKE_TARGET: "build-docker"
CI_DISTRO_TARGET: "centos8"
TAGGED_BUILD: "true"
rules:
- if: '$CI_COMMIT_TAG =~ /^Release_[0-9]+\.[0-9]+\.[0-9]+$/'
centos8:rpm:
extends: .make_in_docker
stage: packages
needs: ["centos8:build"]
needs: ["centos8:build-docker"]
variables:
MAKE_TARGET: "rpm"
CI_DISTRO_TARGET: "centos8"
@ -76,7 +156,7 @@ centos8:rpm:
centos8:rpm:tagged-build:
extends: .upload_pkg
stage: packages
needs: ["centos8:tagged-build"]
needs: ["centos8:tagged-build-docker"]
variables:
MAKE_TARGET: "rpm"
CI_DISTRO_TARGET: "centos8"


+ 2
- 1
DEPENDENCIES View File

@ -1,4 +1,5 @@
# 1st Party Dependencies
## Prefer git tags instead of SHA hashes when possible.
sequoia=openpgp/v1.3.0
yml2=2.7.0
yml2=2.7.1
libpEpTransport=8acf7525f31ec6c4ae3f36cc42cf297ddfbb6b35

+ 72
- 19
Makefile.conf View File

@ -32,7 +32,10 @@ BUILD_FOR=$(BUILD_ON)
# Cross-compiling is currently not supported.
# Maybe you can hack something with `local.conf`.
ifneq ($(BUILD_ON),$(BUILD_FOR))
$(error I don't know how to build for $(BUILD_FOR) on $(BUILD_ON).)
ifeq ($(BUILD_FOR),OS/390)
$(warning Generating sources for z/OS)
endif
ONLY_GENERATE=true
endif
# Installation path prefix for libraries and binaries, except for system.db
@ -50,7 +53,9 @@ PREFIX=$(HOME)
PER_MACHINE_DIRECTORY=/usr/local/share/pEp
# Filename of the pEpEngine library
ifeq ($(BUILD_FOR),Linux)
ifeq ($(BUILD_FOR),OS/390)
TARGET=libpEpEngine.so
else ifeq ($(BUILD_FOR),Linux)
TARGET=libpEpEngine.so
else ifeq ($(BUILD_FOR),Darwin)
TARGET=libpEpEngine.dylib
@ -82,25 +87,38 @@ endif
# Are we wiping this on purpose?
LDLIBS=
######### C #########
ifeq ($(BUILD_FOR),Linux)
CC=gcc
ifeq ($(BUILD_FOR),OS/390)
CC=xlclang
else ifeq ($(BUILD_FOR),Linux)
CC=gcc -std=c99 -pthread
else ifeq ($(BUILD_FOR),Darwin)
CC=clang
endif
CFLAGS+=-std=c99 -pthread
CFLAGS+=-fPIC -fstrict-aliasing
ifeq ($(BUILD_FOR),Linux)
CFLAGS+=-fdiagnostics-color=auto
ifeq ($(BUILD_FOR),OS/390)
CFLAGS= -Wno-gnu-include-next -qnosearch -I$(HERE) -I.
CFLAGS+= -I/usr/include
CFLAGS+= -DZOS -D_XOPEN_SOURCE=600 -D_POSIX_C_SOURCE=200112L -qlanglvl=NOLIBEXT
else ifeq ($(BUILD_FOR),Linux)
CFLAGS+=-fPIC -fstrict-aliasing -fdiagnostics-color=auto
else ifeq ($(BUILD_FOR),Darwin)
CFLAGS+=-fcolor-diagnostics
CFLAGS+=-pthread -fPIC -fstrict-aliasing -fcolor-diagnostics
endif
# The flag -DNDEBUG will always be removed from CFLAGS for compiling tests.
# The tests do not work properly, if compiled with -DNDEBUG
ifeq ($(BUILD_FOR),Linux)
ifeq ($(BUILD_FOR),OS/390)
ifdef WARN
CFLAGS+= -Wall -pedantic
else
CFLAGS+= -w
endif
ifdef DEBUG
CFLAGS+= -g -DDEBUG_ERRORSTACK
else
CFLAGS+= -O3 -DNDEBUG
endif
else ifeq ($(BUILD_FOR),Linux)
ifdef WARN
CFLAGS+= -Wall -pedantic -Wstrict-aliasing=3
else
@ -142,16 +160,34 @@ ifeq ($(BUILD_FOR),Linux)
CXX=g++
CXXFLAGS+=-std=gnu++11
else ifeq ($(BUILD_FOR),Darwin)
CXX=clang
CXXFLAGS+=-std=c++11
# clang issues a warning when "-pthread" is used for linking. So, include it in CXXFLAGS, and not in CXX
CXX=clang -std=c++11
else ifeq ($(BUILD_FOR),OS/390)
CXX=xlclang++ -std=c++11
endif
ifneq ($(BUILD_FOR),OS/390)
CXXFLAGS+=-pthread
endif
# The flag -DNDEBUG will always be removed from CPPFLAGS for compiling tests.
#
# The tests do not work properly, if compiled with -DNDEBUG
ifeq ($(BUILD_FOR),Linux)
ifeq ($(BUILD_FOR),OS/390)
CXXFLAGS+= -fdiagnostics-color=auto -Wno-gnu-include-next
CXXFLAGS+= -qnosearch -I$(HERE) -I. -I../src -I../asn.1 $(ETPAN_INC) -I/usr/lpp/java/J8.0_64/include -I/usr/include
CXXFLAGS+= -DZOS -D_XOPEN_SOURCE=600 -D_POSIX_C_SOURCE=200112L
ifdef WARN
CXXFLAGS+=
else
CXXFLAGS+= -w
endif
ifdef DEBUG
CXXFLAGS+= -g
else
CXXFLAGS+= -O3 -DNDEBUG
endif
else ifeq ($(BUILD_FOR),Linux)
CXXFLAGS+=-fdiagnostics-color=auto -I../src -I../asn.1 $(ETPAN_INC)
ifdef WARN
CXXFLAGS+=
@ -165,7 +201,7 @@ ifeq ($(BUILD_FOR),Linux)
CPPFLAGS+= -DNDEBUG
endif
else ifeq ($(BUILD_FOR),Darwin)
CXXFLAGS+=-fcolor-diagnostics -I../src -I../asn.1 $(ETPAN_INC)
CXXFLAGS+=-pthread -fcolor-diagnostics -I../src -I../asn.1 $(ETPAN_INC)
ifdef WARN
CXXFLAGS+=
else
@ -181,9 +217,10 @@ endif
######### C and C++ #########
ifeq ($(BUILD_FOR),Darwin)
CPPFLAGS+=-D_DARWIN_C_SOURCE
LDLIBS+=-liconv
ifeq ($(BUILD_FOR),OS/390)
CPPFLAGS=-W "l,xplink,dll" -W "c,float(ieee),xplink,dll,exportall"
else ifeq ($(BUILD_FOR),Darwin)
CPPFLAGS=-D_DARWIN_C_SOURCE
else
LDLIBS+=-luuid
endif
@ -238,7 +275,11 @@ ETPAN_INC=
######### OpenPGP #########
# Selects OpenPGP implementation. must be `SEQUOIA`
ifeq ($(BUILD_FOR),OS/390)
OPENPGP=NETPGP
else
OPENPGP=SEQUOIA
endif
# Sequoia-specific variables
SEQUOIA_CFLAGS+=
@ -254,6 +295,16 @@ SEQUOIA_INC=
# EXTRA_MACROS=-DDEFAULT_KEYSERVER=\"default-server.org\" -DCRASHDUMP_DEFAULT_LINES=23
EXTRA_MACROS=
ifdef PER_USER_DIRECTORY
EXTRA_MACROS+= -DPER_USER_DIRECTORY=\"$(PER_USER_DIRECTORY)\"
endif
ifdef PER_MACHINE_DIRECTORY
EXTRA_MACROS+= -DPER_MACHINE_DIRECTORY=\"$(PER_MACHINE_DIRECTORY)\"
endif
CFLAGS+=$(EXTRA_MACROS)
CXXFLAGS+=$(EXTRA_MACROS)
######### Misc #########
# FIXME Maybe include these variables here.
@ -313,7 +364,9 @@ ifndef PEP_MIME_SRC
$(error "Compiling with the PEP_MIME option set requires the value of PEP_MIME_SRC to be set to the source directory for libpEpMIME")
else
CPPFLAGS+=-DPEP_BUILTIN_MIME
ifneq ($(BUILD_ON),OS/390)
LDLIBS+=-lstdc++
endif
ETPAN_LIB=
ETPAN_INC=
endif


+ 17
- 7
asn.1/message.asn1 View File

@ -17,7 +17,7 @@ BEGIN
EXPORTS ASN1Message;
IMPORTS
PString, PStringList, Identity, IdentityList, PStringPairList, Hash
PString, PStringList, PStringPairList, Hash, ISO639-1
FROM PEP { iso(1) org(3) dod(6) internet(1) private(4)
enterprise(1) pEp(47878) basic(0) };
@ -47,21 +47,31 @@ PBlobList ::= SEQUENCE OF PBlob
-- (i.e., times are YYYYMMDDHHMMSSZ), even where the number of seconds
-- is zero. GeneralizedTime values MUST NOT include fractional seconds.
PIdentity ::= SEQUENCE {
address PString,
fpr Hash OPTIONAL,
user-id PString,
username PString OPTIONAL,
comm-type INTEGER (0..255),
lang ISO639-1 OPTIONAL
}
PIdentityList ::= SEQUENCE OF PIdentity
ASN1Message ::= SEQUENCE {
direction MessageDirection OPTIONAL, -- used only in "inner" messages
id PString OPTIONAL, -- UTF-8 string of message ID
sent GeneralizedTime OPTIONAL, -- when the message is sent
recv GeneralizedTime OPTIONAL, -- when the message is received
from Identity, -- whom the message is from
from PIdentity, -- whom the message is from
-- At least one of to, cc must not be an empty list
-- FIXME: Can this be constrained?
to IdentityList OPTIONAL, -- whom the message is to
cc IdentityList OPTIONAL, -- whom a CC is being sent
bcc IdentityList OPTIONAL, -- whom a BCC is being sent
recv-by Identity OPTIONAL, -- via which identity the message
to PIdentityList OPTIONAL, -- whom the message is to
cc PIdentityList OPTIONAL, -- whom a CC is being sent
bcc PIdentityList OPTIONAL, -- whom a BCC is being sent
recv-by PIdentity OPTIONAL, -- via which identity the message
-- is received
reply-to IdentityList OPTIONAL, -- where a reply should go to
reply-to PIdentityList OPTIONAL, -- where a reply should go to
in-reply-to PStringList OPTIONAL, -- list of UTF-8 strings with
-- MessageIDs of refering messages
-- internal: refering_msg_ref


+ 2
- 1
asn.1/pEp.asn1 View File

@ -12,7 +12,8 @@ DEFINITIONS AUTOMATIC TAGS EXTENSIBILITY IMPLIED ::=
BEGIN
EXPORTS Identity, IdentityList, TID, Hash, Version, Rating, PString, PStringList, PStringPair, PStringPairList;
EXPORTS Identity, IdentityList, TID, Hash, Version, Rating, PString,
PStringList, PStringPair, PStringPairList, ISO639-1;
ISO639-1 ::= PrintableString(FROM ("a".."z")) (SIZE(2))
Hex ::= PrintableString(FROM ("A".."F" | "0".."9"))


+ 24
- 0
build-mac/Subprojects/pEpASN1/pEpASN1.xcodeproj/project.pbxproj View File

@ -406,6 +406,14 @@
15EB0D8C26D7D1C500CDFF4F /* PStringPair.c in Sources */ = {isa = PBXBuildFile; fileRef = 15EB0D8926D7D1C500CDFF4F /* PStringPair.c */; };
15EB0D8D26D7D1C500CDFF4F /* PStringPair.h in Headers */ = {isa = PBXBuildFile; fileRef = 15EB0D8A26D7D1C500CDFF4F /* PStringPair.h */; settings = {ATTRIBUTES = (Public, ); }; };
15EB0D8E26D7D1C500CDFF4F /* PStringPair.h in Headers */ = {isa = PBXBuildFile; fileRef = 15EB0D8A26D7D1C500CDFF4F /* PStringPair.h */; settings = {ATTRIBUTES = (Public, ); }; };
43788990272831D200E80F5A /* PIdentity.c in Sources */ = {isa = PBXBuildFile; fileRef = 4378898E272831D200E80F5A /* PIdentity.c */; };
43788991272831D200E80F5A /* PIdentity.c in Sources */ = {isa = PBXBuildFile; fileRef = 4378898E272831D200E80F5A /* PIdentity.c */; };
43788992272831D200E80F5A /* PIdentity.h in Headers */ = {isa = PBXBuildFile; fileRef = 4378898F272831D200E80F5A /* PIdentity.h */; settings = {ATTRIBUTES = (Public, ); }; };
43788993272831D200E80F5A /* PIdentity.h in Headers */ = {isa = PBXBuildFile; fileRef = 4378898F272831D200E80F5A /* PIdentity.h */; settings = {ATTRIBUTES = (Public, ); }; };
437889962728321800E80F5A /* PIdentityList.c in Sources */ = {isa = PBXBuildFile; fileRef = 437889942728321800E80F5A /* PIdentityList.c */; };
437889972728321800E80F5A /* PIdentityList.c in Sources */ = {isa = PBXBuildFile; fileRef = 437889942728321800E80F5A /* PIdentityList.c */; };
437889982728321800E80F5A /* PIdentityList.h in Headers */ = {isa = PBXBuildFile; fileRef = 437889952728321800E80F5A /* PIdentityList.h */; settings = {ATTRIBUTES = (Public, ); }; };
437889992728321800E80F5A /* PIdentityList.h in Headers */ = {isa = PBXBuildFile; fileRef = 437889952728321800E80F5A /* PIdentityList.h */; settings = {ATTRIBUTES = (Public, ); }; };
/* End PBXBuildFile section */
/* Begin PBXContainerItemProxy section */
@ -631,6 +639,10 @@
15EB0D7726D7CBDE00CDFF4F /* PBlob.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = PBlob.h; path = ../../../asn.1/PBlob.h; sourceTree = "<group>"; };
15EB0D8926D7D1C500CDFF4F /* PStringPair.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = PStringPair.c; path = ../../../asn.1/PStringPair.c; sourceTree = "<group>"; };
15EB0D8A26D7D1C500CDFF4F /* PStringPair.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = PStringPair.h; path = ../../../asn.1/PStringPair.h; sourceTree = "<group>"; };
4378898E272831D200E80F5A /* PIdentity.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = PIdentity.c; path = ../../../asn.1/PIdentity.c; sourceTree = "<group>"; };
4378898F272831D200E80F5A /* PIdentity.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = PIdentity.h; path = ../../../asn.1/PIdentity.h; sourceTree = "<group>"; };
437889942728321800E80F5A /* PIdentityList.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = PIdentityList.c; path = ../../../asn.1/PIdentityList.c; sourceTree = "<group>"; };
437889952728321800E80F5A /* PIdentityList.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = PIdentityList.h; path = ../../../asn.1/PIdentityList.h; sourceTree = "<group>"; };
/* End PBXFileReference section */
/* Begin PBXFrameworksBuildPhase section */
@ -691,6 +703,10 @@
15A3206B260E0376009D07EB /* src */ = {
isa = PBXGroup;
children = (
437889942728321800E80F5A /* PIdentityList.c */,
437889952728321800E80F5A /* PIdentityList.h */,
4378898E272831D200E80F5A /* PIdentity.c */,
4378898F272831D200E80F5A /* PIdentity.h */,
15EB0D8926D7D1C500CDFF4F /* PStringPair.c */,
15EB0D8A26D7D1C500CDFF4F /* PStringPair.h */,
15EB0D7626D7CBDE00CDFF4F /* PBlob.c */,
@ -915,6 +931,7 @@
151581F826CE4E87003D8685 /* asn_SEQUENCE_OF.h in Headers */,
151581DD26CE4E87003D8685 /* asn_internal.h in Headers */,
1515821B26CE4E87003D8685 /* GeneralizedTime.h in Headers */,
43788992272831D200E80F5A /* PIdentity.h in Headers */,
1515822126CE4E87003D8685 /* ISO639-1.h in Headers */,
151581E526CE4E87003D8685 /* TrustRequest.h in Headers */,
1515823026CE4E87003D8685 /* Hash.h in Headers */,
@ -974,6 +991,7 @@
151581DE26CE4E87003D8685 /* per_encoder.h in Headers */,
151581E426CE4E87003D8685 /* NegotiationRequestGrouped.h in Headers */,
15EB0D8226D7CBDE00CDFF4F /* PBlob.h in Headers */,
437889982728321800E80F5A /* PIdentityList.h in Headers */,
151581F626CE4E87003D8685 /* Distribution.h in Headers */,
151581ED26CE4E87003D8685 /* Hex.h in Headers */,
1515820126CE4E87003D8685 /* ContentDisposition.h in Headers */,
@ -1018,6 +1036,7 @@
1515856A26CE5385003D8685 /* GroupKeysForNewMember.h in Headers */,
1515854C26CE5385003D8685 /* ExploreResponse.h in Headers */,
1515859726CE5385003D8685 /* OwnKeysOfferer.h in Headers */,
43788993272831D200E80F5A /* PIdentity.h in Headers */,
1515859526CE5385003D8685 /* GroupTrustThisKey.h in Headers */,
1515855126CE5385003D8685 /* asn_internal.h in Headers */,
15EB0D7926D7CBDE00CDFF4F /* PBlobList.h in Headers */,
@ -1048,6 +1067,7 @@
1515855C26CE5385003D8685 /* CommitAcceptForGroup.h in Headers */,
1515859026CE5385003D8685 /* der_encoder.h in Headers */,
1515856726CE5385003D8685 /* asn_application.h in Headers */,
437889992728321800E80F5A /* PIdentityList.h in Headers */,
1515855026CE5385003D8685 /* Exploration.h in Headers */,
1515855E26CE5385003D8685 /* ISO639-1.h in Headers */,
1515858526CE5385003D8685 /* per_decoder.h in Headers */,
@ -1287,6 +1307,7 @@
15EB0D7C26D7CBDE00CDFF4F /* PStringPairList.c in Sources */,
151584E426CE5347003D8685 /* INTEGER.c in Sources */,
151584E026CE5347003D8685 /* ExploreChallenge.c in Sources */,
437889962728321800E80F5A /* PIdentityList.c in Sources */,
151584EC26CE5347003D8685 /* GroupTrustThisKey.c in Sources */,
151584CD26CE5347003D8685 /* GroupKeysUpdate.c in Sources */,
151584D826CE5347003D8685 /* Distribution.c in Sources */,
@ -1326,6 +1347,7 @@
1515850526CE5347003D8685 /* PStringList.c in Sources */,
151584FC26CE5347003D8685 /* constr_SEQUENCE.c in Sources */,
1515850926CE5347003D8685 /* GroupKeysAndClose.c in Sources */,
43788990272831D200E80F5A /* PIdentity.c in Sources */,
151584D326CE5347003D8685 /* Commands.c in Sources */,
151584D526CE5347003D8685 /* TrustSync.c in Sources */,
151584CA26CE5347003D8685 /* KeySync.c in Sources */,
@ -1386,6 +1408,7 @@
15EB0D7D26D7CBDE00CDFF4F /* PStringPairList.c in Sources */,
1515848826CE5345003D8685 /* INTEGER.c in Sources */,
1515848426CE5345003D8685 /* ExploreChallenge.c in Sources */,
437889972728321800E80F5A /* PIdentityList.c in Sources */,
1515849026CE5345003D8685 /* GroupTrustThisKey.c in Sources */,
1515847126CE5345003D8685 /* GroupKeysUpdate.c in Sources */,
1515847C26CE5345003D8685 /* Distribution.c in Sources */,
@ -1425,6 +1448,7 @@
151584A926CE5345003D8685 /* PStringList.c in Sources */,
151584A026CE5345003D8685 /* constr_SEQUENCE.c in Sources */,
151584AD26CE5345003D8685 /* GroupKeysAndClose.c in Sources */,
43788991272831D200E80F5A /* PIdentity.c in Sources */,
1515847726CE5345003D8685 /* Commands.c in Sources */,
1515847926CE5345003D8685 /* TrustSync.c in Sources */,
1515846E26CE5345003D8685 /* KeySync.c in Sources */,


+ 72
- 0
build-mac/pEpEngine.xcodeproj/project.pbxproj View File

@ -365,6 +365,34 @@
remoteGlobalIDString = 150845DE25F13CE700D46DA6;
remoteInfo = generate_code;
};
4309FF0A27315E560055C6C9 /* PBXContainerItemProxy */ = {
isa = PBXContainerItemProxy;
containerPortal = 4309FF0327315E560055C6C9 /* pEpTransport.xcodeproj */;
proxyType = 2;
remoteGlobalIDString = 43B26350272AA95000EE82BC;
remoteInfo = pEpTransport_macOS;
};
4309FF0C27315E560055C6C9 /* PBXContainerItemProxy */ = {
isa = PBXContainerItemProxy;
containerPortal = 4309FF0327315E560055C6C9 /* pEpTransport.xcodeproj */;
proxyType = 2;
remoteGlobalIDString = 43B263CF272AC13400EE82BC;
remoteInfo = pEpTransport_iOS;
};
4309FF87273170E50055C6C9 /* PBXContainerItemProxy */ = {
isa = PBXContainerItemProxy;
containerPortal = 4309FF0327315E560055C6C9 /* pEpTransport.xcodeproj */;
proxyType = 1;
remoteGlobalIDString = 43B263C6272AC13400EE82BC;
remoteInfo = pEpTransport_iOS;
};
4309FF89273170EF0055C6C9 /* PBXContainerItemProxy */ = {
isa = PBXContainerItemProxy;
containerPortal = 4309FF0327315E560055C6C9 /* pEpTransport.xcodeproj */;
proxyType = 1;
remoteGlobalIDString = 43B2634F272AA95000EE82BC;
remoteInfo = pEpTransport_macOS;
};
43D47AA0225CC82400E97C5B /* PBXContainerItemProxy */ = {
isa = PBXContainerItemProxy;
containerPortal = 64796A371B455AA5004B1C24 /* Project object */;
@ -542,6 +570,7 @@
1585EF5A26A08B2000B822E1 /* CommonPEPDependencies.xcodeproj */ = {isa = PBXFileReference; lastKnownFileType = "wrapper.pb-project"; name = CommonPEPDependencies.xcodeproj; path = "../../common-dependency-build-helpers-4-apple-hardware/CommonPEPDependencies/CommonPEPDependencies.xcodeproj"; sourceTree = "<group>"; };
15A3203B260E030B009D07EB /* pEpASN1.xcodeproj */ = {isa = PBXFileReference; lastKnownFileType = "wrapper.pb-project"; name = pEpASN1.xcodeproj; path = Subprojects/pEpASN1/pEpASN1.xcodeproj; sourceTree = "<group>"; };
15A3261C2611F6B5009D07EB /* PEPSQLITE3.xcodeproj */ = {isa = PBXFileReference; lastKnownFileType = "wrapper.pb-project"; name = PEPSQLITE3.xcodeproj; path = Subprojects/PEPSQLITE3/PEPSQLITE3.xcodeproj; sourceTree = "<group>"; };
4309FF0327315E560055C6C9 /* pEpTransport.xcodeproj */ = {isa = PBXFileReference; lastKnownFileType = "wrapper.pb-project"; name = pEpTransport.xcodeproj; path = "../../libpEpTransport/build-mac/pEpTransport/pEpTransport.xcodeproj"; sourceTree = "<group>"; };
644297BF1BE11C65002BC73B /* pEpTrustWords.bundle */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; includeInIndex = 0; path = pEpTrustWords.bundle; sourceTree = BUILT_PRODUCTS_DIR; };
644297C11BE11C65002BC73B /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; };
64796A3F1B455AA5004B1C24 /* libpEpEngine.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = libpEpEngine.a; sourceTree = BUILT_PRODUCTS_DIR; };
@ -642,6 +671,15 @@
name = Products;
sourceTree = "<group>";
};
4309FF0427315E560055C6C9 /* Products */ = {
isa = PBXGroup;
children = (
4309FF0B27315E560055C6C9 /* libpEpTransport_macOS.a */,
4309FF0D27315E560055C6C9 /* libpEpTransport_iOS.a */,
);
name = Products;
sourceTree = "<group>";
};
64289E2B1B8B630200FC617B /* Products */ = {
isa = PBXGroup;
children = (
@ -665,6 +703,7 @@
1585EF5A26A08B2000B822E1 /* CommonPEPDependencies.xcodeproj */,
15A3261C2611F6B5009D07EB /* PEPSQLITE3.xcodeproj */,
15A3203B260E030B009D07EB /* pEpASN1.xcodeproj */,
4309FF0327315E560055C6C9 /* pEpTransport.xcodeproj */,
64951A1B1BE0FCD800B10E71 /* system.db */,
64DA24121B832EBA000BEE80 /* libetpan.xcodeproj */,
64A8264B1B455C5600EECAF0 /* src */,
@ -958,6 +997,7 @@
buildRules = (
);
dependencies = (
4309FF8A273170EF0055C6C9 /* PBXTargetDependency */,
1585EF6D26A08B2E00B822E1 /* PBXTargetDependency */,
156AFE832670E6D800AF0039 /* PBXTargetDependency */,
151585FA26CE6A78003D8685 /* PBXTargetDependency */,
@ -1001,6 +1041,7 @@
buildRules = (
);
dependencies = (
4309FF88273170E50055C6C9 /* PBXTargetDependency */,
1585EF6F26A08B3A00B822E1 /* PBXTargetDependency */,
15A3266026120618009D07EB /* PBXTargetDependency */,
15B21C3625FB8DD10097927A /* PBXTargetDependency */,
@ -1064,6 +1105,10 @@
ProductGroup = 15A3261D2611F6B5009D07EB /* Products */;
ProjectRef = 15A3261C2611F6B5009D07EB /* PEPSQLITE3.xcodeproj */;
},
{
ProductGroup = 4309FF0427315E560055C6C9 /* Products */;
ProjectRef = 4309FF0327315E560055C6C9 /* pEpTransport.xcodeproj */;
},
);
projectRoot = "";
targets = (
@ -1105,6 +1150,20 @@
remoteRef = 15A3266526120618009D07EB /* PBXContainerItemProxy */;
sourceTree = BUILT_PRODUCTS_DIR;
};
4309FF0B27315E560055C6C9 /* libpEpTransport_macOS.a */ = {
isa = PBXReferenceProxy;
fileType = archive.ar;
path = libpEpTransport_macOS.a;
remoteRef = 4309FF0A27315E560055C6C9 /* PBXContainerItemProxy */;
sourceTree = BUILT_PRODUCTS_DIR;
};
4309FF0D27315E560055C6C9 /* libpEpTransport_iOS.a */ = {
isa = PBXReferenceProxy;
fileType = archive.ar;
path = libpEpTransport_iOS.a;
remoteRef = 4309FF0C27315E560055C6C9 /* PBXContainerItemProxy */;
sourceTree = BUILT_PRODUCTS_DIR;
};
64289E351B8B630200FC617B /* libetpan.a */ = {
isa = PBXReferenceProxy;
fileType = archive.ar;
@ -1408,6 +1467,16 @@
target = 150845DE25F13CE700D46DA6 /* generate_code */;
targetProxy = 15B21C3525FB8DD10097927A /* PBXContainerItemProxy */;
};
4309FF88273170E50055C6C9 /* PBXTargetDependency */ = {
isa = PBXTargetDependency;
name = pEpTransport_iOS;
targetProxy = 4309FF87273170E50055C6C9 /* PBXContainerItemProxy */;
};
4309FF8A273170EF0055C6C9 /* PBXTargetDependency */ = {
isa = PBXTargetDependency;
name = pEpTransport_macOS;
targetProxy = 4309FF89273170EF0055C6C9 /* PBXContainerItemProxy */;
};
43D47AA1225CC82400E97C5B /* PBXTargetDependency */ = {
isa = PBXTargetDependency;
platformFilter = ios;
@ -1579,6 +1648,7 @@
HEADER_SEARCH_PATHS = (
"$(PROJECT_DIR)/Subprojects/pEpASN1/build/include",
"$(PROJECT_DIR)/Subprojects/PEPSQLITE3/build/include",
"$(PROJECT_DIR)/build/include",
"${PROJECT_DIR}/../../common-dependency-build-helpers-4-apple-hardware/CommonPEPDependencies/build/include",
);
IPHONEOS_DEPLOYMENT_TARGET = 12.0;
@ -1750,6 +1820,7 @@
HEADER_SEARCH_PATHS = (
"$(PROJECT_DIR)/Subprojects/pEpASN1/build/include",
"$(PROJECT_DIR)/Subprojects/PEPSQLITE3/build/include",
"$(PROJECT_DIR)/build/include",
"${PROJECT_DIR}/../../common-dependency-build-helpers-4-apple-hardware/CommonPEPDependencies/build/include",
);
IPHONEOS_DEPLOYMENT_TARGET = 12.0;
@ -1813,6 +1884,7 @@
HEADER_SEARCH_PATHS = (
"$(PROJECT_DIR)/Subprojects/pEpASN1/build/include",
"$(PROJECT_DIR)/Subprojects/PEPSQLITE3/build/include",
"$(PROJECT_DIR)/build/include",
"${PROJECT_DIR}/../../common-dependency-build-helpers-4-apple-hardware/CommonPEPDependencies/build/include",
);
IPHONEOS_DEPLOYMENT_TARGET = 12.0;


+ 7
- 2
codegen/gen_codec.ysl2 View File

@ -152,8 +152,13 @@ tstylesheet {
*msg = NULL;
«@name»_t *_msg = NULL;
uper_decode_complete(NULL, &asn_DEF_«@name», (void **) &_msg, data, size);
if (!_msg)
asn_dec_rval_t rval = uper_decode_complete(NULL, &asn_DEF_«@name», (void **) &_msg, data, size);
// N.B: If you plan on having messages were the full message isn't consumed by decoding here,
// then please look into uper_decode_complete; we still may get a message, even if to contains
// nothing. RC_FAIL is an obvious case, but we also need to fail if RC_WMORE is the code, especially
// if rval.consumed == 0. Volker, please look into this and decide what you want.
if (!_msg || rval.code != RC_OK)
return PEP_«yml:ucase(@name)»_ILLEGAL_MESSAGE;
*msg = _msg;


+ 1
- 1
codegen/gen_statemachine.ysl2 View File

@ -1705,7 +1705,7 @@ tstylesheet {
switch (event) {
case None:
«../@name»_SERVICE_LOG("received Timeout event", "ignoring");
// received Timeout event, ignoring
break;
||


+ 5
- 2
db/Makefile View File

@ -18,8 +18,11 @@ system.db: create_system_db.sql $(DICOS)
.PHONY: install
install: system.db
mkdir -p $(DESTDIR)$(PER_MACHINE_DIRECTORY)
cp system.db $(DESTDIR)$(PER_MACHINE_DIRECTORY)
# Notice that the expansion of these make variables may still contain
# shell variable occurrences, to be expanded in their turn. This
# serves to leave more freedom to the deployment engineer.
mkdir -p "$(DESTDIR)$(PER_MACHINE_DIRECTORY)"
cp system.db "$(DESTDIR)$(PER_MACHINE_DIRECTORY)"
.PHONY: clean
clean:


+ 67
- 29
doc/build-debian.md View File

@ -1,43 +1,56 @@
<!-- Copyright 2015-2017, pEp foundation, Switzerland
<!-- Copyright 2015-2021, pEp foundation, Switzerland
This file is part of the pEp Engine
This file may be used under the terms of the Creative Commons Attribution-ShareAlike 3.0 Unported (CC BY-SA 3.0) License
See CC_BY-SA.txt -->
# Build instructions for Debian 9
# Build instructions for Debian 9 and 10
We assume the user keeps sources under `~/pep-src`. There is no single
installation prefix: each package is built, or when supported installed, in
either its source directory or in a subdirectory of its source directory.
Rationale: we do not pollute the user system, uninstalling is trivial.
This is Unix: we assume no spaces in user names.
~~~
mkdir -p ~/pep-src
~~~
# Installing packaged dependencies
~~~
# general
apt install -y mercurial
# YML2
apt install -y python-lxml
apt install -y git
# libetpan
apt install -y git build-essential automake libtool
# asn1c
apt install -y git build-essential automake libtool autoconf
# sequoia
apt install git rustc cargo clang libclang-dev make pkg-config nettle-dev libssl-dev capnproto libsqlite3-dev
# engine
apt install -y uuid-dev libgpgme-dev libsqlite3-dev sqlite3
# optional: developer documentation
apt install -y doxygen pandoc
~~~
# Installing unpackaged dependencies
## YML2
~~~
mkdir -p ~/code/yml2
git clone https://gitea.pep.foundation/fdik/yml2.git ~/code/yml2
mkdir -p ~/pep-src/yml2
git clone https://gitea.pep.foundation/fdik/yml2.git ~/pep-src/yml2
~~~
## libetpan
pEp Engine requires libetpan with a set of patches that have not been upstreamed yet.
~~~
mkdir -p ~/code/libetpan
mkdir -p ~/pep-src/libetpan
git clone https://gitea.pep.foundation/pEp.foundation/libetpan.git ~/code/libetpan
cd ~/code/libetpan
mkdir ~/code/libetpan/build
./autogen.sh --prefix="$HOME/code/libetpan/build"
git clone https://gitea.pep.foundation/pEp.foundation/libetpan.git ~/pep-src/libetpan
cd ~/pep-src/libetpan
mkdir ~/pep-src/libetpan/build
./autogen.sh --prefix="$HOME/pep-src/libetpan/build"
make
make install
~~~
@ -45,45 +58,70 @@ make install
## asn1c
~~~
mkdir -p ~/code/asn1c
git clone git://github.com/vlm/asn1c.git ~/code/asn1c
cd ~/code/asn1c
mkdir -p ~/pep-src/asn1c
git clone git://github.com/vlm/asn1c.git ~/pep-src/asn1c
cd ~/pep-src/asn1c
git checkout tags/v0.9.28 -b pep-engine
autoreconf -iv
mkdir ~/code/asn1c/build
./configure --prefix="$HOME/code/asn1c/build"
mkdir ~/pep-src/asn1c/build
./configure --prefix="$HOME/pep-src/asn1c/build"
make
make install
~~~
## sequoia
~~~
git clone https://gitlab.com/sequoia-pgp/sequoia
cd ~/pep-src/sequoia
git checkout openpgp/v1.3.0
# Make an optimised sequoia build.
cargo build --all --release -j16
~~~
This alternative for the last line above is faster, but generates compiled libraries
in `~/pep-src/sequoia/target/debug` instead of `~/pep-src/sequoia/target/release`:
several definitions below need to be adapted.
~~~
# Alternative: make a debugging sequoia build.
cargo build --all -j16
~~~
# pEp Engine
~~~
mkdir -p ~/code/pep-engine
hg clone https://pep.foundation/dev/repos/pEpEngine/ ~/code/pep-engine
cd ~/code/pep-engine
mkdir ~/code/pep-engine/build
mkdir -p ~/pep-src/pep-engine
git clone https://gitea.pep.foundation/pEp.foundation/pEpEngine ~/pep-src/pep-engine
cd ~/pep-src/pep-engine
mkdir build
~~~
Edit the build configuration to your needs in `Makefile.conf`, or create a `local.conf` that sets any of the make variables documented in `Makefile.conf`. All the default values for the build configuration variables on each platform are documented in `Makefile.conf`.
Edit the build configuration to your needs in `Makefile.conf`, or create a `local.conf` in your source directory (the same containing `Makefile.conf`) that sets any of the make variables documented in `Makefile.conf`. All the default values for the build configuration variables on each platform are documented in `Makefile.conf`.
If a dependency is not found in your system's default include or library paths, you will have to specify the according paths in a make variable. Typically, this has to be done at least for YML2, libetpan and asn1c.
For a more detailed explanation of the mechanics of these build configuration files, and overriding defaults, see the comments in `Makefile.conf`.
Below is a sample `./local.conf` file, for orientation.
The following `./local.conf` example should work in the configuration described here.
~~~
PREFIX=$(HOME)/code/pep-engine/build
PREFIX=$(HOME)/pep-src/pep-engine/build
PER_MACHINE_DIRECTORY=$(PREFIX)/share/pEp
YML2_PATH=$(HOME)/code/yml2
YML2_PATH=$(HOME)/pep-src/yml2
ETPAN_LIB=-L$(HOME)/pep-src/libetpan/build/lib
ETPAN_INC=-I$(HOME)/pep-src/libetpan/build/include
ASN1C=$(HOME)/pep-src/asn1c/build/bin/asn1c
ASN1C_INC=-I$(HOME)/pep-src/asn1c/build/share/asn1c
ETPAN_LIB=-L$(HOME)/code/libetpan/build/lib
ETPAN_INC=-I$(HOME)/code/libetpan/build/include
SEQUOIA_INC=-I$(HOME)/pep-src/sequoia/openpgp-ffi/include
SEQUOIA_LDFLAGS=-L$(HOME)/pep-src/sequoia/target/release
ASN1C=$(HOME)/code/asn1c/build/bin/asn1c
ASN1C_INC=-I$(HOME)/code/asn1c/build/share/asn1c
GTEST_SRC_DIR=$(HOME)/pep-src/googletest/googletest
GTEST_INC_DIR=$(HOME)/pep-src/googletest/googletest/include
GTEST_PL=$(HOME)/pep-src/gtest-parallel/gtest_parallel.py
~~~
The engine is built as follows:


+ 13
- 10
scripts/centos8/Makefile View File

@ -22,7 +22,7 @@ endif
all: deps build
deps:
-docker pull $(IMAGE_NAME)-deps:latest
-docker pull --quiet $(IMAGE_NAME)-deps:latest
cd ../../ && docker build --build-arg CURRENT_DISTRO=$(CURRENT_DISTRO) \
--build-arg DOCKER_REGISTRY_HOST=${DOCKER_REGISTRY_HOST} \
--build-arg PEPENGINE_VERSION=$(PEPENGINE_VERSION) \
@ -33,11 +33,14 @@ deps:
--tag=$(IMAGE_NAME)-deps:$(SEQUOIA_VERSION)-$(YML2_VERSION) \
--tag=$(IMAGE_NAME)-deps:latest \
-f scripts/${CURRENT_DISTRO}/deps.$(DOCKERFILE) .
docker push $(IMAGE_NAME)-deps:$(SEQUOIA_VERSION)-$(YML2_VERSION)
docker push $(IMAGE_NAME)-deps:latest
docker push --quiet $(IMAGE_NAME)-deps:$(SEQUOIA_VERSION)-$(YML2_VERSION)
docker push --quiet $(IMAGE_NAME)-deps:latest
build:
-docker pull $(IMAGE_NAME):latest
cd ../../ && /bin/sh ./scripts/common/build_pEpEngine.sh
build-docker:
-docker pull --quiet $(IMAGE_NAME):latest
cd ../../ && docker build --build-arg CURRENT_DISTRO=$(CURRENT_DISTRO) \
--build-arg DOCKER_REGISTRY_HOST=${DOCKER_REGISTRY_HOST} \
--build-arg PEPENGINE_VERSION=$(PEPENGINE_VERSION) \
@ -47,12 +50,12 @@ build:
--cache-from $(IMAGE_NAME):latest \
--tag=$(IMAGE_NAME):$(PEPENGINE_VERSION) \
--tag=$(IMAGE_NAME):latest \
-f scripts/${CURRENT_DISTRO}/$(DOCKERFILE) .
docker push $(IMAGE_NAME):$(PEPENGINE_VERSION)
docker push $(IMAGE_NAME):latest
-f scripts/common/build.pEpEngine.Dockerfile .
docker push --quiet $(IMAGE_NAME):$(PEPENGINE_VERSION)
docker push --quiet $(IMAGE_NAME):latest
rpm:
-docker pull $(PKG_BUILD_IMAGE)-engine:latest
-docker pull --quiet $(PKG_BUILD_IMAGE)-engine:latest
@docker build --build-arg CURRENT_DISTRO=$(CURRENT_DISTRO) \
--build-arg PEPENGINE_VERSION=$(PEPENGINE_VERSION) \
--build-arg DOCKER_REGISTRY_HOST=${DOCKER_REGISTRY_HOST} \
@ -62,8 +65,8 @@ rpm:
--tag=$(PKG_BUILD_IMAGE)-engine:$(PEPENGINE_VERSION) \
--tag=$(PKG_BUILD_IMAGE)-engine:latest \
packages/rpm
@docker push $(PKG_BUILD_IMAGE)-engine:$(PEPENGINE_VERSION)
@docker push $(PKG_BUILD_IMAGE)-engine:latest
@docker push --quiet $(PKG_BUILD_IMAGE)-engine:$(PEPENGINE_VERSION)
@docker push --quiet $(PKG_BUILD_IMAGE)-engine:latest
@docker run -e PEPENGINE_VERSION=$(PEPENGINE_VERSION) \
-e PEP_MACHINE_DIR=$(PEP_MACHINE_DIR) \
-e PKG_VERSION=$(PEPENGINE_VERSION) \


+ 3
- 0
scripts/centos8/deps.pEpEngine.centos8.Dockerfile View File

@ -17,6 +17,9 @@ USER root
RUN yum install -y python3 python3-lxml binutils && yum clean all
### Setup PEP_MACHINE_DIR
RUN mkdir -p ${PEP_MACHINE_DIR}
RUN chown -R pep-builder:pep-builder ${BUILDROOT}/pEpEngine
WORKDIR ${BUILDROOT}/pEpEngine


scripts/centos8/pEpEngine.centos8.Dockerfile → scripts/common/build.pEpEngine.Dockerfile View File


+ 24
- 5
scripts/debian10/Makefile View File

@ -6,6 +6,7 @@ SEQUOIA_VERSION=$(shell echo ${sequoia} | sed 's/\//-/')
CURRENT_DISTRO=$(shell basename $(shell pwd))
IMAGE_NAME=${DOCKER_REGISTRY_HOST}/pep-$(CURRENT_DISTRO)-engine
DOCKERFILE=pEpEngine.$(CURRENT_DISTRO).Dockerfile
PKG_INSTALL_PATH=/opt/pEp
IS_TAGGED=${TAGGED_BUILD}
ifeq ($(IS_TAGGED), true)
# $CI_COMMIT_TAG is a predefined environment variable from Gitlab
@ -13,10 +14,28 @@ ifeq ($(IS_TAGGED), true)
else
PEPENGINE_VERSION=$(shell git rev-parse --short=8 HEAD)
endif
all: build
all: deps build
deps:
-docker pull --quiet $(IMAGE_NAME)-deps:latest
cd ../../ && docker build --build-arg CURRENT_DISTRO=$(CURRENT_DISTRO) \
--build-arg DOCKER_REGISTRY_HOST=${DOCKER_REGISTRY_HOST} \
--build-arg PEPENGINE_VERSION=$(PEPENGINE_VERSION) \
--build-arg SEQUOIA_VERSION=$(SEQUOIA_VERSION) \
--build-arg YML2_VERSION=$(YML2_VERSION) \
--build-arg PEP_MACHINE_DIR=$(PEP_MACHINE_DIR) \
--cache-from $(IMAGE_NAME):latest \
--tag=$(IMAGE_NAME)-deps:$(SEQUOIA_VERSION)-$(YML2_VERSION) \
--tag=$(IMAGE_NAME)-deps:latest \
-f scripts/${CURRENT_DISTRO}/deps.$(DOCKERFILE) .
docker push --quiet $(IMAGE_NAME)-deps:$(SEQUOIA_VERSION)-$(YML2_VERSION)
docker push --quiet $(IMAGE_NAME)-deps:latest
build:
-docker pull $(IMAGE_NAME):latest
cd ../../ && /bin/sh ./scripts/common/build_pEpEngine.sh
build-docker:
-docker pull --quiet $(IMAGE_NAME):latest
cd ../../ && docker build --build-arg CURRENT_DISTRO=$(CURRENT_DISTRO) \
--build-arg DOCKER_REGISTRY_HOST=${DOCKER_REGISTRY_HOST} \
--build-arg PEPENGINE_VERSION=$(PEPENGINE_VERSION) \
@ -26,6 +45,6 @@ build:
--cache-from $(IMAGE_NAME):latest \
--tag=$(IMAGE_NAME):$(PEPENGINE_VERSION) \
--tag=$(IMAGE_NAME):latest \
-f scripts/${CURRENT_DISTRO}/$(DOCKERFILE) .
docker push $(IMAGE_NAME):$(PEPENGINE_VERSION)
docker push $(IMAGE_NAME):latest
-f scripts/common/build.pEpEngine.Dockerfile .
docker push --quiet $(IMAGE_NAME):$(PEPENGINE_VERSION)
docker push --quiet $(IMAGE_NAME):latest

scripts/debian10/pEpEngine.debian10.Dockerfile → scripts/debian10/deps.pEpEngine.debian10.Dockerfile View File


+ 46
- 16
src/Makefile View File

@ -5,22 +5,30 @@
include ../Makefile.conf
# Notice the single quotes below: since user definitions can contain dollar
# signs it is important to prevent their expansion: shell variable references
# here must be expanded at run time, and not at compile time.
ifdef PER_USER_DIRECTORY
EXTRA_MACROS+= -DPER_USER_DIRECTORY=$(PER_USER_DIRECTORY)
EXTRA_MACROS+= -DPER_USER_DIRECTORY='"$(PER_USER_DIRECTORY)"'
endif
ifdef PER_MACHINE_DIRECTORY
EXTRA_MACROS+= -DPER_MACHINE_DIRECTORY=\"$(PER_MACHINE_DIRECTORY)\"
EXTRA_MACROS+= -DPER_MACHINE_DIRECTORY='"$(PER_MACHINE_DIRECTORY)"'
endif
ifneq ($(BUILD_ON),OS/390)
LDFLAGS+= -shared
endif
NO_SOURCE=
ifndef PEP_MIME
CFLAGS+= $(ETPAN_INC)
LDFLAGS+= $(ETPAN_LIB)
ifeq ($(BUILD_ON),OS/390)
LDLIBS+= -letpan-no-mt
else
LDLIBS+= -letpan
endif
else
LDFLAGS+= -L../pEpMIME -shared
LDLIBS+= -lpEpMIME
NO_SOURCE+= etpan_mime.c
endif
@ -28,10 +36,17 @@ endif
CFLAGS+= -I../asn.1 $(EXTRA_MACROS)
CPPFLAGS+= -DSQLITE_THREADSAFE=1
LDFLAGS+= -L../asn.1 -shared
LDLIBS+= -lc -lasn1
LDFLAGS+= -L../asn.1
ifneq ($(BUILD_ON),OS/390)
LDFLAGS+= -shared
LDLIBS+= -lc
endif
LDLIBS+= -lasn1
ifeq ($(BUILD_ON),Darwin)
ifeq ($(BUILD_ON),OS/390)
OPENPGP=NETPGP
LDLIBS+= -lzz
else ifeq ($(BUILD_ON),Darwin)
ifeq ($(BUILD_FOR),Darwin)
LDLIBS+= -lz -liconv -mmacosx-version-min=10.10
else
@ -59,6 +74,13 @@ ifeq ($(OPENPGP),SEQUOIA)
CFLAGS+= $(SEQUOIA_CFLAGS) $(SEQUOIA_INC)
LDFLAGS+= $(SEQUOIA_LDFLAGS)
LDLIBS+= $(SEQUOIA_LIB)
NO_SOURCE+=pgp_netpgp.c
else ifeq ($(OPENPGP),NETPGP)
CPPFLAGS+= -DUSE_NETPGP
CFLAGS+= $(NETPGP_CFLAGS) $(NETPGP_INC)
LDFLAGS+= $(NETPGP_LDFLAGS)
LDLIBS+= $(NETPGP_LIB)
NO_SOURCE+=pgp_sequoia.c
else
$(error Unknown OpenPGP library: $(OPENPGP))
endif
@ -66,6 +88,10 @@ endif
ALL_SOURCE=$(filter-out $(NO_SOURCE),$(wildcard *.c))
DEPENDS=$(subst .c,.d,$(ALL_SOURCE))
ALL_OBJECTS=$(subst .c,.o,$(ALL_SOURCE))
ifeq ($(BUILD_ON),OS/390)
ALL_OBJECTS+=/usr/lib/GSKCMS64.x
ALL_OBJECTS+=/usr/lib/CSNPCA64.x
endif
all: $(TARGET)
@ -83,7 +109,7 @@ ifneq ($(MAKECMDGOALS),clean)
endif
$(TARGET): libpEpEngine.a
$(CC) $(CFLAGS) $(CPPFLAGS) $(ALL_OBJECTS) $(LDFLAGS) $(LDLIBS) -o $@
$(CC) -o $@ $(CPPFLAGS) $(LDFLAGS) $(CFLAGS) $(ALL_OBJECTS) $(LDLIBS)
.PHONY: objects clean install_headers install uninstall beinstall
@ -97,17 +123,20 @@ clean:
rm -Rf $(TARGET).dSYM
rm -f KeySync_fsm.* Sync_actions.c Sync_event.* Sync_func.* Sync_impl.* sync_codec.* distribution_codec.* storage_codec.*
HEADERS_TO_INSTALL = \
pEpEngine.h keymanagement.h message_api.h dynamic_api.h stringlist.h \
timestamp.h identity_list.h bloblist.h stringpair.h message.h mime.h group.h \
cryptotech.h sync_api.h pEp_string.h openpgp_compat.h engine_sql.h \
labeled_int_list.h key_reset.h base64.h sync_codec.h distribution_codec.h \
storage_codec.h status_to_string.h keyreset_command.h platform.h platform_unix.h \
transport.h growing_buf.h $(wildcard ../asn.1/*.h)
# CAVEAT:
# install_headers is needed for building *STANDALONE* pEp MIME - it is NOT used for built-in functionality!!!
install_headers: $(TARGET)
mkdir -p $(DESTDIR)$(PREFIX)/include/pEp
cp pEpEngine.h keymanagement.h message_api.h dynamic_api.h stringlist.h \
timestamp.h identity_list.h bloblist.h stringpair.h message.h mime.h group.h \
cryptotech.h sync_api.h pEp_string.h openpgp_compat.h engine_sql.h \
labeled_int_list.h key_reset.h base64.h sync_codec.h distribution_codec.h storage_codec.h \
status_to_string.h keyreset_command.h platform.h platform_unix.h ../asn.1/*.h \
$(DESTDIR)$(PREFIX)/include/pEp/
cp $(HEADERS_TO_INSTALL) $(DESTDIR)$(PREFIX)/include/pEp/
# FIXME: Does anyone but Roker use install_headers? Otherwise, remove the dependency.
install: $(TARGET) install_headers
@ -120,7 +149,8 @@ beinstall: install
uninstall:
rm -f $(DESTDIR)$(PREFIX)/lib/$(TARGET)
rm -rf $(DESTDIR)$(PREFIX)/include/pEp
rm $(addprefix $(DESTDIR)$(PREFIX)/include/pEp/,$(notdir $(HEADERS_TO_INSTALL)))
rmdir $(DESTDIR)$(PREFIX)/include/pEp 2> /dev/null || true
tags: $(wildcard *.c) $(wildcard *.h)
ctags --sort=yes *.c *.h


+ 3
- 2
src/cryptotech.c View File

@ -6,10 +6,11 @@
#include "pEp_internal.h"
#ifdef USE_SEQUOIA
#if defined(USE_SEQUOIA)
#include "pgp_sequoia.h"
#elif defined(USE_NETPGP)
#include "pgp_netpgp.h"
#endif
//
#include <stdlib.h>
#include <memory.h>


+ 26
- 1
src/engine_sql.c View File

@ -713,7 +713,7 @@ static PEP_STATUS _create_core_tables(PEP_SESSION session) {
" timestamp integer default (datetime('now')),\n"
" primary key (address, user_id)\n"
");\n"
"create index if not exists identity_userid_addr on identity(address, user_id);\n"
"create index if not exists identity_userid on identity (user_id);\n"
"create table if not exists trust (\n"
" user_id text not null\n"
" references person (id)\n"
@ -1548,6 +1548,27 @@ static PEP_STATUS _upgrade_DB_to_ver_18(PEP_SESSION session) {
return _force_upgrade_own_latest_message_version(session);
}
static PEP_STATUS _upgrade_DB_to_ver_19(PEP_SESSION session) {
int int_result = sqlite3_exec(
session->db,
/* This index was useless: it was an index on the (multi-column)
primary key, always implemented using an index which gets also
used in queries. */
"drop index if exists identity_userid_addr;\n"
"\n"
"create index if not exists identity_userid on identity (user_id);\n",
NULL,
NULL,
NULL
);
assert(int_result == SQLITE_OK);
if (int_result != SQLITE_OK)
return PEP_UNKNOWN_DB_ERROR;
return PEP_STATUS_OK;
}
// Honestly, the upgrades should be redone in a transaction IMHO.
static PEP_STATUS _check_and_execute_upgrades(PEP_SESSION session, int version) {
PEP_STATUS status = PEP_STATUS_OK;
@ -1620,6 +1641,10 @@ static PEP_STATUS _check_and_execute_upgrades(PEP_SESSION session, int version)
if (status != PEP_STATUS_OK)
return status;
case 18:
status = _upgrade_DB_to_ver_19(session);
if (status != PEP_STATUS_OK)
return status;
case 19:
break;
default:
return PEP_ILLEGAL_VALUE;


+ 1
- 1
src/engine_sql.h View File

@ -3,7 +3,7 @@
#include "pEp_internal.h"
// increment this when patching DDL
#define _DDL_USER_VERSION "18"
#define _DDL_USER_VERSION "19"
PEP_STATUS init_databases(PEP_SESSION session);
PEP_STATUS pEp_sql_init(PEP_SESSION session);


+ 6
- 1
src/etpan_mime.c View File

@ -566,7 +566,9 @@ struct mailimf_date_time * timestamp_to_etpantime(const timestamp *ts)
result->dt_day = ts->tm_mday;
result->dt_month = ts->tm_mon + 1;
result->dt_year = ts->tm_year + 1900;
#ifndef ZOS
result->dt_zone = (int) (ts->tm_gmtoff / 36L);
#endif
return result;
}
@ -585,13 +587,16 @@ timestamp * etpantime_to_timestamp(const struct mailimf_date_time *et)
result->tm_mday = et->dt_day;
result->tm_mon = et->dt_month - 1;
result->tm_year = et->dt_year - 1900;
#ifndef ZOS
result->tm_gmtoff = 36L * (long) et->dt_zone;
#endif
// Normalize to UTC and then forget the offset.
time_t t = timegm_with_gmtoff(result);
gmtime_r(&t, result);
#ifndef ZOS
result->tm_gmtoff = 0;
#endif
return result;
}


+ 3
- 69
src/keymanagement.c View File

@ -875,13 +875,6 @@ DYNAMIC_API PEP_STATUS update_identity(
if (identity->comm_type == PEP_ct_unknown)
identity->comm_type = PEP_ct_key_not_found;
}
// VB says, and I quote, "that is not implemented and no one is using it right now"
// about this bit. So, um, you're forewarned.
if (identity->comm_type != PEP_ct_compromised &&
identity->comm_type < PEP_ct_strong_but_unconfirmed)
if (session->examine_identity)
session->examine_identity(identity, session->examine_management);
goto pEp_free;
@ -1035,9 +1028,10 @@ PEP_STATUS _myself(PEP_SESSION session,
return PEP_OUT_OF_MEMORY;
}
// Cache the input username, if there is one and it's not read_only
// Cache the input username, if there is one and it's not read_only; NULL
// otherwise. cached_input_username is never a pointer to an empty string.
char* cached_input_username = NULL;
if (!read_only && identity->username) {
if (!read_only && ! EMPTYSTR(identity->username)) {
cached_input_username = strdup(identity->username);
if (!cached_input_username)
return PEP_OUT_OF_MEMORY;
@ -1256,66 +1250,6 @@ DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
return _myself(session, identity, true, true, false, false);
}
DYNAMIC_API PEP_STATUS register_examine_function(
PEP_SESSION session,
examine_identity_t examine_identity,
void *management
)
{
assert(session);
if (!session)
return PEP_ILLEGAL_VALUE;
session->examine_management = management;
session->examine_identity = examine_identity;
return PEP_STATUS_OK;
}
DYNAMIC_API PEP_STATUS do_keymanagement(
retrieve_next_identity_t retrieve_next_identity,
void *management
)
{
PEP_SESSION session;
pEp_identity *identity;
// FIXME_NOW: ensure_decrypt callback???
PEP_STATUS status = init(&session, NULL, NULL, NULL);
assert(!status);
if (status)
return status;
assert(session && retrieve_next_identity);
if (!(session && retrieve_next_identity))
return PEP_ILLEGAL_VALUE;
log_event(session, "keymanagement thread started", "pEp engine", NULL, NULL);
while ((identity = retrieve_next_identity(management)))
{
assert(identity->address);
if(identity->address)
{
DEBUG_LOG("do_keymanagement", "retrieve_next_identity", identity->address);
if (identity->me) {
status = myself(session, identity);
} else {
status = recv_key(session, identity->address);
}
assert(status != PEP_OUT_OF_MEMORY);
if(status == PEP_OUT_OF_MEMORY)
return PEP_OUT_OF_MEMORY;
}
free_identity(identity);
}
log_event(session, "keymanagement thread shutdown", "pEp engine", NULL, NULL);
release(session);
return PEP_STATUS_OK;
}
DYNAMIC_API PEP_STATUS key_mistrusted(
PEP_SESSION session,
pEp_identity *ident


+ 7
- 86
src/keymanagement.h View File

@ -118,96 +118,17 @@ DYNAMIC_API PEP_STATUS update_identity(
* if you need to do this asynchronous, you need to return an identity
* with retrieve_next_identity() where pEp_identity.me is true
*
* @warning If the identity has no .username but the person with the same
* address has one, copy it into the identity's .username.
* Applications should in general *not* rely on this feature, which
* can break privacy by revealing a username to a third party. It is
* provided for compatibility in the case of email, where a header
* such as "From: johndoe@example.com" is accepted even if no longer
* technically standard.
*/
DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity);
/**
* <!-- retrieve_next_identity() -->
*
* @brief Callback being called by do_keymanagement()
*
* @param[in] management data structure to deliver (implementation defined)
*
* @retval identity to check or NULL to terminate do_keymanagement()
* if given identity must be created with new_identity()
* the identity struct is going to the ownership of this library
* it must not be freed by the callee
*
* @warning this callback has to block until an identity or NULL can be returned
* an implementation is not provided by this library; instead it has to be
* implemented by the user of this library
*
*/
typedef pEp_identity *(*retrieve_next_identity_t)(void *management);
/**
* <!-- examine_identity() -->
*
* @brief Callback for appending to queue
*
* @param[in] ident identity to examine
* @param[in] management data structure to deliver (implementation defined)
*
* @retval 0 if identity was added successfully to queue or nonzero otherwise
*
*
*/
typedef int (*examine_identity_t)(pEp_identity *ident, void *management);
/**
* <!-- register_examine_function() -->
*
* @brief Register examine_identity() callback
*
* @param[in] session session to use
* @param[in] examine_identity examine_identity() function to register
* @param[in] management data structure to deliver (implementation defined)
*
* @retval PEP_STATUS_OK
* @retval PEP_ILLEGAL_VALUE illegal parameter values
*
*/
DYNAMIC_API PEP_STATUS register_examine_function(
PEP_SESSION session,
examine_identity_t examine_identity,
void *management
);
/**
* <!-- do_keymanagement() -->
*
* @brief Function to be run on an extra thread
*
* @param[in] retrieve_next_identity pointer to retrieve_next_identity()
* callback which returns at least a valid
* address field in the identity struct
*
* @retval PEP_STATUS_OK if thread has to terminate successfully
* @retval PEP_ILLEGAL_VALUE illegal parameter values
* @retval PEP_OUT_OF_MEMORY out of memory
* @retval any other value on failure
*
* @warning to ensure proper working of this library, a thread has to be started
* with this function immediately after initialization
* do_keymanagement() calls retrieve_next_identity(management)
* messageToSend can only be null if no transport is application based
* if transport system is not used it must not be NULL
*
*/
DYNAMIC_API PEP_STATUS do_keymanagement(
retrieve_next_identity_t retrieve_next_identity,
void *management
);
/**
* <!-- key_mistrusted() -->
*


+ 232
- 13
src/map_asn1.c View File

@ -7,6 +7,225 @@
#include "pEp_internal.h"
#include "map_asn1.h"
/* Expand to a statement checking that the given expression evaluates to a
non-NULL result, first using an assert and then an explicit check in C. If
the check fails branch to the given label. */
#define CHECK_NON_NULLITY_OR_GOTO(expr, label) \
do \
{ \
assert(expr); \
if (! (expr)) \
goto label; \
} \
while (false)
/* Same as CHECK_NON_NULLITY_OR_GOTO, but in case of failure return the given
expression (evaluated only once after the check) instead of branching. */
#define CHECK_NON_NULLITY_OR_RETURN(expr, result) \
do \
{ \
assert(expr); \
if (! (expr)) \
return (result); \
} \
while (false)
/* Expand to a statement which:
- reallocates a new heap buffer of the given size, (as if with realloc),
updating the given pointer lvalue;
- jumps to the given label in case of allocation failure.
The expansion may evaluate parameters multiple times. */
#define ALLOCATE_OR_GOTO(lvalue_pointer, size, label) \
do \
{ \
/* Free any previous buffer, and reset to NULL. This is necessary \
for correct deallocation in case of allocation errors later. */ \
if ((lvalue_pointer) != NULL) { \
free (lvalue_pointer); \
lvalue_pointer = NULL; \
} \
(lvalue_pointer) = calloc (1, (size)); \
if ((lvalue_pointer) == NULL) \
goto label; \
} \
while (false)
PIdentity_t *PIdentity_from_Struct(
const pEp_identity *ident,
PIdentity_t *result
)
{
bool allocated = !result;
CHECK_NON_NULLITY_OR_RETURN (ident, NULL);
if (allocated)
result = (PIdentity_t *) calloc(1, sizeof(PIdentity_t));
CHECK_NON_NULLITY_OR_RETURN (result, NULL);
if (ident->address) {
int r = OCTET_STRING_fromBuf(&result->address, ident->address, -1);
if (r)
goto error;
}
if (! EMPTYSTR (ident->fpr)) {
ALLOCATE_OR_GOTO (result->fpr, sizeof (Hash_t), error);
if (OCTET_STRING_fromString(result->fpr, ident->fpr))
goto error;
}
if (ident->user_id) {
int r = OCTET_STRING_fromBuf(&result->user_id, ident->user_id, -1);
if (r)