Merge branch 'master' of ssh://gitea.pep.foundation:23065/pEp.foundation/pEpEngine

2 years ago · 92fffebb8c
parent 02b9afda5a 5f24d32130
commit 92fffebb8c
6 changed files with 43 additions and 5 deletions
--- a/codegen/gen_codec.ysl2
+++ b/codegen/gen_codec.ysl2
@ -152,8 +152,13 @@ tstylesheet {

            *msg = NULL;
            «@name»_t *_msg = NULL;
-            uper_decode_complete(NULL, &asn_DEF_«@name», (void **) &_msg, data, size);
-            if (!_msg)
+            asn_dec_rval_t rval = uper_decode_complete(NULL, &asn_DEF_«@name», (void **) &_msg, data, size);
+
+            // N.B: If you plan on having messages were the full message isn't consumed by decoding here,
+            // then please look into uper_decode_complete; we still may get a message, even if to contains
+            // nothing. RC_FAIL is an obvious case, but we also need to fail if RC_WMORE is the code, especially
+            // if rval.consumed == 0. Volker, please look into this and decide what you want.
+            if (!_msg || rval.code != RC_OK)
                return PEP_«yml:ucase(@name)»_ILLEGAL_MESSAGE;

            *msg = _msg;
--- a/codegen/gen_statemachine.ysl2
+++ b/codegen/gen_statemachine.ysl2
@ -1705,7 +1705,7 @@ tstylesheet {

            switch (event) {
                case None:
-                    «../@name»_SERVICE_LOG("received Timeout event", "ignoring");
+                    // received Timeout event, ignoring
                    break;
     
        ||
--- a/src/engine_sql.c
+++ b/src/engine_sql.c
@ -713,7 +713,7 @@ static PEP_STATUS _create_core_tables(PEP_SESSION session) {
            "   timestamp integer default (datetime('now')),\n"
            "   primary key (address, user_id)\n"
            ");\n"
-            "create index if not exists identity_userid_addr on identity(address, user_id);\n"
+            "create index if not exists identity_userid on identity (user_id);\n"
            "create table if not exists trust (\n"
            "   user_id text not null\n"
            "       references person (id)\n"
@ -1548,6 +1548,27 @@ static PEP_STATUS _upgrade_DB_to_ver_18(PEP_SESSION session) {
    return _force_upgrade_own_latest_message_version(session);
 }

+static PEP_STATUS _upgrade_DB_to_ver_19(PEP_SESSION session) {
+    int int_result = sqlite3_exec(
+            session->db,
+            /* This index was useless: it was an index on the (multi-column)
+               primary key, always implemented using an index which gets also
+               used in queries. */
+            "drop index if exists identity_userid_addr;\n"
+            "\n"
+            "create index if not exists identity_userid on identity (user_id);\n",
+            NULL,
+            NULL,
+            NULL
+    );
+    assert(int_result == SQLITE_OK);
+
+    if (int_result != SQLITE_OK)
+        return PEP_UNKNOWN_DB_ERROR;
+
+    return PEP_STATUS_OK;
+}
+
 // Honestly, the upgrades should be redone in a transaction IMHO.
 static PEP_STATUS _check_and_execute_upgrades(PEP_SESSION session, int version) {
    PEP_STATUS status = PEP_STATUS_OK;
@ -1620,6 +1641,10 @@ static PEP_STATUS _check_and_execute_upgrades(PEP_SESSION session, int version)
            if (status != PEP_STATUS_OK)
                return status;
        case 18:
+            status = _upgrade_DB_to_ver_19(session);
+            if (status != PEP_STATUS_OK)
+                return status;
+        case 19:
            break;
        default:
            return PEP_ILLEGAL_VALUE;
--- a/src/engine_sql.h
+++ b/src/engine_sql.h
@ -3,7 +3,7 @@
 #include "pEp_internal.h"

 // increment this when patching DDL
-#define _DDL_USER_VERSION "18"
+#define _DDL_USER_VERSION "19"

 PEP_STATUS init_databases(PEP_SESSION session);
 PEP_STATUS pEp_sql_init(PEP_SESSION session);
--- a/src/pEpEngine.c
+++ b/src/pEpEngine.c
@ -161,6 +161,12 @@ DYNAMIC_API void release(PEP_SESSION session)
                sqlite3_close_v2(session->system_db);
        }

+        if (!EMPTYSTR(session->curr_passphrase)) {
+            free (session->curr_passphrase);
+            /* In case the following freeing code still uses the field. */
+            session->curr_passphrase = NULL;
+        }
+
        release_transport_system(session, out_last);
        release_cryptotech(session, out_last);
        free(session);
--- a/test/src/ElevatedAttachmentsTest.cc
+++ b/test/src/ElevatedAttachmentsTest.cc
@ -226,6 +226,8 @@ TEST_F(ElevatedAttachmentsTest, check_encrypt_decrypt_message) {
    msg->shortmsg = strdup("Yo Bob!");
    msg->longmsg = strdup("Look at my hot new sender fpr field!");

+    // Volker: This is a sloppy way to test - it got processed as a real distribution message because data has meaning
+    //         and happily exposed a bug in your generation code, but... well, you know better :)
    const char *distribution = "simulation of distribution data";
    msg->attachments = new_bloblist(strdup(distribution), strlen(distribution)
            + 1, "application/pEp.distribution", "distribution.pEp");