buff
/
pEpEngine
forked from pEp.foundation/pEpEngine
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

ENGINE-811: Removed blacklisting. Tables won't be removed, but all statements and functions accessing them are now gone.

Browse Source
IPS-2
Krista Bennett 2 years ago
parent efde49fb78
commit b176506d3e
14 changed files with 23 additions and 1025 deletions
Show Stats Download Patch File Download Diff File

166
src/blacklist.c
Unescape View File

@ -1,166 +0,0 @@
/** @file */
/** @brief File description for doxygen missing. FIXME */
// This file is under GNU General Public License 3.0
// see LICENSE.txt
#include "pEp_internal.h"
#include "blacklist.h"
DYNAMIC_API PEP_STATUS blacklist_add(PEP_SESSION session, const char *fpr)
{
PEP_STATUS status = PEP_STATUS_OK;
assert(session && fpr && fpr[0]);
if (!(session && fpr && fpr[0]))
return PEP_ILLEGAL_VALUE;
sqlite3_exec(session->db, "BEGIN ;", NULL, NULL, NULL);
sqlite3_reset(session->blacklist_add);
sqlite3_bind_text(session->blacklist_add, 1, fpr, -1, SQLITE_STATIC);
int result;
result = sqlite3_step(session->blacklist_add);
switch (result) {
case SQLITE_DONE:
status = PEP_STATUS_OK;
sqlite3_exec(session->db, "COMMIT ;", NULL, NULL, NULL);
break;
default:
sqlite3_exec(session->db, "ROLLBACK ;", NULL, NULL, NULL);
status = PEP_UNKNOWN_ERROR;
}
sqlite3_reset(session->blacklist_add);
return status;
}
DYNAMIC_API PEP_STATUS blacklist_delete(PEP_SESSION session, const char *fpr)
{
PEP_STATUS status = PEP_STATUS_OK;
assert(session && fpr && fpr[0]);
if (!(session && fpr && fpr[0]))
return PEP_ILLEGAL_VALUE;
sqlite3_reset(session->blacklist_delete);
sqlite3_bind_text(session->blacklist_delete, 1, fpr, -1, SQLITE_STATIC);
int result;
result = sqlite3_step(session->blacklist_delete);
switch (result) {
case SQLITE_DONE:
status = PEP_STATUS_OK;
break;
default:
status = PEP_UNKNOWN_ERROR;
}
sqlite3_reset(session->blacklist_delete);
return status;
}
DYNAMIC_API PEP_STATUS blacklist_is_listed(
PEP_SESSION session,
const char *fpr,
bool *listed
)
{
PEP_STATUS status = PEP_STATUS_OK;
int count;
assert(session && fpr && fpr[0] && listed);
if (!(session && fpr && fpr[0] && listed))
return PEP_ILLEGAL_VALUE;
*listed = false;
sqlite3_reset(session->blacklist_is_listed);
sqlite3_bind_text(session->blacklist_is_listed, 1, fpr, -1, SQLITE_STATIC);
int result;
result = sqlite3_step(session->blacklist_is_listed);
switch (result) {
case SQLITE_ROW:
count = sqlite3_column_int(session->blacklist_is_listed, 0);
*listed = count > 0;
status = PEP_STATUS_OK;
break;
default:
status = PEP_UNKNOWN_ERROR;
}
sqlite3_reset(session->blacklist_is_listed);
return status;
}
DYNAMIC_API PEP_STATUS blacklist_retrieve(
PEP_SESSION session,
stringlist_t **blacklist
)
{
PEP_STATUS status = PEP_STATUS_OK;
assert(session);
assert(blacklist);
if (!(session && blacklist))
return PEP_ILLEGAL_VALUE;
*blacklist = NULL;
stringlist_t *_blacklist = new_stringlist(NULL);
if (_blacklist == NULL)
goto enomem;
sqlite3_reset(session->blacklist_retrieve);
int result;
stringlist_t *_bl = _blacklist;
do {
result = sqlite3_step(session->blacklist_retrieve);
switch (result) {
case SQLITE_ROW:
{
const char *fpr = (const char *) sqlite3_column_text(session->blacklist_retrieve, 0);
_bl = stringlist_add(_bl, fpr);
if (_bl == NULL)
goto enomem;
break;
}
case SQLITE_DONE:
break;
default:
status = PEP_UNKNOWN_ERROR;
result = SQLITE_DONE;
}
} while (result != SQLITE_DONE);
sqlite3_reset(session->blacklist_retrieve);
if (status == PEP_STATUS_OK)
*blacklist = _blacklist;
else
free_stringlist(_blacklist);
goto the_end;
enomem:
free_stringlist(_blacklist);
status = PEP_OUT_OF_MEMORY;
the_end:
return status;
}

107
src/blacklist.h
Unescape View File

@ -1,107 +0,0 @@
/**
* @file blacklist.h
* @brief Functions for maintaining a key blacklist for OpenPGP keys
* (i.e. keys received from OpenPGP partners). This is currently
* used by users when an OpenPGP partner has indicated that they
* do not want us to use a particular key we may have for them.
* This is marked as deprecated because we want users to use
* key reset instead, and this code will be in fact removed
* in Release 2.2.0 when key election is also removed.
*
* @deprecated These files are still in use as of Release 2.1 and will be removed with key election removal.
*
* @license GNU General Public License 3.0 - see LICENSE.txt
*/
#ifndef BLACKLIST_H
#define BLACKLIST_H
#include "pEpEngine.h"
#ifdef __cplusplus
extern "C" {
#endif
/**
* <!-- blacklist_add() -->
*
* @deprecated As of Release 2.2.0
*
* @brief Add to blacklist
*
* @param[in] session session to use
* @param[in] fpr fingerprint of key to blacklist
*
* @warning there is no point in blacklisting an own key; for any own
* identity, this will be ignored. The correct function to use
* for own keys in this event is "key_reset_trust".
* Also, this is only effective for OpenPGP-level trust. If
* this key is for a pEp user, the blacklist is ignored.
*
*/
DYNAMIC_API PEP_STATUS blacklist_add(PEP_SESSION session, const char *fpr);
/**
* <!-- blacklist_delete() -->
*
* @deprecated As of Release 2.2.0
*
* @brief Delete from blacklist
*
* @param[in] session session to use
* @param[in] fpr fingerprint of key to be removed from blacklist
*
*
*/
DYNAMIC_API PEP_STATUS blacklist_delete(PEP_SESSION session, const char *fpr);
/**
* <!-- blacklist_is_listed() -->
*
* @deprecated As of Release 2.2.0
*
* @brief Is listed in blacklist
*
* @param[in] session session to use
* @param[in] fpr fingerprint of key to blacklist
* @param[out] bool flags if key is blacklisted
*
*
*/
DYNAMIC_API PEP_STATUS blacklist_is_listed(
PEP_SESSION session,
const char *fpr,
bool *listed
);
/**
* <!-- blacklist_retrieve() -->
*
* @deprecated As of Release 2.2.0
*
* @brief Retrieve full blacklist of key fingerprints
*
* @param[in] session session to use
* @param[out] blacklist copy of blacklist
*
* @ownership the ownership of the copy of blacklist goes to the caller
*
*/
DYNAMIC_API PEP_STATUS blacklist_retrieve(
PEP_SESSION session,
stringlist_t **blacklist
);
#ifdef __cplusplus
}
#endif
#endif

50
src/engine_sql.c
Unescape View File

@ -807,10 +807,6 @@ static PEP_STATUS _create_group_tables(PEP_SESSION session) {
static PEP_STATUS _create_supplementary_key_tables(PEP_SESSION session) {
int int_result = sqlite3_exec(
session->db,
// blacklist
"create table if not exists blacklist_keys (\n"
" fpr text primary key\n"
");\n"
"create table if not exists revoked_keys (\n"
" revoked_fpr text primary key,\n"
" replacement_fpr text not null\n"
@ -2249,44 +2245,6 @@ PEP_STATUS pEp_prepare_sql_stmts(PEP_SESSION session) {
if (int_result != SQLITE_OK)
return PEP_UNKNOWN_DB_ERROR;
// blacklist
int_result = sqlite3_prepare_v2(session->db, sql_blacklist_add,
(int)strlen(sql_blacklist_add), &session->blacklist_add, NULL);
assert(int_result == SQLITE_OK);
if (int_result != SQLITE_OK)
return PEP_UNKNOWN_DB_ERROR;
int_result = sqlite3_prepare_v2(session->db, sql_blacklist_delete,
(int)strlen(sql_blacklist_delete), &session->blacklist_delete,
NULL);
assert(int_result == SQLITE_OK);
if (int_result != SQLITE_OK)
return PEP_UNKNOWN_DB_ERROR;
int_result = sqlite3_prepare_v2(session->db, sql_blacklist_is_listed,
(int)strlen(sql_blacklist_is_listed),
&session->blacklist_is_listed, NULL);
assert(int_result == SQLITE_OK);
if (int_result != SQLITE_OK)
return PEP_UNKNOWN_DB_ERROR;
int_result = sqlite3_prepare_v2(session->db, sql_blacklist_retrieve,
(int)strlen(sql_blacklist_retrieve), &session->blacklist_retrieve,
NULL);
assert(int_result == SQLITE_OK);
if (int_result != SQLITE_OK)
return PEP_UNKNOWN_DB_ERROR;
// Own keys
int_result = sqlite3_prepare_v2(session->db, sql_own_key_is_listed,
@ -2693,14 +2651,6 @@ PEP_STATUS pEp_finalize_sql_stmts(PEP_SESSION session) {
sqlite3_finalize(session->get_main_user_fpr);
if (session->refresh_userid_default_key)
sqlite3_finalize(session->refresh_userid_default_key);
if (session->blacklist_add)
sqlite3_finalize(session->blacklist_add);
if (session->blacklist_delete)
sqlite3_finalize(session->blacklist_delete);
if (session->blacklist_is_listed)
sqlite3_finalize(session->blacklist_is_listed);
if (session->blacklist_retrieve)
sqlite3_finalize(session->blacklist_retrieve);
if (session->own_key_is_listed)
sqlite3_finalize(session->own_key_is_listed);
if (session->is_own_address)

16
src/engine_sql.h
Unescape View File

@ -407,22 +407,6 @@ static const char *sql_languagelist =
static const char *sql_i18n_token =
"select phrase from i18n_token where lang = lower(?1) and id = ?2 ;";
// blacklist
static const char *sql_blacklist_add =
"insert or ignore into blacklist_keys (fpr) values (upper(replace(?1,' ',''))) ;"
"delete from identity where main_key_id = upper(replace(?1,' ','')) ;"
"delete from pgp_keypair where fpr = upper(replace(?1,' ','')) ;";
static const char *sql_blacklist_delete =
"delete from blacklist_keys where fpr = upper(replace(?1,' ','')) ;";
static const char *sql_blacklist_is_listed =
"select count(*) from blacklist_keys where fpr = upper(replace(?1,' ','')) ;";
static const char *sql_blacklist_retrieve =
"select * from blacklist_keys ;";
// Own keys
// We only care if it's 0 or non-zero
static const char *sql_own_key_is_listed =

170
src/keymanagement.c
Unescape View File

@ -18,8 +18,6 @@
#include "keymanagement_internal.h"
#include "KeySync_fsm.h"
#include "blacklist.h"
static bool key_matches_address(PEP_SESSION session, const char* address,
const char* fpr) {
if (!session || !address || !fpr)
@ -45,114 +43,13 @@ static bool key_matches_address(PEP_SESSION session, const char* address,
return retval;
}
// Does not return PASSPHRASE errors
/**
* @internal
*
* <!-- elect_pubkey() -->
*
* @brief TODO
*
* @param[in] session session handle
* @param[in] *identity pEp_identity
* @param[in] check_blacklist bool
*
* @retval PEP_STATUS_OK
* @retval PEP_OUT_OF_MEMORY out of memory
*/
PEP_STATUS elect_pubkey(
PEP_SESSION session, pEp_identity * identity, bool check_blacklist
)
{
PEP_STATUS status;
stringlist_t *keylist = NULL;
char *_fpr = "";
identity->comm_type = PEP_ct_unknown;
status = find_keys(session, identity->address, &keylist);
assert(status != PEP_OUT_OF_MEMORY);
if (status == PEP_OUT_OF_MEMORY)
return PEP_OUT_OF_MEMORY;
if (!keylist || !keylist->value)
identity->comm_type = PEP_ct_key_not_found;
else {
stringlist_t *_keylist;
for (_keylist = keylist; _keylist && _keylist->value; _keylist = _keylist->next) {
PEP_comm_type _comm_type_key;
status = get_key_rating(session, _keylist->value, &_comm_type_key);
if (status == PEP_OUT_OF_MEMORY) {
free_stringlist(keylist);
return PEP_OUT_OF_MEMORY;
}
if (_comm_type_key != PEP_ct_compromised &&
_comm_type_key != PEP_ct_unknown)
{
if (identity->comm_type == PEP_ct_unknown ||
_comm_type_key > identity->comm_type)
{
bool blacklisted = false;
bool mistrusted = false;
status = is_mistrusted_key(session, _keylist->value, &mistrusted);
if (status == PEP_STATUS_OK && check_blacklist)
status = blacklist_is_listed(session, _keylist->value, &blacklisted);
if (status == PEP_STATUS_OK && !mistrusted && !blacklisted) {
identity->comm_type = _comm_type_key;
_fpr = _keylist->value;
}
}
}
}
}
free(identity->fpr);
if (!_fpr || _fpr[0] == '\0')
identity->fpr = NULL;
else {
identity->fpr = strdup(_fpr);
if (identity->fpr == NULL) {
free_stringlist(keylist);
return PEP_OUT_OF_MEMORY;
}
}
free_stringlist(keylist);
return PEP_STATUS_OK;
}
// own_must_contain_private is usually true when calling;
// we only set it to false when we have the idea of
// possibly having an own pubkey that we need to check on its own
// N.B. Checked for PASSPHRASE errors - will now return them always
// False value of "renew_private" prevents their possibility, though.
/**
* @internal
*
* <!-- validate_fpr() -->
*
* @brief TODO
*
* @param[in] session session handle
* @param[in] *ident pEp_identity
* @param[in] check_blacklist bool
* @param[in] own_must_contain_private bool
* @param[in] renew_private bool
*
* @retval PEP_STATUS_OK
* @retval PEP_ILLEGAL_VALUE illegal parameter values
* @retval PEP_OUT_OF_MEMORY out of memory
* @retval PEP_KEY_UNSUITABLE
* @retval PEP_PASSPHRASE_REQUIRED
* @retval PEP_WRONG_PASSPHRASE
* @retval any other value on error
*
*/
PEP_STATUS validate_fpr(PEP_SESSION session,
pEp_identity* ident,
bool check_blacklist,
bool own_must_contain_private,
bool renew_private) {
@ -228,8 +125,7 @@ PEP_STATUS validate_fpr(PEP_SESSION session,
}
bool revoked, expired;
bool blacklisted = false;
// Should not need to decrypt key material
status = key_revoked(session, fpr, &revoked);
@ -250,15 +146,6 @@ PEP_STATUS validate_fpr(PEP_SESSION session,
if (status != PEP_STATUS_OK)
return status;
if (check_blacklist && IS_PGP_CT(ct) &&
!ident->me) {
status = blacklist_is_listed(session,
fpr,
&blacklisted);
if (status != PEP_STATUS_OK)
return status;
}
}
// Renew key if it's expired, our own, has a private part,
@ -300,13 +187,7 @@ PEP_STATUS validate_fpr(PEP_SESSION session,
else
ct = PEP_ct_key_expired;
}
else if (blacklisted) { // never true for .me
ident->comm_type = ct = PEP_ct_key_not_found;
free(ident->fpr);
ident->fpr = strdup("");
status = PEP_KEY_BLACKLISTED;
}
switch (ct) {
case PEP_ct_key_revoked:
case PEP_ct_key_b0rken:
@ -416,8 +297,7 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session,
pEp_identity* stored_identity,
bool* is_identity_default,
bool* is_user_default,
bool* is_address_default,
bool check_blacklist) {
bool* is_address_default) {
if (!session)
return PEP_ILLEGAL_VALUE;
@ -441,7 +321,7 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session,
// Won't ask for passphrase, won't return PASSPHRASE status
// Because of non-renewal
status = validate_fpr(session, stored_identity, check_blacklist, true, false);
status = validate_fpr(session, stored_identity, true, false);
switch (status) {
case PEP_STATUS_OK:
if (!EMPTYSTR(stored_identity->fpr)) {
@ -469,7 +349,7 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session,
// Won't ask for passphrase, won't return PASSPHRASE status
// Because of non-renewal
status = validate_fpr(session, stored_identity, check_blacklist, true, false);
status = validate_fpr(session, stored_identity, true, false);
switch (status) {
case PEP_STATUS_OK:
@ -492,20 +372,7 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session,
}
// If we got here, there's no usable default.
// status = elect_pubkey(session, stored_identity, check_blacklist);
// if (status == PEP_STATUS_OK) {
// if (!EMPTYSTR(stored_identity->fpr)) {
// // Won't ask for passphrase, won't return PASSPHRASE status
// // Because of non-renewal
// status = validate_fpr(session, stored_identity, false, true, false); // blacklist already filtered of needed
// }
// }
// else if (status != PEP_KEY_NOT_FOUND && first_reject_status != PEP_KEY_NOT_FOUND) {
// first_reject_status = status;
// first_reject_comm_type = stored_identity->comm_type;
// }
switch (first_reject_comm_type) {
case PEP_ct_key_revoked:
case PEP_ct_key_b0rken:
@ -520,11 +387,6 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session,
stored_identity->comm_type = first_reject_comm_type;
break;
default:
if (check_blacklist && status == PEP_KEY_BLACKLISTED) {
free(stored_identity->fpr);
stored_identity->fpr = NULL;
stored_identity->comm_type = PEP_ct_key_not_found;
}
break;
}
@ -634,8 +496,7 @@ static PEP_STATUS prepare_updated_identity(PEP_SESSION session,
status = get_valid_pubkey(session, stored_ident,
&is_identity_default,
&is_user_default,
&is_address_default,
false);
&is_address_default);
bool is_pEp = false;
@ -1272,7 +1133,7 @@ PEP_STATUS _myself(PEP_SESSION session,
if (stored_identity) {
if (!EMPTYSTR(stored_identity->fpr)) {
// Fall back / retrieve
status = validate_fpr(session, stored_identity, false, true, do_renew);
status = validate_fpr(session, stored_identity, true, do_renew);
switch (status) {
// Only possible if we called this with do_renew = true
@ -1675,7 +1536,7 @@ DYNAMIC_API PEP_STATUS trust_personal_key(
// Set up a temp trusted identity for the input fpr without a comm type;
tmp_id = new_identity(ident->address, ident->fpr, ident->user_id, NULL);
status = validate_fpr(session, tmp_id, false, true, false);
status = validate_fpr(session, tmp_id, true, false);
if (status == PEP_STATUS_OK) {
// Validate fpr gets trust DB or, when that fails, key comm type. we checked
@ -1735,7 +1596,7 @@ DYNAMIC_API PEP_STATUS trust_personal_key(
if (!tmp_user_ident)
status = PEP_OUT_OF_MEMORY;
else {
status = validate_fpr(session, tmp_user_ident, false, true, false);
status = validate_fpr(session, tmp_user_ident, true, false);
if (status != PEP_STATUS_OK ||
tmp_user_ident->comm_type < PEP_ct_strong_but_unconfirmed ||
@ -1776,8 +1637,8 @@ DYNAMIC_API PEP_STATUS trust_own_key(
if (!is_me(session, ident))
return PEP_ILLEGAL_VALUE;
// don't check blacklist or require a private key
PEP_STATUS status = validate_fpr(session, ident, false, false, true);
// don't require a private key
PEP_STATUS status = validate_fpr(session, ident, false, true);
if (status != PEP_STATUS_OK)
return status;
@ -2144,7 +2005,7 @@ DYNAMIC_API PEP_STATUS set_own_key(
if (!me->fpr)
return PEP_OUT_OF_MEMORY;
status = validate_fpr(session, me, false, true, true);
status = validate_fpr(session, me, true, true);
if (status)
return status;
@ -2314,7 +2175,7 @@ static PEP_STATUS _wipe_own_default_key_if_invalid(PEP_SESSION session,
if (!ident->fpr)
return PEP_OUT_OF_MEMORY;
PEP_STATUS keystatus = validate_fpr(session, ident, true, false, true);
PEP_STATUS keystatus = validate_fpr(session, ident, false, true);
if (PASS_ERROR(status))
return status;
@ -2327,8 +2188,7 @@ static PEP_STATUS _wipe_own_default_key_if_invalid(PEP_SESSION session,
break;
}
case PEP_KEY_UNSUITABLE:
case PEP_KEY_BLACKLISTED:
// Remove key as default for all identities and users
// Remove key as default for all identities and users
status = remove_fpr_as_default(session, cached_fpr);
break;
default:

8
src/keymanagement_internal.h
Unescape View File

@ -152,8 +152,7 @@ PEP_STATUS get_user_default_key(PEP_SESSION session, const char* user_id,
* @param[in] is_identity_default bool*
* @param[in] is_user_default bool*
* @param[in] is_address_default bool*
* @param[in] check_blacklist bool
*
*
* @retval PEP_STATUS_OK
* @retval PEP_ILLEGAL_VALUE illegal parameter values
* @retval any other value on error
@ -162,8 +161,7 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session,
pEp_identity* stored_identity,
bool* is_identity_default,
bool* is_user_default,
bool* is_address_default,
bool check_blacklist);
bool* is_address_default);
/**
* <!-- get_key_sticky_bit_for_user() -->
@ -192,7 +190,6 @@ PEP_STATUS get_key_sticky_bit_for_user(PEP_SESSION session,
*
* @param[in] session session handle
* @param[in] *ident pEp_identity
* @param[in] check_blacklist bool
* @param[in] own_must_contain_private bool
* @param[in] renew_private bool
*
@ -207,7 +204,6 @@ PEP_STATUS get_key_sticky_bit_for_user(PEP_SESSION session,
*/
PEP_STATUS validate_fpr(PEP_SESSION session,
pEp_identity* ident,
bool check_blacklist,
bool own_must_contain_private,
bool renew_private);

74
src/message_api.c
Unescape View File

@ -10,7 +10,6 @@
#include "platform.h"
#include "mime.h"
#include "blacklist.h"
#include "baseprotocol.h"
#include "KeySync_fsm.h"
#include "base64.h"
@ -2583,27 +2582,6 @@ static PEP_STATUS _update_state_for_ident_list(
max_version_major, max_version_minor);
}
bool is_blacklisted = false;
if (_il->ident->fpr && IS_PGP_CT(_il->ident->comm_type)) {
status = blacklist_is_listed(session, _il->ident->fpr, &is_blacklisted);
if (status != PEP_STATUS_OK) {
// DB error
status = PEP_UNENCRYPTED;
goto pEp_done;
}
if (is_blacklisted) {
bool user_default, ident_default, address_default;
status = get_valid_pubkey(session, _il->ident,
&ident_default, &user_default,
&address_default,
true);
if (status != PEP_STATUS_OK || _il->ident->fpr == NULL) {
_il->ident->comm_type = PEP_ct_key_not_found;
status = PEP_STATUS_OK;
}
}
}
if (!(*has_pEp_user) && !EMPTYSTR(_il->ident->user_id))
is_pEp_user(session, _il->ident, has_pEp_user);
@ -4905,7 +4883,7 @@ static PEP_STATUS set_default_key_fpr_if_valid(
return PEP_OUT_OF_MEMORY;
// this will check to see that the key is usable as well as get its comm_type
PEP_STATUS status = validate_fpr(session, ident, true, true, true);
PEP_STATUS status = validate_fpr(session, ident, true, true);
if (status == PEP_STATUS_OK)
status = set_identity(session, ident);
else {
@ -4935,11 +4913,7 @@ static PEP_STATUS _check_and_set_default_key(
// Right now, we just want to know if there's a DB default, NOT
// if it matches what update_identity gives us (there are good reasons it might not)
status = get_default_identity_fpr(session, src_ident->address, src_ident->user_id, &default_from_fpr);
bool on_blacklist = false;
if (!EMPTYSTR(default_from_fpr)) {
blacklist_is_listed(session, default_from_fpr, &on_blacklist);
}
if (on_blacklist || status == PEP_KEY_NOT_FOUND || status == PEP_CANNOT_FIND_IDENTITY) {
if (status == PEP_KEY_NOT_FOUND || status == PEP_CANNOT_FIND_IDENTITY) {
if (!EMPTYSTR(sender_key))
status = set_default_key_fpr_if_valid(session, src_ident, sender_key);
}
@ -6451,25 +6425,7 @@ static void _max_comm_type_from_identity_list(
*max_comm_type = _get_comm_type(session, *max_comm_type,
il->ident);
*comm_type_determined = true;
bool is_blacklisted = false;
if (il->ident->fpr && IS_PGP_CT(il->ident->comm_type)) {
status = blacklist_is_listed(session, il->ident->fpr, &is_blacklisted);
if (is_blacklisted) {
bool user_default, ident_default, address_default;
status = get_valid_pubkey(session, il->ident,
&ident_default, &user_default,
&address_default,
true);
if (status != PEP_STATUS_OK || il->ident->fpr == NULL) {
il->ident->comm_type = PEP_ct_key_not_found;
if (*max_comm_type > PEP_ct_no_encryption)
*max_comm_type = PEP_ct_no_encryption;
}
}
}
// check for the return statuses which might not a representative
// value in the comm_type
if (status == PEP_ILLEGAL_VALUE || status == PEP_CANNOT_SET_PERSON ||
@ -6616,30 +6572,9 @@ DYNAMIC_API PEP_STATUS identity_rating(
if (ident->me)
status = _myself(session, ident, false, true, true, true);
else { // Since we don't blacklist own keys, we only check it in here
else
status = update_identity(session, ident);
bool is_blacklisted = false;
if (ident->fpr && IS_PGP_CT(ident->comm_type)) {
status = blacklist_is_listed(session, ident->fpr, &is_blacklisted);
if (status != PEP_STATUS_OK) {
return status; // DB ERROR
}
if (is_blacklisted) {
bool user_default, ident_default, address_default;
status = get_valid_pubkey(session, ident,
&ident_default, &user_default,
&address_default,
true);
if (status != PEP_STATUS_OK || ident->fpr == NULL) {
ident->comm_type = PEP_ct_key_not_found;
status = PEP_STATUS_OK;
}
}
}
}
if (status == PEP_STATUS_OK)
*rating = _rating(ident->comm_type);
@ -7293,7 +7228,6 @@ got_keylist:
switch (status) {
case PEP_KEY_NOT_FOUND:
case PEP_KEY_UNSUITABLE:
case PEP_KEY_BLACKLISTED:
case PEP_CANNOT_FIND_IDENTITY:
case PEP_CANNOT_FIND_ALIAS:
status = PEP_STATUS_OK;

1
src/pEpEngine.c
Unescape View File

@ -7,7 +7,6 @@
#include "dynamic_api.h"
#include "cryptotech.h"
#include "transport.h"
#include "blacklist.h"
#include "KeySync_fsm.h"
#include "engine_sql.h"

2
src/pEpEngine.h
Unescape View File

@ -87,7 +87,7 @@ typedef enum {
PEP_CANNOT_SET_PGP_KEYPAIR = 0x0382,
PEP_CANNOT_SET_IDENTITY = 0x0383,
PEP_CANNOT_SET_TRUST = 0x0384,
PEP_KEY_BLACKLISTED = 0x0385,
PEP_KEY_BLACKLISTED = 0x0385, /// @deprecated
PEP_CANNOT_FIND_PERSON = 0x0386,
PEP_CANNOT_SET_PEP_VERSION = 0X0387,

6
src/pEp_internal.h
Unescape View File

@ -243,12 +243,6 @@ struct _pEpSession {
sqlite3_stmt *i18n_token;
sqlite3_stmt *replace_userid;
// blacklist
sqlite3_stmt *blacklist_add;
sqlite3_stmt *blacklist_delete;
sqlite3_stmt *blacklist_is_listed;
sqlite3_stmt *blacklist_retrieve;
// Keys
sqlite3_stmt *own_key_is_listed;
sqlite3_stmt *is_own_address;

180
test/src/BlacklistAcceptNewKeyTest.cc
Unescape View File

@ -1,180 +0,0 @@
// This file is under GNU General Public License 3.0
// see LICENSE.txt
#include <stdlib.h>
#include <string>
#include <cstring> // for strcmp()
#include "TestUtilities.h"
#include "TestConstants.h"
#include "pEpEngine.h"
#include "pEp_internal.h"
#include "blacklist.h"
#include "keymanagement.h"
#include "message_api.h"
#include "mime.h"
#include "Engine.h"
#include <gtest/gtest.h>
namespace {
//The fixture for BlacklistAcceptNewKeyTest
class BlacklistAcceptNewKeyTest : public ::testing::Test {
public:
Engine* engine;
PEP_SESSION session;
protected:
// You can remove any or all of the following functions if its body
// is empty.
BlacklistAcceptNewKeyTest() {
// You can do set-up work for each test here.
test_suite_name = ::testing::UnitTest::GetInstance()->current_test_info()->GTEST_SUITE_SYM();
test_name = ::testing::UnitTest::GetInstance()->current_test_info()->name();
test_path = get_main_test_home_dir() + "/" + test_suite_name + "/" + test_name;
}
~BlacklistAcceptNewKeyTest() override {
// You can do clean-up work that doesn't throw exceptions here.
}
// If the constructor and destructor are not enough for setting up
// and cleaning up each test, you can define the following methods:
void SetUp() override {
// Code here will be called immediately after the constructor (right
// before each test).
// Leave this empty if there are no files to copy to the home directory path
std::vector<std::pair<std::string, std::string>> init_files = std::vector<std::pair<std::string, std::string>>();
// Get a new test Engine.
engine = new Engine(test_path);
ASSERT_NOTNULL(engine);
// Ok, let's initialize test directories etc.
engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
ASSERT_NOTNULL(engine->session);
session = engine->session;
// Engine is up. Keep on truckin'
}
void TearDown() override {
// Code here will be called immediately after each test (right
// before the destructor).
engine->shut_down();
delete engine;
engine = NULL;
session = NULL;
}
private:
const char* test_suite_name;
const char* test_name;
string test_path;
// Objects declared here can be used by all tests in the BlacklistAcceptNewKeyTest suite.
};
} // namespace
TEST_F(BlacklistAcceptNewKeyTest, check_blacklist_accept_new_key) {
PEP_STATUS status = PEP_STATUS_OK;
// blacklist test code
output_stream << "blacklist only key for identity / add key / check which key is used" << endl;
// 2797 65A2 FEB5 B7C7 31B8 61D9 3E4C EFD9 F7AF 4684 - this is the blacklisted key in blacklisted_pub.asc
/* read the key into memory */
const string keytext = slurp("test_keys/pub/blacklisted_pub.asc");
/* import it into pep */
status = import_key(session, keytext.c_str(), keytext.length(), NULL);
ASSERT_EQ(status, PEP_KEY_IMPORTED);
const char* bl_fpr_1 = "279765A2FEB5B7C731B861D93E4CEFD9F7AF4684";
bool is_blacklisted = false;
pEp_identity* blacklisted_identity = new_identity("blacklistedkeys@kgrothoff.org",
bl_fpr_1,
"TOFU_blacklistedkeys@kgrothoff.org",
"Blacklist Keypair");
// Explicitly set identity, since we need the key in there
status = set_identity(session, blacklisted_identity);
ASSERT_OK;
status = update_identity(session, blacklisted_identity);
ASSERT_OK;
status = blacklist_add(session, bl_fpr_1);
ASSERT_OK;
status = blacklist_is_listed(session, bl_fpr_1, &is_blacklisted);
ASSERT_OK;
ASSERT_TRUE(is_blacklisted);
// We should NOT return a blacklisted key here.
// FIXME: for EB - what to do when unblacklisting?
status = update_identity(session, blacklisted_identity);
ASSERT_OK;
ASSERT_STREQ(bl_fpr_1, blacklisted_identity->fpr);
// post key election this should be obvious.
bool id_def, us_def, addr_def;
status = get_valid_pubkey(session, blacklisted_identity,
&id_def, &us_def, &addr_def, true);
ASSERT_EQ(status, PEP_KEY_BLACKLISTED);
ASSERT_EQ(blacklisted_identity->comm_type , PEP_ct_key_not_found);
if (!(blacklisted_identity->fpr))
output_stream << "OK! blacklisted_identity->fpr is empty. Yay!" << endl;
else
output_stream << "Not OK. blacklisted_identity->fpr is " << blacklisted_identity->fpr << "." << endl
<< "Expected it to be empty." << endl;
ASSERT_TRUE(EMPTYSTR(blacklisted_identity->fpr));
/* identity is blacklisted. Now let's read in a message which contains a new key for that ID. */
// This SHOULD work with key election removal!
const char* new_key = "634FAC4417E9B2A5DC2BD4AAC4AEEBBE7E62701B";
const string mailtext = slurp("test_mails/blacklist_new_key_attached.eml");
pEp_identity * me1 = new_identity("blacklistedkeys@kgrothoff.org", new_key, "TOFU_blacklistedkeys@kgrothoff.org", "Blacklisted Key Message Recipient");
status = update_identity(session, me1);
message* msg_ptr = nullptr;
message* dest_msg = nullptr;
stringlist_t* keylist = nullptr;
PEP_rating rating;
PEP_decrypt_flags_t flags = 0;
status = mime_decode_message(mailtext.c_str(), mailtext.length(), &msg_ptr, NULL);
ASSERT_OK;
status = decrypt_message(session, msg_ptr, &dest_msg, &keylist, &rating, &flags);
// Key election is gone, but getting it via mail should set a default!
status = update_identity(session, me1);
ASSERT_STRCASEEQ(me1->fpr, new_key);
status = blacklist_delete(session, bl_fpr_1);
ASSERT_OK;
// Key election removal note: THIS WILL NOT SET IT BACK TO THE OLD KEY AS A DEFAULT. YOU WOULD NEED TO RESET OR BLACKLIST THE NEW KEY AND
// RESET/REIMPORT THE OLD KEY AS A DEFAULT.
status = update_identity(session, blacklisted_identity);
ASSERT_OK;
free_message(msg_ptr);
free_message(dest_msg);
free_stringlist(keylist);
}

265
test/src/BlacklistTest.cc
Unescape View File

@ -1,265 +0,0 @@
// This file is under GNU General Public License 3.0
// see LICENSE.txt
// #include <iostream>
// #include <iostream>
// #include <fstream>
// #include <string>
// #include <cstring> // for strcmp()
// #include <TEST_ASSERT.h>
// #include "blacklist.h"
// #include "keymanagement.h"
// #include "test_util.h"
//
// // This file is under GNU General Public License 3.0
// // see LICENSE.txt
#include <stdlib.h>
#include <string>
#include <cstring> // for strcmp()
#include <assert.h>
#include "pEpEngine.h"
#include "pEp_internal.h"
#include "blacklist.h"
#include "keymanagement.h"
#include "TestUtilities.h"
#include "TestConstants.h"
#include "Engine.h"
#include <gtest/gtest.h>
namespace {
//The fixture for BlacklistTest
class BlacklistTest : public ::testing::Test {
public:
Engine* engine;
PEP_SESSION session;
protected:
// You can remove any or all of the following functions if its body
// is empty.
BlacklistTest() {
// You can do set-up work for each test here.
test_suite_name = ::testing::UnitTest::GetInstance()->current_test_info()->GTEST_SUITE_SYM();
test_name = ::testing::UnitTest::GetInstance()->current_test_info()->name();
test_path = get_main_test_home_dir() + "/" + test_suite_name + "/" + test_name;
}
~BlacklistTest() override {
// You can do clean-up work that doesn't throw exceptions here.
}
// If the constructor and destructor are not enough for setting up
// and cleaning up each test, you can define the following methods:
void SetUp() override {
// Code here will be called immediately after the constructor (right
// before each test).
// Leave this empty if there are no files to copy to the home directory path
std::vector<std::pair<std::string, std::string>> init_files = std::vector<std::pair<std::string, std::string>>();
// Get a new test Engine.
engine = new Engine(test_path);
ASSERT_NOTNULL(engine);
// Ok, let's initialize test directories etc.
engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
ASSERT_NOTNULL(engine->session);
session = engine->session;
// Engine is up. Keep on truckin'
}
void TearDown() override {
// Code here will be called immediately after each test (right
// before the destructor).
engine->shut_down();
delete engine;
engine = NULL;
session = NULL;
}
private:
const char* test_suite_name;
const char* test_name;
string test_path;
// Objects declared here can be used by all tests in the BlacklistTest suite.
};
} // namespace
TEST_F(BlacklistTest, check_blacklist) {
// blacklist test code
output_stream << "adding 23 to blacklist\n";
PEP_STATUS status2 = blacklist_add(session, "23");
ASSERT_EQ(status2 , PEP_STATUS_OK);
output_stream << "added.\n";
bool listed;
PEP_STATUS status3 = blacklist_is_listed(session, "23", &listed);
ASSERT_EQ(status3 , PEP_STATUS_OK);
ASSERT_TRUE(listed);
output_stream << "23 is listed.\n";
stringlist_t *blacklist;
PEP_STATUS status6 = blacklist_retrieve(session, &blacklist);
ASSERT_EQ(status6 , PEP_STATUS_OK);
ASSERT_NOTNULL(blacklist);
bool in23 = false;
output_stream << "the blacklist contains now: ";
for (stringlist_t *bl = blacklist; bl && bl->value; bl = bl->next) {
output_stream << bl->value << ", ";
if (std::strcmp(bl->value, "23") == 0)
in23 = true;
}
output_stream << "END\n";
ASSERT_TRUE(in23);
free_stringlist(blacklist);
output_stream << "deleting 23 from blacklist\n";
PEP_STATUS status4 = blacklist_delete(session, "23");
ASSERT_EQ(status4 , PEP_STATUS_OK);
output_stream << "deleted.\n";
PEP_STATUS status5 = blacklist_is_listed(session, "23", &listed);
ASSERT_EQ(status5 , PEP_STATUS_OK);
ASSERT_TRUE(!listed);
output_stream << "23 is not listed any more.\n";
output_stream << "blacklist only key for identity / unblacklist key / add key" << endl;
// 2797 65A2 FEB5 B7C7 31B8 61D9 3E4C EFD9 F7AF 4684 - this is the blacklisted key in blacklisted_pub.asc
const string keytext = slurp("test_keys/pub/blacklisted_pub.asc");
/* FIXME: put in automated test stuff (N.B. only gdb mem examination to this point to get
* fix in */
/* import it into pep */
PEP_STATUS status7 = import_key(session, keytext.c_str(), keytext.length(), NULL);
const char* bl_fpr_1 = "279765A2FEB5B7C731B861D93E4CEFD9F7AF4684";
const char* bl_fpr_2 = "634FAC4417E9B2A5DC2BD4AAC4AEEBBE7E62701B";
bool is_blacklisted = false;
// Clean up from previous runs
PEP_STATUS status10 = blacklist_is_listed(session, bl_fpr_1, &is_blacklisted);
if (is_blacklisted) {
is_blacklisted = false;
blacklist_delete(session, bl_fpr_1);
}
pEp_identity* blacklisted_identity = new_identity("blacklistedkeys@kgrothoff.org",
bl_fpr_1,
"TOFU_blacklistedkeys@kgrothoff.org",
"Blacklist Keypair");
PEP_STATUS status = set_fpr_preserve_ident(session, blacklisted_identity, bl_fpr_1, false);
ASSERT_OK;
PEP_STATUS status8 = update_identity(session, blacklisted_identity);
// THERE IS NO BLACKLISTING OF PEP KEYS
//blacklisted_identity->comm_type = PEP_ct_pEp;
blacklisted_identity->comm_type = PEP_ct_OpenPGP_unconfirmed;
PEP_STATUS status99 = set_identity(session, blacklisted_identity);
trust_personal_key(session, blacklisted_identity);
PEP_STATUS status999 = update_identity(session, blacklisted_identity);
ASSERT_EQ(blacklisted_identity->comm_type , PEP_ct_OpenPGP);
PEP_STATUS status9 = blacklist_add(session, bl_fpr_1);
status10 = blacklist_is_listed(session, bl_fpr_1, &is_blacklisted);
PEP_STATUS status11 = update_identity(session, blacklisted_identity);
/* new!!! */
ASSERT_TRUE(is_blacklisted);
ASSERT_EQ(status11 , PEP_STATUS_OK);
ASSERT_STREQ(bl_fpr_1, blacklisted_identity->fpr); // I don't think this should be true, but...
bool id_def, us_def, addr_def;
status11 = get_valid_pubkey(session, blacklisted_identity,
&id_def, &us_def, &addr_def, true);
if (!(blacklisted_identity->fpr))
output_stream << "OK! blacklisted_identity->fpr is empty. Yay!" << endl;
else if (strcmp(blacklisted_identity->fpr, bl_fpr_2) == 0)
output_stream << "OK! While this should be empty, you are probably running " <<
"this in your home directory instead of the test environment " <<
"and have leftover keys. This is an acceptable result here then. But you " <<
"should probably clean up after yourself :)" << endl;
else
output_stream << "Not OK. blacklisted_identity->fpr is " << blacklisted_identity->fpr << "." << endl
<< "Expected it to be empty or (possibly) " << bl_fpr_2 << endl;
ASSERT_TRUE(blacklisted_identity->fpr == NULL || blacklisted_identity->fpr[0] == '\0' || strcmp(blacklisted_identity->fpr, bl_fpr_2) == 0);
pEp_identity *me = new_identity("alice@peptest.ch", NULL, "423", "Alice Miller");
ASSERT_NOTNULL(me);
PEP_STATUS status24 = myself(session, me);
ASSERT_EQ(status24 , PEP_STATUS_OK);
message *msg23 = new_message(PEP_dir_outgoing);
ASSERT_NOTNULL(msg23);
msg23->from = me;
msg23->to = new_identity_list(identity_dup(blacklisted_identity));
ASSERT_TRUE(msg23->to != NULL && msg23->to->ident != NULL);
PEP_rating rating23;
output_stream << "testing outgoing_message_rating() with blacklisted key in to\n";
PEP_STATUS status23 = outgoing_message_rating(session, msg23, &rating23);
ASSERT_EQ(status23 , PEP_STATUS_OK);
ASSERT_EQ(rating23 , PEP_rating_unencrypted);
free_message(msg23);
const string keytext2 = slurp("test_keys/pub/blacklisted_pub2.asc");
PEP_STATUS status14 = import_key(session, keytext2.c_str(), keytext2.length(), NULL);
pEp_identity* blacklisted_identity2 = new_identity("blacklistedkeys@kgrothoff.org",
bl_fpr_2,
NULL,
"Blacklist Keypair");
PEP_STATUS status15 = update_identity(session, blacklisted_identity2);
//
// ASSERT_EQ((blacklisted_identity2->fpr && strcmp(blacklisted_identity2->fpr, bl_fpr_2) , 0), "blacklisted_identity2->fpr && strcmp(blacklisted_identity2->fpr);
// if (blacklisted_identity2->fpr && strcmp(blacklisted_identity2->fpr, bl_fpr_2) == 0)
// output_stream << "blacklisted identity's fpr successfully replaced by the unblacklisted one" << endl;
// // else
// // output_stream << "blacklisted_identity->fpr should be " << bl_fpr_2 << " but is " << blacklisted_identity->fpr << endl;
//
// PEP_STATUS status12 = blacklist_delete(session, bl_fpr_1);
// PEP_STATUS status13 = update_identity(session, blacklisted_identity);
//
// pEp_identity* stored_identity = new_identity("blacklistedkeys@kgrothoff.org",
// NULL,
// blacklisted_identity->user_id,
// "Blacklist Keypair");
//
// PEP_STATUS status00 = update_identity(session, stored_identity);
//
// // FIXME
// // ASSERT_EQ(stored_identity->comm_type , PEP_ct_pEp);
free_identity(blacklisted_identity);
free_identity(blacklisted_identity2);
}

1
test/src/EncryptMissingPrivateKeyTest.cc
Unescape View File

@ -9,7 +9,6 @@
#include <cstring> // for strcmp()
#include <assert.h>
#include "blacklist.h"
#include "keymanagement.h"
#include "message_api.h"
#include "mime.h"

2
test/src/TestUtilities.cc
Unescape View File

@ -888,7 +888,7 @@ PEP_STATUS set_default_fpr_for_test(PEP_SESSION session, pEp_identity* ident, b
return PEP_UNKNOWN_ERROR;
}
if (!unconditional)
status = validate_fpr(session, ident, true, true, true);
status = validate_fpr(session, ident, true, true);
if (status == PEP_STATUS_OK)
status = set_identity(session, ident);
return status;

Write Preview
Loading…
Cancel
Save