|
|
|
|
// This file is under GNU General Public License 3.0
|
|
|
|
|
// see LICENSE.txt
|
|
|
|
|
|
|
|
|
|
#include "pEp_internal.h"
|
|
|
|
|
#include "dynamic_api.h"
|
|
|
|
|
#include "cryptotech.h"
|
|
|
|
|
#include "transport.h"
|
|
|
|
|
#include "blacklist.h"
|
|
|
|
|
|
|
|
|
|
#include <time.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
|
|
|
|
|
static volatile int init_count = -1;
|
|
|
|
|
|
|
|
|
|
// sql overloaded functions - modified from sqlite3.c
|
|
|
|
|
static void _sql_lower(sqlite3_context* ctx, int argc, sqlite3_value** argv) {
|
|
|
|
|
char *z1;
|
|
|
|
|
const char *z2;
|
|
|
|
|
int i, n;
|
|
|
|
|
z2 = (char*)sqlite3_value_text(argv[0]);
|
|
|
|
|
n = sqlite3_value_bytes(argv[0]);
|
|
|
|
|
/* Verify that the call to _bytes() does not invalidate the _text() pointer */
|
|
|
|
|
assert( z2==(char*)sqlite3_value_text(argv[0]) );
|
|
|
|
|
if( z2 ){
|
|
|
|
|
z1 = (char*)sqlite3_malloc(n+1);
|
|
|
|
|
if( z1 ){
|
|
|
|
|
for(i=0; i<n; i++){
|
|
|
|
|
char c = z2[i];
|
|
|
|
|
char c_mod = c | 0x20;
|
|
|
|
|
if (c_mod < 0x61 || c_mod > 0x7a)
|
|
|
|
|
c_mod = c;
|
|
|
|
|
z1[i] = c_mod;
|
|
|
|
|
}
|
|
|
|
|
z1[n] = '\0';
|
|
|
|
|
sqlite3_result_text(ctx, z1, n, sqlite3_free);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// sql manipulation statements
|
|
|
|
|
static const char *sql_log =
|
|
|
|
|
"insert into log (title, entity, description, comment)"
|
|
|
|
|
"values (?1, ?2, ?3, ?4);";
|
|
|
|
|
|
|
|
|
|
static const char *sql_trustword =
|
|
|
|
|
"select id, word from wordlist where lang = lower(?1) "
|
|
|
|
|
"and id = ?2 ;";
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static const char *sql_get_identity =
|
|
|
|
|
"select fpr, username, comm_type, lang,"
|
|
|
|
|
" identity.flags | pgp_keypair.flags"
|
|
|
|
|
" from identity"
|
|
|
|
|
" join person on id = identity.user_id"
|
|
|
|
|
" join pgp_keypair on fpr = identity.main_key_id"
|
|
|
|
|
" join trust on id = trust.user_id"
|
|
|
|
|
" and pgp_keypair_fpr = identity.main_key_id"
|
|
|
|
|
" where (case when (address = ?1) then (1)"
|
|
|
|
|
" when (lower(address) = lower(?1)) then (1)"
|
|
|
|
|
" when (replace(lower(address),'.','') = replace(lower(?1),'.','')) then (1)"
|
|
|
|
|
" else 0"
|
|
|
|
|
" end) = 1"
|
|
|
|
|
" and identity.user_id = ?2;";
|
|
|
|
|
|
|
|
|
|
static const char *sql_replace_identities_fpr =
|
|
|
|
|
"update identity"
|
|
|
|
|
" set main_key_id = ?1 "
|
|
|
|
|
" where main_key_id = ?2 ;";
|
|
|
|
|
|
|
|
|
|
// Set person, but if already exist, only update.
|
|
|
|
|
// if main_key_id already set, don't touch.
|
|
|
|
|
static const char *sql_set_person =
|
|
|
|
|
"insert or replace into person (id, username, lang, main_key_id, device_group)"
|
|
|
|
|
" values (?1, ?2, ?3,"
|
|
|
|
|
" (select coalesce((select main_key_id from person "
|
|
|
|
|
" where id = ?1), upper(replace(?4,' ','')))),"
|
|
|
|
|
" (select device_group from person where id = ?1)) ;";
|
|
|
|
|
|
|
|
|
|
static const char *sql_set_device_group =
|
|
|
|
|
"update person set device_group = ?1 "
|
|
|
|
|
"where id = '" PEP_OWN_USERID "';";
|
|
|
|
|
|
|
|
|
|
static const char *sql_get_device_group =
|
|
|
|
|
"select device_group from person "
|
|
|
|
|
"where id = '" PEP_OWN_USERID "';";
|
|
|
|
|
|
|
|
|
|
static const char *sql_set_pgp_keypair =
|
|
|
|
|
"insert or replace into pgp_keypair (fpr) "
|
|
|
|
|
"values (upper(replace(?1,' ',''))) ;";
|
|
|
|
|
|
|
|
|
|
static const char *sql_set_identity =
|
|
|
|
|
"insert or replace into identity ("
|
|
|
|
|
" address, main_key_id, "
|
|
|
|
|
" user_id, flags"
|
|
|
|
|
") values ("
|
|
|
|
|
" ?1,"
|
|
|
|
|
" upper(replace(?2,' ','')),"
|
|
|
|
|
" ?3,"
|
|
|
|
|
// " (select"
|
|
|
|
|
// " coalesce("
|
|
|
|
|
// " (select flags from identity"
|
|
|
|
|
// " where address = ?1 and"
|
|
|
|
|
// " user_id = ?3),"
|
|
|
|
|
// " 0)"
|
|
|
|
|
// " ) | (?4 & 255)"
|
|
|
|
|
/* set_identity ignores previous flags, and doesn't filter machine flags */
|
|
|
|
|
" ?4"
|
|
|
|
|
");";
|
|
|
|
|
|
|
|
|
|
static const char *sql_set_identity_flags =
|
|
|
|
|
"update identity set flags = "
|
|
|
|
|
" ((?1 & 255) | (select flags from identity"
|
|
|
|
|
" where address = ?2 and user_id = ?3)) "
|
|
|
|
|
"where address = ?2 and user_id = ?3 ;";
|
|
|
|
|
|
|
|
|
|
static const char *sql_unset_identity_flags =
|
|
|
|
|
"update identity set flags = "
|
|
|
|
|
" ( ~(?1 & 255) & (select flags from identity"
|
|
|
|
|
" where address = ?2 and user_id = ?3)) "
|
|
|
|
|
"where address = ?2 and user_id = ?3 ;";
|
|
|
|
|
|
|
|
|
|
static const char *sql_set_trust =
|
|
|
|
|
"insert or replace into trust (user_id, pgp_keypair_fpr, comm_type) "
|
|
|
|
|
"values (?1, upper(replace(?2,' ','')), ?3) ;";
|
|
|
|
|
|
|
|
|
|
static const char *sql_update_trust_for_fpr =
|
|
|
|
|
"update trust "
|
|
|
|
|
"set comm_type = ?1 "
|
|
|
|
|
"where pgp_keypair_fpr = upper(replace(?2,' ','')) ;";
|
|
|
|
|
|
|
|
|
|
static const char *sql_get_trust =
|
|
|
|
|
"select comm_type from trust where user_id = ?1 "
|
|
|
|
|
"and pgp_keypair_fpr = upper(replace(?2,' ','')) ;";
|
|
|
|
|
|
|
|
|
|
static const char *sql_least_trust =
|
|
|
|
|
"select min(comm_type) from trust where"
|
|
|
|
|
" pgp_keypair_fpr = upper(replace(?1,' ',''))"
|
|
|
|
|
" and comm_type != 0;"; // ignores PEP_ct_unknown
|
|
|
|
|
// returns PEP_ct_unknown only when no known trust is recorded
|
|
|
|
|
|
|
|
|
|
static const char *sql_mark_as_compromized =
|
|
|
|
|
"update trust not indexed set comm_type = 15"
|
|
|
|
|
" where pgp_keypair_fpr = upper(replace(?1,' ','')) ;";
|
|
|
|
|
|
|
|
|
|
static const char *sql_crashdump =
|
|
|
|
|
"select timestamp, title, entity, description, comment"
|
|
|
|
|
" from log order by timestamp desc limit ?1 ;";
|
|
|
|
|
|
|
|
|
|
static const char *sql_languagelist =
|
|
|
|
|
"select i18n_language.lang, name, phrase"
|
|
|
|
|
" from i18n_language join i18n_token using (lang) where i18n_token.id = 1000;" ;
|
|
|
|
|
|
|
|
|
|
static const char *sql_i18n_token =
|
|
|
|
|
"select phrase from i18n_token where lang = lower(?1) and id = ?2 ;";
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// blacklist
|
|
|
|
|
static const char *sql_blacklist_add =
|
|
|
|
|
"insert or replace into blacklist_keys (fpr) values (upper(replace(?1,' ',''))) ;"
|
|
|
|
|
"delete from identity where main_key_id = upper(replace(?1,' ','')) ;"
|
|
|
|
|
"delete from pgp_keypair where fpr = upper(replace(?1,' ','')) ;";
|
|
|
|
|
|
|
|
|
|
static const char *sql_blacklist_delete =
|
|
|
|
|
"delete from blacklist_keys where fpr = upper(replace(?1,' ','')) ;";
|
|
|
|
|
|
|
|
|
|
static const char *sql_blacklist_is_listed =
|
|
|
|
|
"select count(*) from blacklist_keys where fpr = upper(replace(?1,' ','')) ;";
|
|
|
|
|
|
|
|
|
|
static const char *sql_blacklist_retrieve =
|
|
|
|
|
"select * from blacklist_keys ;";
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// Own keys
|
|
|
|
|
static const char *sql_own_key_is_listed =
|
|
|
|
|
"select count(*) from ("
|
|
|
|
|
" select main_key_id from person "
|
|
|
|
|
" where main_key_id = upper(replace(?1,' ',''))"
|
|
|
|
|
" and id = '" PEP_OWN_USERID "' "
|
|
|
|
|
" union "
|
|
|
|
|
" select main_key_id from identity "
|
|
|
|
|
" where main_key_id = upper(replace(?1,' ',''))"
|
|
|
|
|
" and user_id = '" PEP_OWN_USERID "' "
|
|
|
|
|
" union "
|
|
|
|
|
" select fpr from own_keys "
|
|
|
|
|
" where fpr = upper(replace(?1,' ',''))"
|
|
|
|
|
" );";
|
|
|
|
|
|
|
|
|
|
static const char *sql_own_identities_retrieve =
|
|
|
|
|
"select address, fpr, username, "
|
|
|
|
|
" lang, identity.flags | pgp_keypair.flags"
|
|
|
|
|
" from identity"
|
|
|
|
|
" join person on id = identity.user_id"
|
|
|
|
|
" join pgp_keypair on fpr = identity.main_key_id"
|
|
|
|
|
" join trust on id = trust.user_id"
|
|
|
|
|
" and pgp_keypair_fpr = identity.main_key_id"
|
|
|
|
|
" where identity.user_id = '" PEP_OWN_USERID "'"
|
|
|
|
|
" and (identity.flags & ?1) = 0;";
|
|
|
|
|
|
|
|
|
|
static const char *sql_own_keys_retrieve =
|
|
|
|
|
"select fpr from own_keys"
|
|
|
|
|
" natural join identity"
|
|
|
|
|
" where (identity.flags & ?1) = 0;";
|
|
|
|
|
|
|
|
|
|
static const char *sql_set_own_key =
|
|
|
|
|
"insert or replace into own_keys (address, user_id, fpr)"
|
|
|
|
|
" values (?1, '" PEP_OWN_USERID "', upper(replace(?2,' ','')));";
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// Sequence
|
|
|
|
|
static const char *sql_sequence_value1 =
|
|
|
|
|
"insert or replace into sequences (name, value, own) "
|
|
|
|
|
"values (?1, "
|
|
|
|
|
" (select coalesce((select value + 1 from sequences "
|
|
|
|
|
" where name = ?1), 1 )), "
|
|
|
|
|
" (select coalesce((select own or ?2 from sequences "
|
|
|
|
|
" where name = ?1), ?2))) ; ";
|
|
|
|
|
|
|
|
|
|
static const char *sql_sequence_value2 =
|
|
|
|
|
"select value, own from sequences where name = ?1 ;";
|
|
|
|
|
|
|
|
|
|
static const char *sql_sequence_value3 =
|
|
|
|
|
"insert or replace into sequences (name, value, own) "
|
|
|
|
|
"values (?1, "
|
|
|
|
|
" ?2, "
|
|
|
|
|
" (select coalesce((select own or ?3 from sequences "
|
|
|
|
|
" where name = ?1), ?3))) ; ";
|
|
|
|
|
|
|
|
|
|
// Revocation tracking
|
|
|
|
|
static const char *sql_set_revoked =
|
|
|
|
|
"insert or replace into revoked_keys ("
|
|
|
|
|
" revoked_fpr, replacement_fpr, revocation_date) "
|
|
|
|
|
"values (upper(replace(?1,' ','')),"
|
|
|
|
|
" upper(replace(?2,' ','')),"
|
|
|
|
|
" ?3) ;";
|
|
|
|
|
|
|
|
|
|
static const char *sql_get_revoked =
|
|
|
|
|
"select revoked_fpr, revocation_date from revoked_keys"
|
|
|
|
|
" where replacement_fpr = upper(replace(?1,' ','')) ;";
|
|
|
|
|
|
|
|
|
|
static int user_version(void *_version, int count, char **text, char **name)
|
|
|
|
|
{
|
|
|
|
|
assert(_version);
|
|
|
|
|
assert(count == 1);
|
|
|
|
|
assert(text && text[0]);
|
|
|
|
|
if (!(_version && count == 1 && text && text[0]))
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
int *version = (int *) _version;
|
|
|
|
|
*version = atoi(text[0]);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DYNAMIC_API PEP_STATUS init(PEP_SESSION *session)
|
|
|
|
|
{
|
|
|
|
|
PEP_STATUS status = PEP_STATUS_OK;
|
|
|
|
|
int int_result;
|
|
|
|
|
|
|
|
|
|
bool in_first = false;
|
|
|
|
|
bool very_first = false;
|
|
|
|
|
|
|
|
|
|
assert(sqlite3_threadsafe());
|
|
|
|
|
if (!sqlite3_threadsafe())
|
|
|
|
|
return PEP_INIT_SQLITE3_WITHOUT_MUTEX;
|
|
|
|
|
|
|
|
|
|
// a little race condition - but still a race condition
|
|
|
|
|
// mitigated by calling caveat (see documentation)
|
|
|
|
|
|
|
|
|
|
// this increment is made atomic IN THE ADAPTERS by
|
|
|
|
|
// guarding the call to init with the appropriate mutex.
|
|
|
|
|
int _count = ++init_count;
|
|
|
|
|
if (_count == 0)
|
|
|
|
|
in_first = true;
|
|
|
|
|
|
|
|
|
|
// Race condition mitigated by calling caveat starts here :
|
|
|
|
|
// If another call to init() preempts right now, then preemptive call
|
|
|
|
|
// will have in_first false, will not create SQL tables, and following
|
|
|
|
|
// calls relying on those tables will fail.
|
|
|
|
|
//
|
|
|
|
|
// Therefore, as above, adapters MUST guard init() with a mutex.
|
|
|
|
|
//
|
|
|
|
|
// Therefore, first session
|
|
|
|
|
// is to be created and last session to be deleted alone, and not
|
|
|
|
|
// concurently to other sessions creation or deletion.
|
|
|
|
|
// We expect adapters to enforce this either by implicitely creating a
|
|
|
|
|
// client session, or by using synchronization primitive to protect
|
|
|
|
|
// creation/deletion of first/last session from the app.
|
|
|
|
|
|
|
|
|
|
assert(session);
|
|
|
|
|
if (session == NULL)
|
|
|
|
|
return PEP_ILLEGAL_VALUE;
|
|
|
|
|
|
|
|
|
|
*session = NULL;
|
|
|
|
|
|
|
|
|
|
pEpSession *_session = calloc(1, sizeof(pEpSession));
|
|
|
|
|
assert(_session);
|
|
|
|
|
if (_session == NULL)
|
|
|
|
|
goto enomem;
|
|
|
|
|
|
|
|
|
|
_session->version = PEP_ENGINE_VERSION;
|
|
|
|
|
|
|
|
|
|
#ifdef DEBUG_ERRORSTACK
|
|
|
|
|
_session->errorstack = new_stringlist("init()");
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
assert(LOCAL_DB);
|
|
|
|
|
if (LOCAL_DB == NULL) {
|
|
|
|
|
status = PEP_INIT_CANNOT_OPEN_DB;
|
|
|
|
|
goto pep_error;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_open_v2(
|
|
|
|
|
LOCAL_DB,
|
|
|
|
|
&_session->db,
|
|
|
|
|
SQLITE_OPEN_READWRITE
|
|
|
|
|
| SQLITE_OPEN_CREATE
|
|
|
|
|
| SQLITE_OPEN_FULLMUTEX
|
|
|
|
|
| SQLITE_OPEN_PRIVATECACHE,
|
|
|
|
|
NULL
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if (int_result != SQLITE_OK) {
|
|
|
|
|
status = PEP_INIT_CANNOT_OPEN_DB;
|
|
|
|
|
goto pep_error;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_exec(
|
|
|
|
|
_session->db,
|
|
|
|
|
"PRAGMA locking_mode=NORMAL;\n"
|
|
|
|
|
"PRAGMA journal_mode=WAL;\n",
|
|
|
|
|
NULL,
|
|
|
|
|
NULL,
|
|
|
|
|
NULL
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
sqlite3_busy_timeout(_session->db, BUSY_WAIT_TIME);
|
|
|
|
|
|
|
|
|
|
assert(SYSTEM_DB);
|
|
|
|
|
if (SYSTEM_DB == NULL) {
|
|
|
|
|
status = PEP_INIT_CANNOT_OPEN_SYSTEM_DB;
|
|
|
|
|
goto pep_error;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_open_v2(
|
|
|
|
|
SYSTEM_DB, &_session->system_db,
|
|
|
|
|
SQLITE_OPEN_READONLY
|
|
|
|
|
| SQLITE_OPEN_FULLMUTEX
|
|
|
|
|
| SQLITE_OPEN_SHAREDCACHE,
|
|
|
|
|
NULL
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if (int_result != SQLITE_OK) {
|
|
|
|
|
status = PEP_INIT_CANNOT_OPEN_SYSTEM_DB;
|
|
|
|
|
goto pep_error;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sqlite3_busy_timeout(_session->system_db, 1000);
|
|
|
|
|
|
|
|
|
|
// increment this when patching DDL
|
|
|
|
|
#define _DDL_USER_VERSION "5"
|
|
|
|
|
|
|
|
|
|
if (in_first) {
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_exec(
|
|
|
|
|
_session->db,
|
|
|
|
|
"create table if not exists version_info (\n"
|
|
|
|
|
" id integer primary key,\n"
|
|
|
|
|
" timestamp integer default (datetime('now')),\n"
|
|
|
|
|
" version text,\n"
|
|
|
|
|
" comment text\n"
|
|
|
|
|
");\n",
|
|
|
|
|
NULL,
|
|
|
|
|
NULL,
|
|
|
|
|
NULL
|
|
|
|
|
);
|
|
|
|
|
int_result = sqlite3_exec(
|
|
|
|
|
_session->db,
|
|
|
|
|
"PRAGMA application_id = 0x23423423;\n"
|
|
|
|
|
"create table if not exists log (\n"
|
|
|
|
|
" timestamp integer default (datetime('now')),\n"
|
|
|
|
|
" title text not null,\n"
|
|
|
|
|
" description text,\n"
|
|
|
|
|
" entity text not null,\n"
|
|
|
|
|
" comment text\n"
|
|
|
|
|
");\n"
|
|
|
|
|
"create index if not exists log_timestamp on log (\n"
|
|
|
|
|
" timestamp\n"
|
|
|
|
|
");\n"
|
|
|
|
|
"create table if not exists pgp_keypair (\n"
|
|
|
|
|
" fpr text primary key,\n"
|
|
|
|
|
" created integer,\n"
|
|
|
|
|
" expires integer,\n"
|
|
|
|
|
" comment text,\n"
|
|
|
|
|
" flags integer default 0\n"
|
|
|
|
|
");\n"
|
|
|
|
|
"create index if not exists pgp_keypair_expires on pgp_keypair (\n"
|
|
|
|
|
" expires\n"
|
|
|
|
|
");\n"
|
|
|
|
|
"create table if not exists person (\n"
|
|
|
|
|
" id text primary key,\n"
|
|
|
|
|
" username text not null,\n"
|
|
|
|
|
" main_key_id text\n"
|
|
|
|
|
" references pgp_keypair (fpr)\n"
|
|
|
|
|
" on delete set null,\n"
|
|
|
|
|
" lang text,\n"
|
|
|
|
|
" comment text,\n"
|
|
|
|
|
" device_group text\n"
|
|
|
|
|
");\n"
|
|
|
|
|
"create table if not exists identity (\n"
|
|
|
|
|
" address text,\n"
|
|
|
|
|
" user_id text\n"
|
|
|
|
|
" references person (id)\n"
|
|
|
|
|
" on delete cascade,\n"
|
|
|
|
|
" main_key_id text\n"
|
|
|
|
|
" references pgp_keypair (fpr)\n"
|
|
|
|
|
" on delete set null,\n"
|
|
|
|
|
" comment text,\n"
|
|
|
|
|
" flags integer default 0,"
|
|
|
|
|
" is_own integer default 0,"
|
|
|
|
|
" primary key (address, user_id)\n"
|
|
|
|
|
");\n"
|
|
|
|
|
"create table if not exists trust (\n"
|
|
|
|
|
" user_id text not null\n"
|
|
|
|
|
" references person (id)\n"
|
|
|
|
|
" on delete cascade,\n"
|
|
|
|
|
" pgp_keypair_fpr text not null\n"
|
|
|
|
|
" references pgp_keypair (fpr)\n"
|
|
|
|
|
" on delete cascade,\n"
|
|
|
|
|
" comm_type integer not null,\n"
|
|
|
|
|
" comment text,\n"
|
|
|
|
|
" primary key (user_id, pgp_keypair_fpr)\n"
|
|
|
|
|
");\n"
|
|
|
|
|
// blacklist
|
|
|
|
|
"create table if not exists blacklist_keys (\n"
|
|
|
|
|
" fpr text primary key\n"
|
|
|
|
|
");\n"
|
|
|
|
|
// sequences
|
|
|
|
|
"create table if not exists sequences(\n"
|
|
|
|
|
" name text primary key,\n"
|
|
|
|
|
" value integer default 0,\n"
|
|
|
|
|
" own integer default 0\n"
|
|
|
|
|
");\n"
|
|
|
|
|
"create table if not exists revoked_keys (\n"
|
|
|
|
|
" revoked_fpr text primary key,\n"
|
|
|
|
|
" replacement_fpr text not null\n"
|
|
|
|
|
" references pgp_keypair (fpr)\n"
|
|
|
|
|
" on delete cascade,\n"
|
|
|
|
|
" revocation_date integer\n"
|
|
|
|
|
");\n"
|
|
|
|
|
"create table if not exists own_keys (\n"
|
|
|
|
|
" address text,\n"
|
|
|
|
|
" user_id text,\n"
|
|
|
|
|
" fpr text not null\n"
|
|
|
|
|
" references pgp_keypair (fpr)\n"
|
|
|
|
|
" on delete cascade,\n"
|
|
|
|
|
" foreign key (address, user_id)\n"
|
|
|
|
|
" references identity\n"
|
|
|
|
|
" on delete cascade,\n"
|
|
|
|
|
// " check (user_id = '" PEP_OWN_USERID "')\n"
|
|
|
|
|
" primary key (address, fpr)\n"
|
|
|
|
|
");\n"
|
|
|
|
|
,
|
|
|
|
|
NULL,
|
|
|
|
|
NULL,
|
|
|
|
|
NULL
|
|
|
|
|
);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int version;
|
|
|
|
|
int_result = sqlite3_exec(
|
|
|
|
|
_session->db,
|
|
|
|
|
"pragma user_version;",
|
|
|
|
|
user_version,
|
|
|
|
|
&version,
|
|
|
|
|
NULL
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
void (*xFunc_lower)(sqlite3_context*,int,sqlite3_value**) = &_sql_lower;
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_create_function_v2(
|
|
|
|
|
_session->db,
|
|
|
|
|
"lower",
|
|
|
|
|
1,
|
|
|
|
|
SQLITE_UTF8 | SQLITE_DETERMINISTIC,
|
|
|
|
|
NULL,
|
|
|
|
|
xFunc_lower,
|
|
|
|
|
NULL,
|
|
|
|
|
NULL,
|
|
|
|
|
NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
if(version != 0) {
|
|
|
|
|
// Version has been already set
|
|
|
|
|
|
|
|
|
|
// Early mistake : version 0 shouldn't have existed.
|
|
|
|
|
// Numbering should have started at 1 to detect newly created DB.
|
|
|
|
|
// Version 0 DBs are not anymore compatible.
|
|
|
|
|
|
|
|
|
|
// // Was version 0 compat code.
|
|
|
|
|
// if (version < 1) {
|
|
|
|
|
// int_result = sqlite3_exec(
|
|
|
|
|
// _session->db,
|
|
|
|
|
// "alter table identity\n"
|
|
|
|
|
// " add column flags integer default 0;\n",
|
|
|
|
|
// NULL,
|
|
|
|
|
// NULL,
|
|
|
|
|
// NULL
|
|
|
|
|
// );
|
|
|
|
|
// assert(int_result == SQLITE_OK);
|
|
|
|
|
// }
|
|
|
|
|
|
|
|
|
|
if (version < 2) {
|
|
|
|
|
int_result = sqlite3_exec(
|
|
|
|
|
_session->db,
|
|
|
|
|
"alter table pgp_keypair\n"
|
|
|
|
|
" add column flags integer default 0;\n"
|
|
|
|
|
"alter table person\n"
|
|
|
|
|
" add column device_group text;\n",
|
|
|
|
|
NULL,
|
|
|
|
|
NULL,
|
|
|
|
|
NULL
|
|
|
|
|
);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (version < 3) {
|
|
|
|
|
int_result = sqlite3_exec(
|
|
|
|
|
_session->db,
|
|
|
|
|
"alter table sequences\n"
|
|
|
|
|
" add column own integer default 0;\n",
|
|
|
|
|
NULL,
|
|
|
|
|
NULL,
|
|
|
|
|
NULL
|
|
|
|
|
);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (version < 5) {
|
|
|
|
|
int_result = sqlite3_exec(
|
|
|
|
|
_session->db,
|
|
|
|
|
"delete from pgp_keypair where fpr = '';",
|
|
|
|
|
NULL,
|
|
|
|
|
NULL,
|
|
|
|
|
NULL
|
|
|
|
|
);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
int_result = sqlite3_exec(
|
|
|
|
|
_session->db,
|
|
|
|
|
"delete from trust where pgp_keypair_fpr = '';",
|
|
|
|
|
NULL,
|
|
|
|
|
NULL,
|
|
|
|
|
NULL
|
|
|
|
|
);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (version < 6) {
|
|
|
|
|
int_result = sqlite3_exec(
|
|
|
|
|
_session->db,
|
|
|
|
|
"alter table identity\n"
|
|
|
|
|
" add column is_own integer default 0;\n",
|
|
|
|
|
NULL,
|
|
|
|
|
NULL,
|
|
|
|
|
NULL
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
// Version from DB was 0, it means this is initial setup.
|
|
|
|
|
// DB has just been created, and all tables are empty.
|
|
|
|
|
very_first = true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (version < atoi(_DDL_USER_VERSION)) {
|
|
|
|
|
int_result = sqlite3_exec(
|
|
|
|
|
_session->db,
|
|
|
|
|
"pragma user_version = "_DDL_USER_VERSION";\n"
|
|
|
|
|
"insert or replace into version_info (id, version)"
|
|
|
|
|
"values (1, '" PEP_ENGINE_VERSION "');",
|
|
|
|
|
NULL,
|
|
|
|
|
NULL,
|
|
|
|
|
NULL
|
|
|
|
|
);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// We need to init a few globals for message id that we'd rather not
|
|
|
|
|
// calculate more than once.
|
|
|
|
|
_init_globals();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_log,
|
|
|
|
|
(int)strlen(sql_log), &_session->log, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->system_db, sql_trustword,
|
|
|
|
|
(int)strlen(sql_trustword), &_session->trustword, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_get_identity,
|
|
|
|
|
(int)strlen(sql_get_identity), &_session->get_identity, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_replace_identities_fpr,
|
|
|
|
|
(int)strlen(sql_replace_identities_fpr),
|
|
|
|
|
&_session->replace_identities_fpr, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_set_person,
|
|
|
|
|
(int)strlen(sql_set_person), &_session->set_person, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_set_device_group,
|
|
|
|
|
(int)strlen(sql_set_device_group), &_session->set_device_group, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_get_device_group,
|
|
|
|
|
(int)strlen(sql_get_device_group), &_session->get_device_group, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_set_pgp_keypair,
|
|
|
|
|
(int)strlen(sql_set_pgp_keypair), &_session->set_pgp_keypair,
|
|
|
|
|
NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_set_identity,
|
|
|
|
|
(int)strlen(sql_set_identity), &_session->set_identity, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_set_identity_flags,
|
|
|
|
|
(int)strlen(sql_set_identity_flags), &_session->set_identity_flags,
|
|
|
|
|
NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_unset_identity_flags,
|
|
|
|
|
(int)strlen(sql_unset_identity_flags), &_session->unset_identity_flags,
|
|
|
|
|
NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_set_trust,
|
|
|
|
|
(int)strlen(sql_set_trust), &_session->set_trust, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_update_trust_for_fpr,
|
|
|
|
|
(int)strlen(sql_update_trust_for_fpr), &_session->update_trust_for_fpr, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_get_trust,
|
|
|
|
|
(int)strlen(sql_get_trust), &_session->get_trust, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_least_trust,
|
|
|
|
|
(int)strlen(sql_least_trust), &_session->least_trust, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_mark_as_compromized,
|
|
|
|
|
(int)strlen(sql_mark_as_compromized), &_session->mark_compromized,
|
|
|
|
|
NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_crashdump,
|
|
|
|
|
(int)strlen(sql_crashdump), &_session->crashdump, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->system_db, sql_languagelist,
|
|
|
|
|
(int)strlen(sql_languagelist), &_session->languagelist, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->system_db, sql_i18n_token,
|
|
|
|
|
(int)strlen(sql_i18n_token), &_session->i18n_token, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
// blacklist
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_blacklist_add,
|
|
|
|
|
(int)strlen(sql_blacklist_add), &_session->blacklist_add, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_blacklist_delete,
|
|
|
|
|
(int)strlen(sql_blacklist_delete), &_session->blacklist_delete,
|
|
|
|
|
NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_blacklist_is_listed,
|
|
|
|
|
(int)strlen(sql_blacklist_is_listed),
|
|
|
|
|
&_session->blacklist_is_listed, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_blacklist_retrieve,
|
|
|
|
|
(int)strlen(sql_blacklist_retrieve), &_session->blacklist_retrieve,
|
|
|
|
|
NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
// Own keys
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_own_key_is_listed,
|
|
|
|
|
(int)strlen(sql_own_key_is_listed), &_session->own_key_is_listed,
|
|
|
|
|
NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_own_identities_retrieve,
|
|
|
|
|
(int)strlen(sql_own_identities_retrieve),
|
|
|
|
|
&_session->own_identities_retrieve, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_own_keys_retrieve,
|
|
|
|
|
(int)strlen(sql_own_keys_retrieve),
|
|
|
|
|
&_session->own_keys_retrieve, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_set_own_key,
|
|
|
|
|
(int)strlen(sql_set_own_key),
|
|
|
|
|
&_session->set_own_key, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
// Sequence
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_sequence_value1,
|
|
|
|
|
(int)strlen(sql_sequence_value1), &_session->sequence_value1,
|
|
|
|
|
NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_sequence_value2,
|
|
|
|
|
(int)strlen(sql_sequence_value2), &_session->sequence_value2,
|
|
|
|
|
NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_sequence_value3,
|
|
|
|
|
(int)strlen(sql_sequence_value3), &_session->sequence_value3,
|
|
|
|
|
NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
// Revocation tracking
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_set_revoked,
|
|
|
|
|
(int)strlen(sql_set_revoked), &_session->set_revoked, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
int_result = sqlite3_prepare_v2(_session->db, sql_get_revoked,
|
|
|
|
|
(int)strlen(sql_get_revoked), &_session->get_revoked, NULL);
|
|
|
|
|
assert(int_result == SQLITE_OK);
|
|
|
|
|
|
|
|
|
|
status = init_cryptotech(_session, in_first);
|
|
|
|
|
if (status != PEP_STATUS_OK)
|
|
|
|
|
goto pep_error;
|
|
|
|
|
|
|
|
|
|
status = init_transport_system(_session, in_first);
|
|
|
|
|
if (status != PEP_STATUS_OK)
|
|
|
|
|
goto pep_error;
|
|
|
|
|
|
|
|
|
|
status = log_event(_session, "init", "pEp " PEP_ENGINE_VERSION, NULL, NULL);
|
|
|
|
|
if (status != PEP_STATUS_OK)
|
|
|
|
|
goto pep_error;
|
|
|
|
|
|
|
|
|
|
// runtime config
|
|
|
|
|
|
|
|
|
|
#ifdef ANDROID
|
|
|
|
|
#elif TARGET_OS_IPHONE
|
|
|
|
|
#else /* Desktop */
|
|
|
|
|
if (very_first)
|
|
|
|
|
{
|
|
|
|
|
