You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
pEpEngine/src/pEpEngine.c

4851 lines
156 KiB

// This file is under GNU General Public License 3.0
// see LICENSE.txt
9 years ago
#include "pEp_internal.h"
8 years ago
#include "dynamic_api.h"
9 years ago
#include "cryptotech.h"
#include "transport.h"
#include "blacklist.h"
4 years ago
#include "KeySync_fsm.h"
9 years ago
#include <time.h>
#include <stdlib.h>
#define _PEP_SQLITE_DEBUG 0
#if _PEP_SQLITE_DEBUG
#include <sqlite3.h>
#endif
5 years ago
static volatile int init_count = -1;
// sql overloaded functions - modified from sqlite3.c
static void _sql_lower(sqlite3_context* ctx, int argc, sqlite3_value** argv) {
const char *z2;
4 years ago
int n;
z2 = (char*)sqlite3_value_text(argv[0]);
n = sqlite3_value_bytes(argv[0]);
/* Verify that the call to _bytes() does not invalidate the _text() pointer */
assert( z2==(char*)sqlite3_value_text(argv[0]) );
if( z2 ){
4 years ago
char *z1 = (char*)sqlite3_malloc(n+1);
if( z1 ){
4 years ago
for(int i=0; i<n; i++){
char c = z2[i];
char c_mod = c | 0x20;
if (c_mod < 0x61 || c_mod > 0x7a)
c_mod = c;
z1[i] = c_mod;
}
z1[n] = '\0';
sqlite3_result_text(ctx, z1, n, sqlite3_free);
}
}
}
#if _PEP_SQLITE_DEBUG
int sql_trace_callback (unsigned trace_constant,
void* context_ptr,
void* P,
void* X) {
switch (trace_constant) {
case SQLITE_TRACE_STMT:
fprintf(stderr, "SQL_DEBUG: STMT - ");
const char* X_str = (const char*) X;
if (!EMPTYSTR(X_str) && X_str[0] == '-' && X_str[1] == '-')
fprintf(stderr, "%s\n", X_str);
else
fprintf(stderr, "%s\n", sqlite3_expanded_sql((sqlite3_stmt*)P));
break;
case SQLITE_TRACE_ROW:
fprintf(stderr, "SQL_DEBUG: ROW - ");
fprintf(stderr, "%s\n", sqlite3_expanded_sql((sqlite3_stmt*)P));
break;
case SQLITE_TRACE_CLOSE:
fprintf(stderr, "SQL_DEBUG: CLOSE - ");
break;
default:
break;
}
return 0;
}
#endif
// sql manipulation statements
static const char *sql_log =
"insert into log (title, entity, description, comment)"
"values (?1, ?2, ?3, ?4);";
static const char *sql_trustword =
"select id, word from wordlist where lang = lower(?1) "
"and id = ?2 ;";
static const char *sql_get_identity =
"select fpr, username, comm_type, lang,"
" identity.flags | pgp_keypair.flags,"
" is_own"
" from identity"
" join person on id = identity.user_id"
" join pgp_keypair on fpr = identity.main_key_id"
" join trust on id = trust.user_id"
" and pgp_keypair_fpr = identity.main_key_id"
" where (case when (address = ?1) then (1)"
" when (lower(address) = lower(?1)) then (1)"
" when (replace(lower(address),'.','') = replace(lower(?1),'.','')) then (1)"
" else 0"
" end) = 1"
" and identity.user_id = ?2"
" order by is_own desc, "
" timestamp desc; ";
static const char *sql_get_identities_by_main_key_id =
"select address, identity.user_id, username, comm_type, lang,"
" identity.flags | pgp_keypair.flags,"
" is_own"
" from identity"
" join person on id = identity.user_id"
" join pgp_keypair on fpr = identity.main_key_id"
" join trust on id = trust.user_id"
" and pgp_keypair_fpr = identity.main_key_id"
" where identity.main_key_id = ?1"
" order by is_own desc, "
" timestamp desc; ";
static const char *sql_get_identity_without_trust_check =
"select identity.main_key_id, username, lang,"
" identity.flags, is_own"
" from identity"
" join person on id = identity.user_id"
" where (case when (address = ?1) then (1)"
" when (lower(address) = lower(?1)) then (1)"
" when (replace(lower(address),'.','') = replace(lower(?1),'.','')) then (1)"
" else 0"
" end) = 1"
" and identity.user_id = ?2 "
" order by is_own desc, "
" timestamp desc; ";
static const char *sql_get_identities_by_address =
"select user_id, identity.main_key_id, username, lang,"
" identity.flags, is_own"
" from identity"
" join person on id = identity.user_id"
" where (case when (address = ?1) then (1)"
" when (lower(address) = lower(?1)) then (1)"
" when (replace(lower(address),'.','') = replace(lower(?1),'.','')) then (1)"
" else 0"
" end) = 1 "
" order by is_own desc, "
" timestamp desc; ";
static const char *sql_get_identities_by_userid =
"select address, fpr, username, comm_type, lang,"
" identity.flags | pgp_keypair.flags,"
" is_own"
" from identity"
" join person on id = identity.user_id"
" join pgp_keypair on fpr = identity.main_key_id"
" join trust on id = trust.user_id"
" and pgp_keypair_fpr = identity.main_key_id"
" where identity.user_id = ?1"
" order by is_own desc, "
" timestamp desc; ";
static const char *sql_replace_identities_fpr =
"update identity"
" set main_key_id = ?1 "
" where main_key_id = ?2 ;";
static const char *sql_remove_fpr_as_default =
"update person set main_key_id = NULL where main_key_id = ?1 ;"
"update identity set main_key_id = NULL where main_key_id = ?1 ;";
// Set person, but if already exist, only update.
// if main_key_id already set, don't touch.
static const char *sql_set_person =
"insert into person (id, username, lang, main_key_id, device_group)"
" values (?1, ?2, ?3, ?4, "
" (select device_group from person where id = ?1)) ;";
static const char *sql_update_person =
"update person "
" set username = ?2, "
" lang = ?3, "
" main_key_id = "
" (select coalesce( "
" (select main_key_id from person where id = ?1), "
" upper(replace(?4,' ','')))),"
" device_group = "
" (select device_group from person where id = ?1)"
" where id = ?1 ;";
// Will cascade.
static const char *sql_delete_person =
"delete from person where id = ?1 ;";
5 years ago
static const char *sql_set_as_pEp_user =
"update person set is_pEp_user = 1 "
" where id = ?1 ; ";
5 years ago
static const char *sql_is_pEp_user =
"select is_pEp_user from person "
" where id = ?1 ; ";
static const char* sql_exists_person =
"select count(*) from person "
" where id = ?1 ;";
static const char *sql_set_device_group =
"update person set device_group = ?1 "
" where id = ?2;";
// This will cascade to identity and trust
static const char* sql_replace_userid =
"update person set id = ?1 "
" where id = ?2;";
// Hopefully this cascades and removes trust entries...
static const char *sql_delete_key =
"delete from pgp_keypair "
" where fpr = ?1 ; ";
static const char *sql_replace_main_user_fpr =
"update person "
" set main_key_id = ?1 "
" where id = ?2 ;";
static const char *sql_get_main_user_fpr =
"select main_key_id from person"
" where id = ?1 ;";
static const char *sql_refresh_userid_default_key =
"update person "
" set main_key_id = "
" (select identity.main_key_id from identity "
" join trust on trust.user_id = identity.user_id "
" and trust.pgp_keypair_fpr = identity.main_key_id "
" join person on identity.user_id = identity.user_id "
" where identity.user_id = ?1 "
" order by trust.comm_type desc "
" limit 1) "
"where id = ?1 ; ";
static const char *sql_get_device_group =
"select device_group from person "
"where id = ?1;";
static const char *sql_set_pgp_keypair =
"insert or ignore into pgp_keypair (fpr) "
"values (upper(replace(?1,' ',''))) ;";
static const char* sql_exists_identity_entry =
"select count(*) from identity "
" where (case when (address = ?1) then (1)"
" when (lower(address) = lower(?1)) then (1)"
" when (replace(lower(address),'.','') = replace(lower(?1),'.','')) then (1)"
" else 0"
" end) = 1"
" and user_id = ?2;";
static const char *sql_set_identity_entry =
"insert into identity ("
" address, main_key_id, "
" user_id, flags, is_own"
" ) values ("
" ?1,"
" upper(replace(?2,' ','')),"
" ?3,"
" ?4,"
" ?5"
" );";
static const char* sql_update_identity_entry =
"update identity "
" set main_key_id = upper(replace(?2,' ','')), "
" flags = ?4, "
" is_own = ?5 "
" where (case when (address = ?1) then (1)"
" when (lower(address) = lower(?1)) then (1)"
" when (replace(lower(address),'.','') = replace(lower(?1),'.','')) then (1) "
" else 0 "
" end) = 1 "
" and user_id = ?3 ;";
// " (select"
// " coalesce("
// " (select flags from identity"
// " where address = ?1 and"
// " user_id = ?3),"
// " 0)"
// " ) | (?4 & 255)"
/* set_identity ignores previous flags, and doesn't filter machine flags */
static const char *sql_set_identity_flags =
"update identity set flags = "
" ((?1 & 255) | (select flags from identity"
" where (case when (address = ?2) then (1)"
" when (lower(address) = lower(?2)) then (1)"
" when (replace(lower(address),'.','') = replace(lower(?2),'.','')) then (1)"
" else 0 "
" end) = 1 "
" and user_id = ?3)) "
" where (case when (address = ?2) then (1)"
" when (lower(address) = lower(?2)) then (1)"
" when (replace(lower(address),'.','') = replace(lower(?2),'.','')) then (1)"
" else 0"
" end) = 1"
" and user_id = ?3 ;";
static const char *sql_unset_identity_flags =
"update identity set flags = "
" ( ~(?1 & 255) & (select flags from identity"
" where (case when (address = ?2) then (1)"
" when (lower(address) = lower(?2)) then (1)"
" when (replace(lower(address),'.','') = replace(lower(?2),'.','')) then (1)"
" else 0 "
" end) = 1 "
" and user_id = ?3)) "
" where (case when (address = ?2) then (1)"
" when (lower(address) = lower(?2)) then (1)"
" when (replace(lower(address),'.','') = replace(lower(?2),'.','')) then (1)"
" else 0"
" end) = 1"
" and user_id = ?3 ;";
static const char *sql_set_trust =
"insert into trust (user_id, pgp_keypair_fpr, comm_type) "
"values (?1, upper(replace(?2,' ','')), ?3) ;";
static const char *sql_update_trust =
"update trust set comm_type = ?3 "
" where user_id = ?1 and pgp_keypair_fpr = upper(replace(?2,' ',''));";
5 years ago
static const char *sql_update_trust_to_pEp =
"update trust set comm_type = comm_type + 71 "
" where (user_id = ?1 "
" and (case when (comm_type = 56) then (1) "
" when (comm_type = 184) then (1) "
" else 0"
" end) = 1); ";
static const char* sql_exists_trust_entry =
"select count(*) from trust "
" where user_id = ?1 and pgp_keypair_fpr = upper(replace(?2,' ',''));";
static const char *sql_update_trust_for_fpr =
"update trust "
"set comm_type = ?1 "
"where pgp_keypair_fpr = upper(replace(?2,' ','')) ;";
static const char *sql_get_trust =
"select comm_type from trust where user_id = ?1 "
"and pgp_keypair_fpr = upper(replace(?2,' ','')) ;";
static const char *sql_get_trust_by_userid =
"select pgp_keypair_fpr, comm_type from trust where user_id = ?1 ";
static const char *sql_least_trust =
"select min(comm_type) from trust where"
" pgp_keypair_fpr = upper(replace(?1,' ',''))"
" and comm_type != 0;"; // ignores PEP_ct_unknown
// returns PEP_ct_unknown only when no known trust is recorded
static const char *sql_mark_as_compromised =
"update trust not indexed set comm_type = 15"
" where pgp_keypair_fpr = upper(replace(?1,' ','')) ;";
static const char *sql_crashdump =
"select timestamp, title, entity, description, comment"
" from log order by timestamp desc limit ?1 ;";
static const char *sql_languagelist =
"select i18n_language.lang, name, phrase"
" from i18n_language join i18n_token using (lang) where i18n_token.id = 1000;" ;
static const char *sql_i18n_token =
"select phrase from i18n_token where lang = lower(?1) and id = ?2 ;";
// blacklist
static const char *sql_blacklist_add =
"insert or ignore into blacklist_keys (fpr) values (upper(replace(?1,' ',''))) ;"
"delete from identity where main_key_id = upper(replace(?1,' ','')) ;"
"delete from pgp_keypair where fpr = upper(replace(?1,' ','')) ;";
static const char *sql_blacklist_delete =
"delete from blacklist_keys where fpr = upper(replace(?1,' ','')) ;";
static const char *sql_blacklist_is_listed =
"select count(*) from blacklist_keys where fpr = upper(replace(?1,' ','')) ;";
static const char *sql_blacklist_retrieve =
"select * from blacklist_keys ;";
// Own keys
// We only care if it's 0 or non-zero
static const char *sql_own_key_is_listed =
"select count(*) from ("
" select pgp_keypair_fpr from trust"
" join identity on trust.user_id = identity.user_id"
" where pgp_keypair_fpr = upper(replace(?1,' ',''))"
" and identity.is_own = 1"
");";
static const char *sql_own_identities_retrieve =
"select address, fpr, identity.user_id, username,"
" lang, identity.flags | pgp_keypair.flags"
" from identity"
" join person on id = identity.user_id"
" join pgp_keypair on fpr = identity.main_key_id"
" join trust on id = trust.user_id"
" and pgp_keypair_fpr = identity.main_key_id"
" where identity.is_own = 1"
" and (identity.flags & ?1) = 0;";
static const char *sql_own_keys_retrieve =
"select pgp_keypair_fpr from trust"
" join identity on trust.user_id = identity.user_id"
" where identity.is_own = 1";
static const char* sql_get_user_default_key =
"select main_key_id from person"
" where id = ?1;";
static const char* sql_get_all_keys_for_user =
"select pgp_keypair_fpr from trust"
" where user_id = ?1; ";
static const char* sql_get_default_own_userid =
"select id from person"
" join identity on id = identity.user_id"
" where identity.is_own = 1";
// Sequence
static const char *sql_sequence_value1 =
5 years ago
"insert or replace into sequences (name, value) "
"values (?1, "
" (select coalesce((select value + 1 from sequences "
5 years ago
" where name = ?1), 1 ))); ";
static const char *sql_sequence_value2 =
"select value from sequences where name = ?1 ;";
// Revocation tracking
static const char *sql_set_revoked =
"insert or replace into revoked_keys ("
" revoked_fpr, replacement_fpr, revocation_date) "
"values (upper(replace(?1,' ','')),"
" upper(replace(?2,' ','')),"
" ?3) ;";
static const char *sql_get_revoked =
"select revoked_fpr, revocation_date from revoked_keys"
" where replacement_fpr = upper(replace(?1,' ','')) ;";
static const char *sql_get_replacement_fpr =
"select replacement_fpr, revocation_date from revoked_keys"
" where revoked_fpr = upper(replace(?1,' ','')) ;";
static const char *sql_get_userid_alias_default =
"select default_id from alternate_user_id "
" where alternate_id = ?1 ; ";
// Revocation tracking
static const char *sql_add_mistrusted_key =
"insert or replace into mistrusted_keys (fpr) "
" values (upper(replace(?1,' ',''))) ;";
static const char *sql_delete_mistrusted_key =
"delete from mistrusted_keys where fpr = upper(replace(?1,' ','')) ;";
static const char *sql_is_mistrusted_key =
"select count(*) from mistrusted_keys where fpr = upper(replace(?1,' ','')) ;";
static const char *sql_add_userid_alias =
"insert or replace into alternate_user_id (alternate_id, default_id) "
"values (?2, ?1) ;";
static const char *sql_add_into_social_graph =
"insert or replace into social_graph(own_userid, own_address, contact_userid) "
"values (?1, ?2, ?3) ;";
static const char *sql_get_own_address_binding_from_contact =
"select own_address from social_graph where own_userid = ?1 and contact_userid = ?2 ;";
static const char *sql_set_revoke_contact_as_notified =
"insert or replace into revocation_contact_list(fpr, contact_id) values (?1, ?2) ;";
static const char *sql_get_contacted_ids_from_revoke_fpr =
"select * from revocation_contact_list where fpr = ?1 ;";
static const char *sql_was_id_for_revoke_contacted =
"select count(*) from revocation_contact_list where fpr = ?1 and contact_id = ?2 ;";
// We only need user_id and address, since in the main usage, we'll call update_identity
// on this anyway when sending out messages.
static const char *sql_get_last_contacted =
"select user_id, address from identity where datetime('now') < datetime(timestamp, '+14 days') ; ";
static int user_version(void *_version, int count, char **text, char **name)
{
assert(_version);
assert(count == 1);
assert(text && text[0]);
if (!(_version && count == 1 && text && text[0]))
return -1;
int *version = (int *) _version;
*version = atoi(text[0]);
return 0;
}
// TODO: refactor and generalise these two functions if possible.
static int db_contains_table(PEP_SESSION session, const char* table_name) {
if (!session || !table_name)
return -1;
// Table names can't be SQL parameters, so we do it this way.
// these two must be the same number.
char sql_buf[500];
const size_t max_q_len = 500;
size_t t_size, q_size;
const char* q1 = "SELECT name FROM sqlite_master WHERE type='table' AND name='{"; // 61
const char* q2 = "'};"; // 3
q_size = 64;
t_size = strlen(table_name);
size_t query_len = q_size + t_size + 1;
if (query_len > max_q_len)
return -1;
strlcpy(sql_buf, q1, max_q_len);
strlcat(sql_buf, table_name, max_q_len);
strlcat(sql_buf, q2, max_q_len);
sqlite3_stmt *stmt;
sqlite3_prepare_v2(session->db, sql_buf, -1, &stmt, NULL);
int retval = 0;
int rc = sqlite3_step(stmt);
if (rc == SQLITE_DONE || rc == SQLITE_OK || rc == SQLITE_ROW) {
retval = 1;
}
sqlite3_finalize(stmt);
return retval;
}
static int table_contains_column(PEP_SESSION session, const char* table_name,
const char* col_name) {
if (!session || !table_name || !col_name)
return -1;
// Table names can't be SQL parameters, so we do it this way.
// these two must be the same number.
char sql_buf[500];
const size_t max_q_len = 500;
size_t t_size, c_size, q_size;
const char* q1 = "SELECT "; // 7
const char* q2 = " from "; // 6
const char* q3 = ";"; // 1
q_size = 14;
t_size = strlen(table_name);
c_size = strlen(col_name);
size_t query_len = q_size + c_size + t_size + 1;
if (query_len > max_q_len)
return -1;
strlcpy(sql_buf, q1, max_q_len);
strlcat(sql_buf, col_name, max_q_len);
strlcat(sql_buf, q2, max_q_len);
strlcat(sql_buf, table_name, max_q_len);
strlcat(sql_buf, q3, max_q_len);
sqlite3_stmt *stmt;
sqlite3_prepare_v2(session->db, sql_buf, -1, &stmt, NULL);
int retval = 0;
int rc = sqlite3_step(stmt);
if (rc == SQLITE_DONE || rc == SQLITE_OK || rc == SQLITE_ROW) {
retval = 1;
}
sqlite3_finalize(stmt);
return retval;
}
void errorLogCallback(void *pArg, int iErrCode, const char *zMsg){
fprintf(stderr, "(%d) %s\n", iErrCode, zMsg);
}
#ifdef USE_GPG
PEP_STATUS pgp_import_ultimately_trusted_keypairs(PEP_SESSION session);
#endif // USE_GPG
5 years ago
DYNAMIC_API PEP_STATUS init(
PEP_SESSION *session,
messageToSend_t messageToSend,
inject_sync_event_t inject_sync_event
5 years ago
)
9 years ago
{
PEP_STATUS status = PEP_STATUS_OK;
int int_result;
bool in_first = false;
bool very_first = false;
assert(sqlite3_threadsafe());
if (!sqlite3_threadsafe())
return PEP_INIT_SQLITE3_WITHOUT_MUTEX;
// a little race condition - but still a race condition
8 years ago
// mitigated by calling caveat (see documentation)
5 years ago
// this increment is made atomic IN THE ADAPTERS by
// guarding the call to init with the appropriate mutex.
int _count = ++init_count;
if (_count == 0)
in_first = true;
// Race condition mitigated by calling caveat starts here :
// If another call to init() preempts right now, then preemptive call
// will have in_first false, will not create SQL tables, and following
5 years ago
// calls relying on those tables will fail.
//
// Therefore, as above, adapters MUST guard init() with a mutex.
//
// Therefore, first session
// is to be created and last session to be deleted alone, and not
// concurently to other sessions creation or deletion.
// We expect adapters to enforce this either by implicitely creating a
// client session, or by using synchronization primitive to protect
// creation/deletion of first/last session from the app.
9 years ago
assert(session);
8 years ago
if (session == NULL)
return PEP_ILLEGAL_VALUE;
*session = NULL;
9 years ago
8 years ago
pEpSession *_session = calloc(1, sizeof(pEpSession));
assert(_session);
if (_session == NULL)
goto enomem;
_session->version = PEP_ENGINE_VERSION;
5 years ago
_session->messageToSend = messageToSend;
_session->inject_sync_event = inject_sync_event;
9 years ago
#ifdef DEBUG_ERRORSTACK
_session->errorstack = new_stringlist("init()");
#endif
9 years ago
assert(LOCAL_DB);
if (LOCAL_DB == NULL) {
status = PEP_INIT_CANNOT_OPEN_DB;
5 years ago
goto pEp_error;
9 years ago
}
#if _PEP_SQLITE_DEBUG
sqlite3_config(SQLITE_CONFIG_LOG, errorLogCallback, NULL);
#endif
9 years ago
int_result = sqlite3_open_v2(
LOCAL_DB,
&_session->db,
SQLITE_OPEN_READWRITE
| SQLITE_OPEN_CREATE
| SQLITE_OPEN_FULLMUTEX
| SQLITE_OPEN_PRIVATECACHE,
NULL
);
if (int_result != SQLITE_OK) {
status = PEP_INIT_CANNOT_OPEN_DB;
5 years ago
goto pEp_error;
}
9 years ago
int_result = sqlite3_exec(
_session->db,
"PRAGMA locking_mode=NORMAL;\n"
"PRAGMA journal_mode=WAL;\n",
NULL,
NULL,
NULL
);
sqlite3_busy_timeout(_session->db, BUSY_WAIT_TIME);
9 years ago
#if _PEP_SQLITE_DEBUG
sqlite3_trace_v2(_session->db,
SQLITE_TRACE_STMT | SQLITE_TRACE_ROW | SQLITE_TRACE_CLOSE,
sql_trace_callback,
NULL);
#endif
9 years ago
assert(SYSTEM_DB);
if (SYSTEM_DB == NULL) {
status = PEP_INIT_CANNOT_OPEN_SYSTEM_DB;
5 years ago
goto pEp_error;
9 years ago
}
int_result = sqlite3_open_v2(
SYSTEM_DB, &_session->system_db,
SQLITE_OPEN_READONLY
| SQLITE_OPEN_FULLMUTEX
| SQLITE_OPEN_SHAREDCACHE,
NULL
);
9 years ago
if (int_result != SQLITE_OK) {
status = PEP_INIT_CANNOT_OPEN_SYSTEM_DB;
5 years ago
goto pEp_error;
}
9 years ago
sqlite3_busy_timeout(_session->system_db, 1000);
9 years ago
// increment this when patching DDL
#define _DDL_USER_VERSION "9"
if (in_first) {
7 years ago
int_result = sqlite3_exec(
_session->db,
7 years ago
"create table if not exists version_info (\n"
" id integer primary key,\n"
7 years ago
" timestamp integer default (datetime('now')),\n"