Browse Source

Added blacklist

doc_update_sequoia
fdik 6 years ago
parent
commit
61df159a25
5 changed files with 340 additions and 32 deletions
  1. +175
    -0
      src/blacklist.c
  2. +58
    -0
      src/blacklist.h
  3. +39
    -30
      src/pEpEngine.c
  4. +6
    -2
      src/pEp_internal.h
  5. +62
    -0
      test/blacklist_test.cc

+ 175
- 0
src/blacklist.c View File

@ -0,0 +1,175 @@
#include "blacklist.h"
#include "pEp_internal.h"
DYNAMIC_API PEP_STATUS blacklist_add(PEP_SESSION session, const char *fpr)
{
PEP_STATUS status = PEP_STATUS_OK;
assert(session && fpr && fpr[0]);
if (!(session && fpr && fpr[0]))
return PEP_ILLEGAL_VALUE;
sqlite3_reset(session->blacklist_add);
sqlite3_bind_text(session->blacklist_add, 1, fpr, -1, SQLITE_STATIC);
int result;
result = sqlite3_step(session->blacklist_add);
switch (result) {
case SQLITE_DONE:
status = PEP_STATUS_OK;
break;
default:
status = PEP_UNKNOWN_ERROR;
}
sqlite3_reset(session->blacklist_add);
goto the_end;
enomem:
status = PEP_OUT_OF_MEMORY;
the_end:
return status;
}
DYNAMIC_API PEP_STATUS blacklist_delete(PEP_SESSION session, const char *fpr)
{
PEP_STATUS status = PEP_STATUS_OK;
assert(session && fpr && fpr[0]);
if (!(session && fpr && fpr[0]))
return PEP_ILLEGAL_VALUE;
sqlite3_reset(session->blacklist_delete);
sqlite3_bind_text(session->blacklist_delete, 1, fpr, -1, SQLITE_STATIC);
int result;
result = sqlite3_step(session->blacklist_delete);
switch (result) {
case SQLITE_DONE:
status = PEP_STATUS_OK;
break;
default:
status = PEP_UNKNOWN_ERROR;
}
sqlite3_reset(session->blacklist_delete);
goto the_end;
enomem:
status = PEP_OUT_OF_MEMORY;
the_end:
return status;
}
DYNAMIC_API PEP_STATUS blacklist_is_listed(
PEP_SESSION session,
const char *fpr,
bool *listed
)
{
PEP_STATUS status = PEP_STATUS_OK;
int count;
assert(session && fpr && fpr[0] && listed);
if (!(session && fpr && fpr[0] && listed))
return PEP_ILLEGAL_VALUE;
*listed = false;
sqlite3_reset(session->blacklist_is_listed);
sqlite3_bind_text(session->blacklist_is_listed, 1, fpr, -1, SQLITE_STATIC);
int result;
result = sqlite3_step(session->blacklist_is_listed);
switch (result) {
case SQLITE_ROW:
count = sqlite3_column_int(session->blacklist_is_listed, 0);
*listed = count > 0;
status = PEP_STATUS_OK;
break;
default:
status = PEP_UNKNOWN_ERROR;
}
sqlite3_reset(session->blacklist_is_listed);
goto the_end;
enomem:
status = PEP_OUT_OF_MEMORY;
the_end:
return status;
}
DYNAMIC_API PEP_STATUS blacklist_retrieve(
PEP_SESSION session,
stringlist_t **blacklist
)
{
PEP_STATUS status = PEP_STATUS_OK;
assert(session);
assert(blacklist);
if (!(session && blacklist))
return PEP_ILLEGAL_VALUE;
*blacklist = NULL;
stringlist_t *_blacklist = new_stringlist(NULL);
if (_blacklist == NULL)
goto enomem;
sqlite3_reset(session->blacklist_retrieve);
int result;
const char *fpr = NULL;
stringlist_t *_bl = _blacklist;
do {
result = sqlite3_step(session->blacklist_retrieve);
switch (result) {
case SQLITE_ROW:
fpr = (const char *) sqlite3_column_text(session->blacklist_retrieve, 0);
_bl = stringlist_add(_bl, fpr);
if (_bl == NULL)
goto enomem;
break;
case SQLITE_DONE:
break;
default:
status = PEP_UNKNOWN_ERROR;
result = SQLITE_DONE;
}
} while (result != SQLITE_DONE);
sqlite3_reset(session->blacklist_retrieve);
if (status == PEP_STATUS_OK)
*blacklist = _blacklist;
else
free_stringlist(_blacklist);
goto the_end;
enomem:
free_stringlist(_blacklist);
status = PEP_OUT_OF_MEMORY;
the_end:
return status;
}

+ 58
- 0
src/blacklist.h View File

@ -0,0 +1,58 @@
#pragma once
#include "pEpEngine.h"
#ifdef __cplusplus
extern "C" {
#endif
// blacklist_add() - add to blacklist
//
// parameters:
// session (in) session to use
// fpr (in) fingerprint of key to blacklist
DYNAMIC_API PEP_STATUS blacklist_add(PEP_SESSION session, const char *fpr);
// blacklist_delete() - delete from blacklist
//
// parameters:
// session (in) session to use
// fpr (in) fingerprint of key to blacklist
DYNAMIC_API PEP_STATUS blacklist_delete(PEP_SESSION session, const char *fpr);
// blacklist_is_listed() - is_listed from blacklist
//
// parameters:
// session (in) session to use
// fpr (in) fingerprint of key to blacklist
DYNAMIC_API PEP_STATUS blacklist_is_listed(
PEP_SESSION session,
const char *fpr,
bool *listed
);
// blacklist_retrieve() - retrieve full blacklist of key fingerprints
//
// parameters:
// session (in) session to use
// blacklist (out) copy of blacklist
//
// caveat:
// the ownership of the copy of blacklist goes to the caller
DYNAMIC_API PEP_STATUS blacklist_retrieve(
PEP_SESSION session,
stringlist_t **blacklist
);
#ifdef __cplusplus
}
#endif

+ 39
- 30
src/pEpEngine.c View File

@ -20,10 +20,14 @@ DYNAMIC_API PEP_STATUS init(PEP_SESSION *session)
static const char *sql_least_trust;
static const char *sql_mark_as_compromized;
static const char *sql_crashdump;
static const char *sql_blacklist_keys;
static const char *sql_languagelist;
static const char *sql_i18n_token;
static const char *sql_peptest_hack;
// blacklist
static const char *sql_blacklist_add;
static const char *sql_blacklist_delete;
static const char *sql_blacklist_is_listed;
static const char *sql_blacklist_retrieve;
bool in_first = false;
@ -158,6 +162,7 @@ DYNAMIC_API PEP_STATUS init(PEP_SESSION *session)
" user_id,\n"
" pgp_keypair_fpr\n"
");\n"
// blacklist
"create table if not exists blacklist_keys (\n"
" fpr text primary key\n"
");\n"
@ -170,7 +175,7 @@ DYNAMIC_API PEP_STATUS init(PEP_SESSION *session)
int_result = sqlite3_exec(
_session->db,
"insert or replace into version_info (id, version) values (1, '1.0');",
"insert or replace into version_info (id, version) values (1, '1.1');",
NULL,
NULL,
NULL
@ -218,7 +223,12 @@ DYNAMIC_API PEP_STATUS init(PEP_SESSION *session)
sql_i18n_token = "select phrase from i18n_token where lang = lower(?1) and id = ?2 ;";
sql_peptest_hack = "delete from identity where address like '%@peptest.ch' ;";
// blacklist
sql_blacklist_add = "insert or replace into blacklist_keys (fpr) values (?1) ;";
sql_blacklist_delete = "delete from blacklist_keys where fpr = ?1 ;";
sql_blacklist_is_listed = "select count(*) from blacklist_keys where fpr = ?1 ;";
sql_blacklist_retrieve = "select * from blacklist_keys ;";
}
int_result = sqlite3_prepare_v2(_session->db, sql_log, (int)strlen(sql_log),
@ -273,8 +283,22 @@ DYNAMIC_API PEP_STATUS init(PEP_SESSION *session)
(int)strlen(sql_i18n_token), &_session->i18n_token, NULL);
assert(int_result == SQLITE_OK);
int_result = sqlite3_prepare_v2(_session->db, sql_peptest_hack,
(int)strlen(sql_peptest_hack), &_session->peptest_hack, NULL);
// blacklist
int_result = sqlite3_prepare_v2(_session->db, sql_blacklist_add,
(int)strlen(sql_blacklist_add), &_session->blacklist_add, NULL);
assert(int_result == SQLITE_OK);
int_result = sqlite3_prepare_v2(_session->db, sql_blacklist_delete,
(int)strlen(sql_blacklist_delete), &_session->blacklist_delete, NULL);
assert(int_result == SQLITE_OK);
int_result = sqlite3_prepare_v2(_session->db, sql_blacklist_is_listed,
(int)strlen(sql_blacklist_is_listed), &_session->blacklist_is_listed, NULL);
assert(int_result == SQLITE_OK);
int_result = sqlite3_prepare_v2(_session->db, sql_blacklist_retrieve,
(int)strlen(sql_blacklist_retrieve), &_session->blacklist_retrieve, NULL);
assert(int_result == SQLITE_OK);
status = init_cryptotech(_session, in_first);
@ -1311,35 +1335,20 @@ the_end:
DYNAMIC_API PEP_STATUS reset_peptest_hack(PEP_SESSION session)
{
PEP_STATUS status = PEP_STATUS_OK;
assert(session);
if (!session)
return PEP_ILLEGAL_VALUE;
sqlite3_reset(session->peptest_hack);
int result;
result = sqlite3_step(session->peptest_hack);
switch (result) {
case SQLITE_ROW:
case SQLITE_DONE:
status = PEP_STATUS_OK;
break;
default:
status = PEP_UNKNOWN_ERROR;
}
sqlite3_reset(session->peptest_hack);
goto the_end;
enomem:
status = PEP_OUT_OF_MEMORY;
int int_result = sqlite3_exec(
session->db,
"delete from identity where address like '%@peptest.ch' ;",
NULL,
NULL,
NULL
);
assert(int_result == SQLITE_OK);
the_end:
return status;
return PEP_STATUS_OK;
}

+ 6
- 2
src/pEp_internal.h View File

@ -97,10 +97,14 @@ typedef struct _pEpSession {
sqlite3_stmt *mark_compromized;
sqlite3_stmt *reset_trust;
sqlite3_stmt *crashdump;
sqlite3_stmt *blacklist_keys;
sqlite3_stmt *languagelist;
sqlite3_stmt *i18n_token;
sqlite3_stmt *peptest_hack;
// blacklist
sqlite3_stmt *blacklist_add;
sqlite3_stmt *blacklist_delete;
sqlite3_stmt *blacklist_is_listed;
sqlite3_stmt *blacklist_retrieve;
examine_identity_t examine_identity;
void *examine_management;


+ 62
- 0
test/blacklist_test.cc View File

@ -0,0 +1,62 @@
#include <iostream>
#include <string>
#include <assert.h>
#include "blacklist.h"
using namespace std;
int main() {
cout << "\n*** blacklist_test ***\n\n";
PEP_SESSION session;
cout << "calling init()\n";
PEP_STATUS status1 = init(&session);
assert(status1 == PEP_STATUS_OK);
assert(session);
cout << "init() completed.\n";
// blacklist test code
cout << "adding 23 to blacklist\n";
PEP_STATUS status2 = blacklist_add(session, "23");
assert(status2 == PEP_STATUS_OK);
cout << "added.\n";
bool listed;
PEP_STATUS status3 = blacklist_is_listed(session, "23", &listed);
assert(status3 == PEP_STATUS_OK);
assert(listed);
cout << "23 is listed.\n";
stringlist_t *blacklist;
PEP_STATUS status6 = blacklist_retrieve(session, &blacklist);
assert(status6 == PEP_STATUS_OK);
assert(blacklist);
bool in23 = false;
cout << "the blacklist contains now: ";
for (stringlist_t *bl = blacklist; bl && bl->value; bl = bl->next) {
cout << bl->value << ", ";
if (strcmp(bl->value, "23") == 0)
in23 = true;
}
cout << "END\n";
assert(in23);
free_stringlist(blacklist);
cout << "deleting 23 from blacklist\n";
PEP_STATUS status4 = blacklist_delete(session, "23");
assert(status4 == PEP_STATUS_OK);
cout << "deleted.\n";
PEP_STATUS status5 = blacklist_is_listed(session, "23", &listed);
assert(status5 == PEP_STATUS_OK);
assert(!listed);
cout << "23 is not listed any more.\n";
cout << "calling release()\n";
release(session);
return 0;
}

Loading…
Cancel
Save