Merged in all sync changes

3 years ago · 8a0e32573c
parent 8d18946e29 2a05458ab8
commit 8a0e32573c
13 changed files with 276 additions and 28 deletions
--- a/.hgignore
+++ b/.hgignore
@ -89,7 +89,7 @@ test/EngineTests
 test/googletest
 test/tmp/*

-# generated test data
+# ignore generated test data

 test/655_16F07F382FB3CF5DF977005D1069C7CACF9C23C6.asc
 test/655_5FBDE3C9E10552B1DD6D9763E89759391DE04053.asc
@ -100,3 +100,4 @@ test/703_key_valid.asc
 test/test_keys/736_a.asc
 test/test_keys/736_b.asc
 test/test_mails/ENGINE-654_bob_mail.eml
+
--- a/src/keymanagement.c
+++ b/src/keymanagement.c
@ -2030,3 +2030,98 @@ PEP_STATUS is_mistrusted_key(PEP_SESSION session, const char* fpr,
    sqlite3_reset(session->is_mistrusted_key);
    return status;
 }
+
+static PEP_STATUS _wipe_default_key_if_invalid(PEP_SESSION session,
+                                         pEp_identity* ident) {
+    
+    PEP_STATUS status = PEP_STATUS_OK;
+    
+    if (!ident->user_id)
+        return PEP_ILLEGAL_VALUE;
+        
+    if (!ident->fpr)
+        return status;
+    
+    char* cached_fpr = strdup(ident->fpr);
+    if (!ident->fpr)
+        return PEP_OUT_OF_MEMORY;
+        
+    PEP_STATUS keystatus = validate_fpr(session, ident, true, false);
+    switch (keystatus) {
+        case PEP_STATUS_OK:
+            // Check for non-renewable expiry and 
+            // if so, fallthrough
+            if (ident->comm_type != PEP_ct_key_expired_but_confirmed &&
+                    ident->comm_type != PEP_ct_key_expired) {
+                break;
+            }        
+        case PEP_KEY_UNSUITABLE:
+        case PEP_KEY_BLACKLISTED:
+            // Remove key as default for all identities and users 
+            status = remove_fpr_as_default(session, cached_fpr);
+            break;   
+        default:
+            break;
+    }     
+    free(cached_fpr);
+    
+    if (status == PEP_STATUS_OK)
+        status = myself(session, ident);
+            
+    return status;                                        
+}
+
+PEP_STATUS clean_own_key_defaults(PEP_SESSION session) {
+    identity_list* idents = NULL;
+    PEP_STATUS status = own_identities_retrieve(session, &idents);
+    if (status != PEP_STATUS_OK)
+        return status;
+        
+    if (!idents)
+        return PEP_STATUS_OK;
+
+    if (!idents->ident && !idents->next) {
+        free_identity_list(idents);
+        return PEP_STATUS_OK;
+    } // Kludge: FIX own_identities_retrieve. Should return NULL, not empty list    
+        
+    identity_list* curr = idents;
+    
+    for ( ; curr ; curr = curr->next) {
+        pEp_identity* ident = curr->ident;
+        if (!ident)
+            continue;
+        
+        _wipe_default_key_if_invalid(session, ident);    
+    }   
+    
+    free_identity_list(idents);
+    
+    // Also remove invalid default user key
+    char* own_id = NULL;
+
+    status = get_default_own_userid(session, &own_id);
+
+    if (status != PEP_STATUS_OK)
+        return status;
+
+    if (own_id) {
+        char* user_default_key = NULL;
+        status = get_user_default_key(session, own_id, &user_default_key);
+        if (status != PEP_STATUS_OK) {
+            free(own_id);
+            if (status == PEP_KEY_NOT_FOUND)
+                status = PEP_STATUS_OK;
+            else
+                return status;
+        }
+        else if (user_default_key) {
+            pEp_identity* empty_user = new_identity(NULL, user_default_key, NULL, own_id);
+            _wipe_default_key_if_invalid(session, empty_user);       
+            free(user_default_key);
+        }
+        free(own_id);    
+    }
+    return status;
+}
+
--- a/src/keymanagement.h
+++ b/src/keymanagement.h
@ -408,6 +408,8 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session,
                            bool* is_address_default,
                            bool check_blacklist);

+PEP_STATUS clean_own_key_defaults(PEP_SESSION session);
+
 #ifdef __cplusplus
 }
 #endif
--- a/src/pEpEngine.c
+++ b/src/pEpEngine.c
@ -85,8 +85,8 @@ static const char *sql_get_identity =
    "   is_own, pEp_version_major, pEp_version_minor"
    "   from identity"
    "   join person on id = identity.user_id"
-    "   join pgp_keypair on fpr = identity.main_key_id"
-    "   join trust on id = trust.user_id"
+    "   left join pgp_keypair on fpr = identity.main_key_id"
+    "   left join trust on id = trust.user_id"
    "       and pgp_keypair_fpr = identity.main_key_id"    
    "   where (case when (address = ?1) then (1)"
    "               when (lower(address) = lower(?1)) then (1)"
@ -103,8 +103,8 @@ static const char *sql_get_identities_by_main_key_id =
    "   is_own, pEp_version_major, pEp_version_minor"
    "   from identity"
    "   join person on id = identity.user_id"
-    "   join pgp_keypair on fpr = identity.main_key_id"
-    "   join trust on id = trust.user_id"
+    "   left join pgp_keypair on fpr = identity.main_key_id"
+    "   left join trust on id = trust.user_id"
    "       and pgp_keypair_fpr = identity.main_key_id"    
    "   where identity.main_key_id = ?1" 
    "   order by is_own desc, "
@ -143,8 +143,8 @@ static const char *sql_get_identities_by_userid =
    "   is_own, pEp_version_major, pEp_version_minor"
    "   from identity"
    "   join person on id = identity.user_id"
-    "   join pgp_keypair on fpr = identity.main_key_id"
-    "   join trust on id = trust.user_id"
+    "   left join pgp_keypair on fpr = identity.main_key_id"
+    "   left join trust on id = trust.user_id"
    "       and pgp_keypair_fpr = identity.main_key_id"    
    "   where identity.user_id = ?1" 
    "   order by is_own desc, "
@ -155,10 +155,12 @@ static const char *sql_replace_identities_fpr =
    "   set main_key_id = ?1 "
    "   where main_key_id = ?2 ;";
    
-static const char *sql_remove_fpr_as_default =
-    "update person set main_key_id = NULL where main_key_id = ?1 ;"
+static const char *sql_remove_fpr_as_identity_default =
    "update identity set main_key_id = NULL where main_key_id = ?1 ;";

+static const char *sql_remove_fpr_as_user_default =
+    "update person set main_key_id = NULL where main_key_id = ?1 ;";
+    
 // Set person, but if already exist, only update.
 // if main_key_id already set, don't touch.
 static const char *sql_set_person = 
@ -431,8 +433,8 @@ static const char *sql_own_identities_retrieve =
    "   lang, identity.flags | pgp_keypair.flags, pEp_version_major, pEp_version_minor"
    "   from identity"
    "   join person on id = identity.user_id"
-    "   join pgp_keypair on fpr = identity.main_key_id"
-    "   join trust on id = trust.user_id"
+    "   left join pgp_keypair on fpr = identity.main_key_id"
+    "   left join trust on id = trust.user_id"
    "       and pgp_keypair_fpr = identity.main_key_id"
    "   where identity.is_own = 1"
    "       and (identity.flags & ?1) = 0;";
@ -454,7 +456,7 @@ static const char* sql_get_default_own_userid =
    "select id from person"
    "   join identity on id = identity.user_id"
    "   where identity.is_own = 1";
-
+    
 // Sequence
 static const char *sql_sequence_value1 = 
    "insert or replace into sequences (name, value) "
@ -1797,9 +1799,14 @@ DYNAMIC_API PEP_STATUS init(
            &_session->replace_identities_fpr, NULL);
    assert(int_result == SQLITE_OK);
    
-    int_result = sqlite3_prepare_v2(_session->db, sql_remove_fpr_as_default,
-            (int)strlen(sql_remove_fpr_as_default), 
-            &_session->remove_fpr_as_default, NULL);
+    int_result = sqlite3_prepare_v2(_session->db, sql_remove_fpr_as_identity_default,
+            (int)strlen(sql_remove_fpr_as_identity_default), 
+            &_session->remove_fpr_as_identity_default, NULL);
+    assert(int_result == SQLITE_OK);
+
+    int_result = sqlite3_prepare_v2(_session->db, sql_remove_fpr_as_user_default,
+            (int)strlen(sql_remove_fpr_as_user_default), 
+            &_session->remove_fpr_as_user_default, NULL);
    assert(int_result == SQLITE_OK);

    int_result = sqlite3_prepare_v2(_session->db, sql_set_person,
@ -2061,6 +2068,11 @@ DYNAMIC_API PEP_STATUS init(
        goto pEp_error;

    // runtime config
+    
+    // clean up invalid keys 
+    status = clean_own_key_defaults(_session);
+    if (status != PEP_STATUS_OK)
+        goto pEp_error;

    *session = _session;
    
@ -2126,8 +2138,10 @@ DYNAMIC_API void release(PEP_SESSION session)
                sqlite3_finalize(session->add_userid_alias);
            if (session->replace_identities_fpr)
                sqlite3_finalize(session->replace_identities_fpr);        
-            if (session->remove_fpr_as_default)
-                sqlite3_finalize(session->remove_fpr_as_default);            
+            if (session->remove_fpr_as_identity_default)
+                sqlite3_finalize(session->remove_fpr_as_identity_default);            
+            if (session->remove_fpr_as_user_default)
+                sqlite3_finalize(session->remove_fpr_as_user_default);            
            if (session->set_person)
                sqlite3_finalize(session->set_person);
            if (session->delete_person)
@ -3795,16 +3809,26 @@ PEP_STATUS remove_fpr_as_default(PEP_SESSION session,
    if (!session || !fpr)
        return PEP_ILLEGAL_VALUE;
            
-    sqlite3_reset(session->remove_fpr_as_default);
-    sqlite3_bind_text(session->remove_fpr_as_default, 1, fpr, -1,
+    sqlite3_reset(session->remove_fpr_as_identity_default);
+    sqlite3_bind_text(session->remove_fpr_as_identity_default, 1, fpr, -1,
                      SQLITE_STATIC);

-    int result = sqlite3_step(session->remove_fpr_as_default);
-    sqlite3_reset(session->remove_fpr_as_default);
+    int result = sqlite3_step(session->remove_fpr_as_identity_default);
+    sqlite3_reset(session->remove_fpr_as_identity_default);
    
    if (result != SQLITE_DONE)
-        return PEP_CANNOT_SET_IDENTITY; // misleading - could also be person
+        return PEP_CANNOT_SET_IDENTITY; 
+
+    sqlite3_reset(session->remove_fpr_as_user_default);
+    sqlite3_bind_text(session->remove_fpr_as_user_default, 1, fpr, -1,
+                      SQLITE_STATIC);

+    result = sqlite3_step(session->remove_fpr_as_user_default);
+    sqlite3_reset(session->remove_fpr_as_user_default);
+    
+    if (result != SQLITE_DONE)
+        return PEP_CANNOT_SET_PERSON; 
+        
    return PEP_STATUS_OK;
 }

--- a/src/pEp_internal.h
+++ b/src/pEp_internal.h
@ -160,7 +160,8 @@ struct _pEpSession {
    sqlite3_stmt *get_main_user_fpr;
    sqlite3_stmt *refresh_userid_default_key;
    sqlite3_stmt *delete_key;
-    sqlite3_stmt *remove_fpr_as_default;
+    sqlite3_stmt *remove_fpr_as_identity_default;
+    sqlite3_stmt *remove_fpr_as_user_default;
    sqlite3_stmt *set_person;
    sqlite3_stmt *update_person;
    sqlite3_stmt *delete_person;
--- a/sync/cond_act_sync.yml2
+++ b/sync/cond_act_sync.yml2
@ -503,15 +503,15 @@ action receivedKeysAreDefaultKeys

    for (identity_list *_il = il; _il && _il->ident ; _il = _il->next) {
        status = set_own_key(session, _il->ident, _il->ident->fpr);
-        if (status) {
-            free_identity_list(il);
-            free(user_id);
-            return status;
-        }
+        if (status != PEP_STATUS_OK && status != PEP_KEY_UNSUITABLE)
+            break;
    }

    free_identity_list(il);
    free(user_id);
+
+    if (status == PEP_KEY_UNSUITABLE)
+        status = PEP_STATUS_OK;
 ||

 action useThisKey
--- a/test/src/CleanInvalidOwnKeysTest.cc
+++ b/test/src/CleanInvalidOwnKeysTest.cc
@ -0,0 +1,125 @@
+#include <stdlib.h>
+#include <string>
+#include <cstring>
+
+#include "pEpEngine.h"
+#include "test_util.h"
+#include "TestConstants.h"
+#include "Engine.h"
+
+#include <gtest/gtest.h>
+
+
+namespace {
+
+	//The fixture for CleanInvalidOwnKeysTest
+    class CleanInvalidOwnKeysTest : public ::testing::Test {
+        public:
+            Engine* engine;
+            PEP_SESSION session;
+
+        protected:
+            // You can remove any or all of the following functions if its body
+            // is empty.
+            CleanInvalidOwnKeysTest() {
+                // You can do set-up work for each test here.
+                test_suite_name = ::testing::UnitTest::GetInstance()->current_test_info()->GTEST_SUITE_SYM();
+                test_name = ::testing::UnitTest::GetInstance()->current_test_info()->name();
+                test_path = get_main_test_home_dir() + "/" + test_suite_name + "/" + test_name;
+            }
+
+            ~CleanInvalidOwnKeysTest() override {
+                // You can do clean-up work that doesn't throw exceptions here.
+            }
+
+            // If the constructor and destructor are not enough for setting up
+            // and cleaning up each test, you can define the following methods:
+
+            void SetUp() override {
+                // Code here will be called immediately after the constructor (right
+                // before each test).
+
+                // Leave this empty if there are no files to copy to the home directory path
+                std::vector<std::pair<std::string, std::string>> init_files = std::vector<std::pair<std::string, std::string>>();
+                string keyfile = string("test_files/ENGINE-750_") + test_name + "_keys.db";
+                string mgmtfile = string("test_files/ENGINE-750_") + test_name + "_mgmt.db";
+                init_files.push_back(std::pair<std::string, std::string>(keyfile, std::string("keys.db")));                
+                init_files.push_back(std::pair<std::string, std::string>(mgmtfile, std::string("management.db")));
+                
+                // Get a new test Engine.
+                engine = new Engine(test_path);
+                ASSERT_NE(engine, nullptr);
+
+                // Ok, let's initialize test directories etc.
+                engine->prep(NULL, NULL, init_files);
+
+                // Ok, try to start this bugger.
+                engine->start();
+                ASSERT_NE(engine->session, nullptr);
+                session = engine->session;
+
+                // Engine is up. Keep on truckin'
+            }
+
+            void TearDown() override {
+                // Code here will be called immediately after each test (right
+                // before the destructor).
+                engine->shut_down();
+                delete engine;
+                engine = NULL;
+                session = NULL;
+            }
+
+        private:
+            const char* test_suite_name;
+            const char* test_name;
+            string test_path;
+            // Objects declared here can be used by all tests in the CleanInvalidOwnKeysTest suite.
+
+    };
+
+}  // namespace
+
+
+TEST_F(CleanInvalidOwnKeysTest, check_clean_invalid_own_keys_no_alts_revoked) {
+    // This is just a dummy test case. The convention is check_whatever_you_are_checking
+    // so for multiple test cases in a suite, be more explicit ;)   
+    pEp_identity* alice = NULL;
+    PEP_STATUS status = get_identity(session, "pep.test.alice@pep-project.org", "ALICE", &alice);
+    ASSERT_EQ(status, PEP_STATUS_OK);
+    ASSERT_EQ(alice->fpr, nullptr);
+    char* fpr = NULL;
+    status = get_user_default_key(session, "ALICE", &fpr);
+    ASSERT_EQ(fpr, nullptr);
+    ASSERT_EQ(status, PEP_STATUS_OK);    
+}
+
+TEST_F(CleanInvalidOwnKeysTest, check_clean_invalid_own_keys_no_alts_mistrusted) {
+    // This is just a dummy test case. The convention is check_whatever_you_are_checking
+    // so for multiple test cases in a suite, be more explicit ;)   
+    pEp_identity* alice = NULL;
+    PEP_STATUS status = get_identity(session, "pep.test.alice@pep-project.org", "ALICE", &alice);
+    ASSERT_EQ(status, PEP_STATUS_OK);
+    ASSERT_EQ(alice->fpr, nullptr);
+    char* fpr = NULL;
+    status = get_user_default_key(session, "ALICE", &fpr);
+    ASSERT_EQ(fpr, nullptr);
+    ASSERT_EQ(status, PEP_STATUS_OK);    
+}
+
+TEST_F(CleanInvalidOwnKeysTest, check_clean_invalid_own_keys_no_alts_expired) {
+    // This is just a dummy test case. The convention is check_whatever_you_are_checking
+    // so for multiple test cases in a suite, be more explicit ;)   
+    pEp_identity* bob = NULL;
+    PEP_STATUS status = get_identity(session, "expired_bob_0@darthmama.org", "BOB", &bob);
+    ASSERT_EQ(status, PEP_STATUS_OK);
+    ASSERT_NE(bob->fpr, nullptr);
+    char* fpr = NULL;
+    status = get_user_default_key(session, "BOB", &fpr);
+    ASSERT_NE(fpr, nullptr);
+    ASSERT_EQ(status, PEP_STATUS_OK);    
+    bool expired = true;
+    status = key_expired(session, bob->fpr, time(NULL), &expired);
+    ASSERT_FALSE(expired);
+    ASSERT_STREQ(bob->fpr, fpr);
+}
--- a/test/test_files/ENGINE-750_check_clean_invalid_own_keys_no_alts_expired_keys.db
+++ b/test/test_files/ENGINE-750_check_clean_invalid_own_keys_no_alts_expired_keys.db
--- a/test/test_files/ENGINE-750_check_clean_invalid_own_keys_no_alts_expired_mgmt.db
+++ b/test/test_files/ENGINE-750_check_clean_invalid_own_keys_no_alts_expired_mgmt.db
--- a/test/test_files/ENGINE-750_check_clean_invalid_own_keys_no_alts_mistrusted_keys.db
+++ b/test/test_files/ENGINE-750_check_clean_invalid_own_keys_no_alts_mistrusted_keys.db
--- a/test/test_files/ENGINE-750_check_clean_invalid_own_keys_no_alts_mistrusted_mgmt.db
+++ b/test/test_files/ENGINE-750_check_clean_invalid_own_keys_no_alts_mistrusted_mgmt.db
--- a/test/test_files/ENGINE-750_check_clean_invalid_own_keys_no_alts_revoked_keys.db
+++ b/test/test_files/ENGINE-750_check_clean_invalid_own_keys_no_alts_revoked_keys.db
--- a/test/test_files/ENGINE-750_check_clean_invalid_own_keys_no_alts_revoked_mgmt.db
+++ b/test/test_files/ENGINE-750_check_clean_invalid_own_keys_no_alts_revoked_mgmt.db