From b7fd1a067bbb245cf88596624b68c4be757a9b00 Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Mon, 20 Jul 2020 13:42:44 +0200 Subject: [PATCH 01/50] ENGINE-775: validate_fpr --- src/keymanagement.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/keymanagement.c b/src/keymanagement.c index f5c629d5..5d2b1d00 100644 --- a/src/keymanagement.c +++ b/src/keymanagement.c @@ -106,6 +106,7 @@ PEP_STATUS elect_pubkey( // own_must_contain_private is usually true when calling; // we only set it to false when we have the idea of // possibly having an own pubkey that we need to check on its own +// N.B. Checked for PASSPHRASE errors - will now return them always static PEP_STATUS validate_fpr(PEP_SESSION session, pEp_identity* ident, bool check_blacklist, @@ -121,6 +122,7 @@ static PEP_STATUS validate_fpr(PEP_SESSION session, bool has_private = false; status = contains_priv_key(session, fpr, &has_private); + // N.B. Will not contain PEP_PASSPHRASE related returns here if (ident->me && own_must_contain_private) { if (status != PEP_STATUS_OK || !has_private) return PEP_KEY_UNSUITABLE; @@ -173,6 +175,7 @@ static PEP_STATUS validate_fpr(PEP_SESSION session, bool revoked, expired; bool blacklisted = false; + // Should not need to decrypt key material status = key_revoked(session, fpr, &revoked); if (status != PEP_STATUS_OK) { @@ -182,11 +185,12 @@ static PEP_STATUS validate_fpr(PEP_SESSION session, if (!revoked) { time_t exp_time = (ident->me ? time(NULL) + (7*24*3600) : time(NULL)); - + + // Should not need to decrypt key material status = key_expired(session, fpr, exp_time, &expired); - + assert(status == PEP_STATUS_OK); if (status != PEP_STATUS_OK) return status; @@ -210,6 +214,9 @@ static PEP_STATUS validate_fpr(PEP_SESSION session, status = renew_key(session, fpr, ts); free_timestamp(ts); + if (status == PEP_PASSPHRASE_REQUIRED || status == PEP_WRONG_PASSPHRASE) + return status; + if (status == PEP_STATUS_OK) { // if key is valid (second check because pEp key might be extended above) // Return fpr From f5cc07bb10f5693c3bb2e94119075992f162f486 Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Tue, 21 Jul 2020 09:31:21 +0200 Subject: [PATCH 02/50] ENGINE-775: myself --- src/keymanagement.c | 57 +++++++++++++++++++++++++++------------------ 1 file changed, 34 insertions(+), 23 deletions(-) diff --git a/src/keymanagement.c b/src/keymanagement.c index 5d2b1d00..1a9c6ef3 100644 --- a/src/keymanagement.c +++ b/src/keymanagement.c @@ -1172,33 +1172,41 @@ PEP_STATUS _myself(PEP_SESSION session, if (!EMPTYSTR(stored_identity->fpr)) { // Fall back / retrieve status = validate_fpr(session, stored_identity, false, true); - if (status == PEP_OUT_OF_MEMORY) - goto pEp_free; - if (status == PEP_STATUS_OK) { - if (stored_identity->comm_type >= PEP_ct_strong_but_unconfirmed) { - identity->fpr = strdup(stored_identity->fpr); - assert(identity->fpr); - if (!identity->fpr) { - status = PEP_OUT_OF_MEMORY; - goto pEp_free; - } - valid_key_found = true; - } - else { - bool revoked = false; - status = key_revoked(session, stored_identity->fpr, &revoked); - if (status) - goto pEp_free; - if (revoked) { - revoked_fpr = strdup(stored_identity->fpr); - assert(revoked_fpr); - if (!revoked_fpr) { + + switch (status) { + case PEP_OUT_OF_MEMORY: + case PEP_PASSPHRASE_REQUIRED: + case PEP_WRONG_PASSPHRASE: + goto pEp_free; + + case PEP_STATUS_OK: + if (stored_identity->comm_type >= PEP_ct_strong_but_unconfirmed) { + identity->fpr = strdup(stored_identity->fpr); + assert(identity->fpr); + if (!identity->fpr) { status = PEP_OUT_OF_MEMORY; goto pEp_free; } + valid_key_found = true; } - } - } + else { + bool revoked = false; + status = key_revoked(session, stored_identity->fpr, &revoked); + if (status) + goto pEp_free; + if (revoked) { + revoked_fpr = strdup(stored_identity->fpr); + assert(revoked_fpr); + if (!revoked_fpr) { + status = PEP_OUT_OF_MEMORY; + goto pEp_free; + } + } + } + break; + default: + break; + } } // reconcile language, flags transfer_ident_lang_and_flags(identity, stored_identity); @@ -1216,6 +1224,9 @@ PEP_STATUS _myself(PEP_SESSION session, status = generate_keypair(session, identity); assert(status != PEP_OUT_OF_MEMORY); + if (status == PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED) + goto pEp_free; + if (status != PEP_STATUS_OK) { char buf[11]; snprintf(buf, 11, "%d", status); // uh, this is kludgey. FIXME From b18b384b6188e0fa64d01755480bae218837aad4 Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Tue, 21 Jul 2020 09:32:21 +0200 Subject: [PATCH 04/50] Automatically bumped RC in source for future release. Next RC after this one will be 2.1.0-RC21 **if released**. --- src/pEpEngine.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pEpEngine.h b/src/pEpEngine.h index 7da91735..316509a4 100644 --- a/src/pEpEngine.h +++ b/src/pEpEngine.h @@ -25,7 +25,7 @@ extern "C" { #define PEP_ENGINE_VERSION_MAJOR 2 #define PEP_ENGINE_VERSION_MINOR 1 #define PEP_ENGINE_VERSION_PATCH 0 -#define PEP_ENGINE_VERSION_RC 20 +#define PEP_ENGINE_VERSION_RC 21 #define PEP_OWN_USERID "pEp_own_userId" From d0fd825b5e9c1ca653d978b35ff9de4019e76e9d Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Thu, 23 Jul 2020 02:54:27 +0200 Subject: [PATCH 05/50] ENGINE-775: encrypt_message, identity_rating, set_own_key, trust_personal_key, update_identity, get_valid_pubkey --- src/keymanagement.c | 144 ++++++++++++----- src/message_api.c | 385 +++++++++++++++++++++++--------------------- src/pEpEngine.c | 2 +- 3 files changed, 302 insertions(+), 229 deletions(-) diff --git a/src/keymanagement.c b/src/keymanagement.c index 1a9c6ef3..8d30ae99 100644 --- a/src/keymanagement.c +++ b/src/keymanagement.c @@ -39,6 +39,7 @@ static bool key_matches_address(PEP_SESSION session, const char* address, return retval; } +// Does not return PASSPHRASE errors PEP_STATUS elect_pubkey( PEP_SESSION session, pEp_identity * identity, bool check_blacklist ) @@ -345,6 +346,10 @@ PEP_STATUS get_user_default_key(PEP_SESSION session, const char* user_id, // Also, we presume that if the stored_identity was sent in // without an fpr, there wasn't one in the trust DB for this // identity. +// +// If any default key requires a password, it will simply +// bounce back and ask for it. If an elected key requires one, +// it will do the same. Returns PASSPHRASE errors, use with caution. PEP_STATUS get_valid_pubkey(PEP_SESSION session, pEp_identity* stored_identity, bool* is_identity_default, @@ -367,16 +372,25 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session, // Input: stored identity retrieved from database // if stored identity contains a default key if (!EMPTYSTR(stored_fpr)) { - status = validate_fpr(session, stored_identity, check_blacklist, true); - if (status == PEP_STATUS_OK && !EMPTYSTR(stored_identity->fpr)) { - *is_identity_default = *is_address_default = true; - return status; - } - else if (status != PEP_KEY_NOT_FOUND) { - first_reject_status = status; - first_reject_comm_type = stored_identity->comm_type; - } - } + status = validate_fpr(session, stored_identity, check_blacklist, true); + switch (status) { + case PEP_STATUS_OK: + if (!EMPTYSTR(stored_identity->fpr)) { + *is_identity_default = *is_address_default = true; + return status; + } + break; + case PEP_KEY_NOT_FOUND: + break; + case PEP_PASSPHRASE_REQUIRED: + case PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED: + case PEP_WRONG_PASSPHRASE: + return status; // We're not messing around here. + default: + first_reject_status = status; + first_reject_comm_type = stored_identity->comm_type; + } + } // if no valid default stored identity key found free(stored_identity->fpr); stored_identity->fpr = NULL; @@ -388,23 +402,41 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session, // There exists a default key for user, so validate stored_identity->fpr = user_fpr; status = validate_fpr(session, stored_identity, check_blacklist, true); - if (status == PEP_STATUS_OK && stored_identity->fpr) { - *is_user_default = true; - *is_address_default = key_matches_address(session, - stored_identity->address, - stored_identity->fpr); - return status; - } - else if (status != PEP_KEY_NOT_FOUND && first_reject_status != PEP_KEY_NOT_FOUND) { - first_reject_status = status; - first_reject_comm_type = stored_identity->comm_type; - } + + switch (status) { + case PEP_STATUS_OK: + if (!EMPTYSTR(stored_identity->fpr)) { + *is_user_default = true; + *is_address_default = key_matches_address(session, + stored_identity->address, + stored_identity->fpr); + return status; + } + break; + case PEP_KEY_NOT_FOUND: + break; + case PEP_PASSPHRASE_REQUIRED: + case PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED: + case PEP_WRONG_PASSPHRASE: + return status; // We're not messing around here. + default: + if (first_reject_status != PEP_KEY_NOT_FOUND) { + first_reject_status = status; + first_reject_comm_type = stored_identity->comm_type; + } + } } status = elect_pubkey(session, stored_identity, check_blacklist); if (status == PEP_STATUS_OK) { - if (!EMPTYSTR(stored_identity->fpr)) - validate_fpr(session, stored_identity, false, true); // blacklist already filtered of needed + if (!EMPTYSTR(stored_identity->fpr)) { + status = validate_fpr(session, stored_identity, false, true); // blacklist already filtered of needed + if (status == PEP_PASSPHRASE_REQUIRED || + status == PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED || + status == PEP_WRONG_PASSPHRASE) { + return status; + } + } } else if (status != PEP_KEY_NOT_FOUND && first_reject_status != PEP_KEY_NOT_FOUND) { first_reject_status = status; @@ -470,6 +502,11 @@ static void adjust_pEp_trust_status(PEP_SESSION session, pEp_identity* identity) } +// NEVER called on an own identity. So get_valid_pubkey +// and friends should NEVER return with a password error, +// because its internal validate_fpr will always +// be called on a non-own identity. +// But we'll make sure it gets propagated if we do. static PEP_STATUS prepare_updated_identity(PEP_SESSION session, pEp_identity* return_id, pEp_identity* stored_ident, @@ -488,28 +525,36 @@ static PEP_STATUS prepare_updated_identity(PEP_SESSION session, &is_user_default, &is_address_default, false); - - if (status == PEP_STATUS_OK && stored_ident->fpr && *(stored_ident->fpr) != '\0') { - // set identity comm_type from trust db (user_id, FPR) - status = get_trust(session, stored_ident); - if (status == PEP_CANNOT_FIND_IDENTITY || stored_ident->comm_type == PEP_ct_unknown) { - // This is OK - there is no trust DB entry, but we - // found a key. We won't store this, but we'll - // use it. - PEP_comm_type ct = PEP_ct_unknown; - status = get_key_rating(session, stored_ident->fpr, &ct); - stored_ident->comm_type = ct; - } - } - else if (status != PEP_STATUS_OK) { - free(stored_ident->fpr); - stored_ident->fpr = NULL; - stored_ident->comm_type = PEP_ct_key_not_found; - } - else { // no key returned, but status ok? - if (stored_ident->comm_type == PEP_ct_unknown) - stored_ident->comm_type = PEP_ct_key_not_found; + + switch (status) { + case PEP_STATUS_OK: + if (!EMPTYSTR(stored_ident->fpr)) { + // set identity comm_type from trust db (user_id, FPR) + status = get_trust(session, stored_ident); + if (status == PEP_CANNOT_FIND_IDENTITY || stored_ident->comm_type == PEP_ct_unknown) { + // This is OK - there is no trust DB entry, but we + // found a key. We won't store this, but we'll + // use it. + PEP_comm_type ct = PEP_ct_unknown; + status = get_key_rating(session, stored_ident->fpr, &ct); + stored_ident->comm_type = ct; + } + } + else if (stored_ident->comm_type == PEP_ct_unknown) + stored_ident->comm_type = PEP_ct_key_not_found; + break; + case PEP_PASSPHRASE_REQUIRED: + case PEP_WRONG_PASSPHRASE: + case PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED: + // These should NEVER happen here. If they do, + // we must bail and return the status. + return status; + default: + free(stored_ident->fpr); + stored_ident->fpr = NULL; + stored_ident->comm_type = PEP_ct_key_not_found; } + free(return_id->fpr); return_id->fpr = NULL; if (status == PEP_STATUS_OK && !EMPTYSTR(stored_ident->fpr)) @@ -589,6 +634,10 @@ static PEP_STATUS prepare_updated_identity(PEP_SESSION session, return status; } +// CAN return PASSPHRASE errors by returning myself for +// a discovered own identity (i.e. we had no user for it). +// SHOULD not under other circumstances; if it does, +// something internal has failed badly and very unexpectedly. DYNAMIC_API PEP_STATUS update_identity( PEP_SESSION session, pEp_identity * identity ) @@ -1508,6 +1557,12 @@ pEp_free: return status; } +// Technically speaking, this should not EVER +// return PASSPHRASE errors, because +// this is never for an own identity (enforced), and thus +// validate_fpr will not call renew_key. +// If it ever does, the status gets propagated, but +// it is distinctly not OK. DYNAMIC_API PEP_STATUS trust_personal_key( PEP_SESSION session, pEp_identity *ident @@ -1908,6 +1963,7 @@ DYNAMIC_API PEP_STATUS own_keys_retrieve(PEP_SESSION session, stringlist_t **key return _own_keys_retrieve(session, keylist, 0, true); } +// Returns PASSPHRASE errors when necessary DYNAMIC_API PEP_STATUS set_own_key( PEP_SESSION session, pEp_identity *me, diff --git a/src/message_api.c b/src/message_api.c index bf9a524b..8589721b 100644 --- a/src/message_api.c +++ b/src/message_api.c @@ -1808,6 +1808,107 @@ static bool failed_test(PEP_STATUS status) return false; } +static PEP_STATUS _update_state_for_ident_list( + PEP_SESSION session, + pEp_identity* from_ident, + identity_list* ident_list, + stringlist_t** keylist, + PEP_comm_type* max_comm_type, + unsigned int* max_version_major, + unsigned int* max_version_minor, + bool* has_pEp_user, + bool* dest_keys_found, + bool suppress_update_for_bcc + ) +{ + if (!ident_list || !max_version_major || !max_version_minor + || !has_pEp_user || !dest_keys_found + || !keylist) + return PEP_ILLEGAL_VALUE; + + PEP_STATUS status = PEP_STATUS_OK; + + identity_list* _il = ident_list; + + for ( ; _il && _il->ident; _il = _il->next) { + + PEP_STATUS status = PEP_STATUS_OK; + + if (!is_me(session, _il->ident)) { + status = update_identity(session, _il->ident); + + // If it turned out to be an own identity, we + // just internally called _myself on it. + if (!is_me(session, _il->ident)) { + if (status == PEP_CANNOT_FIND_IDENTITY) { + _il->ident->comm_type = PEP_ct_key_not_found; + status = PEP_STATUS_OK; + } + // 0 unless set, so safe. + + if (!suppress_update_for_bcc) { + set_min_version( _il->ident->major_ver, _il->ident->minor_ver, + *max_version_major, *max_version_minor, + max_version_major, max_version_minor); + } + + bool is_blacklisted = false; + if (_il->ident->fpr && IS_PGP_CT(_il->ident->comm_type)) { + status = blacklist_is_listed(session, _il->ident->fpr, &is_blacklisted); + if (status != PEP_STATUS_OK) { + // DB error + status = PEP_UNENCRYPTED; + goto pEp_done; + } + if (is_blacklisted) { + bool user_default, ident_default, address_default; + status = get_valid_pubkey(session, _il->ident, + &ident_default, &user_default, + &address_default, + true); + if (status != PEP_STATUS_OK || _il->ident->fpr == NULL) { + _il->ident->comm_type = PEP_ct_key_not_found; + status = PEP_STATUS_OK; + } + } + } + if (!(*has_pEp_user) && !EMPTYSTR(_il->ident->user_id)) + is_pEp_user(session, _il->ident, has_pEp_user); + + if (!suppress_update_for_bcc && from_ident) { + status = bind_own_ident_with_contact_ident(session, from_ident, _il->ident); + if (status != PEP_STATUS_OK) { + status = PEP_UNKNOWN_DB_ERROR; + goto pEp_done; + } + } + } + } + else + status = myself(session, _il->ident); + + if (status != PEP_STATUS_OK) + goto pEp_done; + + if (!EMPTYSTR(_il->ident->fpr)) { + *keylist = stringlist_add(*keylist, _il->ident->fpr); + if (*keylist == NULL) { + status = PEP_OUT_OF_MEMORY; + goto pEp_done; + } + *max_comm_type = _get_comm_type(session, *max_comm_type, + _il->ident); + } + else { + *dest_keys_found = false; +// ? status = PEP_KEY_NOT_FOUND; + } + } + +pEp_done: + return status; +} + DYNAMIC_API PEP_STATUS encrypt_message( PEP_SESSION session, message *src, @@ -1886,6 +1987,10 @@ DYNAMIC_API PEP_STATUS encrypt_message( identity_list * _il = NULL; + // + // Update the identities and gather key and version information + // for sending + // if (enc_format != PEP_enc_none && (_il = src->bcc) && _il->ident) // BCC limited support: { @@ -1897,181 +2002,85 @@ DYNAMIC_API PEP_STATUS encrypt_message( return PEP_ILLEGAL_VALUE; } - PEP_STATUS _status = PEP_STATUS_OK; - if (!is_me(session, _il->ident)) { - _status = update_identity(session, _il->ident); - if (_status == PEP_CANNOT_FIND_IDENTITY) { - _il->ident->comm_type = PEP_ct_key_not_found; - _status = PEP_STATUS_OK; - } - // 0 unless set, so safe. - - set_min_version( _il->ident->major_ver, _il->ident->minor_ver, - max_version_major, max_version_minor, - &max_version_major, &max_version_minor); - - bool is_blacklisted = false; - if (_il->ident->fpr && IS_PGP_CT(_il->ident->comm_type)) { - _status = blacklist_is_listed(session, _il->ident->fpr, &is_blacklisted); - if (_status != PEP_STATUS_OK) { - // DB error - status = PEP_UNENCRYPTED; - goto pEp_error; - } - if (is_blacklisted) { - bool user_default, ident_default, address_default; - _status = get_valid_pubkey(session, _il->ident, - &ident_default, &user_default, - &address_default, - true); - if (_status != PEP_STATUS_OK || _il->ident->fpr == NULL) { - _il->ident->comm_type = PEP_ct_key_not_found; - _status = PEP_STATUS_OK; - } - } - } - if (!has_pEp_user && !EMPTYSTR(_il->ident->user_id)) - is_pEp_user(session, _il->ident, &has_pEp_user); - } - else - _status = myself(session, _il->ident); - - if (_status != PEP_STATUS_OK) { - status = PEP_UNENCRYPTED; - goto pEp_error; - } - - if (_il->ident->fpr && _il->ident->fpr[0]) { - _k = stringlist_add(_k, _il->ident->fpr); - if (_k == NULL) - goto enomem; - max_comm_type = _get_comm_type(session, max_comm_type, - _il->ident); - } - else { - dest_keys_found = false; - status = PEP_KEY_NOT_FOUND; + // If you think this call is a beast, try the cut-and-pasted code 3 x + PEP_STATUS _status = _update_state_for_ident_list( + session, src->from, _il, + &_k, + &max_comm_type, + &max_version_major, + &max_version_minor, + &has_pEp_user, + &dest_keys_found, + true); + + switch (_status) { + case PEP_PASSPHRASE_REQUIRED: + case PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED: + case PEP_WRONG_PASSPHRASE: + status = _status; + goto pEp_error; + case PEP_STATUS_OK: + break; + default: + status = PEP_UNENCRYPTED; + goto pEp_error; } } else // Non BCC { - for (_il = src->to; _il && _il->ident; _il = _il->next) { - PEP_STATUS _status = PEP_STATUS_OK; - if (!is_me(session, _il->ident)) { - _status = update_identity(session, _il->ident); - if (_status == PEP_CANNOT_FIND_IDENTITY) { - _il->ident->comm_type = PEP_ct_key_not_found; - _status = PEP_STATUS_OK; - } - // 0 unless set, so safe. - set_min_version( _il->ident->major_ver, _il->ident->minor_ver, - max_version_major, max_version_minor, - &max_version_major, &max_version_minor); - - bool is_blacklisted = false; - if (_il->ident->fpr && IS_PGP_CT(_il->ident->comm_type)) { - _status = blacklist_is_listed(session, _il->ident->fpr, &is_blacklisted); - if (_status != PEP_STATUS_OK) { - // DB error - status = PEP_UNENCRYPTED; - goto pEp_error; - } - if (is_blacklisted) { - bool user_default, ident_default, address_default; - _status = get_valid_pubkey(session, _il->ident, - &ident_default, &user_default, - &address_default, - true); - if (_status != PEP_STATUS_OK || _il->ident->fpr == NULL) { - _il->ident->comm_type = PEP_ct_key_not_found; - _status = PEP_STATUS_OK; - } - } - } - if (!has_pEp_user && !EMPTYSTR(_il->ident->user_id)) - is_pEp_user(session, _il->ident, &has_pEp_user); - - _status = bind_own_ident_with_contact_ident(session, src->from, _il->ident); - if (_status != PEP_STATUS_OK) { - status = PEP_UNKNOWN_DB_ERROR; - goto pEp_error; - } - - } - else - _status = myself(session, _il->ident); - - if (_status != PEP_STATUS_OK) { - status = PEP_UNENCRYPTED; - goto pEp_error; - } - - if (_il->ident->fpr && _il->ident->fpr[0]) { - _k = stringlist_add(_k, _il->ident->fpr); - if (_k == NULL) - goto enomem; - max_comm_type = _get_comm_type(session, max_comm_type, - _il->ident); - } - else { - dest_keys_found = false; - status = PEP_KEY_NOT_FOUND; - } - } - - for (_il = src->cc; _il && _il->ident; _il = _il->next) { - PEP_STATUS _status = PEP_STATUS_OK; - if (!is_me(session, _il->ident)) { - _status = update_identity(session, _il->ident); - if (_status == PEP_CANNOT_FIND_IDENTITY) { - _il->ident->comm_type = PEP_ct_key_not_found; - _status = PEP_STATUS_OK; - } - bool is_blacklisted = false; - if (_il->ident->fpr && IS_PGP_CT(_il->ident->comm_type)) { - _status = blacklist_is_listed(session, _il->ident->fpr, &is_blacklisted); - if (_status != PEP_STATUS_OK) { - // DB error - status = PEP_UNENCRYPTED; - goto pEp_error; - } - if (is_blacklisted) { - bool user_default, ident_default, address_default; - _status = get_valid_pubkey(session, _il->ident, - &ident_default, &user_default, - &address_default, - true); - if (_status != PEP_STATUS_OK || _il->ident->fpr == NULL) { - _il->ident->comm_type = PEP_ct_key_not_found; - _status = PEP_STATUS_OK; - } - } - } - if (!has_pEp_user && !EMPTYSTR(_il->ident->user_id)) - is_pEp_user(session, _il->ident, &has_pEp_user); - } - else - _status = myself(session, _il->ident); - if (_status != PEP_STATUS_OK) - { - status = PEP_UNENCRYPTED; - goto pEp_error; - } - if (_il->ident->fpr && _il->ident->fpr[0]) { - _k = stringlist_add(_k, _il->ident->fpr); - if (_k == NULL) - goto enomem; - max_comm_type = _get_comm_type(session, max_comm_type, - _il->ident); - } - else { - dest_keys_found = false; - } + // If you think this call is a beast, try the cut-and-pasted code 3 x + PEP_STATUS _status = PEP_STATUS_OK; + + if (src->to) { + _status = _update_state_for_ident_list( + session, src->from, src->to, + &_k, + &max_comm_type, + &max_version_major, + &max_version_minor, + &has_pEp_user, + &dest_keys_found, + false + ); + switch (_status) { + case PEP_PASSPHRASE_REQUIRED: + case PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED: + case PEP_WRONG_PASSPHRASE: + goto pEp_error; + case PEP_STATUS_OK: + break; + default: + status = PEP_UNENCRYPTED; + goto pEp_error; + } } + if (src->cc) { + _status = _update_state_for_ident_list( + session, src->from, src->cc, + &_k, + &max_comm_type, + &max_version_major, + &max_version_minor, + &has_pEp_user, + &dest_keys_found, + false + ); + switch (_status) { + case PEP_PASSPHRASE_REQUIRED: + case PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED: + case PEP_WRONG_PASSPHRASE: + goto pEp_error; + case PEP_STATUS_OK: + break; + default: + status = PEP_UNENCRYPTED; + goto pEp_error; + } + } } - if (max_version_major == 1) + if (max_version_major < 2) force_v_1 = true; if (enc_format == PEP_enc_auto) { @@ -4806,6 +4815,8 @@ DYNAMIC_API PEP_STATUS outgoing_message_rating_preview( return PEP_STATUS_OK; } +// CAN return PASSPHRASE errors on own keys because +// of myself or discovered own identities DYNAMIC_API PEP_STATUS identity_rating( PEP_SESSION session, pEp_identity *ident, @@ -4825,25 +4836,31 @@ DYNAMIC_API PEP_STATUS identity_rating( if (ident->me) status = _myself(session, ident, false, true, true); - else + else { // Since we don't blacklist own keys, we only check it in here status = update_identity(session, ident); - bool is_blacklisted = false; - - if (ident->fpr && IS_PGP_CT(ident->comm_type)) { - status = blacklist_is_listed(session, ident->fpr, &is_blacklisted); - if (status != PEP_STATUS_OK) { - return status; // DB ERROR - } - if (is_blacklisted) { - bool user_default, ident_default, address_default; - status = get_valid_pubkey(session, ident, - &ident_default, &user_default, - &address_default, - true); - if (status != PEP_STATUS_OK || ident->fpr == NULL) { - ident->comm_type = PEP_ct_key_not_found; - status = PEP_STATUS_OK; + // double-check, in case update_identity had to call + // _myself internally + + if (!ident->me) { + bool is_blacklisted = false; + + if (ident->fpr && IS_PGP_CT(ident->comm_type)) { + status = blacklist_is_listed(session, ident->fpr, &is_blacklisted); + if (status != PEP_STATUS_OK) { + return status; // DB ERROR + } + if (is_blacklisted) { + bool user_default, ident_default, address_default; + status = get_valid_pubkey(session, ident, + &ident_default, &user_default, + &address_default, + true); + if (status != PEP_STATUS_OK || ident->fpr == NULL) { + ident->comm_type = PEP_ct_key_not_found; + status = PEP_STATUS_OK; + } + } } } } diff --git a/src/pEpEngine.c b/src/pEpEngine.c index 13635b61..570165ad 100644 --- a/src/pEpEngine.c +++ b/src/pEpEngine.c @@ -4942,7 +4942,7 @@ PEP_STATUS _generate_keypair(PEP_SESSION session, return status; } - +// SHOULD NOT (in implementation) ever return PASSPHRASE errors DYNAMIC_API PEP_STATUS get_key_rating( PEP_SESSION session, const char *fpr, From 8570855d2ed9c7b9cc7daafd601a06b3e34f453c Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Thu, 23 Jul 2020 03:03:30 +0200 Subject: [PATCH 06/50] ENGINE-775: encrypt_message_and_add_priv_key --- src/message_api.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/message_api.c b/src/message_api.c index 8589721b..ed4f5c82 100644 --- a/src/message_api.c +++ b/src/message_api.c @@ -2335,11 +2335,15 @@ DYNAMIC_API PEP_STATUS encrypt_message_and_add_priv_key( status = encrypt_and_sign(session, keys, priv_key_data, priv_key_size, &encrypted_key_text, &encrypted_key_size); - if (!encrypted_key_text) { + if (status == PEP_PASSPHRASE_REQUIRED || status == PEP_WRONG_PASSPHRASE) { + free(encrypted_key_text); + goto pEp_free; + } + else if (!encrypted_key_text) { status = PEP_UNKNOWN_ERROR; goto pEp_free; } - else if (status) { + else if (status != PEP_STATUS_OK) { free(encrypted_key_text); goto pEp_free; // FIXME - we need an error return overall } From eabc9bb7f25e48d428ae0535b7c19ec8856a18e7 Mon Sep 17 00:00:00 2001 From: Volker Birk Date: Thu, 23 Jul 2020 14:16:39 +0200 Subject: [PATCH 07/50] signal SynchronizeGroupKeys on set_own_key() --- src/keymanagement.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/keymanagement.c b/src/keymanagement.c index 8d30ae99..bacfa1a4 100644 --- a/src/keymanagement.c +++ b/src/keymanagement.c @@ -11,6 +11,7 @@ #include "pEp_internal.h" #include "keymanagement.h" +#include "KeySync_fsm.h" #include "blacklist.h" @@ -2013,6 +2014,9 @@ DYNAMIC_API PEP_STATUS set_own_key( me->comm_type = PEP_ct_pEp; status = set_identity(session, me); + if (status == PEP_STATUS_OK) + signal_Sync_event(session, Sync_PR_keysync, SynchronizeGroupKeys, NULL); + return status; } From 5c105f2a824ce6e78e04ecf6a407ed50819efbd7 Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Thu, 23 Jul 2020 17:19:21 +0200 Subject: [PATCH 08/50] ENGINE-775: _myself, validate_fpr, update_identity, etc, updated to only renew when safe to do so. Recip lists will no longer trigger renewal or keygen --- src/aux_mime_msg.c | 6 +- src/keymanagement.c | 108 +++++++++++++++------------- src/keymanagement.h | 1 + src/message_api.c | 169 ++++++++++++++++++++++++-------------------- src/pEp_internal.h | 4 ++ 5 files changed, 158 insertions(+), 130 deletions(-) diff --git a/src/aux_mime_msg.c b/src/aux_mime_msg.c index 7afc048a..ada134c5 100644 --- a/src/aux_mime_msg.c +++ b/src/aux_mime_msg.c @@ -38,7 +38,7 @@ static PEP_STATUS update_identity_recip_list(PEP_SESSION session, } } else - status = _myself(session, curr_identity, false, false, true); + status = _myself(session, curr_identity, false, false, false, true); if (status == PEP_ILLEGAL_VALUE || status == PEP_OUT_OF_MEMORY) return status; } @@ -83,9 +83,9 @@ DYNAMIC_API PEP_STATUS MIME_decrypt_message( if (!is_me(session, tmp_msg->from)) status = update_identity(session, (tmp_msg->from)); else - status = _myself(session, tmp_msg->from, false, false, true); + status = _myself(session, tmp_msg->from, false, true, false, true); - if (status == PEP_ILLEGAL_VALUE || status == PEP_OUT_OF_MEMORY) + if (status == PEP_ILLEGAL_VALUE || status == PEP_OUT_OF_MEMORY || PASS_ERROR(status)) goto pEp_error; } diff --git a/src/keymanagement.c b/src/keymanagement.c index 8d30ae99..c593ba19 100644 --- a/src/keymanagement.c +++ b/src/keymanagement.c @@ -108,10 +108,12 @@ PEP_STATUS elect_pubkey( // we only set it to false when we have the idea of // possibly having an own pubkey that we need to check on its own // N.B. Checked for PASSPHRASE errors - will now return them always +// False value of "renew_private" prevents their possibility, though. static PEP_STATUS validate_fpr(PEP_SESSION session, pEp_identity* ident, bool check_blacklist, - bool own_must_contain_private) { + bool own_must_contain_private, + bool renew_private) { PEP_STATUS status = PEP_STATUS_OK; @@ -207,7 +209,9 @@ static PEP_STATUS validate_fpr(PEP_SESSION session, } } - if (ident->me && has_private && + // Renew key if it's expired, our own, has a private part, + // isn't too weak, and we didn't say "DON'T DO THIS" + if (renew_private && ident->me && has_private && (ct >= PEP_ct_strong_but_unconfirmed) && !revoked && expired) { // extend key @@ -347,9 +351,10 @@ PEP_STATUS get_user_default_key(PEP_SESSION session, const char* user_id, // without an fpr, there wasn't one in the trust DB for this // identity. // -// If any default key requires a password, it will simply -// bounce back and ask for it. If an elected key requires one, -// it will do the same. Returns PASSPHRASE errors, use with caution. +// Will now NOT return passphrase errors, as we tell +// validate_fpr NOT to renew it. And we specifically suppress them +// with "PEP_KEY_UNSUITABLE" +// PEP_STATUS get_valid_pubkey(PEP_SESSION session, pEp_identity* stored_identity, bool* is_identity_default, @@ -369,10 +374,14 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session, PEP_STATUS first_reject_status = PEP_KEY_NOT_FOUND; char* stored_fpr = stored_identity->fpr; + // Input: stored identity retrieved from database // if stored identity contains a default key if (!EMPTYSTR(stored_fpr)) { - status = validate_fpr(session, stored_identity, check_blacklist, true); + + // Won't ask for passphrase, won't return PASSPHRASE status + // Because of non-renewal + status = validate_fpr(session, stored_identity, check_blacklist, true, false); switch (status) { case PEP_STATUS_OK: if (!EMPTYSTR(stored_identity->fpr)) { @@ -382,10 +391,6 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session, break; case PEP_KEY_NOT_FOUND: break; - case PEP_PASSPHRASE_REQUIRED: - case PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED: - case PEP_WRONG_PASSPHRASE: - return status; // We're not messing around here. default: first_reject_status = status; first_reject_comm_type = stored_identity->comm_type; @@ -401,7 +406,10 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session, if (!EMPTYSTR(user_fpr)) { // There exists a default key for user, so validate stored_identity->fpr = user_fpr; - status = validate_fpr(session, stored_identity, check_blacklist, true); + + // Won't ask for passphrase, won't return PASSPHRASE status + // Because of non-renewal + status = validate_fpr(session, stored_identity, check_blacklist, true, false); switch (status) { case PEP_STATUS_OK: @@ -415,10 +423,6 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session, break; case PEP_KEY_NOT_FOUND: break; - case PEP_PASSPHRASE_REQUIRED: - case PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED: - case PEP_WRONG_PASSPHRASE: - return status; // We're not messing around here. default: if (first_reject_status != PEP_KEY_NOT_FOUND) { first_reject_status = status; @@ -430,12 +434,9 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session, status = elect_pubkey(session, stored_identity, check_blacklist); if (status == PEP_STATUS_OK) { if (!EMPTYSTR(stored_identity->fpr)) { - status = validate_fpr(session, stored_identity, false, true); // blacklist already filtered of needed - if (status == PEP_PASSPHRASE_REQUIRED || - status == PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED || - status == PEP_WRONG_PASSPHRASE) { - return status; - } + // Won't ask for passphrase, won't return PASSPHRASE status + // Because of non-renewal + status = validate_fpr(session, stored_identity, false, true, false); // blacklist already filtered of needed } } else if (status != PEP_KEY_NOT_FOUND && first_reject_status != PEP_KEY_NOT_FOUND) { @@ -464,6 +465,11 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session, } break; } + + // should never happen, but we will MAKE sure + if (PASS_ERROR(status)) + status = PEP_KEY_UNSUITABLE; // renew it on your own time, baby + return status; } @@ -502,11 +508,11 @@ static void adjust_pEp_trust_status(PEP_SESSION session, pEp_identity* identity) } -// NEVER called on an own identity. So get_valid_pubkey -// and friends should NEVER return with a password error, -// because its internal validate_fpr will always -// be called on a non-own identity. -// But we'll make sure it gets propagated if we do. +// NEVER called on an own identity. +// But we also make sure get_valid_pubkey +// and friends NEVER return with a password error. +// (get_valid_pubkey tells validate_fpr not to try renewal) +// Will not return PASSPHRASE errors. static PEP_STATUS prepare_updated_identity(PEP_SESSION session, pEp_identity* return_id, pEp_identity* stored_ident, @@ -524,7 +530,7 @@ static PEP_STATUS prepare_updated_identity(PEP_SESSION session, &is_identity_default, &is_user_default, &is_address_default, - false); + false); switch (status) { case PEP_STATUS_OK: @@ -543,12 +549,6 @@ static PEP_STATUS prepare_updated_identity(PEP_SESSION session, else if (stored_ident->comm_type == PEP_ct_unknown) stored_ident->comm_type = PEP_ct_key_not_found; break; - case PEP_PASSPHRASE_REQUIRED: - case PEP_WRONG_PASSPHRASE: - case PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED: - // These should NEVER happen here. If they do, - // we must bail and return the status. - return status; default: free(stored_ident->fpr); stored_ident->fpr = NULL; @@ -634,10 +634,8 @@ static PEP_STATUS prepare_updated_identity(PEP_SESSION session, return status; } -// CAN return PASSPHRASE errors by returning myself for -// a discovered own identity (i.e. we had no user for it). -// SHOULD not under other circumstances; if it does, -// something internal has failed badly and very unexpectedly. +// Should not return PASSPHRASE errors because we force +// calls that can cause key renewal not to. DYNAMIC_API PEP_STATUS update_identity( PEP_SESSION session, pEp_identity * identity ) @@ -685,7 +683,8 @@ DYNAMIC_API PEP_STATUS update_identity( if (_own_addr) { free(identity->user_id); identity->user_id = strdup(default_own_id); - return _myself(session, identity, false, false, true); + // Do not renew, do not generate + return _myself(session, identity, false, false, false, true); } } } @@ -1108,7 +1107,8 @@ PEP_STATUS _has_usable_priv_key(PEP_SESSION session, char* fpr, PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, - bool do_keygen, + bool do_keygen, + bool do_renew, bool ignore_flags, bool read_only) { @@ -1220,9 +1220,10 @@ PEP_STATUS _myself(PEP_SESSION session, if (stored_identity) { if (!EMPTYSTR(stored_identity->fpr)) { // Fall back / retrieve - status = validate_fpr(session, stored_identity, false, true); + status = validate_fpr(session, stored_identity, false, true, do_renew); switch (status) { + // Only possible if we called this with do_renew = true case PEP_OUT_OF_MEMORY: case PEP_PASSPHRASE_REQUIRED: case PEP_WRONG_PASSPHRASE: @@ -1327,7 +1328,7 @@ pEp_free: DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity) { - return _myself(session, identity, true, false, false); + return _myself(session, identity, true, true, false, false); } DYNAMIC_API PEP_STATUS register_examine_function( @@ -1610,7 +1611,7 @@ DYNAMIC_API PEP_STATUS trust_personal_key( // Set up a temp trusted identity for the input fpr without a comm type; tmp_id = new_identity(ident->address, ident->fpr, ident->user_id, NULL); - status = validate_fpr(session, tmp_id, false, true); + status = validate_fpr(session, tmp_id, false, true, false); if (status == PEP_STATUS_OK) { // Validate fpr gets trust DB or, when that fails, key comm type. we checked @@ -1670,7 +1671,7 @@ DYNAMIC_API PEP_STATUS trust_personal_key( if (!tmp_user_ident) status = PEP_OUT_OF_MEMORY; else { - status = validate_fpr(session, tmp_user_ident, false, true); + status = validate_fpr(session, tmp_user_ident, false, true, false); if (status != PEP_STATUS_OK || tmp_user_ident->comm_type < PEP_ct_strong_but_unconfirmed || @@ -1712,7 +1713,7 @@ DYNAMIC_API PEP_STATUS trust_own_key( return PEP_ILLEGAL_VALUE; // don't check blacklist or require a private key - PEP_STATUS status = validate_fpr(session, ident, false, false); + PEP_STATUS status = validate_fpr(session, ident, false, false, true); if (status != PEP_STATUS_OK) return status; @@ -1985,7 +1986,8 @@ DYNAMIC_API PEP_STATUS set_own_key( if (me->fpr == fpr) me->fpr = NULL; - status = _myself(session, me, false, true, false); + // renew if needed, but do not generate + status = _myself(session, me, false, true, true, false); // we do not need a valid key but dislike other errors if (status != PEP_STATUS_OK && status != PEP_GET_KEY_FAILED && status != PEP_KEY_UNSUITABLE) return status; @@ -2007,7 +2009,7 @@ DYNAMIC_API PEP_STATUS set_own_key( if (!me->fpr) return PEP_OUT_OF_MEMORY; - status = validate_fpr(session, me, false, true); + status = validate_fpr(session, me, false, true, true); if (status) return status; @@ -2121,7 +2123,10 @@ static PEP_STATUS _wipe_default_key_if_invalid(PEP_SESSION session, if (!ident->fpr) return PEP_OUT_OF_MEMORY; - PEP_STATUS keystatus = validate_fpr(session, ident, true, false); + PEP_STATUS keystatus = validate_fpr(session, ident, true, false, true); + if (PASS_ERROR(status)) + return status; + switch (keystatus) { case PEP_STATUS_OK: // Check for non-renewable expiry and @@ -2167,7 +2172,9 @@ DYNAMIC_API PEP_STATUS clean_own_key_defaults(PEP_SESSION session) { if (!ident) continue; - _wipe_default_key_if_invalid(session, ident); + status = _wipe_default_key_if_invalid(session, ident); + if (PASS_ERROR(status)) + return status; } free_identity_list(idents); @@ -2192,7 +2199,10 @@ DYNAMIC_API PEP_STATUS clean_own_key_defaults(PEP_SESSION session) { } else if (user_default_key) { pEp_identity* empty_user = new_identity(NULL, user_default_key, NULL, own_id); - _wipe_default_key_if_invalid(session, empty_user); + status = _wipe_default_key_if_invalid(session, empty_user); + if (PASS_ERROR(status)) + return status; + free(user_default_key); } free(own_id); diff --git a/src/keymanagement.h b/src/keymanagement.h index 142bae81..956304fe 100644 --- a/src/keymanagement.h +++ b/src/keymanagement.h @@ -117,6 +117,7 @@ DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity); PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen, + bool do_renew, bool ignore_flags, bool read_only); diff --git a/src/message_api.c b/src/message_api.c index ed4f5c82..630df768 100644 --- a/src/message_api.c +++ b/src/message_api.c @@ -1375,18 +1375,24 @@ static PEP_rating keylist_rating(PEP_SESSION session, stringlist_t *keylist, cha return rating; } +// KB: Fixme - the first statement below is probably unnecessary now. // Internal function WARNING: -// Only call this on an ident that might have its FPR set from retrieval! +// Should be called on ident that might have its FPR set from retrieval! // (or on one without an fpr) // We do not want myself() setting the fpr here. +// +// Cannot return passphrase statuses. No keygen or renewal allowed here. static PEP_comm_type _get_comm_type( PEP_SESSION session, PEP_comm_type max_comm_type, pEp_identity *ident ) { + if (!ident) + return PEP_ILLEGAL_VALUE; + PEP_STATUS status = PEP_STATUS_OK; - + if (max_comm_type == PEP_ct_compromised) return PEP_ct_compromised; @@ -1397,7 +1403,7 @@ static PEP_comm_type _get_comm_type( status = update_identity(session, ident); } else { - status = _myself(session, ident, false, false, true); + status = _myself(session, ident, false, false, false, true); } if (status == PEP_STATUS_OK) { @@ -1410,7 +1416,7 @@ static PEP_comm_type _get_comm_type( } else { return PEP_ct_unknown; - } + } } static PEP_comm_type _get_comm_type_preview( @@ -1808,6 +1814,7 @@ static bool failed_test(PEP_STATUS status) return false; } +// CANNOT return PASSPHRASE errors, as no gen or renew allowed below static PEP_STATUS _update_state_for_ident_list( PEP_SESSION session, pEp_identity* from_ident, @@ -1837,55 +1844,52 @@ static PEP_STATUS _update_state_for_ident_list( if (!is_me(session, _il->ident)) { status = update_identity(session, _il->ident); - // If it turned out to be an own identity, we - // just internally called _myself on it. - if (!is_me(session, _il->ident)) { - if (status == PEP_CANNOT_FIND_IDENTITY) { - _il->ident->comm_type = PEP_ct_key_not_found; - status = PEP_STATUS_OK; - } - // 0 unless set, so safe. - - if (!suppress_update_for_bcc) { - set_min_version( _il->ident->major_ver, _il->ident->minor_ver, - *max_version_major, *max_version_minor, - max_version_major, max_version_minor); - } - - bool is_blacklisted = false; - if (_il->ident->fpr && IS_PGP_CT(_il->ident->comm_type)) { - status = blacklist_is_listed(session, _il->ident->fpr, &is_blacklisted); - if (status != PEP_STATUS_OK) { - // DB error - status = PEP_UNENCRYPTED; - goto pEp_done; - } - if (is_blacklisted) { - bool user_default, ident_default, address_default; - status = get_valid_pubkey(session, _il->ident, - &ident_default, &user_default, - &address_default, - true); - if (status != PEP_STATUS_OK || _il->ident->fpr == NULL) { - _il->ident->comm_type = PEP_ct_key_not_found; - status = PEP_STATUS_OK; - } - } + if (status == PEP_CANNOT_FIND_IDENTITY) { + _il->ident->comm_type = PEP_ct_key_not_found; + status = PEP_STATUS_OK; + } + // 0 unless set, so safe. + + if (!suppress_update_for_bcc) { + set_min_version( _il->ident->major_ver, _il->ident->minor_ver, + *max_version_major, *max_version_minor, + max_version_major, max_version_minor); + } + + bool is_blacklisted = false; + if (_il->ident->fpr && IS_PGP_CT(_il->ident->comm_type)) { + status = blacklist_is_listed(session, _il->ident->fpr, &is_blacklisted); + if (status != PEP_STATUS_OK) { + // DB error + status = PEP_UNENCRYPTED; + goto pEp_done; } - if (!(*has_pEp_user) && !EMPTYSTR(_il->ident->user_id)) - is_pEp_user(session, _il->ident, has_pEp_user); - - if (!suppress_update_for_bcc && from_ident) { - status = bind_own_ident_with_contact_ident(session, from_ident, _il->ident); - if (status != PEP_STATUS_OK) { - status = PEP_UNKNOWN_DB_ERROR; - goto pEp_done; + if (is_blacklisted) { + bool user_default, ident_default, address_default; + status = get_valid_pubkey(session, _il->ident, + &ident_default, &user_default, + &address_default, + true); + + if (status != PEP_STATUS_OK || _il->ident->fpr == NULL) { + _il->ident->comm_type = PEP_ct_key_not_found; + status = PEP_STATUS_OK; } } + } + if (!(*has_pEp_user) && !EMPTYSTR(_il->ident->user_id)) + is_pEp_user(session, _il->ident, has_pEp_user); + + if (!suppress_update_for_bcc && from_ident) { + status = bind_own_ident_with_contact_ident(session, from_ident, _il->ident); + if (status != PEP_STATUS_OK) { + status = PEP_UNKNOWN_DB_ERROR; + goto pEp_done; + } } } - else - status = myself(session, _il->ident); + else // myself, but don't gen or renew + status = _myself(session, _il->ident, false, false, false, true); if (status != PEP_STATUS_OK) goto pEp_done; @@ -1895,7 +1899,7 @@ static PEP_STATUS _update_state_for_ident_list( if (*keylist == NULL) { status = PEP_OUT_OF_MEMORY; goto pEp_done; - } + } *max_comm_type = _get_comm_type(session, *max_comm_type, _il->ident); } @@ -4222,7 +4226,12 @@ static PEP_STATUS _decrypt_message( if (!cached_ownname) cached_ownname = strdup(msg_from->address); msg_from->username = NULL; - status = _myself(session, msg_from, false, false, myself_read_only); + + // Don't renew for now: FIXME, SWIFT ticket coming with one To: etc... + status = _myself(session, msg_from, false, false, false, myself_read_only); + if (PASS_ERROR(status)) + goto pEp_error; + free(msg_from->username); msg_from->username = cached_ownname; } @@ -4677,6 +4686,7 @@ DYNAMIC_API PEP_STATUS own_message_private_key_details( // Note: if comm_type_determine is false, it generally means that // we were unable to get key information for anyone in the list, // likely because a key is missing. +// Cannot propagate PASSPHRASE errors. static void _max_comm_type_from_identity_list( identity_list *identities, PEP_SESSION session, @@ -4684,6 +4694,7 @@ static void _max_comm_type_from_identity_list( bool *comm_type_determined ) { + identity_list * il; for (il = identities; il != NULL; il = il->next) { @@ -4691,7 +4702,7 @@ static void _max_comm_type_from_identity_list( { PEP_STATUS status = PEP_STATUS_OK; *max_comm_type = _get_comm_type(session, *max_comm_type, - il->ident); + il->ident); *comm_type_determined = true; bool is_blacklisted = false; @@ -4703,7 +4714,8 @@ static void _max_comm_type_from_identity_list( &ident_default, &user_default, &address_default, true); - if (status != PEP_STATUS_OK || il->ident->fpr == NULL) { + + if (status != PEP_STATUS_OK || il->ident->fpr == NULL) { il->ident->comm_type = PEP_ct_key_not_found; if (*max_comm_type > PEP_ct_no_encryption) *max_comm_type = PEP_ct_no_encryption; @@ -4749,6 +4761,7 @@ DYNAMIC_API PEP_STATUS outgoing_message_rating( ) { PEP_comm_type max_comm_type = PEP_ct_pEp; + bool comm_type_determined = false; assert(session); @@ -4820,7 +4833,11 @@ DYNAMIC_API PEP_STATUS outgoing_message_rating_preview( } // CAN return PASSPHRASE errors on own keys because -// of myself or discovered own identities +// of myself. Will not, however, return PASSPHRASE +// errors if the incoming ident isn't marked as an own +// identity. +// FIXME: document at top level - we RELY on knowing +// if this is an own identity in the input DYNAMIC_API PEP_STATUS identity_rating( PEP_SESSION session, pEp_identity *ident, @@ -4839,34 +4856,29 @@ DYNAMIC_API PEP_STATUS identity_rating( *rating = PEP_rating_undefined; if (ident->me) - status = _myself(session, ident, false, true, true); + status = _myself(session, ident, false, true, true, true); else { // Since we don't blacklist own keys, we only check it in here status = update_identity(session, ident); - // double-check, in case update_identity had to call - // _myself internally + bool is_blacklisted = false; - if (!ident->me) { - bool is_blacklisted = false; - - if (ident->fpr && IS_PGP_CT(ident->comm_type)) { - status = blacklist_is_listed(session, ident->fpr, &is_blacklisted); - if (status != PEP_STATUS_OK) { - return status; // DB ERROR - } - if (is_blacklisted) { - bool user_default, ident_default, address_default; - status = get_valid_pubkey(session, ident, - &ident_default, &user_default, - &address_default, - true); - if (status != PEP_STATUS_OK || ident->fpr == NULL) { - ident->comm_type = PEP_ct_key_not_found; - status = PEP_STATUS_OK; - } - } + if (ident->fpr && IS_PGP_CT(ident->comm_type)) { + status = blacklist_is_listed(session, ident->fpr, &is_blacklisted); + if (status != PEP_STATUS_OK) { + return status; // DB ERROR } - } + if (is_blacklisted) { + bool user_default, ident_default, address_default; + status = get_valid_pubkey(session, ident, + &ident_default, &user_default, + &address_default, + true); + if (status != PEP_STATUS_OK || ident->fpr == NULL) { + ident->comm_type = PEP_ct_key_not_found; + status = PEP_STATUS_OK; + } + } + } } if (status == PEP_STATUS_OK) @@ -5321,6 +5333,7 @@ enomem: return PEP_OUT_OF_MEMORY; } +// CAN return PASSPHRASE errors DYNAMIC_API PEP_STATUS re_evaluate_message_rating( PEP_SESSION session, message *msg, @@ -5381,7 +5394,7 @@ got_keylist: if (!is_me(session, msg->from)) status = update_identity(session, msg->from); else - status = _myself(session, msg->from, false, false, true); + status = _myself(session, msg->from, false, true, false, true); switch (status) { case PEP_KEY_NOT_FOUND: @@ -5397,7 +5410,7 @@ got_keylist: } status = amend_rating_according_to_sender_and_recipients(session, &_rating, - msg->from, _keylist); + msg->from, _keylist); if (status == PEP_STATUS_OK) *rating = _rating; diff --git a/src/pEp_internal.h b/src/pEp_internal.h index a0ef5648..7e8f23ef 100644 --- a/src/pEp_internal.h +++ b/src/pEp_internal.h @@ -528,6 +528,10 @@ static inline void set_max_version(unsigned int first_maj, unsigned int first_mi #define EMPTYSTR(STR) ((STR) == NULL || (STR)[0] == '\0') #endif +#ifndef PASS_ERROR +#define PASS_ERROR(ST) (ST == PEP_PASSPHRASE_REQUIRED || ST == PEP_WRONG_PASSPHRASE || ST == PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED) +#endif + #ifndef IS_PGP_CT #define IS_PGP_CT(CT) (((CT) | PEP_ct_confirmed) == PEP_ct_OpenPGP) #endif From f46ffb0e284454a26ba9e9ed32ebda64e8363c04 Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Thu, 23 Jul 2020 18:32:24 +0200 Subject: [PATCH 09/50] Oops. Aux_mime duplication not updated. --- test/src/test_util.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/src/test_util.cc b/test/src/test_util.cc index 2eb2d170..81b79949 100644 --- a/test/src/test_util.cc +++ b/test/src/test_util.cc @@ -509,7 +509,7 @@ static PEP_STATUS update_identity_recip_list(PEP_SESSION session, } } else - status = _myself(session, curr_identity, false, false, true); + status = _myself(session, curr_identity, false, false, false, true); if (status == PEP_ILLEGAL_VALUE || status == PEP_OUT_OF_MEMORY) return status; } @@ -556,7 +556,7 @@ PEP_STATUS MIME_decrypt_message( if (!is_me(session, tmp_msg->from)) status = update_identity(session, (tmp_msg->from)); else - status = _myself(session, tmp_msg->from, false, false, true); + status = _myself(session, tmp_msg->from, false, true, false, true); if (status == PEP_ILLEGAL_VALUE || status == PEP_OUT_OF_MEMORY) goto pEp_error; From 8ec97efd89c7fb1600b94d91cf3eeb558c30de54 Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Thu, 23 Jul 2020 20:37:16 +0200 Subject: [PATCH 10/50] Fixed problem with cleaning up bad user default keys. --- src/keymanagement.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/keymanagement.c b/src/keymanagement.c index 82978bf7..9ed01614 100644 --- a/src/keymanagement.c +++ b/src/keymanagement.c @@ -2149,7 +2149,8 @@ static PEP_STATUS _wipe_default_key_if_invalid(PEP_SESSION session, } free(cached_fpr); - if (status == PEP_STATUS_OK) + // This may have been for a user default, not an identity default. + if (status == PEP_STATUS_OK && !(EMPTYSTR(ident->address))) status = myself(session, ident); return status; @@ -2202,7 +2203,7 @@ DYNAMIC_API PEP_STATUS clean_own_key_defaults(PEP_SESSION session) { return status; } else if (user_default_key) { - pEp_identity* empty_user = new_identity(NULL, user_default_key, NULL, own_id); + pEp_identity* empty_user = new_identity(NULL, user_default_key, own_id, NULL); status = _wipe_default_key_if_invalid(session, empty_user); if (PASS_ERROR(status)) return status; From 746d1ecc546b69137f68bab29a2fa012e9681f6a Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Thu, 23 Jul 2020 22:26:46 +0200 Subject: [PATCH 11/50] Fixed weird _myself username overwrite. --- src/keymanagement.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/keymanagement.c b/src/keymanagement.c index 9ed01614..a3066806 100644 --- a/src/keymanagement.c +++ b/src/keymanagement.c @@ -1196,7 +1196,10 @@ PEP_STATUS _myself(PEP_SESSION session, // Set usernames - priority is input username > stored name > address // If there's an input username, we always patch the username with that // input. - if (EMPTYSTR(identity->username) || read_only) { + // N.B. there was an || read_only here, but why? read_only ONLY means + // we don't write to the DB! So... removed. But how this managed to work + // before I don't know. + if (EMPTYSTR(identity->username)) { bool stored_uname = (stored_identity && !EMPTYSTR(stored_identity->username)); char* uname = (stored_uname ? stored_identity->username : identity->address); if (uname) { From ca9ab48f227a92eae4f879c00a579b9d69ea48ee Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Fri, 24 Jul 2020 14:36:23 +0200 Subject: [PATCH 12/50] ENGINE-775: some of the key_reset functions done, more to go, committing to regen documentation --- src/key_reset.c | 92 ++++++++++++++++++++++++++++++++++------------ src/message_api.c | 6 +-- src/pEp_internal.h | 2 +- 3 files changed, 73 insertions(+), 27 deletions(-) diff --git a/src/key_reset.c b/src/key_reset.c index 6776050a..1e2e9791 100644 --- a/src/key_reset.c +++ b/src/key_reset.c @@ -67,9 +67,14 @@ static PEP_STATUS _generate_reset_structs(PEP_SESSION session, if (!include_secret) { // This isn't to own recips, so shipping the rev'd key is OK. Own keys are revoked on each device. status = export_key(session, old_fpr, &key_material_old, &datasize); + + // Shouldn't happen, but we can't make presumptions about crypto engine + if (PASS_ERROR(status)) + goto pEp_error; + if (datasize > 0 && key_material_old) { if (status != PEP_STATUS_OK) - return status; + goto pEp_error; if (!keys) keys = new_bloblist(key_material_old, datasize, @@ -82,10 +87,13 @@ static PEP_STATUS _generate_reset_structs(PEP_SESSION session, datasize = 0; } status = export_key(session, new_fpr, &key_material_new, &datasize); + // Shouldn't happen, but we can't make presumptions about crypto engine + if (PASS_ERROR(status)) + goto pEp_error; if (datasize > 0 && key_material_new) { if (status != PEP_STATUS_OK) - return status; + goto pEp_error; if (!keys) keys = new_bloblist(key_material_new, datasize, @@ -97,8 +105,8 @@ static PEP_STATUS _generate_reset_structs(PEP_SESSION session, datasize = 0; if (include_secret) { status = export_secret_key(session, new_fpr, &key_material_priv, &datasize); - if (status != PEP_STATUS_OK) - return status; + if (status != PEP_STATUS_OK) // includes PASS_ERROR + goto pEp_error; if (datasize > 0 && key_material_priv) { bloblist_add(keys, key_material_priv, datasize, "application/pgp-keys", "file://pEpkey_priv.asc"); @@ -112,6 +120,13 @@ static PEP_STATUS _generate_reset_structs(PEP_SESSION session, *key_attachments = keys; } return status; + +pEp_error: + free(key_material_old); + free(key_material_new); + free(key_material_priv); + free_bloblist(keys); + return status; } // For multiple idents under a single key @@ -139,9 +154,11 @@ static PEP_STATUS _generate_own_commandlist_msg(PEP_SESSION session, &kr_commands, true); if (status != PEP_STATUS_OK) - return status; // FIXME - if (!key_attachments || !kr_commands) - return PEP_UNKNOWN_ERROR; + goto pEp_error; + if (!key_attachments || !kr_commands) { + status = PEP_UNKNOWN_ERROR; + goto pEp_error; + } } } @@ -154,7 +171,7 @@ static PEP_STATUS _generate_own_commandlist_msg(PEP_SESSION session, size_t size = 0; status = key_reset_commands_to_PER(kr_commands, &payload, &size); if (status != PEP_STATUS_OK) - return status; + goto pEp_error; // From and to our first ident - this only goes to us. pEp_identity* from = identity_dup(from_idents->ident); @@ -163,17 +180,22 @@ static PEP_STATUS _generate_own_commandlist_msg(PEP_SESSION session, BASE_KEYRESET, payload, size, NULL, &msg); - if (status != PEP_STATUS_OK) { - free(msg); - return status; + if (status != PEP_STATUS_OK) + goto pEp_error; + + if (!msg) { + status = PEP_OUT_OF_MEMORY; + goto pEp_error; + } + if (!msg->attachments) { + status = PEP_UNKNOWN_ERROR; + goto pEp_error; } - if (!msg) - return PEP_OUT_OF_MEMORY; - if (!msg->attachments) - return PEP_UNKNOWN_ERROR; - if (!bloblist_join(msg->attachments, key_attachments)) - return PEP_UNKNOWN_ERROR; + if (!bloblist_join(msg->attachments, key_attachments)) { + status = PEP_UNKNOWN_ERROR; + goto pEp_error; + } if (msg) *dst = msg; @@ -181,7 +203,16 @@ static PEP_STATUS _generate_own_commandlist_msg(PEP_SESSION session, free_keyreset_command_list(kr_commands); return status; + +pEp_error: + if (!msg) + free_bloblist(key_attachments); + else + free(msg); + free_keyreset_command_list(kr_commands); + + return status; } static PEP_STATUS _generate_keyreset_command_message(PEP_SESSION session, @@ -195,8 +226,7 @@ static PEP_STATUS _generate_keyreset_command_message(PEP_SESSION session, if (!session || !from_ident || !old_fpr || !new_fpr || !dst) return PEP_ILLEGAL_VALUE; - // safe cast - if (!is_me(session, (pEp_identity*)from_ident)) + if (!is_me(session, from_ident)) return PEP_ILLEGAL_VALUE; PEP_STATUS status = PEP_STATUS_OK; @@ -225,29 +255,41 @@ static PEP_STATUS _generate_keyreset_command_message(PEP_SESSION session, &key_attachments, &kr_list, is_private); + + // N.B. command list and key attachments are freed by + // _generate_reset_structs when status is not OK if (status != PEP_STATUS_OK) - return status; // FIXME + return status; + if (!key_attachments || !kr_list) return PEP_UNKNOWN_ERROR; char* payload = NULL; size_t size = 0; status = key_reset_commands_to_PER(kr_list, &payload, &size); + if (status != PEP_STATUS_OK) + return status; + status = base_prepare_message(session, outgoing_ident, to_ident, BASE_KEYRESET, payload, size, NULL, &msg); - if (status) { + + if (status != PEP_STATUS_OK) { free(msg); return status; } if (!msg) return PEP_OUT_OF_MEMORY; - if (!msg->attachments) + + if (!msg->attachments) { + free(msg); return PEP_UNKNOWN_ERROR; + } if (msg) *dst = msg; return status; + } PEP_STATUS has_key_reset_been_sent( @@ -398,6 +440,8 @@ PEP_STATUS receive_key_reset(PEP_SESSION session, if (!sender_id->user_id) return PEP_UNKNOWN_ERROR; } + if (status != PEP_STATUS_OK) // Do we need to be more specific?? + return status; bool sender_own_key = false; bool from_me = is_me(session, sender_id); @@ -503,7 +547,9 @@ PEP_STATUS receive_key_reset(PEP_SESSION session, free(curr_ident->user_id); curr_ident->user_id = NULL; status = update_identity(session, curr_ident); - + if (status != PEP_STATUS_OK) + return status; + // Ok, now check the old fpr to see if we have an entry for it // temp fpr set for function call curr_ident->fpr = old_fpr; diff --git a/src/message_api.c b/src/message_api.c index 630df768..bdffd1d6 100644 --- a/src/message_api.c +++ b/src/message_api.c @@ -3300,10 +3300,10 @@ static PEP_STATUS update_sender_to_pEp_trust( free(sender->fpr); sender->fpr = NULL; - PEP_STATUS status = PEP_STATUS_OK; + PEP_STATUS status = is_me(session, sender) ? myself(session, sender) : update_identity(session, sender); - // Seems status doesn't matter - is_me(session, sender) ? myself(session, sender) : update_identity(session, sender); + if (PASS_ERROR(status)) + return status; if (EMPTYSTR(sender->fpr) || strcmp(sender->fpr, keylist->value) != 0) { free(sender->fpr); diff --git a/src/pEp_internal.h b/src/pEp_internal.h index 7e8f23ef..27078c20 100644 --- a/src/pEp_internal.h +++ b/src/pEp_internal.h @@ -448,7 +448,7 @@ static inline char* _pEp_subj_copy() { #endif } -static inline bool is_me(PEP_SESSION session, pEp_identity* test_ident) { +static inline bool is_me(PEP_SESSION session, const pEp_identity* test_ident) { bool retval = false; if (test_ident && test_ident->user_id) { char* def_id = NULL; From f20160c43a4a038bac15e48ce898954310912f02 Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Sun, 26 Jul 2020 13:33:31 +0200 Subject: [PATCH 13/50] ENGINE-775: key_reset functions should now all return appropriately and EARLY with passphrase errors. One thing to note is that ANY key_reset function which can cause the decryption of multiple keys with different passwords should now fail very shortly after being called, and will ALWAYS fail. (differing new password phrases and key-to-be-reset passphrases is still accepted for a single key) --- src/key_reset.c | 220 +++++++++++++++++++++++++++++++++++++++------- src/key_reset.h | 3 + src/message_api.h | 2 + 3 files changed, 194 insertions(+), 31 deletions(-) diff --git a/src/key_reset.c b/src/key_reset.c index 1e2e9791..6cf61a7e 100644 --- a/src/key_reset.c +++ b/src/key_reset.c @@ -623,6 +623,9 @@ PEP_STATUS receive_key_reset(PEP_SESSION session, status = replace_main_user_fpr_if_equal(session, curr_ident->user_id, new_fpr, old_fpr); + if (status != PEP_STATUS_OK) + return status; + // This only sets as the default, does NOT TRUST IN ANY WAY PEP_comm_type new_key_rating = PEP_ct_unknown; @@ -768,8 +771,10 @@ PEP_STATUS create_standalone_key_reset_message(PEP_SESSION session, if (!reset_msg) return PEP_ILLEGAL_VALUE; - if (!reset_msg->attachments) - return PEP_UNKNOWN_ERROR; + if (!reset_msg->attachments) { + status = PEP_UNKNOWN_ERROR; + goto pEp_free; + } message* output_msg = NULL; @@ -779,6 +784,8 @@ PEP_STATUS create_standalone_key_reset_message(PEP_SESSION session, if (status == PEP_STATUS_OK) *dst = output_msg; + else if (output_msg) // shouldn't happen, but... + free_message(output_msg); pEp_free: @@ -965,6 +972,48 @@ static PEP_STATUS _dup_grouped_only(identity_list* idents, identity_list** filte return PEP_STATUS_OK; } +static PEP_STATUS _check_own_reset_passphrase_readiness(PEP_SESSION session, + const char* key) { + // Before we do anything else, make sure the key to sign the + // revocation has the right passphrase set + PEP_STATUS status = probe_encrypt(session, key); + + // We only care if this has signing-related issues; key could + // already be revoked and it will be fine below. + if (PASS_ERROR(status)) + return status; + + // Because of the above, we CAN support a signing passphrase + // that differs from the generation passphrase. We'll + // just check to make sure everything is in order for + // later use, however + + if (session->new_key_pass_enable) { + if (EMPTYSTR(session->generation_passphrase)) + return PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED; + + if (EMPTYSTR(session->curr_passphrase)) { + // We'll need it as the current passphrase to sign + // messages with the generated keys + session->curr_passphrase = strdup(session->generation_passphrase); + } + } + return PEP_STATUS_OK; +} + +// This is for ONE specific key, but possibly many identities +// We could have ONE return for PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED +// and another for PEP_PASSPHRASE_REQUIRED/PEP_WRONG_PASSPHRASE +// State would advance though, it just might need to be called +// twice with correct passwords, and more without. +// (In other words, with multiple passwords, this is not the end of all things) +// +// N.B. This function presumes that ALL idents in this group have the +// key in question as their main key. That's what this function +// was created for. +// FIXME: +// I am not sure this is safe with already-revoked keys. +// static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session, identity_list* key_idents, const char* old_key, @@ -975,13 +1024,36 @@ static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session, if (!session || !key_idents || EMPTYSTR(old_key)) return PEP_ILLEGAL_VALUE; - + + message* enc_msg = NULL; + message* outmsg = NULL; + messageToSend_t send_cb = session->messageToSend; if (!send_cb) return PEP_SYNC_NO_MESSAGE_SEND_CALLBACK; - + PEP_STATUS status = PEP_STATUS_OK; - + + // N.B. The mechanism here is that we make the caller, if + // necessary, keep trying until they give us the + // right password for the key we're going to reset/revoke. + // The revocation does not happen until later, but basically, + // if the key is unrevoked and still requires a correct + // password, we need to stop this before we get there. + // + // This allows us to switch the correct passphrase in + // and out if there are different generation and old + // key signing passwords. (Not a concern if already revoked) + + status = _check_own_reset_passphrase_readiness(session, old_key); + if (status != PEP_STATUS_OK) + return status; + + // We sometimes have to swap in and out the generation + // passphrase for signing, so we keep a pointer to + // the "curr_passphrase" around to set it back consistently + char* cached_passphrase = session->curr_passphrase; + // if we only want grouped identities, we do this: if (grouped_only) { identity_list* new_list = NULL; @@ -1007,42 +1079,65 @@ static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session, // Ok, everyone's got a new keypair. Hoorah! // generate, sign, and push messages into queue - message* outmsg = NULL; + // + + // Because we have to export the NEW secret keys, + // we have to switch in the passgen key + // as the configured key. We'll switch it back + // afterward (no revocation, decrypt, or signing + // with the old key happens in here) + session->curr_passphrase = session->generation_passphrase; + status = _generate_own_commandlist_msg(session, key_idents, old_key, &outmsg); - + + session->curr_passphrase = cached_passphrase; + + // Key-based errors here shouldn't happen. + if (status != PEP_STATUS_OK) + return status; + // Following will only be true if some idents were grouped, - // and will only include grouped idents! + // and will only include grouped idents! + // Will be signed with old signing key. + // (Again, see the FIXME - we need to figure oout what + // happens if it got revoked externally) if (outmsg) { - message* enc_msg = NULL; // encrypt this baby and get out // extra keys??? status = encrypt_message(session, outmsg, NULL, &enc_msg, PEP_enc_auto, PEP_encrypt_flag_key_reset_only); - if (status != PEP_STATUS_OK) { - goto pEp_free; - } + if (status != PEP_STATUS_OK) + goto pEp_error; + _add_auto_consume(enc_msg); // insert into queue status = send_cb(enc_msg); - if (status != PEP_STATUS_OK) { - free(enc_msg); - goto pEp_free; - } + if (status != PEP_STATUS_OK) + goto pEp_error; } // Ok, we've signed everything we need to with the old key, // Revoke that baby. status = revoke_key(session, old_key, NULL); + // again, we should not have key-related issues here, + // as we tested for the correct password earlier if (status != PEP_STATUS_OK) - goto pEp_free; + return status; + // Ok, NOW - the current password needs to be swapped out + // because we're going to sign with keys using. + // + // All new keys have the same passphrase, if any + // + session->curr_passphrase = session->generation_passphrase; + for (curr_ident = key_idents; curr_ident && curr_ident->ident; curr_ident = curr_ident->next) { if (curr_ident->ident->flags & PEP_idf_devicegroup) { pEp_identity* ident = curr_ident->ident; @@ -1052,10 +1147,10 @@ static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session, char* new_key = ident->fpr; ident->fpr = NULL; status = set_own_key(session, ident, new_key); - if (status != PEP_STATUS_OK) { + if (status != PEP_STATUS_OK) // scream loudly and cry, then hang head in shame - return status; - } + goto pEp_error; + free(ident->fpr); // release ownership to the struct again @@ -1067,7 +1162,7 @@ static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session, status = set_revoked(session, old_key, new_key, time(NULL)); if (status != PEP_STATUS_OK) - goto pEp_free; + goto pEp_error; // Whether new_key is NULL or not, if this key is equal to the current user default, we // replace it. @@ -1077,12 +1172,12 @@ static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session, old_key); if (status != PEP_STATUS_OK) - goto pEp_free; + goto pEp_error; pEp_identity* tmp_ident = identity_dup(ident); if (!tmp_ident) { status = PEP_OUT_OF_MEMORY; - goto pEp_free; + goto pEp_error; } free(tmp_ident->fpr); @@ -1091,24 +1186,50 @@ static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session, tmp_ident->fpr = strdup(old_key); // freed in free_identity if (status == PEP_STATUS_OK) status = send_key_reset_to_recents(session, tmp_ident, old_key, ident->fpr); + + if (status != PEP_STATUS_OK) + goto pEp_error; + free_identity(tmp_ident); } } + session->curr_passphrase = cached_passphrase; + if (status == PEP_STATUS_OK) // cascade that mistrust for anyone using this key - status = mark_as_compromised(session, old_key); - + status = mark_as_compromised(session, old_key); if (status == PEP_STATUS_OK) status = remove_fpr_as_default(session, old_key); if (status == PEP_STATUS_OK) status = add_mistrusted_key(session, old_key); -pEp_free: + return status; + +pEp_error: + + // Just in case + session->curr_passphrase = cached_passphrase; + free_message(outmsg); + free_message(enc_msg); return status; } +static PEP_STATUS probe_signing_for_keylist(PEP_SESSION session, + stringlist_t* keylist) { + for ( ; keylist ; keylist = keylist->next) { + char* key = keylist->value; + if (!EMPTYSTR(key)) { + PEP_STATUS status = probe_encrypt(session, key); + if (PASS_ERROR(status)) + return status; + } + } + return PEP_STATUS_OK; +} +// This is simply NOT SAFE for multiple passwords on the extant +// keys. Cannot be called with multiple passwords for that purpose. DYNAMIC_API PEP_STATUS key_reset_own_grouped_keys(PEP_SESSION session) { assert(session); @@ -1127,6 +1248,11 @@ DYNAMIC_API PEP_STATUS key_reset_own_grouped_keys(PEP_SESSION session) { // TODO: free if (status == PEP_STATUS_OK) { + status = probe_signing_for_keylist(session, keys); + + if (PASS_ERROR(status)) + goto pEp_free; + stringlist_t* curr_key; for (curr_key = keys; curr_key && curr_key->value; curr_key = curr_key->next) { @@ -1143,6 +1269,13 @@ DYNAMIC_API PEP_STATUS key_reset_own_grouped_keys(PEP_SESSION session) { else goto pEp_free; + // Because of the key check above, this should not happen unless we were + // UNLESS we required a passphrase for keygen and it's not set. + if (PASS_ERROR(status)) + goto pEp_free; + + // FIXME: what about other statuses, though??? + free_identity_list(key_idents); } } @@ -1154,8 +1287,6 @@ pEp_free: return status; } -// Notes to integrate into header: -// IF there is an ident, it must have a user_id. PEP_STATUS key_reset( PEP_SESSION session, const char* key_id, @@ -1175,6 +1306,8 @@ PEP_STATUS key_reset( identity_list* key_idents = NULL; stringlist_t* keys = NULL; + char* cached_passphrase = session->curr_passphrase; + if (!EMPTYSTR(key_id)) { fpr_copy = strdup(key_id); if (!fpr_copy) @@ -1206,6 +1339,12 @@ PEP_STATUS key_reset( // TODO: free if (status == PEP_STATUS_OK) { stringlist_t* curr_key; + + // Before we go ANY further, we're going to bail with passphrase errors + // if need be. + status = probe_signing_for_keylist(session, keys); + if (PASS_ERROR(status)) + goto pEp_free; for (curr_key = keys; curr_key && curr_key->value; curr_key = curr_key->next) { // FIXME: Is the ident really necessary? @@ -1275,6 +1414,14 @@ PEP_STATUS key_reset( if (is_own_private) { + // Make sure we can even progress - if there are passphrase issues, + // bounce back to the caller now. + status = _check_own_reset_passphrase_readiness(session, fpr_copy); + + // These will always be passphrase errors. + if (status != PEP_STATUS_OK) + return status; + // This is now the "is_own" base case - we don't do this // per-identity, because all identities using this key will // need new ones. That said, this is really only a problem @@ -1310,6 +1457,10 @@ PEP_STATUS key_reset( // key for all idents for this user. status = revoke_key(session, fpr_copy, NULL); + // Should never happen, we checked this, but STILL. + if (PASS_ERROR(status)) + goto pEp_free; + // If we have a full identity, we have some cleanup and generation tasks here if (!EMPTYSTR(this_ident->address)) { // generate new key @@ -1354,10 +1505,14 @@ PEP_STATUS key_reset( // for all active communication partners: // active_send revocation + session->curr_passphrase = session->generation_passphrase; tmp_ident->fpr = fpr_copy; if (status == PEP_STATUS_OK) status = send_key_reset_to_recents(session, this_ident, fpr_copy, new_key); + session->curr_passphrase = cached_passphrase; tmp_ident->fpr = NULL; + if (PASS_ERROR(status)) + goto pEp_free; // should NOT happen } // Whether new_key is NULL or not, if this key is equal to the current user default, we @@ -1369,8 +1524,10 @@ PEP_STATUS key_reset( // we got an error and want to bail anyway. goto pEp_free; } - else - return PEP_CANNOT_FIND_IDENTITY; + else { + status = PEP_CANNOT_FIND_IDENTITY; + goto pEp_free; + } } // end is_own_private else { // if it's mistrusted, make it not be so. @@ -1412,7 +1569,8 @@ pEp_free: free(own_id); free_identity_list(key_idents); free_stringlist(keys); - free(new_key); + free(new_key); + session->curr_passphrase = cached_passphrase; return status; } diff --git a/src/key_reset.h b/src/key_reset.h index 2a7cd87e..8473f8be 100644 --- a/src/key_reset.h +++ b/src/key_reset.h @@ -90,6 +90,8 @@ DYNAMIC_API PEP_STATUS key_reset_user( DYNAMIC_API PEP_STATUS key_reset_all_own_keys(PEP_SESSION session); // FIXME: Doc +// This is simply NOT SAFE for multiple passwords on the extant +// keys. Cannot be called with multiple passwords for that purpose. DYNAMIC_API PEP_STATUS key_reset_own_grouped_keys(PEP_SESSION session); // key_reset() - reset the database status for a key, removing all trust information @@ -116,6 +118,7 @@ DYNAMIC_API PEP_STATUS key_reset_own_grouped_keys(PEP_SESSION session); // if NULL and fpr is non-NULL, we'll reset the key for all // associated identities. If both ident and fpr are NULL, see // the fpr arg documentation. +// ***IF there is an ident, it must have a user_id.*** // // Note: ident->fpr is always ignored // diff --git a/src/message_api.h b/src/message_api.h index 5858d4e0..59248f0c 100644 --- a/src/message_api.h +++ b/src/message_api.h @@ -563,6 +563,8 @@ PEP_STATUS try_encrypt_message( PEP_encrypt_flags_t flags ); +PEP_STATUS probe_encrypt(PEP_SESSION session, const char *fpr); + #ifdef __cplusplus } #endif From a706680c7c32a01112694ed0d7a086138eb1b182 Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Sun, 26 Jul 2020 14:04:33 +0200 Subject: [PATCH 14/50] ENGINE-775: Helps if revoke actually returns a useful status and not always PEP_UNKNOWN_ERROR --- src/pgp_sequoia.c | 2 +- test/src/RevocationTest.cc | 59 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 60 insertions(+), 1 deletion(-) diff --git a/src/pgp_sequoia.c b/src/pgp_sequoia.c index b1d9f411..185a1b0d 100644 --- a/src/pgp_sequoia.c +++ b/src/pgp_sequoia.c @@ -3184,7 +3184,7 @@ PEP_STATUS pgp_revoke_key( status = _pgp_get_decrypted_key(session, iter, &key); if (!key || status != PEP_STATUS_OK) { - ERROR_OUT (err, PEP_UNKNOWN_ERROR, + ERROR_OUT (err, (status != PEP_STATUS_OK ? status : PEP_UNKNOWN_ERROR), "%s has no usable certification capable key", fpr); } diff --git a/test/src/RevocationTest.cc b/test/src/RevocationTest.cc index b3d43bb2..1b7a88b6 100644 --- a/test/src/RevocationTest.cc +++ b/test/src/RevocationTest.cc @@ -76,6 +76,18 @@ namespace { session = NULL; } + const char* alice_filename = "test_keys/alice-no-passwords.pgp"; + const char* alice_pub_filename = "test_keys/pub/alice-0x2A649B9F_pub.asc"; + const char* bob_filename = "test_keys/bob-primary-with-password-bob-subkey-without.pgp"; + const char* carol_filename = "test_keys/carol-subkeys-password-carol.pgp"; + const char* david_filename = "test_keys/david-encryption-subkey-password-encrypt-signing-subkey-password-sign.pgp"; + const char* erwin_filename = "test_keys/erwin-primary-encrypted-erwin-subkey-unencrypted.pgp"; + const char* alice_fpr = "03AF88F728B8E9AADA7F370BD41801C62A649B9F"; + const char* bob_fpr = "5C76378A62B04CF3F41BEC8D4940FC9FA1878736"; + const char* carol_fpr = "A5B3473EA7CBB5DF7A4F595A8883DC4BCD8BAC06"; + const char* david_fpr = "7F72E4B27C6161455CD9C50FE7A05D7BF3FF4E19"; + const char* erwin_fpr = "A34048189F0067DF0006FB28CBD7CFBCC0FA7F97"; + private: const char* test_suite_name; const char* test_name; @@ -130,3 +142,50 @@ TEST_F(RevocationTest, check_revocation) { free_stringlist(keylist); #endif } + +TEST_F(RevocationTest, check_revoke_key_needs_passphrase) { + ASSERT_TRUE(slurp_and_import_key(session, bob_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, bob_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + // Key imported. + // Now: revoke it. + status = revoke_key(session, bob_fpr, NULL); + ASSERT_EQ(status, PEP_PASSPHRASE_REQUIRED); + +} + +TEST_F(RevocationTest, check_revoke_key_wrong_passphrase) { + ASSERT_TRUE(slurp_and_import_key(session, bob_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, bob_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + config_passphrase(session, "julio"); + + // Key imported. + // Now: revoke it. + status = revoke_key(session, bob_fpr, NULL); + ASSERT_EQ(status, PEP_WRONG_PASSPHRASE); +} + +TEST_F(RevocationTest, check_revoke_key_correct_passphrase) { + ASSERT_TRUE(slurp_and_import_key(session, bob_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, bob_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + config_passphrase(session, "bob"); + + // Key imported. + // Now: revoke it. + status = revoke_key(session, bob_fpr, NULL); + ASSERT_EQ(status, PEP_STATUS_OK); +} From 18800da494d5aa7e7e9f902e184179f4122c2818 Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Sun, 26 Jul 2020 14:17:16 +0200 Subject: [PATCH 15/50] ENGINE-775: simple key reset tests pass --- test/src/KeyResetMessageTest.cc | 55 +++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) diff --git a/test/src/KeyResetMessageTest.cc b/test/src/KeyResetMessageTest.cc index c1b716ed..04b51dc4 100644 --- a/test/src/KeyResetMessageTest.cc +++ b/test/src/KeyResetMessageTest.cc @@ -49,6 +49,9 @@ class KeyResetMessageTest : public ::testing::Test { const string erin_user_id = "ErinErinErin"; const string fenris_user_id = "BadWolf"; + const char* bob2_filename = "test_keys/bob-primary-with-password-bob-subkey-without.pgp"; + const char* bob2_fpr = "5C76378A62B04CF3F41BEC8D4940FC9FA1878736"; + // You can remove any or all of the following functions if its body // is empty. KeyResetMessageTest() { @@ -2479,6 +2482,58 @@ TEST_F(KeyResetMessageTest, check_reset_all_own_keys_one_URI_partner) { ASSERT_STRNE(me->fpr, copy_fpr); } +TEST_F(KeyResetMessageTest, check_reset_key_needs_passphrase) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, bob2_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + status = key_reset_identity(session, bob2, bob2_fpr); + ASSERT_EQ(status, PEP_PASSPHRASE_REQUIRED); + +} + +TEST_F(KeyResetMessageTest, check_reset_key_wrong_passphrase) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, bob2_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + config_passphrase(session, "julio"); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + status = key_reset_identity(session, bob2, bob2_fpr); + + ASSERT_EQ(status, PEP_WRONG_PASSPHRASE); +} + +TEST_F(KeyResetMessageTest, check_reset_key_correct_passphrase) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, bob2_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + config_passphrase(session, "bob"); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + status = key_reset_identity(session, bob2, bob2_fpr); + ASSERT_EQ(status, PEP_STATUS_OK); +} + + /* TEST_F(KeyResetMessageTest, check_reset_own_with_revocations) { pEp_identity* id1 = new_identity("krista-not-real@darthmama.org", NULL, PEP_OWN_USERID, "Krista at Home"); From 64bd0885176407abc3cc1dd94ff55c4a389d0430 Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Sun, 26 Jul 2020 14:34:45 +0200 Subject: [PATCH 16/50] ENGINE-775: more tests --- test/src/KeyResetMessageTest.cc | 93 +++++++++++++++++++++++++++++++++ 1 file changed, 93 insertions(+) diff --git a/test/src/KeyResetMessageTest.cc b/test/src/KeyResetMessageTest.cc index 04b51dc4..5fd46335 100644 --- a/test/src/KeyResetMessageTest.cc +++ b/test/src/KeyResetMessageTest.cc @@ -52,6 +52,9 @@ class KeyResetMessageTest : public ::testing::Test { const char* bob2_filename = "test_keys/bob-primary-with-password-bob-subkey-without.pgp"; const char* bob2_fpr = "5C76378A62B04CF3F41BEC8D4940FC9FA1878736"; + const char* alice2_filename = "test_keys/alice-no-passwords.pgp"; + const char* alice2_fpr = "03AF88F728B8E9AADA7F370BD41801C62A649B9F"; + // You can remove any or all of the following functions if its body // is empty. KeyResetMessageTest() { @@ -2525,7 +2528,62 @@ TEST_F(KeyResetMessageTest, check_reset_key_correct_passphrase) { ASSERT_NE(found_key->value, nullptr); config_passphrase(session, "bob"); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + status = key_reset_identity(session, bob2, bob2_fpr); + ASSERT_EQ(status, PEP_STATUS_OK); +} + +TEST_F(KeyResetMessageTest, check_reset_key_needs_passphrase_gen_key_matches) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, bob2_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + config_passphrase_for_new_keys(session, true, "bob"); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + status = key_reset_identity(session, bob2, bob2_fpr); + ASSERT_EQ(status, PEP_PASSPHRASE_REQUIRED); + +} + +TEST_F(KeyResetMessageTest, check_reset_key_wrong_passphrase_gen_key_matches) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, bob2_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + config_passphrase(session, "julio"); + config_passphrase_for_new_keys(session, true, "bob"); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + status = key_reset_identity(session, bob2, bob2_fpr); + ASSERT_EQ(status, PEP_WRONG_PASSPHRASE); +} + +TEST_F(KeyResetMessageTest, check_reset_key_correct_passphrase_gen_key_matches) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, bob2_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + config_passphrase(session, "bob"); + config_passphrase_for_new_keys(session, true, "bob"); + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); status = set_own_key(session, bob2, bob2_fpr); @@ -2533,6 +2591,41 @@ TEST_F(KeyResetMessageTest, check_reset_key_correct_passphrase) { ASSERT_EQ(status, PEP_STATUS_OK); } +TEST_F(KeyResetMessageTest, check_reset_key_no_passphrase_but_has_gen_key) { + ASSERT_TRUE(slurp_and_import_key(session, alice2_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, alice2_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + config_passphrase_for_new_keys(session, true, "alice"); + + pEp_identity* alice2 = new_identity("alice@example.org", alice2_fpr, "ALICE", "Alice"); + status = set_own_key(session, alice2, alice2_fpr); + + status = key_reset_identity(session, alice2, alice2_fpr); + ASSERT_EQ(status, PEP_STATUS_OK); + +} + +TEST_F(KeyResetMessageTest, check_reset_key_gen_key_pass_required) { + ASSERT_TRUE(slurp_and_import_key(session, alice2_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, alice2_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + session->new_key_pass_enable = true; + + pEp_identity* alice2 = new_identity("alice@example.org", alice2_fpr, "ALICE", "Alice"); + status = set_own_key(session, alice2, alice2_fpr); + + status = key_reset_identity(session, alice2, alice2_fpr); + ASSERT_EQ(status, PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED); + +} /* TEST_F(KeyResetMessageTest, check_reset_own_with_revocations) { From 67820b0d1f51f74538482af974cb4658f49f2367 Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Sun, 26 Jul 2020 14:36:02 +0200 Subject: [PATCH 17/50] ENGINE-775: more tests --- test/src/KeyResetMessageTest.cc | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/test/src/KeyResetMessageTest.cc b/test/src/KeyResetMessageTest.cc index 5fd46335..15ea347d 100644 --- a/test/src/KeyResetMessageTest.cc +++ b/test/src/KeyResetMessageTest.cc @@ -2591,6 +2591,24 @@ TEST_F(KeyResetMessageTest, check_reset_key_correct_passphrase_gen_key_matches) ASSERT_EQ(status, PEP_STATUS_OK); } +TEST_F(KeyResetMessageTest, check_reset_key_correct_passphrase_gen_key_differs) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, bob2_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + config_passphrase(session, "bob"); + config_passphrase_for_new_keys(session, true, "juan"); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + status = key_reset_identity(session, bob2, bob2_fpr); + ASSERT_EQ(status, PEP_STATUS_OK); +} + TEST_F(KeyResetMessageTest, check_reset_key_no_passphrase_but_has_gen_key) { ASSERT_TRUE(slurp_and_import_key(session, alice2_filename)); stringlist_t* found_key = NULL; From 848da884ab90f232053748878ae2f802620cd7e1 Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Sun, 26 Jul 2020 14:53:39 +0200 Subject: [PATCH 18/50] ENGINE-775: more tests --- test/src/KeyResetMessageTest.cc | 94 ++++++++++++++++++++++++++++++++- 1 file changed, 93 insertions(+), 1 deletion(-) diff --git a/test/src/KeyResetMessageTest.cc b/test/src/KeyResetMessageTest.cc index 15ea347d..dda7d73d 100644 --- a/test/src/KeyResetMessageTest.cc +++ b/test/src/KeyResetMessageTest.cc @@ -55,6 +55,9 @@ class KeyResetMessageTest : public ::testing::Test { const char* alice2_filename = "test_keys/alice-no-passwords.pgp"; const char* alice2_fpr = "03AF88F728B8E9AADA7F370BD41801C62A649B9F"; + const char* erwin_filename = "test_keys/erwin-primary-encrypted-erwin-subkey-unencrypted.pgp"; + const char* erwin_fpr = "A34048189F0067DF0006FB28CBD7CFBCC0FA7F97"; + // You can remove any or all of the following functions if its body // is empty. KeyResetMessageTest() { @@ -2532,10 +2535,99 @@ TEST_F(KeyResetMessageTest, check_reset_key_correct_passphrase) { pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); status = set_own_key(session, bob2, bob2_fpr); - status = key_reset_identity(session, bob2, bob2_fpr); + status = key_reset_all_own_keys(session); + ASSERT_EQ(status, PEP_STATUS_OK); +} + +// +TEST_F(KeyResetMessageTest, check_reset_key_user_needs_passphrase) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, bob2_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + status = key_reset_all_own_keys(session); + ASSERT_EQ(status, PEP_PASSPHRASE_REQUIRED); + +} + +TEST_F(KeyResetMessageTest, check_reset_key_user_wrong_passphrase) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, bob2_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + config_passphrase(session, "julio"); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + status = key_reset_all_own_keys(session); + + ASSERT_EQ(status, PEP_WRONG_PASSPHRASE); +} + +TEST_F(KeyResetMessageTest, check_reset_key_user_correct_passphrase) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, bob2_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + config_passphrase(session, "bob"); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + status = key_reset_all_own_keys(session); ASSERT_EQ(status, PEP_STATUS_OK); } +TEST_F(KeyResetMessageTest, check_reset_key_user_multi_passphrase_first_wrong) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + ASSERT_TRUE(slurp_and_import_key(session, erwin_filename)); + + PEP_STATUS status; + + config_passphrase(session, "erwin"); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + pEp_identity* erwin = new_identity("erwin@example.org", erwin_fpr, "BOB", "Bob is Erwin"); + status = set_own_key(session, erwin, erwin_fpr); + + status = key_reset_all_own_keys(session); + ASSERT_EQ(status, PEP_WRONG_PASSPHRASE); +} + +TEST_F(KeyResetMessageTest, check_reset_key_user_multi_passphrase_second_wrong) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + ASSERT_TRUE(slurp_and_import_key(session, erwin_filename)); + + PEP_STATUS status; + + config_passphrase(session, "bob"); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + pEp_identity* erwin = new_identity("erwin@example.org", erwin_fpr, "BOB", "Bob is Erwin"); + status = set_own_key(session, erwin, erwin_fpr); + + status = key_reset_all_own_keys(session); + ASSERT_EQ(status, PEP_WRONG_PASSPHRASE); +} +// + TEST_F(KeyResetMessageTest, check_reset_key_needs_passphrase_gen_key_matches) { ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); stringlist_t* found_key = NULL; From 2b3d035ea2af88de4e464f56c90c2de17a240551 Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Mon, 27 Jul 2020 09:51:49 +0200 Subject: [PATCH 19/50] ENGINE-775: renew_tests (basic) --- test/src/KeyeditTest.cc | 68 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+) diff --git a/test/src/KeyeditTest.cc b/test/src/KeyeditTest.cc index ffee0d55..74af64fd 100644 --- a/test/src/KeyeditTest.cc +++ b/test/src/KeyeditTest.cc @@ -74,6 +74,18 @@ namespace { session = NULL; } + const char* alice_filename = "test_keys/alice-no-passwords.pgp"; + const char* alice_pub_filename = "test_keys/pub/alice-0x2A649B9F_pub.asc"; + const char* bob_filename = "test_keys/bob-primary-with-password-bob-subkey-without.pgp"; + const char* carol_filename = "test_keys/carol-subkeys-password-carol.pgp"; + const char* david_filename = "test_keys/david-encryption-subkey-password-encrypt-signing-subkey-password-sign.pgp"; + const char* erwin_filename = "test_keys/erwin-primary-encrypted-erwin-subkey-unencrypted.pgp"; + const char* alice_fpr = "03AF88F728B8E9AADA7F370BD41801C62A649B9F"; + const char* bob_fpr = "5C76378A62B04CF3F41BEC8D4940FC9FA1878736"; + const char* carol_fpr = "A5B3473EA7CBB5DF7A4F595A8883DC4BCD8BAC06"; + const char* david_fpr = "7F72E4B27C6161455CD9C50FE7A05D7BF3FF4E19"; + const char* erwin_fpr = "A34048189F0067DF0006FB28CBD7CFBCC0FA7F97"; + private: const char* test_suite_name; const char* test_name; @@ -137,3 +149,59 @@ TEST_F(KeyeditTest, check_keyedit) { // output_stream << "delete_keypair() exits with " << delete_status << "\n"; // ASSERT_EQ(delete_status , PEP_STATUS_OK); } + +TEST_F(KeyeditTest, check_renew_key_correct_passphrase) { + ASSERT_TRUE(slurp_and_import_key(session, bob_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, bob_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + config_passphrase(session, "bob"); + + time_t now = time(NULL); + output_stream << "Time is " << now << endl; + timestamp *ts = new_timestamp(now); + ts->tm_year += 2; + + status = renew_key(session, bob_fpr, ts); + ASSERT_EQ(status, PEP_STATUS_OK); +} + +TEST_F(KeyeditTest, check_renew_key_needs_passphrase) { + ASSERT_TRUE(slurp_and_import_key(session, bob_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, bob_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + time_t now = time(NULL); + output_stream << "Time is " << now << endl; + timestamp *ts = new_timestamp(now); + ts->tm_year += 2; + + status = renew_key(session, bob_fpr, ts); + ASSERT_EQ(status, PEP_PASSPHRASE_REQUIRED); + +} + +TEST_F(KeyeditTest, check_renew_key_wrong_passphrase) { + ASSERT_TRUE(slurp_and_import_key(session, bob_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, bob_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + config_passphrase(session, "julio"); + + time_t now = time(NULL); + output_stream << "Time is " << now << endl; + timestamp *ts = new_timestamp(now); + ts->tm_year += 2; + + status = renew_key(session, bob_fpr, ts); + ASSERT_EQ(status, PEP_WRONG_PASSPHRASE); +} From e19d0484937d2043cd72a804ad2967e9ecb7b742 Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Mon, 27 Jul 2020 09:52:34 +0200 Subject: [PATCH 21/50] Automatically bumped RC in source for future release. Next RC after this one will be 2.1.0-RC22 **if released**. --- src/pEpEngine.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pEpEngine.h b/src/pEpEngine.h index 316509a4..77def754 100644 --- a/src/pEpEngine.h +++ b/src/pEpEngine.h @@ -25,7 +25,7 @@ extern "C" { #define PEP_ENGINE_VERSION_MAJOR 2 #define PEP_ENGINE_VERSION_MINOR 1 #define PEP_ENGINE_VERSION_PATCH 0 -#define PEP_ENGINE_VERSION_RC 21 +#define PEP_ENGINE_VERSION_RC 22 #define PEP_OWN_USERID "pEp_own_userId" From e8b88562de4b8dab145f4f1acd3485286446ee74 Mon Sep 17 00:00:00 2001 From: Hussein Kasem Date: Mon, 27 Jul 2020 12:49:18 +0200 Subject: [PATCH 22/50] Android build: Add cleanup for installed headers. --- Makefile | 1 + build-android/Makefile | 13 +++++++++++++ 2 files changed, 14 insertions(+) create mode 100644 build-android/Makefile diff --git a/Makefile b/Makefile index ec144817..71d4db54 100644 --- a/Makefile +++ b/Makefile @@ -54,6 +54,7 @@ clean: $(MAKE) -C db clean $(MAKE) -C asn.1 clean $(MAKE) -C sync clean + $(MAKE) -C build-android clean tags: $(MAKE) -C asn.1 tags diff --git a/build-android/Makefile b/build-android/Makefile new file mode 100644 index 00000000..1f5f0865 --- /dev/null +++ b/build-android/Makefile @@ -0,0 +1,13 @@ +# Copyright 2020, pEp Foundation +# This file is part of pEpEngine - Android Build +# This file may be used under the terms of the GNU General Public License version 3 +# see LICENSE.txt + +include ../Makefile.conf + +all: + echo "Placeholder command, this is meant to be cleaned by JNIAdapter Android build" + +.PHONY: clean +clean: + rm -rf include/ From fc854ccd9de311868176b692b8518ec6fe1acd33 Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Mon, 27 Jul 2020 13:54:05 +0200 Subject: [PATCH 23/50] ENGINE-775: more tests --- test/src/UpdateIdAndMyselfTest.cc | 216 ++++++++++++++++++++++++++++++ test/src/test_util.h | 5 + test/test_keys/testy_expired.pgp | 30 +++++ 3 files changed, 251 insertions(+) create mode 100644 test/test_keys/testy_expired.pgp diff --git a/test/src/UpdateIdAndMyselfTest.cc b/test/src/UpdateIdAndMyselfTest.cc index 5bbc1b9c..f1399559 100644 --- a/test/src/UpdateIdAndMyselfTest.cc +++ b/test/src/UpdateIdAndMyselfTest.cc @@ -13,6 +13,7 @@ #include "TestConstants.h" #include "pEpEngine.h" +#include "pEp_internal.h" #include "message_api.h" #include "keymanagement.h" #include "test_util.h" @@ -78,6 +79,9 @@ namespace { session = NULL; } + const char* testy_filename = "test_keys/testy_expired.pgp"; // pub/private keypair + const char* testy_fpr = "D1AEA592B78BEF2BE8D93C78DD835B271075DA7E"; + private: const char* test_suite_name; const char* test_name; @@ -674,3 +678,215 @@ TEST_F(UpdateIdAndMyselfTest, check_update_identity_and_myself) { free(alias_id); free(new_fpr); } + +TEST_F(UpdateIdAndMyselfTest, check_myself_gen_password) { + PEP_STATUS status; + config_passphrase_for_new_keys(session, true, "test"); + pEp_identity* testy = new_identity("testy@darthmama.org", NULL, PEP_OWN_USERID, "Testy McKeys"); + testy->me = true; + testy->comm_type = PEP_ct_pEp; + status = set_identity(session, testy); + ASSERT_OK; + + status = myself(session, testy); + ASSERT_OK; + ASSERT_NE(testy->fpr, nullptr); + ASSERT_NE(testy->fpr[0], '\0'); + + status = probe_encrypt(session, testy->fpr); + ASSERT_EQ(status, PEP_PASSPHRASE_REQUIRED); + config_passphrase(session, "test"); + status = probe_encrypt(session, testy->fpr); + ASSERT_OK; +} + +TEST_F(UpdateIdAndMyselfTest, check_myself_gen_password_required) { + PEP_STATUS status; + + session->new_key_pass_enable = true; + + pEp_identity* testy = new_identity("testy@darthmama.org", NULL, PEP_OWN_USERID, "Testy McKeys"); + testy->me = true; + testy->comm_type = PEP_ct_pEp; + status = set_identity(session, testy); + ASSERT_OK; + + status = myself(session, testy); + ASSERT_EQ(status, PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED); +} + +TEST_F(UpdateIdAndMyselfTest, check_myself_gen_password_disable) { + PEP_STATUS status; + config_passphrase_for_new_keys(session, true, "test"); + session->new_key_pass_enable = false; + pEp_identity* testy = new_identity("testy@darthmama.org", NULL, PEP_OWN_USERID, "Testy McKeys"); + testy->me = true; + testy->comm_type = PEP_ct_pEp; + status = set_identity(session, testy); + ASSERT_OK; + + status = myself(session, testy); + ASSERT_OK; + ASSERT_NE(testy->fpr, nullptr); + ASSERT_NE(testy->fpr[0], '\0'); + + status = probe_encrypt(session, testy->fpr); + ASSERT_OK; +} + +TEST_F(UpdateIdAndMyselfTest, check_myself_renewal_password) { + ASSERT_TRUE(slurp_and_import_key(session, testy_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, testy_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + pEp_identity* testy = new_identity("testy@darthmama.org", testy_fpr, PEP_OWN_USERID, "Testy McKeys"); + testy->me = true; + testy->comm_type = PEP_ct_pEp; + status = set_identity(session, testy); + ASSERT_OK; + + config_passphrase(session, "test"); + + status = myself(session, testy); + ASSERT_OK; + + bool expired = false; + status = key_expired(session, testy_fpr, time(NULL), &expired); + ASSERT_OK; + ASSERT_FALSE(expired); + + ASSERT_STREQ(testy_fpr, testy->fpr); +} + +TEST_F(UpdateIdAndMyselfTest, check_myself_renewal_wrong_password) { + ASSERT_TRUE(slurp_and_import_key(session, testy_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, testy_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + pEp_identity* testy = new_identity("testy@darthmama.org", testy_fpr, PEP_OWN_USERID, "Testy McKeys"); + testy->me = true; + testy->comm_type = PEP_ct_pEp; + status = set_identity(session, testy); + ASSERT_OK; + + config_passphrase(session, "bob"); + + status = myself(session, testy); + ASSERT_EQ(status, PEP_WRONG_PASSPHRASE); +} + +TEST_F(UpdateIdAndMyselfTest, check_myself_renewal_requires_password) { + ASSERT_TRUE(slurp_and_import_key(session, testy_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, testy_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + pEp_identity* testy = new_identity("testy@darthmama.org", testy_fpr, PEP_OWN_USERID, "Testy McKeys"); + testy->me = true; + testy->comm_type = PEP_ct_pEp; + status = set_identity(session, testy); + ASSERT_OK; + + status = myself(session, testy); + ASSERT_EQ(status, PEP_PASSPHRASE_REQUIRED); +} + +TEST_F(UpdateIdAndMyselfTest, check_update_identity_own_renewal_password) { + ASSERT_TRUE(slurp_and_import_key(session, testy_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, testy_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + // Force own identity to exist in DB, but not the onee we're working on + pEp_identity* fake_id = new_identity("fake@fake.fake", NULL, PEP_OWN_USERID, "This identity is fake"); + fake_id->me = true; + status = set_identity(session, fake_id); + ASSERT_OK; + + pEp_identity* testy = new_identity("testy@darthmama.org", testy_fpr, PEP_OWN_USERID, "Testy McKeys"); + status = set_identity(session, testy); + ASSERT_OK; + + config_passphrase(session, "test"); + + free(testy->user_id); + testy->user_id = NULL; + status = update_identity(session, testy); + ASSERT_EQ(status, PEP_KEY_UNSUITABLE); + + bool expired = false; + status = key_expired(session, testy_fpr, time(NULL), &expired); + ASSERT_OK; + ASSERT_TRUE(expired); +} + + +TEST_F(UpdateIdAndMyselfTest, check_update_identity_own_renewal_wrong_password) { + ASSERT_TRUE(slurp_and_import_key(session, testy_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, testy_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + // Force own identity to exist in DB, but not the onee we're working on + pEp_identity* fake_id = new_identity("fake@fake.fake", NULL, PEP_OWN_USERID, "This identity is fake"); + fake_id->me = true; + status = set_identity(session, fake_id); + ASSERT_OK; + + pEp_identity* testy = new_identity("testy@darthmama.org", testy_fpr, PEP_OWN_USERID, "Testy McKeys"); + status = set_identity(session, testy); + ASSERT_OK; + + config_passphrase(session, "bob"); + + free(testy->user_id); + testy->user_id = NULL; + status = update_identity(session, testy); + ASSERT_EQ(status, PEP_KEY_UNSUITABLE); + + bool expired = false; + status = key_expired(session, testy_fpr, time(NULL), &expired); + ASSERT_OK; + ASSERT_TRUE(expired); +} + +TEST_F(UpdateIdAndMyselfTest, check_update_identity_own_renewal_requires_password) { + ASSERT_TRUE(slurp_and_import_key(session, testy_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, testy_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + // Force own identity to exist in DB, but not the onee we're working on + pEp_identity* fake_id = new_identity("fake@fake.fake", NULL, PEP_OWN_USERID, "This identity is fake"); + fake_id->me = true; + status = set_identity(session, fake_id); + ASSERT_OK; + + pEp_identity* testy = new_identity("testy@darthmama.org", testy_fpr, PEP_OWN_USERID, "Testy McKeys"); + status = set_identity(session, testy); + ASSERT_OK; + + free(testy->user_id); + testy->user_id = NULL; + status = update_identity(session, testy); + ASSERT_EQ(status, PEP_KEY_UNSUITABLE); + + bool expired = false; + status = key_expired(session, testy_fpr, time(NULL), &expired); + ASSERT_OK; + ASSERT_TRUE(expired); +} diff --git a/test/src/test_util.h b/test/src/test_util.h index a8abad75..7a78dff4 100644 --- a/test/src/test_util.h +++ b/test/src/test_util.h @@ -12,11 +12,16 @@ #include "aux_mime_msg.h" #include "mime.h" +#include + void test_init(); bool file_exists(std::string filename); bool is_pEpmsg(const message *msg); // duplicates static func in message_api.c, fyi +#ifndef ASSERT_OK +#define ASSERT_OK ASSERT_EQ(status, PEP_STATUS_OK) +#endif extern std::string _main_test_home_dir; diff --git a/test/test_keys/testy_expired.pgp b/test/test_keys/testy_expired.pgp new file mode 100644 index 00000000..d826defa --- /dev/null +++ b/test/test_keys/testy_expired.pgp @@ -0,0 +1,30 @@ +-----BEGIN PGP PRIVATE KEY BLOCK----- +Comment: D1AE A592 B78B EF2B E8D9 3C78 DD83 5B27 1075 DA7E +Comment: Testy McExpiredKey + +xYYEXE2XJxYJKwYBBAHaRw8BAQdAzRzNNktTqmvJZUdK3SQkPqAVWvL0n5qCpapG +bGXi+VH+CQMI8JRexRCwx3D/m5XQOLFR/5rmzMlBV0kLTr10RCad3feLBs2vr1lf +xh+eLIxNJhYrPbOCTea7nN8nzUDwzQNUWVp7caINrnhIhDNRL973w8KHBB8WCgAY +BYJcTZcnBYkAAVF9AgsJAhUKApsBAh4BACEJEN2DWycQddp+FiEE0a6lkreL7yvo +2Tx43YNbJxB12n62vQD/Qm4oGq/KHnAcyTXYtzTVR+4vkWXr044Dk0IUlLWuh+YA +/issbJX/6D+9QLJNWgU8NIJkeM2V7/Dn5TG78nEBuJUFzShUZXN0eSBNY0V4cGly +ZWRLZXkgPHRlc3R5QGRhcnRobWFtYS5vcmc+wooEExYKABsFglxNlycFiQABUX0C +CwkCFQoCmQECmwECHgEAIQkQ3YNbJxB12n4WIQTRrqWSt4vvK+jZPHjdg1snEHXa +fmQsAQD88B62VN2aAw/mbuA7Ihz0itl9bG6xKTadqloNqhWBywEA3rt9/tYOiZlP +9ZqVG5wGEu14wTVehr+Tn34RIXvS0AjHhgRcTZcnFgkrBgEEAdpHDwEBB0BilSz+ +AK65ih+A56g1kb9PzZQWO+/dbkiYkyhCAQnLL/4JAwjzE9QpYS6+pP+B7PMLWWlO +I4+aqLaU+X0rPobzjaW2prZAMAMALmdy4+XX70lSwO0vfyUDUxS1FYuourwcs7SH +FbWNFBhwy19oH0iUUUCMwsA4BBgWCgASBYJcTZcnBYkAAVF9ApsCAh4BAJgJEN2D +WycQddp+dqAEGRYKAAYFglxNlycAIQkQ6SLysAGDI6YWIQTYCRj9VOI8cNRohC3p +IvKwAYMjplZJAQCUU7/Gxypr3spe5enGxmOG176f5zwpgRtofjgdzB3A4wEAwCRs +ULVltO5aLEGpTqI3Y4c7FQpL7by5rjMGPQXwaA4WIQTRrqWSt4vvK+jZPHjdg1sn +EHXafvudAP9gluzsBG/h5dmnUdj8wBjdiwMLtF2EbnJ5yNerFlKVogEAwmwY0Oza +Gtwxs/RfH3rpDNOciyeHKTVpDxIgCTslfgbHiwRcTZcnEgorBgEEAZdVAQUBAQdA +TJVNGPLhOn5xvalYOJSe2xEK8erJP4ypAPyjIZAOOgYDAQgJ/gkDCKMEQlbxKbC8 +/zympAiM9Hg2+AnkkTCeyH9hrRfAwdRBMFCg6WyvL/8YfnduszqEw16azdCSyXbF +/83O9UpVoyoltxW13zzX0CK+34I8R5rCgQQYFgoAEgWCXE2XJwWJAAFRfQKbDAIe +AQAhCRDdg1snEHXafhYhBNGupZK3i+8r6Nk8eN2DWycQddp+v3kBALvpES5a5YNv +s05KWZmdhKDv/G+RNa427OKX1JO9gdvAAP9FAS7lujAbfmMPgXpgY1an4aIY0466 +FO4XjYee+ROODQ== +=55ON +-----END PGP PRIVATE KEY BLOCK----- From 33fda22a437a93d908fa2257f4dfbdddfd4a260c Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Mon, 27 Jul 2020 17:29:51 +0200 Subject: [PATCH 24/50] ENGINE-776: got the kinda-sorta sync tests working --- test/src/SyncTest.cc | 75 +++++++++++++++++++++++++++++++++----------- 1 file changed, 57 insertions(+), 18 deletions(-) diff --git a/test/src/SyncTest.cc b/test/src/SyncTest.cc index aab1d5d8..cf9da1a7 100644 --- a/test/src/SyncTest.cc +++ b/test/src/SyncTest.cc @@ -22,6 +22,17 @@ #include +class Sync_Adapter; + +// wrappers for static callbacks. Don't ask me about this mess. +PEP_STATUS ST_message_send_callback(message* msg); +int ST_inject_sync_event_callback(SYNC_EVENT ev, void *management); +Sync_event_t* ST_retrieve_next_sync_event_callback(void *management, unsigned threshold); +void ST_sync_thread_callback(PEP_SESSION session, Sync_Adapter *adapter); +PEP_STATUS ST_notifyHandshake_callback(pEp_identity *me, pEp_identity *partner, sync_handshake_signal signal); + +static void* ST_fake_this; + class Sync_Adapter { public: utility::locked_queue< Sync_event_t * > q; @@ -59,6 +70,14 @@ PEP_STATUS Sync_Adapter::notifyHandshake( return PEP_STATUS_OK; } +PEP_STATUS ST_notifyHandshake_callback( + pEp_identity*me, + pEp_identity *partner, + sync_handshake_signal signal + ) { + return ((Sync_Adapter*)ST_fake_this)->notifyHandshake(me, partner, signal); +} + int Sync_Adapter::inject_sync_event(SYNC_EVENT ev, void *management) { Sync_event_t *_ev = ev; @@ -75,8 +94,13 @@ int Sync_Adapter::inject_sync_event(SYNC_EVENT ev, void *management) return 0; } +int ST_inject_sync_event_callback(SYNC_EVENT ev, void *management) { + return ((Sync_Adapter*)ST_fake_this)->inject_sync_event(ev, management); +} + Sync_event_t *Sync_Adapter::retrieve_next_sync_event(void *management, unsigned threshold) { + // N.B. I think it's too late by the time you get here. auto adapter = static_cast< Sync_Adapter *>(management); time_t started = time(nullptr); bool timeout = false; @@ -116,6 +140,12 @@ Sync_event_t *Sync_Adapter::retrieve_next_sync_event(void *management, unsigned return ev; } +Sync_event_t* ST_retrieve_next_sync_event_callback(void *management, + unsigned threshold) { + + return ((Sync_Adapter*)ST_fake_this)->retrieve_next_sync_event(management, threshold); +} + PEP_STATUS Sync_Adapter::messageToSend(struct _message *msg) { assert(msg && msg->attachments); @@ -138,6 +168,11 @@ PEP_STATUS Sync_Adapter::messageToSend(struct _message *msg) return PEP_STATUS_OK; } +PEP_STATUS ST_message_send_callback(message* msg) { + return ((Sync_Adapter*)ST_fake_this)->messageToSend(msg); +} + + void Sync_Adapter::sync_thread(PEP_SESSION session, Sync_Adapter *adapter) { output_stream << "sync_thread: startup\n"; @@ -145,6 +180,9 @@ void Sync_Adapter::sync_thread(PEP_SESSION session, Sync_Adapter *adapter) output_stream << "sync_thread: shutdown\n"; } +void ST_sync_thread_callback(PEP_SESSION session, Sync_Adapter *adapter) { + ((Sync_Adapter*)ST_fake_this)->sync_thread(session, adapter); +} namespace { @@ -205,8 +243,10 @@ namespace { assert(self->fpr); output_stream << "fpr: " << self->fpr << "\n"; free_identity(self); + + ST_fake_this = (void*)(&adapter); - status = init(&sync, Sync_Adapter::messageToSend, Sync_Adapter::inject_sync_event); + status = init(&sync, ST_message_send_callback, ST_inject_sync_event_callback); if (status != PEP_STATUS_OK) throw std::runtime_error((string("init returned ") + tl_status_string(status)).c_str()); @@ -214,8 +254,8 @@ namespace { status = register_sync_callbacks( sync, (void *) &adapter.q, - Sync_Adapter::notifyHandshake, - Sync_Adapter::retrieve_next_sync_event + ST_notifyHandshake_callback, + ST_retrieve_next_sync_event_callback ); if (status != PEP_STATUS_OK) throw std::runtime_error((string("register sync status returned ") + tl_status_string(status)).c_str()); @@ -223,7 +263,7 @@ namespace { throw std::runtime_error((string("keysync.state was supposed to be ") + to_string((int)Sole) + " but was " + to_string((int)(sync->sync_state.keysync.state))).c_str()); output_stream << "creating thread for sync\n"; - sync_thread = new thread(Sync_Adapter::sync_thread, sync, &adapter); + sync_thread = new thread(ST_sync_thread_callback, sync, &adapter); } @@ -266,7 +306,7 @@ TEST_F(SyncTest, check_sync) signal_Sync_event(sync, Sync_PR_keysync, CannotDecrypt, NULL); } -/* + TEST_F(SyncTest, check_sync_enable) { pEp_identity* julio = new_identity("julio.iglesias@truhan.senor.es", NULL, PEP_OWN_USERID, "Julio Iglesias"); @@ -278,17 +318,16 @@ TEST_F(SyncTest, check_sync_enable) // Passes if you step through and ignore the send_key_to_recents part of key reset, because the attempt to pass the static class vars above doesn't work. // FIXME: KB, reimplement according to now-standard method used in key reset tests - // disable_identity_for_sync(session, julio); - // adapter.processing(); - // myself(session, julio); - // ASSERT_EQ(julio->flags, PEP_idf_not_for_sync); - // ASSERT_STRNE(current_fpr.c_str(), julio->fpr); - // - // pEp_identity* juan = new_identity("juan.valdez@columbian.coffee.co", NULL, PEP_OWN_USERID, "Juan Valdez"); - // disable_identity_for_sync(session, juan); - // adapter.processing(); - // myself(session, juan); - // ASSERT_EQ(juan->flags, PEP_idf_not_for_sync); - // ASSERT_FALSE(EMPTYSTR(juan->fpr)); + disable_identity_for_sync(session, julio); + adapter.processing(); + myself(session, julio); + ASSERT_EQ(julio->flags, PEP_idf_not_for_sync); + ASSERT_STRNE(current_fpr.c_str(), julio->fpr); + + pEp_identity* juan = new_identity("juan.valdez@columbian.coffee.co", NULL, PEP_OWN_USERID, "Juan Valdez"); + disable_identity_for_sync(session, juan); + adapter.processing(); + myself(session, juan); + ASSERT_EQ(juan->flags, PEP_idf_not_for_sync); + ASSERT_FALSE(EMPTYSTR(juan->fpr)); } -*/ From bb411fdf9da1d0ba2187a79ff2ef820ac6b149f5 Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Mon, 27 Jul 2020 20:01:49 +0200 Subject: [PATCH 25/50] _own_identities_retrieve test (which passes) --- test/src/OwnIdentitiesRetrieveTest.cc | 118 ++++++++++++++++++++++++++ test/src/SyncTest.cc | 41 +++++---- 2 files changed, 143 insertions(+), 16 deletions(-) diff --git a/test/src/OwnIdentitiesRetrieveTest.cc b/test/src/OwnIdentitiesRetrieveTest.cc index f54a89ca..3458d2ec 100644 --- a/test/src/OwnIdentitiesRetrieveTest.cc +++ b/test/src/OwnIdentitiesRetrieveTest.cc @@ -112,3 +112,121 @@ TEST_F(OwnIdentitiesRetrieveTest, check_own_identities_retrieve) { ASSERT_NE(id_list, nullptr); ASSERT_NE(id_list->ident, nullptr); } + +TEST_F(OwnIdentitiesRetrieveTest, check_own_identities_retrieve_filter) { + pEp_identity* sync_alice = new_identity("alice@darthmama.org", NULL, PEP_OWN_USERID, "Alice"); + pEp_identity* sync_bob = new_identity("bob@darthmama.org", NULL, PEP_OWN_USERID, "Bob"); + pEp_identity* no_sync_carol = new_identity("carol@darthmama.org", NULL, PEP_OWN_USERID, "Carol"); + pEp_identity* sync_dave = new_identity("dave@darthmama.org", NULL, PEP_OWN_USERID, "Dave"); + pEp_identity* no_sync_eddie = new_identity("eddie@darthmama.org", NULL, PEP_OWN_USERID, "Eddie"); + pEp_identity* no_sync_felicia = new_identity("felicia@darthmama.org", NULL, PEP_OWN_USERID, "Felicia"); + pEp_identity* sync_gordon = new_identity("gordon@darthmama.org", NULL, PEP_OWN_USERID, "Gordon"); + + PEP_STATUS status = myself(session, sync_alice); + ASSERT_OK; + status = set_identity_flags(session, sync_alice, PEP_idf_devicegroup); + ASSERT_OK; + status = myself(session, sync_alice); + ASSERT_OK; + ASSERT_NE(sync_alice->flags & PEP_idf_devicegroup, 0); + + status = myself(session, sync_bob); + ASSERT_OK; + status = set_identity_flags(session, sync_bob, PEP_idf_devicegroup); + ASSERT_OK; + status = myself(session, sync_bob); + ASSERT_OK; + ASSERT_NE(sync_bob->flags & PEP_idf_devicegroup, 0); + + status = myself(session, no_sync_carol); + ASSERT_OK; + status = set_identity_flags(session, no_sync_carol, PEP_idf_not_for_sync); + ASSERT_OK; + status = myself(session, no_sync_carol); + ASSERT_OK; + ASSERT_NE(no_sync_carol->flags & PEP_idf_not_for_sync, 0); + + status = myself(session, sync_dave); + ASSERT_OK; + status = set_identity_flags(session, sync_dave, PEP_idf_devicegroup); + ASSERT_OK; + status = myself(session, sync_dave); + ASSERT_OK; + ASSERT_NE(sync_dave->flags & PEP_idf_devicegroup, 0); + + status = myself(session, no_sync_eddie); + ASSERT_OK; + status = set_identity_flags(session, no_sync_eddie, PEP_idf_not_for_sync); + ASSERT_OK; + status = myself(session, no_sync_eddie); + ASSERT_OK; + ASSERT_NE(no_sync_eddie->flags & PEP_idf_not_for_sync, 0); + + status = myself(session, no_sync_felicia); + ASSERT_OK; + status = set_identity_flags(session, no_sync_felicia, PEP_idf_not_for_sync); + ASSERT_OK; + status = myself(session, no_sync_felicia); + ASSERT_OK; + ASSERT_NE(no_sync_felicia->flags & PEP_idf_not_for_sync, 0); + + status = myself(session, sync_gordon); + ASSERT_OK; + status = set_identity_flags(session, sync_gordon, PEP_idf_devicegroup); + ASSERT_OK; + status = myself(session, sync_gordon); + ASSERT_OK; + ASSERT_NE(sync_gordon->flags & PEP_idf_devicegroup, 0); + + identity_list* id_list = NULL; + status = _own_identities_retrieve(session, &id_list, PEP_idf_not_for_sync); + ASSERT_OK; + ASSERT_NE(id_list, nullptr); + + const char* synced[] = {"alice@darthmama.org", "bob@darthmama.org", "dave@darthmama.org", "gordon@darthmama.org"}; + const char* unsynced[] = {"carol@darthmama.org", "eddie@darthmama.org", "felicia@darthmama.org"}; + + identity_list* curr; + int i = 0; + bool sync_found = false; + for ( ; i < 4; i++) { + const char* curr_addr = synced[i]; + sync_found = false; + for (curr = id_list; curr && curr->ident; curr = curr->next) { + if (strcmp(curr_addr, curr->ident->address) == 0) { + sync_found = true; + break; + } + } + ASSERT_TRUE(sync_found); + } + + for (i = 0, curr = id_list; curr && curr->ident; curr = curr->next, i++) {} + + ASSERT_EQ(i, 4); + + free_identity_list(id_list); + id_list = NULL; + + status = _own_identities_retrieve(session, &id_list, PEP_idf_devicegroup); + ASSERT_OK; + ASSERT_NE(id_list, nullptr); + + bool no_sync_found = false; + + for ( ; i < 3; i++) { + const char* curr_addr = unsynced[i]; + no_sync_found = false; + for (curr = id_list; curr && curr->ident; curr = curr->next) { + if (strcmp(curr_addr, curr->ident->address) == 0) { + no_sync_found = true; + break; + } + } + ASSERT_TRUE(no_sync_found); + } + + for (i = 0, curr = id_list; curr && curr->ident; curr = curr->next, i++) {} + + ASSERT_EQ(i, 3); +} diff --git a/test/src/SyncTest.cc b/test/src/SyncTest.cc index cf9da1a7..df6efee4 100644 --- a/test/src/SyncTest.cc +++ b/test/src/SyncTest.cc @@ -306,28 +306,37 @@ TEST_F(SyncTest, check_sync) signal_Sync_event(sync, Sync_PR_keysync, CannotDecrypt, NULL); } - +/* + * This wont work because of threading stuff. Don't put it back in. + TEST_F(SyncTest, check_sync_enable) { pEp_identity* julio = new_identity("julio.iglesias@truhan.senor.es", NULL, PEP_OWN_USERID, "Julio Iglesias"); - enable_identity_for_sync(session, julio); + PEP_STATUS status = myself(sync, julio); + ASSERT_OK; + enable_identity_for_sync(sync, julio); adapter.processing(); - myself(session, julio); + myself(sync, julio); ASSERT_EQ(julio->flags, PEP_idf_devicegroup); string current_fpr = julio->fpr; -// Passes if you step through and ignore the send_key_to_recents part of key reset, because the attempt to pass the static class vars above doesn't work. -// FIXME: KB, reimplement according to now-standard method used in key reset tests - disable_identity_for_sync(session, julio); - adapter.processing(); - myself(session, julio); - ASSERT_EQ(julio->flags, PEP_idf_not_for_sync); - ASSERT_STRNE(current_fpr.c_str(), julio->fpr); + // Passes if you step through and ignore the send_key_to_recents part of key reset, because the attempt to pass the static class vars above doesn't work. + // FIXME: KB, reimplement according to now-standard method used in key reset tests + disable_identity_for_sync(sync, julio); + adapter.processing(); + status = myself(sync, julio); + ASSERT_OK; + ASSERT_EQ(julio->flags, PEP_idf_not_for_sync); + ASSERT_STRNE(current_fpr.c_str(), julio->fpr); - pEp_identity* juan = new_identity("juan.valdez@columbian.coffee.co", NULL, PEP_OWN_USERID, "Juan Valdez"); - disable_identity_for_sync(session, juan); - adapter.processing(); - myself(session, juan); - ASSERT_EQ(juan->flags, PEP_idf_not_for_sync); - ASSERT_FALSE(EMPTYSTR(juan->fpr)); + pEp_identity* juan = new_identity("juan.valdez@columbian.coffee.co", NULL, PEP_OWN_USERID, "Juan Valdez"); + status = myself(sync, juan); + ASSERT_OK; + disable_identity_for_sync(sync, juan); + adapter.processing(); + status = myself(sync, juan); + ASSERT_OK; + ASSERT_EQ(juan->flags, PEP_idf_not_for_sync); + ASSERT_FALSE(EMPTYSTR(juan->fpr)); } +*/ From 75b70d00946b91c80476fad18ffcd0e9a7f3e297 Mon Sep 17 00:00:00 2001 From: Roker Date: Wed, 29 Jul 2020 00:43:04 +0200 Subject: [PATCH 27/50] add timegm_with_gmtoff() --- src/timestamp.c | 11 +++++++++++ src/timestamp.h | 11 +++++++++++ 2 files changed, 22 insertions(+) diff --git a/src/timestamp.c b/src/timestamp.c index 2969b8a8..688221b3 100644 --- a/src/timestamp.c +++ b/src/timestamp.c @@ -9,6 +9,17 @@ #include #include + +DYNAMIC_API time_t timegm_with_gmtoff(timestamp* ts) +{ + const time_t raw_time = timegm(ts); + if(raw_time==-1) + return -1; + + return raw_time - ts->tm_gmtoff; +} + + DYNAMIC_API timestamp * new_timestamp(time_t clock) { timestamp *ts = calloc(1, sizeof(timestamp)); diff --git a/src/timestamp.h b/src/timestamp.h index 215ac694..87538155 100644 --- a/src/timestamp.h +++ b/src/timestamp.h @@ -30,6 +30,17 @@ typedef struct _timestamp { typedef struct tm timestamp; #endif + +// timegm_with_gmtoff() - convert the broken-out time into time_t, and respect tm_gmtoff +// +// parameters: +// timeptr(inout) broken-out time; members will be "normalized" by this function. +// +// return value: +// time_t that holds the usual "seconds since epoch" +DYNAMIC_API time_t timegm_with_gmtoff(timestamp* ts); + + // new_timestamp() - allocate a new timestamp // // parameters: From b3ab969cf8f805711ddb811679a546ee0e70f039 Mon Sep 17 00:00:00 2001 From: Roker Date: Wed, 29 Jul 2020 00:44:16 +0200 Subject: [PATCH 28/50] Let our own timegm() for Windows behave the same (buggy) way as the POSIX version of timegm().... --- src/platform_windows.cpp | 2 +- src/platform_windows.h | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/src/platform_windows.cpp b/src/platform_windows.cpp index 19c5190a..6d7321d3 100644 --- a/src/platform_windows.cpp +++ b/src/platform_windows.cpp @@ -410,7 +410,7 @@ DYNAMIC_API time_t timegm(timestamp *timeptr) if (result == -1) return -1; - return (result - timeptr->tm_gmtoff); + return result; } void uuid_generate_random(pEpUUID out) diff --git a/src/platform_windows.h b/src/platform_windows.h index 3bc883a8..dda65abd 100644 --- a/src/platform_windows.h +++ b/src/platform_windows.h @@ -54,6 +54,8 @@ int dlclose(void *handle); void *dlsym(void *handle, const char *symbol); int mkstemp(char *templ); +// Nota bene: It does _not_ respect timeptr->tm_gmtoff, so it behaves the same as its POSIX original. +// Use timegm_with_gmtoff() from or that. DYNAMIC_API time_t timegm(timestamp *timeptr); #ifndef strdup From 63f8363eb58451e5afe89e5ab4b82dde68cc1110 Mon Sep 17 00:00:00 2001 From: Volker Birk Date: Wed, 29 Jul 2020 14:39:45 +0200 Subject: [PATCH 29/50] calculate message type from event ID --- sync/gen_statemachine.ysl2 | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sync/gen_statemachine.ysl2 b/sync/gen_statemachine.ysl2 index 6295ba91..ac998e49 100644 --- a/sync/gen_statemachine.ysl2 +++ b/sync/gen_statemachine.ysl2 @@ -291,7 +291,9 @@ tstylesheet { return PEP_«yml:ucase(@name)»_NO_INJECT_CALLBACK; if (event < Extra) { - msg = new_«@name»_message(fsm, event); + // FIXME: there should be a mapping between event and message type + // with current implementation they've got an offset of 1 + msg = new_«@name»_message(fsm, event - 1); if (!msg) { status = PEP_OUT_OF_MEMORY; goto the_end; From 534d1957bf15e170bf214322021d2922fd89e673 Mon Sep 17 00:00:00 2001 From: Volker Birk Date: Wed, 29 Jul 2020 16:43:49 +0200 Subject: [PATCH 31/50] Automatically bumped RC in source for future release. Next RC after this one will be 2.1.0-RC23 **if released**. --- src/pEpEngine.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pEpEngine.h b/src/pEpEngine.h index 77def754..4a723795 100644 --- a/src/pEpEngine.h +++ b/src/pEpEngine.h @@ -25,7 +25,7 @@ extern "C" { #define PEP_ENGINE_VERSION_MAJOR 2 #define PEP_ENGINE_VERSION_MINOR 1 #define PEP_ENGINE_VERSION_PATCH 0 -#define PEP_ENGINE_VERSION_RC 22 +#define PEP_ENGINE_VERSION_RC 23 #define PEP_OWN_USERID "pEp_own_userId" From 72b0f89205e09abc23dc794721b296a4ab9489f7 Mon Sep 17 00:00:00 2001 From: Volker Birk Date: Thu, 30 Jul 2020 13:20:10 +0200 Subject: [PATCH 32/50] fixing timegm_with_gmtoff() --- src/etpan_mime.c | 4 ++++ src/timestamp.c | 22 ++++++++++++++-------- src/timestamp.h | 4 ++-- 3 files changed, 20 insertions(+), 10 deletions(-) diff --git a/src/etpan_mime.c b/src/etpan_mime.c index 7f68eb07..2b09ecc7 100644 --- a/src/etpan_mime.c +++ b/src/etpan_mime.c @@ -548,6 +548,10 @@ timestamp * etpantime_to_timestamp(const struct mailimf_date_time *et) result->tm_mon = et->dt_month - 1; result->tm_year = et->dt_year - 1900; result->tm_gmtoff = 36L * (long) et->dt_zone; + + time_t t = timegm_with_gmtoff(result); + gmtime_r(&t, result); + return result; } diff --git a/src/timestamp.c b/src/timestamp.c index 688221b3..3e9f6e60 100644 --- a/src/timestamp.c +++ b/src/timestamp.c @@ -10,12 +10,21 @@ #include -DYNAMIC_API time_t timegm_with_gmtoff(timestamp* ts) +DYNAMIC_API time_t timegm_with_gmtoff(const timestamp* ts) { - const time_t raw_time = timegm(ts); + if (!ts) + return -1; + + timestamp *_ts = timestamp_dup(ts); + if (!_ts) + return -1; + + const time_t raw_time = timegm(_ts); if(raw_time==-1) return -1; - + + free_timestamp(_ts); + return raw_time - ts->tm_gmtoff; } @@ -44,11 +53,8 @@ DYNAMIC_API timestamp * timestamp_dup(const timestamp *src) if (!src) return NULL; - timestamp *dst = calloc(1, sizeof(timestamp)); - assert(dst); - if (!dst) - return NULL; - + timestamp *dst = (timestamp *) malloc(sizeof(timestamp)); memcpy(dst, src, sizeof(timestamp)); + return dst; } diff --git a/src/timestamp.h b/src/timestamp.h index 87538155..8989d4de 100644 --- a/src/timestamp.h +++ b/src/timestamp.h @@ -34,11 +34,11 @@ typedef struct tm timestamp; // timegm_with_gmtoff() - convert the broken-out time into time_t, and respect tm_gmtoff // // parameters: -// timeptr(inout) broken-out time; members will be "normalized" by this function. +// timeptr(in) broken-out time // // return value: // time_t that holds the usual "seconds since epoch" -DYNAMIC_API time_t timegm_with_gmtoff(timestamp* ts); +DYNAMIC_API time_t timegm_with_gmtoff(const timestamp* ts); // new_timestamp() - allocate a new timestamp From 065b5463b806cb62a6e1a44c1afab454db82b64f Mon Sep 17 00:00:00 2001 From: Volker Birk Date: Thu, 30 Jul 2020 14:35:33 +0200 Subject: [PATCH 33/50] now it behaves the same --- src/platform_windows.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/src/platform_windows.cpp b/src/platform_windows.cpp index 6d7321d3..10a7fbc3 100644 --- a/src/platform_windows.cpp +++ b/src/platform_windows.cpp @@ -406,6 +406,7 @@ DYNAMIC_API time_t timegm(timestamp *timeptr) if (!timeptr) return -1; + timeptr->tm_gmtoff = 0; time_t result = _mkgmtime((struct tm *) timeptr); if (result == -1) return -1; From cb6663104ac9d3396ba32312e0def37761519bcb Mon Sep 17 00:00:00 2001 From: Thomas Date: Thu, 30 Jul 2020 15:03:14 +0200 Subject: [PATCH 34/50] Asn1 on Windows, only generate code and delete pEp folder when rebuilding --- build-windows/libpEpasn1/libpEpasn1.vcxproj | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/build-windows/libpEpasn1/libpEpasn1.vcxproj b/build-windows/libpEpasn1/libpEpasn1.vcxproj index 7bd8f91d..b63f687d 100644 --- a/build-windows/libpEpasn1/libpEpasn1.vcxproj +++ b/build-windows/libpEpasn1/libpEpasn1.vcxproj @@ -60,10 +60,6 @@ Windows - - cd "$(ProjectDir)..\.." && "$(ProjectDir)..\generate_code.cmd" - Generating Code for pEp Sync - @@ -81,10 +77,6 @@ true true - - cd "$(ProjectDir)..\.." && "$(ProjectDir)..\generate_code.cmd" - Generating Code for pEp Sync - @@ -227,4 +219,8 @@ + + + + \ No newline at end of file From b1da96a43849a5bbd1a057dc79289fb02ecbf4da Mon Sep 17 00:00:00 2001 From: Volker Birk Date: Thu, 30 Jul 2020 21:51:11 +0200 Subject: [PATCH 36/50] Automatically bumped RC in source for future release. Next RC after this one will be 2.1.0-RC24 **if released**. --- src/Makefile | 2 +- src/pEpEngine.h | 2 +- test/Makefile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/Makefile b/src/Makefile index 4eb4f3c2..16df3b30 100644 --- a/src/Makefile +++ b/src/Makefile @@ -28,7 +28,7 @@ endif ifeq ($(BUILD_ON),Darwin) ifeq ($(BUILD_FOR),Darwin) CFLAGS+= -DSQLITE_THREADSAFE=1 - LDLIBS+= -lz -liconv + LDLIBS+= -lz -liconv -mmacosx-version-min=10.10 else $(error I do not know how to make for $(BUILD_FOR) on $(BUILD_ON)) endif diff --git a/src/pEpEngine.h b/src/pEpEngine.h index 4a723795..f3427916 100644 --- a/src/pEpEngine.h +++ b/src/pEpEngine.h @@ -25,7 +25,7 @@ extern "C" { #define PEP_ENGINE_VERSION_MAJOR 2 #define PEP_ENGINE_VERSION_MINOR 1 #define PEP_ENGINE_VERSION_PATCH 0 -#define PEP_ENGINE_VERSION_RC 23 +#define PEP_ENGINE_VERSION_RC 24 #define PEP_OWN_USERID "pEp_own_userId" diff --git a/test/Makefile b/test/Makefile index fa5f973f..b4607103 100644 --- a/test/Makefile +++ b/test/Makefile @@ -16,7 +16,7 @@ SRCS:=$(wildcard src/*.cc) $(wildcard src/*/*.cc) OBJS:=$(addsuffix .o,$(basename $(SRCS))) DEPS:=$(OBJS:.o=.d) -LDFLAGS+= -L../asn.1 -L../src $(ETPAN_LIB) $(CPPUNIT_LIB) +LDFLAGS+= -L../asn.1 -L../src $(ETPAN_LIB) $(CPPUNIT_LIB) $(GTEST_LDFLAGS) TARGET:=EngineTests From 43e6d206e83c14d8cb52cd5b459ed43716dd61e1 Mon Sep 17 00:00:00 2001 From: Jorg Knobloch Date: Thu, 30 Jul 2020 22:50:42 +0200 Subject: [PATCH 37/50] ENGINE-780, take 2: After normalizing to UTC, forget the offset. --- src/etpan_mime.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/etpan_mime.c b/src/etpan_mime.c index 2b09ecc7..cea42004 100644 --- a/src/etpan_mime.c +++ b/src/etpan_mime.c @@ -549,8 +549,10 @@ timestamp * etpantime_to_timestamp(const struct mailimf_date_time *et) result->tm_year = et->dt_year - 1900; result->tm_gmtoff = 36L * (long) et->dt_zone; + // Normalize to UTC and then forget the offset. time_t t = timegm_with_gmtoff(result); gmtime_r(&t, result); + result->tm_gmtoff = 0; return result; } From ddbc9ce1d25845b5294810fa6f784a4831d21217 Mon Sep 17 00:00:00 2001 From: Volker Birk Date: Fri, 31 Jul 2020 00:18:09 +0200 Subject: [PATCH 39/50] Automatically bumped RC in source for future release. Next RC after this one will be 2.1.0-RC25 **if released**. --- src/pEpEngine.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pEpEngine.h b/src/pEpEngine.h index f3427916..94d24764 100644 --- a/src/pEpEngine.h +++ b/src/pEpEngine.h @@ -25,7 +25,7 @@ extern "C" { #define PEP_ENGINE_VERSION_MAJOR 2 #define PEP_ENGINE_VERSION_MINOR 1 #define PEP_ENGINE_VERSION_PATCH 0 -#define PEP_ENGINE_VERSION_RC 24 +#define PEP_ENGINE_VERSION_RC 25 #define PEP_OWN_USERID "pEp_own_userId" From fbbeec2eee127bbbe954b2545c886b21b868ec5a Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Fri, 31 Jul 2020 11:22:55 +0200 Subject: [PATCH 40/50] ENGIHE-781: defs for API change --- src/pEpEngine.h | 28 ++++++++++++++++++++++++++-- src/pEp_internal.h | 1 + 2 files changed, 27 insertions(+), 2 deletions(-) diff --git a/src/pEpEngine.h b/src/pEpEngine.h index 4a723795..47745162 100644 --- a/src/pEpEngine.h +++ b/src/pEpEngine.h @@ -205,6 +205,23 @@ DYNAMIC_API void free_Sync_event(SYNC_EVENT ev); typedef int (*inject_sync_event_t)(SYNC_EVENT ev, void *management); +// ensure_decrypt_key() - callee ensures correct password for (signing) key is configured in the session on +// return, or returns error when it is not found +// parameters: +//. session (in) session for which the guarantee is made +// fpr (in) fpr to check +// +// return value: +// PEP_STATUS_OK passphrase is configured and ready to use +// If the caller runs out of passphrases to try, PEP_*PASSWORD* errors +// are acceptable. +//. Other errors if, e.g., the key is not found +// +// caveat: +// The callee is responsible for iterating through passwords +// to ensure signing/encryption can occur successfully. +// +typedef PEP_STATUS (*ensure_decrypt_key_t)(PEP_SESSION session, const char* fpr); // INIT_STATUS init() - initialize pEpEngine for a thread // @@ -214,13 +231,14 @@ typedef int (*inject_sync_event_t)(SYNC_EVENT ev, void *management); // messageToSend (in) callback for sending message by the // application // inject_sync_event (in) callback for injecting a sync event +// ensure_decrypt_key (in) callback for ensuring correct password for key is set // // return value: // PEP_STATUS_OK = 0 if init() succeeds // PEP_INIT_SQLITE3_WITHOUT_MUTEX if SQLite3 was compiled with // SQLITE_THREADSAFE 0 // PEP_INIT_CANNOT_LOAD_CRYPTO_LIB if crypto lin cannot be found -// PEP_INIT_CRYPTO_LIB_INIT_FAILED if CRYPTO_LIB init fails +// PEP_INIT_CRYPTO_LIB_INIT_FAILED if CRYPTO_LIB init fails // PEP_INIT_CANNOT_OPEN_DB if user's management db cannot be // opened // PEP_INIT_CANNOT_OPEN_SYSTEM_DB if system's management db cannot be @@ -239,14 +257,20 @@ typedef int (*inject_sync_event_t)(SYNC_EVENT ev, void *management); // // messageToSend can only be null if no transport is application based // if transport system is not used it must not be NULL +// +// ensure_refresh_key should only be NULL if the +// caller can guarantee that there is only one single or zero passphrases +// used in the whole of the keys database DYNAMIC_API PEP_STATUS init( PEP_SESSION *session, messageToSend_t messageToSend, - inject_sync_event_t inject_sync_event + inject_sync_event_t inject_sync_event, + ensure_decrypt_key_t ensure_decrypt_key ); + // void release() - release thread session handle // // parameters: diff --git a/src/pEp_internal.h b/src/pEp_internal.h index 27078c20..f6a0575d 100644 --- a/src/pEp_internal.h +++ b/src/pEp_internal.h @@ -250,6 +250,7 @@ struct _pEpSession { notifyHandshake_t notifyHandshake; inject_sync_event_t inject_sync_event; retrieve_next_sync_event_t retrieve_next_sync_event; + ensure_decrypt_key_t ensure_decrypt_key; // pEp Sync void *sync_management; From b036c8f14bc6c15e5bda787a567024e102bdf05c Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Fri, 31 Jul 2020 15:04:07 +0200 Subject: [PATCH 41/50] ENGINE-781: hey, at least it doesn't break stuff. Existing tests pass. --- src/key_reset.c | 133 +++++++++++++++++++++++-------------------- src/keymanagement.c | 3 +- src/pEpEngine.c | 4 +- src/pEpEngine.h | 8 +-- src/pEp_internal.h | 2 +- test/src/Engine.cc | 2 +- test/src/SyncTest.cc | 2 +- 7 files changed, 83 insertions(+), 71 deletions(-) diff --git a/src/key_reset.c b/src/key_reset.c index 6cf61a7e..52d475ac 100644 --- a/src/key_reset.c +++ b/src/key_reset.c @@ -973,31 +973,50 @@ static PEP_STATUS _dup_grouped_only(identity_list* idents, identity_list** filte } static PEP_STATUS _check_own_reset_passphrase_readiness(PEP_SESSION session, - const char* key) { - // Before we do anything else, make sure the key to sign the - // revocation has the right passphrase set - PEP_STATUS status = probe_encrypt(session, key); - - // We only care if this has signing-related issues; key could - // already be revoked and it will be fine below. - if (PASS_ERROR(status)) - return status; - - // Because of the above, we CAN support a signing passphrase + const char* key) { + + // Check generation setup + // Because of the above, we can support a signing passphrase // that differs from the generation passphrase. We'll // just check to make sure everything is in order for // later use, however - if (session->new_key_pass_enable) { if (EMPTYSTR(session->generation_passphrase)) return PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED; - - if (EMPTYSTR(session->curr_passphrase)) { - // We'll need it as the current passphrase to sign - // messages with the generated keys - session->curr_passphrase = strdup(session->generation_passphrase); - } - } + } + + stringlist_t* test_key = NULL; + + // Be sure we HAVE this key + PEP_STATUS status = find_keys(session, key, &test_key); + bool exists_key = test_key != NULL; + free_stringlist(test_key); + + if (!exists_key || status == PEP_KEY_NOT_FOUND) { + remove_fpr_as_default(session, key); + return PEP_KEY_NOT_FOUND; + } + if (status != PEP_STATUS_OK) + return status; + + ensure_passphrase_t ensure_key_cb = session->ensure_passphrase; + + // Check to see that this key has its passphrase set as the configured + // passphrase, IF it has one. If not, bail early. + status = probe_encrypt(session, key); + if (PASS_ERROR(status)) { + if (ensure_key_cb) + status = ensure_key_cb(session, key); + } + if (status != PEP_STATUS_OK) + return status; + + if (EMPTYSTR(session->curr_passphrase) && !EMPTYSTR(session->generation_passphrase)) { + // We'll need it as the current passphrase to sign + // messages with the generated keys + session->curr_passphrase = strdup(session->generation_passphrase); + } + return PEP_STATUS_OK; } @@ -1024,27 +1043,21 @@ static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session, if (!session || !key_idents || EMPTYSTR(old_key)) return PEP_ILLEGAL_VALUE; - - message* enc_msg = NULL; - message* outmsg = NULL; - + messageToSend_t send_cb = session->messageToSend; + if (!send_cb) return PEP_SYNC_NO_MESSAGE_SEND_CALLBACK; PEP_STATUS status = PEP_STATUS_OK; + + message* enc_msg = NULL; + message* outmsg = NULL; + stringlist_t* test_key = NULL; + - // N.B. The mechanism here is that we make the caller, if - // necessary, keep trying until they give us the - // right password for the key we're going to reset/revoke. - // The revocation does not happen until later, but basically, - // if the key is unrevoked and still requires a correct - // password, we need to stop this before we get there. - // - // This allows us to switch the correct passphrase in - // and out if there are different generation and old - // key signing passwords. (Not a concern if already revoked) - + // Make sure the signing password is set correctly and that + // we are also ready for keygen status = _check_own_reset_passphrase_readiness(session, old_key); if (status != PEP_STATUS_OK) return status; @@ -1127,12 +1140,12 @@ static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session, status = revoke_key(session, old_key, NULL); // again, we should not have key-related issues here, - // as we tested for the correct password earlier + // as we ensured the correct password earlier if (status != PEP_STATUS_OK) return status; // Ok, NOW - the current password needs to be swapped out - // because we're going to sign with keys using. + // because we're going to sign with keys using it. // // All new keys have the same passphrase, if any // @@ -1207,9 +1220,9 @@ static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session, return status; pEp_error: - // Just in case session->curr_passphrase = cached_passphrase; + free_stringlist(test_key); free_message(outmsg); free_message(enc_msg); return status; @@ -1228,8 +1241,6 @@ static PEP_STATUS probe_signing_for_keylist(PEP_SESSION session, return PEP_STATUS_OK; } -// This is simply NOT SAFE for multiple passwords on the extant -// keys. Cannot be called with multiple passwords for that purpose. DYNAMIC_API PEP_STATUS key_reset_own_grouped_keys(PEP_SESSION session) { assert(session); @@ -1247,12 +1258,7 @@ DYNAMIC_API PEP_STATUS key_reset_own_grouped_keys(PEP_SESSION session) { status = get_all_keys_for_user(session, user_id, &keys); // TODO: free - if (status == PEP_STATUS_OK) { - status = probe_signing_for_keylist(session, keys); - - if (PASS_ERROR(status)) - goto pEp_free; - + if (status == PEP_STATUS_OK) { stringlist_t* curr_key; for (curr_key = keys; curr_key && curr_key->value; curr_key = curr_key->next) { @@ -1269,13 +1275,16 @@ DYNAMIC_API PEP_STATUS key_reset_own_grouped_keys(PEP_SESSION session) { else goto pEp_free; - // Because of the key check above, this should not happen unless we were - // UNLESS we required a passphrase for keygen and it's not set. - if (PASS_ERROR(status)) - goto pEp_free; - - // FIXME: what about other statuses, though??? - + // This is in a switch because our return statuses COULD get more + // complicated + switch (status) { + case PEP_STATUS_OK: + case PEP_KEY_NOT_FOUND: // call removed it as a default + break; + default: + goto pEp_free; + } + free_identity_list(key_idents); } } @@ -1413,15 +1422,7 @@ PEP_STATUS key_reset( // case of own identities with private keys. if (is_own_private) { - - // Make sure we can even progress - if there are passphrase issues, - // bounce back to the caller now. - status = _check_own_reset_passphrase_readiness(session, fpr_copy); - - // These will always be passphrase errors. - if (status != PEP_STATUS_OK) - return status; - + // This is now the "is_own" base case - we don't do this // per-identity, because all identities using this key will // need new ones. That said, this is really only a problem @@ -1443,6 +1444,14 @@ PEP_STATUS key_reset( if (is_grouped) status = _key_reset_device_group_for_shared_key(session, key_idents, fpr_copy, false); else if (status == PEP_STATUS_OK) { + // KB: FIXME_NOW - revoked? + // Make sure we can even progress - if there are passphrase issues, + // bounce back to the caller now, because our attempts to make it work failed, + // even possibly with callback. + status = _check_own_reset_passphrase_readiness(session, fpr_copy); + if (status != PEP_STATUS_OK) + return status; + // now have ident list, or should identity_list* curr_ident; @@ -1453,7 +1462,7 @@ PEP_STATUS key_reset( // Do the full reset on this identity // Base case for is_own_private starts here // Note that we reset this key for ANY own ident that has it. And if - // tmp_ident did NOT have this key, it won't matter. We will reset the + // tmp_ident did NOT have this key, it won't matter. We will reset this // key for all idents for this user. status = revoke_key(session, fpr_copy, NULL); diff --git a/src/keymanagement.c b/src/keymanagement.c index a3066806..8c735d25 100644 --- a/src/keymanagement.c +++ b/src/keymanagement.c @@ -1358,7 +1358,8 @@ DYNAMIC_API PEP_STATUS do_keymanagement( { PEP_SESSION session; pEp_identity *identity; - PEP_STATUS status = init(&session, NULL, NULL); + // FIXME_NOW: ensure_decrypt callback??? + PEP_STATUS status = init(&session, NULL, NULL, NULL); assert(!status); if (status) return status; diff --git a/src/pEpEngine.c b/src/pEpEngine.c index 570165ad..37fd5122 100644 --- a/src/pEpEngine.c +++ b/src/pEpEngine.c @@ -947,7 +947,8 @@ static PEP_STATUS upgrade_revoc_contact_to_13(PEP_SESSION session) { DYNAMIC_API PEP_STATUS init( PEP_SESSION *session, messageToSend_t messageToSend, - inject_sync_event_t inject_sync_event + inject_sync_event_t inject_sync_event, + ensure_passphrase_t ensure_passphrase ) { PEP_STATUS status = PEP_STATUS_OK; @@ -997,6 +998,7 @@ DYNAMIC_API PEP_STATUS init( _session->version = PEP_ENGINE_VERSION; _session->messageToSend = messageToSend; _session->inject_sync_event = inject_sync_event; + _session->ensure_passphrase = ensure_passphrase; #ifdef DEBUG_ERRORSTACK _session->errorstack = new_stringlist("init()"); diff --git a/src/pEpEngine.h b/src/pEpEngine.h index 47745162..f4736789 100644 --- a/src/pEpEngine.h +++ b/src/pEpEngine.h @@ -205,7 +205,7 @@ DYNAMIC_API void free_Sync_event(SYNC_EVENT ev); typedef int (*inject_sync_event_t)(SYNC_EVENT ev, void *management); -// ensure_decrypt_key() - callee ensures correct password for (signing) key is configured in the session on +// ensure_passphrase() - callee ensures correct password for (signing) key is configured in the session on // return, or returns error when it is not found // parameters: //. session (in) session for which the guarantee is made @@ -221,7 +221,7 @@ typedef int (*inject_sync_event_t)(SYNC_EVENT ev, void *management); // The callee is responsible for iterating through passwords // to ensure signing/encryption can occur successfully. // -typedef PEP_STATUS (*ensure_decrypt_key_t)(PEP_SESSION session, const char* fpr); +typedef PEP_STATUS (*ensure_passphrase_t)(PEP_SESSION session, const char* fpr); // INIT_STATUS init() - initialize pEpEngine for a thread // @@ -231,7 +231,7 @@ typedef PEP_STATUS (*ensure_decrypt_key_t)(PEP_SESSION session, const char* fpr) // messageToSend (in) callback for sending message by the // application // inject_sync_event (in) callback for injecting a sync event -// ensure_decrypt_key (in) callback for ensuring correct password for key is set +// ensure_passphrase (in) callback for ensuring correct password for key is set // // return value: // PEP_STATUS_OK = 0 if init() succeeds @@ -266,7 +266,7 @@ DYNAMIC_API PEP_STATUS init( PEP_SESSION *session, messageToSend_t messageToSend, inject_sync_event_t inject_sync_event, - ensure_decrypt_key_t ensure_decrypt_key + ensure_passphrase_t ensure_passphrase ); diff --git a/src/pEp_internal.h b/src/pEp_internal.h index f6a0575d..e19e7809 100644 --- a/src/pEp_internal.h +++ b/src/pEp_internal.h @@ -250,7 +250,7 @@ struct _pEpSession { notifyHandshake_t notifyHandshake; inject_sync_event_t inject_sync_event; retrieve_next_sync_event_t retrieve_next_sync_event; - ensure_decrypt_key_t ensure_decrypt_key; + ensure_passphrase_t ensure_passphrase; // pEp Sync void *sync_management; diff --git a/test/src/Engine.cc b/test/src/Engine.cc index 3b577869..a73ffd97 100644 --- a/test/src/Engine.cc +++ b/test/src/Engine.cc @@ -90,7 +90,7 @@ void Engine::start() { unix_local_db(true); - PEP_STATUS status = init(&session, cached_messageToSend, cached_inject_sync_event); + PEP_STATUS status = init(&session, cached_messageToSend, cached_inject_sync_event, NULL); assert(status == PEP_STATUS_OK); assert(session); diff --git a/test/src/SyncTest.cc b/test/src/SyncTest.cc index df6efee4..357a3901 100644 --- a/test/src/SyncTest.cc +++ b/test/src/SyncTest.cc @@ -246,7 +246,7 @@ namespace { ST_fake_this = (void*)(&adapter); - status = init(&sync, ST_message_send_callback, ST_inject_sync_event_callback); + status = init(&sync, ST_message_send_callback, ST_inject_sync_event_callback, NULL); if (status != PEP_STATUS_OK) throw std::runtime_error((string("init returned ") + tl_status_string(status)).c_str()); From 547aa4dbe6d84368a08b8e6fc4dea7e169437135 Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Fri, 31 Jul 2020 17:59:21 +0200 Subject: [PATCH 42/50] ENGINE-781: infrastructure to test w/ callback runs on empty pass list --- test/src/AppleMailTest.cc | 2 +- test/src/BCCTest.cc | 2 +- test/src/BlacklistAcceptNewKeyTest.cc | 2 +- test/src/BlacklistTest.cc | 2 +- test/src/CaseAndDotAddressTest.cc | 2 +- .../src/CheckRenewedExpiredKeyTrustStatusTest.cc | 2 +- test/src/CleanInvalidOwnKeysTest.cc | 2 +- test/src/CrashdumpTest.cc | 2 +- test/src/DecorateTest.cc | 2 +- test/src/DecryptAttachPrivateKeyTrustedTest.cc | 2 +- test/src/DecryptAttachPrivateKeyUntrustedTest.cc | 2 +- test/src/DeleteKeyTest.cc | 2 +- test/src/ElevatedAttachmentsTest.cc | 2 +- test/src/EmptyLongmsgFullHtmlTest.cc | 2 +- test/src/EncryptAttachPrivateKeyTest.cc | 2 +- test/src/EncryptForIdentityTest.cc | 2 +- test/src/EncryptMissingPrivateKeyTest.cc | 2 +- test/src/Engine.cc | 6 ++++-- test/src/Engine.h | 3 ++- test/src/Engine358Test.cc | 2 +- test/src/Engine463Test.cc | 2 +- test/src/Engine514Test.cc | 2 +- test/src/Engine655Test.cc | 2 +- test/src/Engine703Test.cc | 2 +- test/src/Engine704Test.cc | 2 +- test/src/Engine715Test.cc | 2 +- test/src/Engine736Test.cc | 2 +- test/src/ExpiredSubkeyTest.cc | 2 +- test/src/ExportKeyTest.cc | 2 +- test/src/ExternalRevokeTest.cc | 2 +- test/src/GetKeyRatingForUserTest.cc | 2 +- test/src/HeaderKeyImportTest.cc | 2 +- test/src/I18nTest.cc | 2 +- test/src/IdentEncFormatTest.cc | 2 +- test/src/ImportKeyTest.cc | 2 +- test/src/KeyAttachmentTest.cc | 2 +- test/src/KeyManipulationTest.cc | 2 +- test/src/KeyResetMessageTest.cc | 7 ++++++- test/src/KeyeditTest.cc | 2 +- test/src/KeyringImportTest.cc | 2 +- test/src/LeastColorGroupTest.cc | 2 +- test/src/LeastCommonDenomColorTest.cc | 2 +- test/src/LiteralFilenameTest.cc | 2 +- test/src/LookupTest.cc | 2 +- test/src/LotsOfKeysTest.cc | 2 +- test/src/MapAsn1Test.cc | 2 +- test/src/Message2_1Test.cc | 2 +- test/src/MessageApiTest.cc | 2 +- test/src/MessageNullFromTest.cc | 2 +- test/src/MessageTwoPointOhTest.cc | 2 +- test/src/MimeTest.cc | 2 +- test/src/NoOwnIdentWritesOnDecryptTest.cc | 6 +++--- test/src/OwnIdentitiesRetrieveTest.cc | 2 +- test/src/OwnKeysRetrieveTest.cc | 2 +- test/src/PassphraseTest.cc | 2 +- test/src/PepSubjectReceivedTest.cc | 2 +- test/src/PgpBinaryTest.cc | 2 +- test/src/PgpListKeysTest.cc | 2 +- test/src/Quick11to12Test.cc | 2 +- test/src/ReencryptPlusExtraKeysTest.cc | 2 +- test/src/RevocationTest.cc | 2 +- test/src/RevokeRegenAttachTest.cc | 2 +- test/src/SenderFPRTest.cc | 2 +- test/src/SequenceTest.cc | 2 +- test/src/SignOnlyTest.cc | 2 +- test/src/SimpleBodyNotAltTest.cc | 2 +- test/src/SubkeyRatingEvalTest.cc | 2 +- test/src/SyncTest.cc | 2 +- test/src/TrustManipulationTest.cc | 2 +- test/src/TrustwordsTest.cc | 2 +- test/src/URIAddressTest.cc | 2 +- test/src/UnencryptedPepMailTest.cc | 2 +- test/src/UpdateIdAndMyselfTest.cc | 2 +- test/src/UserIDAliasTest.cc | 2 +- test/src/UserIdCollisionTest.cc | 2 +- test/src/VerifyTest.cc | 2 +- test/src/test_util.cc | 16 ++++++++++++++++ test/src/test_util.h | 3 +++ 78 files changed, 106 insertions(+), 79 deletions(-) diff --git a/test/src/AppleMailTest.cc b/test/src/AppleMailTest.cc index af216918..066ba94d 100644 --- a/test/src/AppleMailTest.cc +++ b/test/src/AppleMailTest.cc @@ -61,7 +61,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/BCCTest.cc b/test/src/BCCTest.cc index 9e4b0384..b5808467 100644 --- a/test/src/BCCTest.cc +++ b/test/src/BCCTest.cc @@ -55,7 +55,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/BlacklistAcceptNewKeyTest.cc b/test/src/BlacklistAcceptNewKeyTest.cc index 56cdf706..59b94296 100644 --- a/test/src/BlacklistAcceptNewKeyTest.cc +++ b/test/src/BlacklistAcceptNewKeyTest.cc @@ -58,7 +58,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/BlacklistTest.cc b/test/src/BlacklistTest.cc index fe113365..06c8d9db 100644 --- a/test/src/BlacklistTest.cc +++ b/test/src/BlacklistTest.cc @@ -72,7 +72,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/CaseAndDotAddressTest.cc b/test/src/CaseAndDotAddressTest.cc index 73a1e7bd..a09f0d32 100644 --- a/test/src/CaseAndDotAddressTest.cc +++ b/test/src/CaseAndDotAddressTest.cc @@ -56,7 +56,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/CheckRenewedExpiredKeyTrustStatusTest.cc b/test/src/CheckRenewedExpiredKeyTrustStatusTest.cc index 82b7e166..650c7784 100644 --- a/test/src/CheckRenewedExpiredKeyTrustStatusTest.cc +++ b/test/src/CheckRenewedExpiredKeyTrustStatusTest.cc @@ -53,7 +53,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/CleanInvalidOwnKeysTest.cc b/test/src/CleanInvalidOwnKeysTest.cc index ebc23d92..f83fd0e4 100644 --- a/test/src/CleanInvalidOwnKeysTest.cc +++ b/test/src/CleanInvalidOwnKeysTest.cc @@ -51,7 +51,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/CrashdumpTest.cc b/test/src/CrashdumpTest.cc index 6bd421fd..84b1e1ba 100644 --- a/test/src/CrashdumpTest.cc +++ b/test/src/CrashdumpTest.cc @@ -51,7 +51,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/DecorateTest.cc b/test/src/DecorateTest.cc index 50c82ad4..204584da 100644 --- a/test/src/DecorateTest.cc +++ b/test/src/DecorateTest.cc @@ -57,7 +57,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/DecryptAttachPrivateKeyTrustedTest.cc b/test/src/DecryptAttachPrivateKeyTrustedTest.cc index abb3dc70..259666f1 100644 --- a/test/src/DecryptAttachPrivateKeyTrustedTest.cc +++ b/test/src/DecryptAttachPrivateKeyTrustedTest.cc @@ -59,7 +59,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/DecryptAttachPrivateKeyUntrustedTest.cc b/test/src/DecryptAttachPrivateKeyUntrustedTest.cc index f715ea16..03299c6c 100644 --- a/test/src/DecryptAttachPrivateKeyUntrustedTest.cc +++ b/test/src/DecryptAttachPrivateKeyUntrustedTest.cc @@ -57,7 +57,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/DeleteKeyTest.cc b/test/src/DeleteKeyTest.cc index dd4b23ac..977d0a7b 100644 --- a/test/src/DeleteKeyTest.cc +++ b/test/src/DeleteKeyTest.cc @@ -67,7 +67,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/ElevatedAttachmentsTest.cc b/test/src/ElevatedAttachmentsTest.cc index 450f66ad..43565b44 100644 --- a/test/src/ElevatedAttachmentsTest.cc +++ b/test/src/ElevatedAttachmentsTest.cc @@ -48,7 +48,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/EmptyLongmsgFullHtmlTest.cc b/test/src/EmptyLongmsgFullHtmlTest.cc index 9849635d..e499a84a 100644 --- a/test/src/EmptyLongmsgFullHtmlTest.cc +++ b/test/src/EmptyLongmsgFullHtmlTest.cc @@ -52,7 +52,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/EncryptAttachPrivateKeyTest.cc b/test/src/EncryptAttachPrivateKeyTest.cc index 120dd73d..1e462f99 100644 --- a/test/src/EncryptAttachPrivateKeyTest.cc +++ b/test/src/EncryptAttachPrivateKeyTest.cc @@ -57,7 +57,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/EncryptForIdentityTest.cc b/test/src/EncryptForIdentityTest.cc index 1fd9598c..73f1cd20 100644 --- a/test/src/EncryptForIdentityTest.cc +++ b/test/src/EncryptForIdentityTest.cc @@ -57,7 +57,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/EncryptMissingPrivateKeyTest.cc b/test/src/EncryptMissingPrivateKeyTest.cc index f1e90762..7b9e42ec 100644 --- a/test/src/EncryptMissingPrivateKeyTest.cc +++ b/test/src/EncryptMissingPrivateKeyTest.cc @@ -62,7 +62,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/Engine.cc b/test/src/Engine.cc index a73ffd97..03b79055 100644 --- a/test/src/Engine.cc +++ b/test/src/Engine.cc @@ -32,17 +32,19 @@ Engine::Engine(string engine_home_dir) { real_home = getenv("HOME"); cached_messageToSend = NULL; cached_inject_sync_event = NULL; + cached_ensure_passphrase = NULL; } Engine::~Engine() {} -void Engine::prep(messageToSend_t mts, inject_sync_event_t ise, +void Engine::prep(messageToSend_t mts, inject_sync_event_t ise, ensure_passphrase_t ep, std::vector> init_files) { if (engine_home.empty()) throw std::runtime_error("Engine setup: BAD INITIALISATION. No test home."); cached_messageToSend = mts; cached_inject_sync_event = ise; + cached_ensure_passphrase = ep; int success = 0; struct stat dirchk; @@ -90,7 +92,7 @@ void Engine::start() { unix_local_db(true); - PEP_STATUS status = init(&session, cached_messageToSend, cached_inject_sync_event, NULL); + PEP_STATUS status = init(&session, cached_messageToSend, cached_inject_sync_event, cached_ensure_passphrase); assert(status == PEP_STATUS_OK); assert(session); diff --git a/test/src/Engine.h b/test/src/Engine.h index 1039faa4..56b9c371 100644 --- a/test/src/Engine.h +++ b/test/src/Engine.h @@ -14,7 +14,7 @@ class Engine { Engine(string engine_home_dir); virtual ~Engine(); - void prep(const messageToSend_t mts, const inject_sync_event_t ise, std::vector> init_files); + void prep(const messageToSend_t mts, const inject_sync_event_t ise, const ensure_passphrase_t ep, std::vector> init_files); void start(); void shut_down(); @@ -27,6 +27,7 @@ class Engine { messageToSend_t cached_messageToSend; inject_sync_event_t cached_inject_sync_event; + ensure_passphrase_t cached_ensure_passphrase; void copy_conf_file_to_test_dir(const char* dest_path, const char* conf_orig_path, const char* conf_dest_name); void process_file_queue(std::string dirname, std::vector> file_queue); diff --git a/test/src/Engine358Test.cc b/test/src/Engine358Test.cc index a8ea310c..d228c383 100644 --- a/test/src/Engine358Test.cc +++ b/test/src/Engine358Test.cc @@ -53,7 +53,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/Engine463Test.cc b/test/src/Engine463Test.cc index 322e030e..b3654078 100644 --- a/test/src/Engine463Test.cc +++ b/test/src/Engine463Test.cc @@ -54,7 +54,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/Engine514Test.cc b/test/src/Engine514Test.cc index 3c64bd54..3cade593 100644 --- a/test/src/Engine514Test.cc +++ b/test/src/Engine514Test.cc @@ -47,7 +47,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/Engine655Test.cc b/test/src/Engine655Test.cc index 64abfc31..2baff958 100644 --- a/test/src/Engine655Test.cc +++ b/test/src/Engine655Test.cc @@ -51,7 +51,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/Engine703Test.cc b/test/src/Engine703Test.cc index cc2684e5..6cf99013 100644 --- a/test/src/Engine703Test.cc +++ b/test/src/Engine703Test.cc @@ -53,7 +53,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/Engine704Test.cc b/test/src/Engine704Test.cc index 0df6b3ff..9f96cb33 100644 --- a/test/src/Engine704Test.cc +++ b/test/src/Engine704Test.cc @@ -47,7 +47,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/Engine715Test.cc b/test/src/Engine715Test.cc index 4e6afa34..e677b9c4 100644 --- a/test/src/Engine715Test.cc +++ b/test/src/Engine715Test.cc @@ -47,7 +47,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/Engine736Test.cc b/test/src/Engine736Test.cc index acadf653..38f21ca3 100644 --- a/test/src/Engine736Test.cc +++ b/test/src/Engine736Test.cc @@ -49,7 +49,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/ExpiredSubkeyTest.cc b/test/src/ExpiredSubkeyTest.cc index 1be066de..7402f3d5 100644 --- a/test/src/ExpiredSubkeyTest.cc +++ b/test/src/ExpiredSubkeyTest.cc @@ -52,7 +52,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/ExportKeyTest.cc b/test/src/ExportKeyTest.cc index ffc787d5..b72bb22c 100644 --- a/test/src/ExportKeyTest.cc +++ b/test/src/ExportKeyTest.cc @@ -54,7 +54,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/ExternalRevokeTest.cc b/test/src/ExternalRevokeTest.cc index af416d26..aadce157 100644 --- a/test/src/ExternalRevokeTest.cc +++ b/test/src/ExternalRevokeTest.cc @@ -59,7 +59,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/GetKeyRatingForUserTest.cc b/test/src/GetKeyRatingForUserTest.cc index 325e412a..28f32565 100644 --- a/test/src/GetKeyRatingForUserTest.cc +++ b/test/src/GetKeyRatingForUserTest.cc @@ -54,7 +54,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/HeaderKeyImportTest.cc b/test/src/HeaderKeyImportTest.cc index 0bcdeb2f..8d96a9d3 100644 --- a/test/src/HeaderKeyImportTest.cc +++ b/test/src/HeaderKeyImportTest.cc @@ -56,7 +56,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/I18nTest.cc b/test/src/I18nTest.cc index 0a1d07bd..8a7f3b65 100644 --- a/test/src/I18nTest.cc +++ b/test/src/I18nTest.cc @@ -52,7 +52,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/IdentEncFormatTest.cc b/test/src/IdentEncFormatTest.cc index b859f5be..4ab00e92 100644 --- a/test/src/IdentEncFormatTest.cc +++ b/test/src/IdentEncFormatTest.cc @@ -47,7 +47,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/ImportKeyTest.cc b/test/src/ImportKeyTest.cc index f6ab0b64..8602b2f8 100644 --- a/test/src/ImportKeyTest.cc +++ b/test/src/ImportKeyTest.cc @@ -47,7 +47,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/KeyAttachmentTest.cc b/test/src/KeyAttachmentTest.cc index 8064c8ad..5fb61e14 100644 --- a/test/src/KeyAttachmentTest.cc +++ b/test/src/KeyAttachmentTest.cc @@ -57,7 +57,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/KeyManipulationTest.cc b/test/src/KeyManipulationTest.cc index 92db798d..ca2278e0 100644 --- a/test/src/KeyManipulationTest.cc +++ b/test/src/KeyManipulationTest.cc @@ -47,7 +47,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/KeyResetMessageTest.cc b/test/src/KeyResetMessageTest.cc index dda7d73d..80cce83b 100644 --- a/test/src/KeyResetMessageTest.cc +++ b/test/src/KeyResetMessageTest.cc @@ -24,6 +24,7 @@ #include PEP_STATUS KRMT_message_send_callback(message* msg); +PEP_STATUS KRMT_ensure_passphrase_callback(PEP_SESSION session, const char* key); static void* KRMT_fake_this; @@ -34,6 +35,7 @@ class KeyResetMessageTest : public ::testing::Test { PEP_SESSION session; vector m_queue; + vector pass_list; protected: @@ -87,7 +89,7 @@ class KeyResetMessageTest : public ::testing::Test { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(&KRMT_message_send_callback, NULL, init_files); + engine->prep(&KRMT_message_send_callback, NULL, &KRMT_ensure_passphrase_callback, init_files); // Ok, try to start this bugger. engine->start(); @@ -245,6 +247,9 @@ PEP_STATUS KRMT_message_send_callback(message* msg) { return PEP_STATUS_OK; } +PEP_STATUS KRMT_ensure_passphrase_callback(PEP_SESSION session, const char* fpr) { + return config_valid_passphrase(session, fpr, ((KeyResetMessageTest*)KRMT_fake_this)->pass_list); +} TEST_F(KeyResetMessageTest, check_reset_key_and_notify) { send_setup(); diff --git a/test/src/KeyeditTest.cc b/test/src/KeyeditTest.cc index 74af64fd..442cc161 100644 --- a/test/src/KeyeditTest.cc +++ b/test/src/KeyeditTest.cc @@ -55,7 +55,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/KeyringImportTest.cc b/test/src/KeyringImportTest.cc index 376f284c..4dc72016 100644 --- a/test/src/KeyringImportTest.cc +++ b/test/src/KeyringImportTest.cc @@ -58,7 +58,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/LeastColorGroupTest.cc b/test/src/LeastColorGroupTest.cc index b56100c8..27cd6941 100644 --- a/test/src/LeastColorGroupTest.cc +++ b/test/src/LeastColorGroupTest.cc @@ -58,7 +58,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/LeastCommonDenomColorTest.cc b/test/src/LeastCommonDenomColorTest.cc index 79352081..7325e59a 100644 --- a/test/src/LeastCommonDenomColorTest.cc +++ b/test/src/LeastCommonDenomColorTest.cc @@ -58,7 +58,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/LiteralFilenameTest.cc b/test/src/LiteralFilenameTest.cc index 0c56e8ff..b5f1d471 100644 --- a/test/src/LiteralFilenameTest.cc +++ b/test/src/LiteralFilenameTest.cc @@ -53,7 +53,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/LookupTest.cc b/test/src/LookupTest.cc index d1495b5a..6b617503 100644 --- a/test/src/LookupTest.cc +++ b/test/src/LookupTest.cc @@ -57,7 +57,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/LotsOfKeysTest.cc b/test/src/LotsOfKeysTest.cc index 8eac13bc..b3cba08b 100644 --- a/test/src/LotsOfKeysTest.cc +++ b/test/src/LotsOfKeysTest.cc @@ -168,7 +168,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/MapAsn1Test.cc b/test/src/MapAsn1Test.cc index 7e2b4f82..0f9c98b7 100644 --- a/test/src/MapAsn1Test.cc +++ b/test/src/MapAsn1Test.cc @@ -54,7 +54,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/Message2_1Test.cc b/test/src/Message2_1Test.cc index 2a3343bf..f26785d9 100644 --- a/test/src/Message2_1Test.cc +++ b/test/src/Message2_1Test.cc @@ -52,7 +52,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/MessageApiTest.cc b/test/src/MessageApiTest.cc index 70d8588c..c51ba465 100644 --- a/test/src/MessageApiTest.cc +++ b/test/src/MessageApiTest.cc @@ -58,7 +58,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/MessageNullFromTest.cc b/test/src/MessageNullFromTest.cc index 9ec5b54f..935c5674 100644 --- a/test/src/MessageNullFromTest.cc +++ b/test/src/MessageNullFromTest.cc @@ -70,7 +70,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/MessageTwoPointOhTest.cc b/test/src/MessageTwoPointOhTest.cc index 41b6785a..9990eec3 100644 --- a/test/src/MessageTwoPointOhTest.cc +++ b/test/src/MessageTwoPointOhTest.cc @@ -59,7 +59,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/MimeTest.cc b/test/src/MimeTest.cc index 2609839e..bd07d0f6 100644 --- a/test/src/MimeTest.cc +++ b/test/src/MimeTest.cc @@ -57,7 +57,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/NoOwnIdentWritesOnDecryptTest.cc b/test/src/NoOwnIdentWritesOnDecryptTest.cc index 9c52ddca..7307edbb 100644 --- a/test/src/NoOwnIdentWritesOnDecryptTest.cc +++ b/test/src/NoOwnIdentWritesOnDecryptTest.cc @@ -57,7 +57,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); @@ -131,7 +131,7 @@ TEST_F(NoOwnIdentWritesOnDecryptTest, check_no_own_ident_writes_on_decrypt) { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); @@ -196,7 +196,7 @@ TEST_F(NoOwnIdentWritesOnDecryptTest, check_no_own_ident_writes_on_decrypt) { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/OwnIdentitiesRetrieveTest.cc b/test/src/OwnIdentitiesRetrieveTest.cc index 3458d2ec..7da8476c 100644 --- a/test/src/OwnIdentitiesRetrieveTest.cc +++ b/test/src/OwnIdentitiesRetrieveTest.cc @@ -52,7 +52,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/OwnKeysRetrieveTest.cc b/test/src/OwnKeysRetrieveTest.cc index 0d01aaf1..8f1dbfde 100644 --- a/test/src/OwnKeysRetrieveTest.cc +++ b/test/src/OwnKeysRetrieveTest.cc @@ -52,7 +52,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/PassphraseTest.cc b/test/src/PassphraseTest.cc index ad510e7d..2390732d 100644 --- a/test/src/PassphraseTest.cc +++ b/test/src/PassphraseTest.cc @@ -49,7 +49,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/PepSubjectReceivedTest.cc b/test/src/PepSubjectReceivedTest.cc index 6c69eb19..3f4d121f 100644 --- a/test/src/PepSubjectReceivedTest.cc +++ b/test/src/PepSubjectReceivedTest.cc @@ -58,7 +58,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/PgpBinaryTest.cc b/test/src/PgpBinaryTest.cc index 05a461f8..8fbae6b3 100644 --- a/test/src/PgpBinaryTest.cc +++ b/test/src/PgpBinaryTest.cc @@ -53,7 +53,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/PgpListKeysTest.cc b/test/src/PgpListKeysTest.cc index bea3ca9a..4dd2a5b4 100644 --- a/test/src/PgpListKeysTest.cc +++ b/test/src/PgpListKeysTest.cc @@ -55,7 +55,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/Quick11to12Test.cc b/test/src/Quick11to12Test.cc index 42206435..2b7078a5 100644 --- a/test/src/Quick11to12Test.cc +++ b/test/src/Quick11to12Test.cc @@ -51,7 +51,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/ReencryptPlusExtraKeysTest.cc b/test/src/ReencryptPlusExtraKeysTest.cc index ede4a262..2ab5e509 100644 --- a/test/src/ReencryptPlusExtraKeysTest.cc +++ b/test/src/ReencryptPlusExtraKeysTest.cc @@ -58,7 +58,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/RevocationTest.cc b/test/src/RevocationTest.cc index 1b7a88b6..cce2088d 100644 --- a/test/src/RevocationTest.cc +++ b/test/src/RevocationTest.cc @@ -57,7 +57,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/RevokeRegenAttachTest.cc b/test/src/RevokeRegenAttachTest.cc index 87ba78c7..38938f9b 100644 --- a/test/src/RevokeRegenAttachTest.cc +++ b/test/src/RevokeRegenAttachTest.cc @@ -61,7 +61,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/SenderFPRTest.cc b/test/src/SenderFPRTest.cc index 6dfa544b..0ac62e81 100644 --- a/test/src/SenderFPRTest.cc +++ b/test/src/SenderFPRTest.cc @@ -53,7 +53,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/SequenceTest.cc b/test/src/SequenceTest.cc index 7d20d931..f89184f9 100644 --- a/test/src/SequenceTest.cc +++ b/test/src/SequenceTest.cc @@ -52,7 +52,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/SignOnlyTest.cc b/test/src/SignOnlyTest.cc index b1277995..6787e679 100644 --- a/test/src/SignOnlyTest.cc +++ b/test/src/SignOnlyTest.cc @@ -53,7 +53,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/SimpleBodyNotAltTest.cc b/test/src/SimpleBodyNotAltTest.cc index 22b1cbdd..041667a8 100644 --- a/test/src/SimpleBodyNotAltTest.cc +++ b/test/src/SimpleBodyNotAltTest.cc @@ -55,7 +55,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/SubkeyRatingEvalTest.cc b/test/src/SubkeyRatingEvalTest.cc index 0b6f80bf..9a80ff27 100644 --- a/test/src/SubkeyRatingEvalTest.cc +++ b/test/src/SubkeyRatingEvalTest.cc @@ -53,7 +53,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/SyncTest.cc b/test/src/SyncTest.cc index 357a3901..1e4a3a91 100644 --- a/test/src/SyncTest.cc +++ b/test/src/SyncTest.cc @@ -226,7 +226,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. Is this totally irrelevant for this case?? engine->start(); diff --git a/test/src/TrustManipulationTest.cc b/test/src/TrustManipulationTest.cc index 99a3ef27..d115650c 100644 --- a/test/src/TrustManipulationTest.cc +++ b/test/src/TrustManipulationTest.cc @@ -56,7 +56,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/TrustwordsTest.cc b/test/src/TrustwordsTest.cc index 2e16dae3..b4fb58e9 100644 --- a/test/src/TrustwordsTest.cc +++ b/test/src/TrustwordsTest.cc @@ -51,7 +51,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/URIAddressTest.cc b/test/src/URIAddressTest.cc index bb8b691d..cddb1240 100644 --- a/test/src/URIAddressTest.cc +++ b/test/src/URIAddressTest.cc @@ -56,7 +56,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/UnencryptedPepMailTest.cc b/test/src/UnencryptedPepMailTest.cc index 147f4785..23a2eb2d 100644 --- a/test/src/UnencryptedPepMailTest.cc +++ b/test/src/UnencryptedPepMailTest.cc @@ -50,7 +50,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/UpdateIdAndMyselfTest.cc b/test/src/UpdateIdAndMyselfTest.cc index f1399559..91259765 100644 --- a/test/src/UpdateIdAndMyselfTest.cc +++ b/test/src/UpdateIdAndMyselfTest.cc @@ -60,7 +60,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/UserIDAliasTest.cc b/test/src/UserIDAliasTest.cc index 57599462..656efe9e 100644 --- a/test/src/UserIDAliasTest.cc +++ b/test/src/UserIDAliasTest.cc @@ -56,7 +56,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/UserIdCollisionTest.cc b/test/src/UserIdCollisionTest.cc index c7a3ca9b..601d65cf 100644 --- a/test/src/UserIdCollisionTest.cc +++ b/test/src/UserIdCollisionTest.cc @@ -134,7 +134,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/VerifyTest.cc b/test/src/VerifyTest.cc index 73f387be..80b67259 100644 --- a/test/src/VerifyTest.cc +++ b/test/src/VerifyTest.cc @@ -53,7 +53,7 @@ namespace { ASSERT_NE(engine, nullptr); // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); + engine->prep(NULL, NULL, NULL, init_files); // Ok, try to start this bugger. engine->start(); diff --git a/test/src/test_util.cc b/test/src/test_util.cc index 81b79949..4166e86b 100644 --- a/test/src/test_util.cc +++ b/test/src/test_util.cc @@ -14,6 +14,7 @@ #include #include #include +#include #include #include #include @@ -483,6 +484,21 @@ int util_delete_filepath(const char *filepath, return retval; } +PEP_STATUS config_valid_passphrase(PEP_SESSION session, const char* fpr, std::vector passphrases) { + // Check to see if it currently works + PEP_STATUS status = probe_encrypt(session, fpr); + if (status == PEP_STATUS_OK || passphrases.empty()) + return status; + + for (auto && pass : passphrases) { + config_passphrase(session, pass.c_str()); + status = probe_encrypt(session, fpr); + if (status == PEP_STATUS_OK) + break; + } + return status; +} + #ifndef ENIGMAIL_MAY_USE_THIS static PEP_STATUS update_identity_recip_list(PEP_SESSION session, diff --git a/test/src/test_util.h b/test/src/test_util.h index 7a78dff4..31a15430 100644 --- a/test/src/test_util.h +++ b/test/src/test_util.h @@ -6,6 +6,7 @@ #include #include #include +#include #include "pEpEngine.h" #include "message_api.h" @@ -122,6 +123,8 @@ class NullBuffer : public std::streambuf { int overflow(int c); }; +PEP_STATUS config_valid_passphrase(PEP_SESSION session, const char* fpr, std::vector passphrases); + #ifndef ENIGMAIL_MAY_USE_THIS // MIME_decrypt_message() - decrypt a MIME message, with MIME output From 1c6289922c70c1459ce9ed462a00609703d6bbe4 Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Fri, 31 Jul 2020 21:10:17 +0200 Subject: [PATCH 43/50] ENGINE-781: tests and memory fun! --- src/key_reset.c | 54 ++--- src/pEpEngine.c | 2 +- test/src/KeyResetMessageTest.cc | 232 +++++++++++++++++++++- test/test_keys/erwin_normal_encrypted.pgp | 30 +++ 4 files changed, 278 insertions(+), 40 deletions(-) create mode 100644 test/test_keys/erwin_normal_encrypted.pgp diff --git a/src/key_reset.c b/src/key_reset.c index 52d475ac..3b174332 100644 --- a/src/key_reset.c +++ b/src/key_reset.c @@ -1014,7 +1014,7 @@ static PEP_STATUS _check_own_reset_passphrase_readiness(PEP_SESSION session, if (EMPTYSTR(session->curr_passphrase) && !EMPTYSTR(session->generation_passphrase)) { // We'll need it as the current passphrase to sign // messages with the generated keys - session->curr_passphrase = strdup(session->generation_passphrase); + config_passphrase(session, session->generation_passphrase); } return PEP_STATUS_OK; @@ -1062,17 +1062,14 @@ static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session, if (status != PEP_STATUS_OK) return status; - // We sometimes have to swap in and out the generation - // passphrase for signing, so we keep a pointer to - // the "curr_passphrase" around to set it back consistently - char* cached_passphrase = session->curr_passphrase; + char* cached_passphrase = EMPTYSTR(session->curr_passphrase) ? NULL : strdup(session->curr_passphrase); // if we only want grouped identities, we do this: if (grouped_only) { identity_list* new_list = NULL; status = _dup_grouped_only(key_idents, &new_list); if (status != PEP_STATUS_OK) - return status; + goto pEp_error; key_idents = new_list; // local var change, won't impact caller } @@ -1087,7 +1084,7 @@ static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session, ident->fpr = NULL; status = _generate_keypair(session, ident, true); if (status != PEP_STATUS_OK) - return status; + goto pEp_error; } // Ok, everyone's got a new keypair. Hoorah! @@ -1099,18 +1096,18 @@ static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session, // as the configured key. We'll switch it back // afterward (no revocation, decrypt, or signing // with the old key happens in here) - session->curr_passphrase = session->generation_passphrase; + config_passphrase(session, session->generation_passphrase); status = _generate_own_commandlist_msg(session, key_idents, old_key, &outmsg); - session->curr_passphrase = cached_passphrase; + config_passphrase(session, cached_passphrase); // Key-based errors here shouldn't happen. if (status != PEP_STATUS_OK) - return status; + goto pEp_error; // Following will only be true if some idents were grouped, // and will only include grouped idents! @@ -1142,14 +1139,14 @@ static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session, // again, we should not have key-related issues here, // as we ensured the correct password earlier if (status != PEP_STATUS_OK) - return status; + goto pEp_error; // Ok, NOW - the current password needs to be swapped out // because we're going to sign with keys using it. // // All new keys have the same passphrase, if any // - session->curr_passphrase = session->generation_passphrase; + config_passphrase(session, session->generation_passphrase); for (curr_ident = key_idents; curr_ident && curr_ident->ident; curr_ident = curr_ident->next) { if (curr_ident->ident->flags & PEP_idf_devicegroup) { @@ -1207,7 +1204,7 @@ static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session, } } - session->curr_passphrase = cached_passphrase; + config_passphrase(session, cached_passphrase); if (status == PEP_STATUS_OK) // cascade that mistrust for anyone using this key @@ -1221,26 +1218,14 @@ static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session, pEp_error: // Just in case - session->curr_passphrase = cached_passphrase; + config_passphrase(session, cached_passphrase); free_stringlist(test_key); free_message(outmsg); free_message(enc_msg); + free(cached_passphrase); return status; } -static PEP_STATUS probe_signing_for_keylist(PEP_SESSION session, - stringlist_t* keylist) { - for ( ; keylist ; keylist = keylist->next) { - char* key = keylist->value; - if (!EMPTYSTR(key)) { - PEP_STATUS status = probe_encrypt(session, key); - if (PASS_ERROR(status)) - return status; - } - } - return PEP_STATUS_OK; -} - DYNAMIC_API PEP_STATUS key_reset_own_grouped_keys(PEP_SESSION session) { assert(session); @@ -1315,7 +1300,7 @@ PEP_STATUS key_reset( identity_list* key_idents = NULL; stringlist_t* keys = NULL; - char* cached_passphrase = session->curr_passphrase; + char* cached_passphrase = EMPTYSTR(session->curr_passphrase) ? NULL : strdup(session->curr_passphrase); if (!EMPTYSTR(key_id)) { fpr_copy = strdup(key_id); @@ -1348,12 +1333,6 @@ PEP_STATUS key_reset( // TODO: free if (status == PEP_STATUS_OK) { stringlist_t* curr_key; - - // Before we go ANY further, we're going to bail with passphrase errors - // if need be. - status = probe_signing_for_keylist(session, keys); - if (PASS_ERROR(status)) - goto pEp_free; for (curr_key = keys; curr_key && curr_key->value; curr_key = curr_key->next) { // FIXME: Is the ident really necessary? @@ -1514,11 +1493,11 @@ PEP_STATUS key_reset( // for all active communication partners: // active_send revocation - session->curr_passphrase = session->generation_passphrase; + config_passphrase(session, session->generation_passphrase); tmp_ident->fpr = fpr_copy; if (status == PEP_STATUS_OK) status = send_key_reset_to_recents(session, this_ident, fpr_copy, new_key); - session->curr_passphrase = cached_passphrase; + config_passphrase(session, cached_passphrase); tmp_ident->fpr = NULL; if (PASS_ERROR(status)) goto pEp_free; // should NOT happen @@ -1579,7 +1558,8 @@ pEp_free: free_identity_list(key_idents); free_stringlist(keys); free(new_key); - session->curr_passphrase = cached_passphrase; + config_passphrase(session, cached_passphrase); + free(cached_passphrase); return status; } diff --git a/src/pEpEngine.c b/src/pEpEngine.c index 37fd5122..738ad53e 100644 --- a/src/pEpEngine.c +++ b/src/pEpEngine.c @@ -999,7 +999,7 @@ DYNAMIC_API PEP_STATUS init( _session->messageToSend = messageToSend; _session->inject_sync_event = inject_sync_event; _session->ensure_passphrase = ensure_passphrase; - + #ifdef DEBUG_ERRORSTACK _session->errorstack = new_stringlist("init()"); #endif diff --git a/test/src/KeyResetMessageTest.cc b/test/src/KeyResetMessageTest.cc index 80cce83b..92b70166 100644 --- a/test/src/KeyResetMessageTest.cc +++ b/test/src/KeyResetMessageTest.cc @@ -57,8 +57,8 @@ class KeyResetMessageTest : public ::testing::Test { const char* alice2_filename = "test_keys/alice-no-passwords.pgp"; const char* alice2_fpr = "03AF88F728B8E9AADA7F370BD41801C62A649B9F"; - const char* erwin_filename = "test_keys/erwin-primary-encrypted-erwin-subkey-unencrypted.pgp"; - const char* erwin_fpr = "A34048189F0067DF0006FB28CBD7CFBCC0FA7F97"; + const char* erwin_filename = "test_keys/erwin_normal_encrypted.pgp"; + const char* erwin_fpr = "CBA968BC01FCEB89F04CCF155C5E9E3F0420A570"; // You can remove any or all of the following functions if its body // is empty. @@ -98,6 +98,7 @@ class KeyResetMessageTest : public ::testing::Test { // Engine is up. Keep on truckin' m_queue.clear(); + pass_list.clear(); } void TearDown() override { @@ -2631,6 +2632,148 @@ TEST_F(KeyResetMessageTest, check_reset_key_user_multi_passphrase_second_wrong) status = key_reset_all_own_keys(session); ASSERT_EQ(status, PEP_WRONG_PASSPHRASE); } + +TEST_F(KeyResetMessageTest, check_reset_key_user_multi_passphrase_with_passlist) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + ASSERT_TRUE(slurp_and_import_key(session, erwin_filename)); + + PEP_STATUS status; + + pass_list.push_back("erwin"); + pass_list.push_back("cathy"); + pass_list.push_back("bob"); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + pEp_identity* erwin = new_identity("erwin@example.org", erwin_fpr, "BOB", "Bob is Erwin"); + status = set_own_key(session, erwin, erwin_fpr); + + status = key_reset_all_own_keys(session); + ASSERT_EQ(status, PEP_STATUS_OK); +} + +TEST_F(KeyResetMessageTest, check_reset_key_user_multi_passphrase_with_passlist_first_configured) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + ASSERT_TRUE(slurp_and_import_key(session, erwin_filename)); + + PEP_STATUS status; + + config_passphrase(session, "bob"); + pass_list.push_back("erwin"); + pass_list.push_back("cathy"); + pass_list.push_back("bob"); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + pEp_identity* erwin = new_identity("erwin@example.org", erwin_fpr, "BOB", "Bob is Erwin"); + status = set_own_key(session, erwin, erwin_fpr); + + status = key_reset_all_own_keys(session); + ASSERT_EQ(status, PEP_STATUS_OK); +} + +TEST_F(KeyResetMessageTest, check_reset_key_user_multi_passphrase_with_passlist_second_configured) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + ASSERT_TRUE(slurp_and_import_key(session, erwin_filename)); + + PEP_STATUS status; + + config_passphrase(session, "erwin"); + pass_list.push_back("cathy"); + pass_list.push_back("bob"); + pass_list.push_back("erwin"); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + pEp_identity* erwin = new_identity("erwin@example.org", erwin_fpr, "BOB", "Bob is Erwin"); + status = set_own_key(session, erwin, erwin_fpr); + + status = key_reset_all_own_keys(session); + ASSERT_EQ(status, PEP_STATUS_OK); +} + +TEST_F(KeyResetMessageTest, check_reset_key_user_multi_passphrase_with_passlist_first_missing) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + ASSERT_TRUE(slurp_and_import_key(session, erwin_filename)); + + PEP_STATUS status; + + pass_list.push_back("cathy"); + pass_list.push_back("erwin"); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + pEp_identity* erwin = new_identity("erwin@example.org", erwin_fpr, "BOB", "Bob is Erwin"); + status = set_own_key(session, erwin, erwin_fpr); + + status = key_reset_all_own_keys(session); + ASSERT_EQ(status, PEP_WRONG_PASSPHRASE); +} + +TEST_F(KeyResetMessageTest, check_reset_key_user_multi_passphrase_with_passlist_second_missing) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + ASSERT_TRUE(slurp_and_import_key(session, erwin_filename)); + + PEP_STATUS status; + + pass_list.push_back("cathy"); + pass_list.push_back("bob"); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + pEp_identity* erwin = new_identity("erwin@example.org", erwin_fpr, "BOB", "Bob is Erwin"); + status = set_own_key(session, erwin, erwin_fpr); + + status = key_reset_all_own_keys(session); + ASSERT_EQ(status, PEP_WRONG_PASSPHRASE); +} + +TEST_F(KeyResetMessageTest, check_reset_key_user_multi_passphrase_with_passlist_config_all_missing) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + ASSERT_TRUE(slurp_and_import_key(session, erwin_filename)); + + PEP_STATUS status; + + config_passphrase(session, "cathy"); + pass_list.push_back("dragons!"); + pass_list.push_back("cheez whiz is gross"); + pass_list.push_back("Vashedan!"); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + pEp_identity* erwin = new_identity("erwin@example.org", erwin_fpr, "BOB", "Bob is Erwin"); + status = set_own_key(session, erwin, erwin_fpr); + + status = key_reset_all_own_keys(session); + ASSERT_EQ(status, PEP_WRONG_PASSPHRASE); +} + +TEST_F(KeyResetMessageTest, check_reset_key_user_multi_passphrase_with_passlist_empty_config_all_missing) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + ASSERT_TRUE(slurp_and_import_key(session, erwin_filename)); + + PEP_STATUS status; + + pass_list.push_back("dragons!"); + pass_list.push_back("cheez whiz is gross"); + pass_list.push_back("Vashedan!"); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + pEp_identity* erwin = new_identity("erwin@example.org", erwin_fpr, "BOB", "Bob is Erwin"); + status = set_own_key(session, erwin, erwin_fpr); + + status = key_reset_all_own_keys(session); + ASSERT_EQ(status, PEP_WRONG_PASSPHRASE); +} + // TEST_F(KeyResetMessageTest, check_reset_key_needs_passphrase_gen_key_matches) { @@ -2651,6 +2794,24 @@ TEST_F(KeyResetMessageTest, check_reset_key_needs_passphrase_gen_key_matches) { } +TEST_F(KeyResetMessageTest, check_reset_key_needs_passphrase_gen_key_matches_has_passlist) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, bob2_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + config_passphrase_for_new_keys(session, true, "bob"); + pass_list.push_back("bob"); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + status = key_reset_identity(session, bob2, bob2_fpr); + ASSERT_EQ(status, PEP_STATUS_OK); +} + TEST_F(KeyResetMessageTest, check_reset_key_wrong_passphrase_gen_key_matches) { ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); stringlist_t* found_key = NULL; @@ -2670,6 +2831,28 @@ TEST_F(KeyResetMessageTest, check_reset_key_wrong_passphrase_gen_key_matches) { ASSERT_EQ(status, PEP_WRONG_PASSPHRASE); } +TEST_F(KeyResetMessageTest, check_reset_key_wrong_passphrase_gen_key_matches_has_passlist) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, bob2_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + config_passphrase(session, "julio"); + config_passphrase_for_new_keys(session, true, "bob"); + pass_list.push_back("april"); + pass_list.push_back("bob"); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + status = key_reset_identity(session, bob2, bob2_fpr); + + ASSERT_EQ(status, PEP_STATUS_OK); +} + + TEST_F(KeyResetMessageTest, check_reset_key_correct_passphrase_gen_key_matches) { ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); stringlist_t* found_key = NULL; @@ -2706,6 +2889,29 @@ TEST_F(KeyResetMessageTest, check_reset_key_correct_passphrase_gen_key_differs) ASSERT_EQ(status, PEP_STATUS_OK); } +TEST_F(KeyResetMessageTest, check_reset_key_wrong_passphrase_gen_key_differs_has_passlist) { + ASSERT_TRUE(slurp_and_import_key(session, bob2_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, bob2_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + pass_list.push_back("amy"); + pass_list.push_back("Spurius Tettius"); + pass_list.push_back("bob"); + pass_list.push_back("Correct Horse Battery Staple"); + + config_passphrase(session, "julio"); + config_passphrase_for_new_keys(session, true, "juan"); + + pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog"); + status = set_own_key(session, bob2, bob2_fpr); + + status = key_reset_identity(session, bob2, bob2_fpr); + ASSERT_EQ(status, PEP_STATUS_OK); +} + TEST_F(KeyResetMessageTest, check_reset_key_no_passphrase_but_has_gen_key) { ASSERT_TRUE(slurp_and_import_key(session, alice2_filename)); stringlist_t* found_key = NULL; @@ -2724,6 +2930,28 @@ TEST_F(KeyResetMessageTest, check_reset_key_no_passphrase_but_has_gen_key) { } +TEST_F(KeyResetMessageTest, check_reset_key_no_passphrase_needed_but_has_gen_key_and_passlist) { + ASSERT_TRUE(slurp_and_import_key(session, alice2_filename)); + stringlist_t* found_key = NULL; + PEP_STATUS status = find_keys(session, alice2_fpr, &found_key); + ASSERT_EQ(status, PEP_STATUS_OK); + ASSERT_NE(found_key, nullptr); + ASSERT_NE(found_key->value, nullptr); + + pass_list.push_back("julio"); + pass_list.push_back("juan"); + + config_passphrase_for_new_keys(session, true, "alice"); + + pEp_identity* alice2 = new_identity("alice@example.org", alice2_fpr, "ALICE", "Alice"); + status = set_own_key(session, alice2, alice2_fpr); + + status = key_reset_identity(session, alice2, alice2_fpr); + ASSERT_EQ(status, PEP_STATUS_OK); + +} + + TEST_F(KeyResetMessageTest, check_reset_key_gen_key_pass_required) { ASSERT_TRUE(slurp_and_import_key(session, alice2_filename)); stringlist_t* found_key = NULL; diff --git a/test/test_keys/erwin_normal_encrypted.pgp b/test/test_keys/erwin_normal_encrypted.pgp new file mode 100644 index 00000000..5c4af94e --- /dev/null +++ b/test/test_keys/erwin_normal_encrypted.pgp @@ -0,0 +1,30 @@ +-----BEGIN PGP PRIVATE KEY BLOCK----- +Comment: CBA9 68BC 01FC EB89 F04C CF15 5C5E 9E3F 0420 A570 +Comment: erwin2-electric-boogaloo@example.org + +xYYEXyRZVBYJKwYBBAHaRw8BAQdAyWxnUgFCgukUn3n98AKyVEM1/zFEbXK29yRj +OJHBG1H+CQMI1MVsl/YGGq7/WC9ZYFQty5jz0X/zo/JY1jFmXqCWCGeMhqLl3WBq +DwGonZVBWhp8QnIXiydHIkqxhxoc7XShHme5hZs28LPIT5LF8EO3vcKHBB8WCgAY +BYJfJFlUBYkFpI+1AgsJAhUKApsBAh4BACEJEFxenj8EIKVwFiEEy6lovAH864nw +TM8VXF6ePwQgpXAlOwEAlOsjerl/1bBhCcO0A3wucwmgUhcnQfRG+WIifKnmhOcA +/20v/GvkgO22K8YZhygwmcSOvx0s93EBxyWRRnG9Pb8IzSRlcndpbjItZWxlY3Ry +aWMtYm9vZ2Fsb29AZXhhbXBsZS5vcmfCigQTFgoAGwWCXyRZVAWJBaSPtQILCQIV +CgKZAQKbAQIeAQAhCRBcXp4/BCClcBYhBMupaLwB/OuJ8EzPFVxenj8EIKVwhQYB +APh7AVFMZ+KCcz5yHn+czAHC9tl8iw3liikqujNqnw8pAQDWlsOMixGS7gYPgDwh +PxYV0y32iFcycHT+0nkDVN50B8eGBF8kWVQWCSsGAQQB2kcPAQEHQHEP9EAwlT1V +nS22ZNOBauv4Exo7aVZKPIknM0PhrIo1/gkDCAJNdcr6xM35/wlyhLfBuX47t+FV +G/dxDWvlHvhL0d10kDRxV2OUOTs9FF6SHhoNmJCTXECgjfIE2VA9Jdwi7kGbFjcL +vZBt9opkoqZsHJjCwDgEGBYKABIFgl8kWVQFiQWkj7UCmwICHgEAmAkQXF6ePwQg +pXB2oAQZFgoABgWCXyRZVAAhCRAOQ+rSK33mEhYhBKs6FrQlWp++ddYFNw5D6tIr +feYSAIABAL+R7weg/XPynY6A5VLLFq5papoAo+UKGMfA5ddK1nJNAP0bN61ikyvN +GVhxivR6+Bjf91a45aYNz/ewllIeEBaMBBYhBMupaLwB/OuJ8EzPFVxenj8EIKVw +cqkA/2Qfrv2dJ6VDDrCC9ucrW4NcMQllNse8GIWKehXp35f9AQD3Vj2qJIve+v9/ +BVnJcREBxT+WFJIa8762bbAEC4XdCMeLBF8kWVQSCisGAQQBl1UBBQEBB0AKCbEf +OOdH80jxLLh9LG3K5hHI9zvo9strgGGAEcaFKwMBCAn+CQMICjFkzCai4CX/NIVi +Vv36MrODVyIK478sFI1Nn7nJpRQynAGRss5LqfmFgEfWlVseBFcC7+o5rmXrG/0/ +Zy4YzHnhWmI/VG9jRSSr6ELGUcKBBBgWCgASBYJfJFlUBYkFpI+1ApsMAh4BACEJ +EFxenj8EIKVwFiEEy6lovAH864nwTM8VXF6ePwQgpXATJQEA/KVMdqzMeug6bQlc +JEX+eh0vpANB3dPIjPem43yTMtQA/0/6GddNBVIH2c2LDEA1ntHsbBWrtL9KG694 +R6OBpcAD +=1aYf +-----END PGP PRIVATE KEY BLOCK----- From 4b685a9fa8b6a28eacff19a74d97fd41c1c95000 Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Wed, 5 Aug 2020 13:09:06 +0200 Subject: [PATCH 44/50] removed errorstack cruft --- src/pEpEngine.c | 57 ---------------------------------------------- src/pEpEngine.h | 20 ---------------- src/pEp_internal.h | 3 --- 3 files changed, 80 deletions(-) diff --git a/src/pEpEngine.c b/src/pEpEngine.c index 570165ad..fda3f1c5 100644 --- a/src/pEpEngine.c +++ b/src/pEpEngine.c @@ -998,10 +998,6 @@ DYNAMIC_API PEP_STATUS init( _session->messageToSend = messageToSend; _session->inject_sync_event = inject_sync_event; -#ifdef DEBUG_ERRORSTACK - _session->errorstack = new_stringlist("init()"); -#endif - assert(LOCAL_DB); if (LOCAL_DB == NULL) { status = PEP_INIT_CANNOT_OPEN_DB; @@ -2307,10 +2303,6 @@ DYNAMIC_API void release(PEP_SESSION session) release_transport_system(session, out_last); release_cryptotech(session, out_last); - -#ifdef DEBUG_ERRORSTACK - free_stringlist(session->errorstack); -#endif free(session); } } @@ -5706,55 +5698,6 @@ DYNAMIC_API PEP_STATUS reset_pEptest_hack(PEP_SESSION session) return PEP_STATUS_OK; } -#ifdef DEBUG_ERRORSTACK -PEP_STATUS session_add_error(PEP_SESSION session, const char* file, unsigned line, PEP_STATUS status) -{ - char logline[48]; - if(status>0) - { - snprintf(logline,47, "%.24s:%u status=%u (0x%x)", file, line, status, status); - }else{ - snprintf(logline,47, "%.24s:%u status=%i.", file, line, status); - } - stringlist_add(session->errorstack, logline); // logline is copied! :-) - return status; -} - -DYNAMIC_API const stringlist_t* get_errorstack(PEP_SESSION session) -{ - return session->errorstack; -} - -DYNAMIC_API void clear_errorstack(PEP_SESSION session) -{ - const int old_len = stringlist_length(session->errorstack); - char buf[48]; - free_stringlist(session->errorstack); - snprintf(buf, 47, "(%i elements cleared)", old_len); - session->errorstack = new_stringlist(buf); -} - -#else - -static stringlist_t* dummy_errorstack = NULL; - -DYNAMIC_API const stringlist_t* get_errorstack(PEP_SESSION session) -{ - if(dummy_errorstack == NULL) - { - dummy_errorstack = new_stringlist("( Please recompile pEpEngine with -DDEBUG_ERRORSTACK )"); - } - - return dummy_errorstack; -} - -DYNAMIC_API void clear_errorstack(PEP_SESSION session) -{ - // nothing to do here -} - -#endif - DYNAMIC_API void _service_error_log(PEP_SESSION session, const char *entity, PEP_STATUS status, const char *where) { diff --git a/src/pEpEngine.h b/src/pEpEngine.h index 94d24764..f9f39701 100644 --- a/src/pEpEngine.h +++ b/src/pEpEngine.h @@ -261,26 +261,6 @@ DYNAMIC_API PEP_STATUS init( DYNAMIC_API void release(PEP_SESSION session); - -// const stringlist_t* get_errorstack(PEP_SESSION) - get the error stack for that session, if any -// -// parameters: -// session (in) session handle -// -// caveat: -// To get a useful error stack you have to compile with -DDEBUG_ERRORSTACK -// The error stack belongs to the session. Do no not change it! -DYNAMIC_API const stringlist_t* get_errorstack(PEP_SESSION session); - - -// void clear_errorstack(PEP_SESSION) - clear the error stack for that session, if any -// -// parameters: -// session (in) session handle -// -DYNAMIC_API void clear_errorstack(PEP_SESSION session); - - // config_passive_mode() - enable passive mode // // parameters: diff --git a/src/pEp_internal.h b/src/pEp_internal.h index 27078c20..6981b112 100644 --- a/src/pEp_internal.h +++ b/src/pEp_internal.h @@ -268,9 +268,6 @@ struct _pEpSession { bool service_log; #ifndef NDEBUG -# ifdef DEBUG_ERRORSTACK - stringlist_t* errorstack; -# endif int debug_color; #endif }; From 630e0106371504e8e9d103c38ae2cf33e8b00de9 Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Wed, 5 Aug 2020 13:54:24 +0200 Subject: [PATCH 45/50] Remove SyncTest.cc --- test/src/SyncTest.cc | 342 ------------------------------------------- 1 file changed, 342 deletions(-) delete mode 100644 test/src/SyncTest.cc diff --git a/test/src/SyncTest.cc b/test/src/SyncTest.cc deleted file mode 100644 index df6efee4..00000000 --- a/test/src/SyncTest.cc +++ /dev/null @@ -1,342 +0,0 @@ -// This file is under GNU General Public License 3.0 -// see LICENSE.txt - -#include -#include -#include -#include - -#include "locked_queue.hh" -#include "sync_api.h" -#include "Sync_impl.h" - -#include "test_util.h" - -#include "pEpEngine.h" - -#include "pEp_internal.h" -#include "KeySync_fsm.h" -#include "sync_codec.h" - -#include "Engine.h" - -#include - -class Sync_Adapter; - -// wrappers for static callbacks. Don't ask me about this mess. -PEP_STATUS ST_message_send_callback(message* msg); -int ST_inject_sync_event_callback(SYNC_EVENT ev, void *management); -Sync_event_t* ST_retrieve_next_sync_event_callback(void *management, unsigned threshold); -void ST_sync_thread_callback(PEP_SESSION session, Sync_Adapter *adapter); -PEP_STATUS ST_notifyHandshake_callback(pEp_identity *me, pEp_identity *partner, sync_handshake_signal signal); - -static void* ST_fake_this; - -class Sync_Adapter { -public: - utility::locked_queue< Sync_event_t * > q; - - void processing(); - - static PEP_STATUS notifyHandshake( - pEp_identity *me, - pEp_identity *partner, - sync_handshake_signal signal - ); - static int inject_sync_event(SYNC_EVENT ev, void *management); - static Sync_event_t *retrieve_next_sync_event(void *management, unsigned threshold); - static PEP_STATUS messageToSend(struct _message *msg); - - static void sync_thread(PEP_SESSION session, Sync_Adapter *adapter); -}; - - -void Sync_Adapter::processing() -{ - output_stream << "waiting for processing\n"; - const struct timespec arr[] = {{0, 100000000L}}; - while (!q.empty()) { - nanosleep(arr, NULL); - } -} - -PEP_STATUS Sync_Adapter::notifyHandshake( - pEp_identity *me, - pEp_identity *partner, - sync_handshake_signal signal - ) -{ - return PEP_STATUS_OK; -} - -PEP_STATUS ST_notifyHandshake_callback( - pEp_identity*me, - pEp_identity *partner, - sync_handshake_signal signal - ) { - return ((Sync_Adapter*)ST_fake_this)->notifyHandshake(me, partner, signal); -} - -int Sync_Adapter::inject_sync_event(SYNC_EVENT ev, void *management) -{ - Sync_event_t *_ev = ev; - switch (_ev->fsm) { - case Sync_PR_keysync: - output_stream << "injecting event " << KeySync_event_name(_ev->event) << "\n"; - break; - default: - output_stream << "unknown state machine: " << _ev->fsm << "\n"; - assert(0); - } - auto adapter = static_cast< Sync_Adapter *>(management); - adapter->q.push_front(ev); - return 0; -} - -int ST_inject_sync_event_callback(SYNC_EVENT ev, void *management) { - return ((Sync_Adapter*)ST_fake_this)->inject_sync_event(ev, management); -} - -Sync_event_t *Sync_Adapter::retrieve_next_sync_event(void *management, unsigned threshold) -{ - // N.B. I think it's too late by the time you get here. - auto adapter = static_cast< Sync_Adapter *>(management); - time_t started = time(nullptr); - bool timeout = false; - - while (adapter->q.empty()) { - int i = 0; - ++i; - if (i > 10) { - if (time(nullptr) > started + threshold) { - timeout = true; - break; - } - i = 0; - } - const struct timespec arr[] = {{0, 100000000L}}; - nanosleep(arr, NULL); - } - - if (timeout) - return SYNC_TIMEOUT_EVENT; - - Sync_event_t *ev = adapter->q.pop_front(); - if (ev) { - switch (ev->fsm) { - case Sync_PR_keysync: - output_stream << "sync thread: retrieving event " << KeySync_event_name(ev->event) << "\n"; - break; - default: - output_stream << "sync thread: unknown state machine: " << ev->fsm << "\n"; - assert(0); - } - } - else { - output_stream << "sync thread: retrieving shutdown\n"; - } - - return ev; -} - -Sync_event_t* ST_retrieve_next_sync_event_callback(void *management, - unsigned threshold) { - - return ((Sync_Adapter*)ST_fake_this)->retrieve_next_sync_event(management, threshold); -} - -PEP_STATUS Sync_Adapter::messageToSend(struct _message *msg) -{ - assert(msg && msg->attachments); - - output_stream << "sending message:\n"; - - for (bloblist_t *b = msg->attachments; b && b->value; b = b->next) { - if (b->mime_type && strcasecmp(b->mime_type, "application/pEp.sync") == 0) { - assert(msg->from && msg->from->address && msg->from->username); - output_stream << "\n"; - char *text = NULL; - PEP_STATUS status = PER_to_XER_Sync_msg(msg->attachments->value, msg->attachments->size, &text); - assert(status == PEP_STATUS_OK); - output_stream << text << "\n"; - free(text); - } - } - - free_message(msg); - return PEP_STATUS_OK; -} - -PEP_STATUS ST_message_send_callback(message* msg) { - return ((Sync_Adapter*)ST_fake_this)->messageToSend(msg); -} - - -void Sync_Adapter::sync_thread(PEP_SESSION session, Sync_Adapter *adapter) -{ - output_stream << "sync_thread: startup\n"; - do_sync_protocol(session, adapter); - output_stream << "sync_thread: shutdown\n"; -} - -void ST_sync_thread_callback(PEP_SESSION session, Sync_Adapter *adapter) { - ((Sync_Adapter*)ST_fake_this)->sync_thread(session, adapter); -} - -namespace { - - //The fixture for SyncTest - class SyncTest : public ::testing::Test { - public: - Engine* engine; - PEP_SESSION session; - - Sync_Adapter adapter; - PEP_SESSION sync = NULL; - thread *sync_thread; - - - protected: - // You can remove any or all of the following functions if its body - // is empty. - SyncTest() { - // You can do set-up work for each test here. - test_suite_name = ::testing::UnitTest::GetInstance()->current_test_info()->GTEST_SUITE_SYM(); - test_name = ::testing::UnitTest::GetInstance()->current_test_info()->name(); - test_path = get_main_test_home_dir() + "/" + test_suite_name + "/" + test_name; - } - - ~SyncTest() override { - // You can do clean-up work that doesn't throw exceptions here. - } - - // If the constructor and destructor are not enough for setting up - // and cleaning up each test, you can define the following methods: - - void SetUp() override { - // Code here will be called immediately after the constructor (right - // before each test). - - // Leave this empty if there are no files to copy to the home directory path - std::vector> init_files = std::vector>(); - - // Get a new test Engine. - engine = new Engine(test_path); - ASSERT_NE(engine, nullptr); - - // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, init_files); - - // Ok, try to start this bugger. Is this totally irrelevant for this case?? - engine->start(); - ASSERT_NE(engine->session, nullptr); - session = engine->session; - - // Engine is up. Keep on truckin' - - pEp_identity *self = new_identity("alice@synctests.pEp", nullptr, "23", "Alice Miller"); - assert(self); - output_stream << "setting own identity for " << self->address << "\n"; - PEP_STATUS status = myself(session, self); - assert(self->me); - assert(self->fpr); - output_stream << "fpr: " << self->fpr << "\n"; - free_identity(self); - - ST_fake_this = (void*)(&adapter); - - status = init(&sync, ST_message_send_callback, ST_inject_sync_event_callback); - if (status != PEP_STATUS_OK) - throw std::runtime_error((string("init returned ") + tl_status_string(status)).c_str()); - - output_stream << "initialize sync and start first state machine\n"; - status = register_sync_callbacks( - sync, - (void *) &adapter.q, - ST_notifyHandshake_callback, - ST_retrieve_next_sync_event_callback - ); - if (status != PEP_STATUS_OK) - throw std::runtime_error((string("register sync status returned ") + tl_status_string(status)).c_str()); - if (sync->sync_state.keysync.state != Sole) - throw std::runtime_error((string("keysync.state was supposed to be ") + to_string((int)Sole) + " but was " + to_string((int)(sync->sync_state.keysync.state))).c_str()); - - output_stream << "creating thread for sync\n"; - sync_thread = new thread(ST_sync_thread_callback, sync, &adapter); - - } - - void TearDown() override { - // Code here will be called immediately after each test (right - // before the destructor). - - adapter.processing(); - - output_stream << "sending shutdown to sync thread\n"; - adapter.q.push_front(nullptr); - sync_thread->join(); - - unregister_sync_callbacks(sync); - release(sync); - - engine->shut_down(); - delete engine; - engine = NULL; - session = NULL; - } - - private: - const char* test_suite_name; - const char* test_name; - string test_path; - // Objects declared here can be used by all tests in the SyncTest suite. - - }; - -} // namespace - -TEST_F(SyncTest, check_sync) -{ - output_stream << "check_sync(): trigger KeyGen event\n"; - signal_Sync_event(sync, Sync_PR_keysync, KeyGen, NULL); - adapter.processing(); - - output_stream << "check_sync(): cry for unknown key\n"; - signal_Sync_event(sync, Sync_PR_keysync, CannotDecrypt, NULL); -} - -/* - * This wont work because of threading stuff. Don't put it back in. - -TEST_F(SyncTest, check_sync_enable) -{ - pEp_identity* julio = new_identity("julio.iglesias@truhan.senor.es", NULL, PEP_OWN_USERID, "Julio Iglesias"); - PEP_STATUS status = myself(sync, julio); - ASSERT_OK; - enable_identity_for_sync(sync, julio); - adapter.processing(); - myself(sync, julio); - ASSERT_EQ(julio->flags, PEP_idf_devicegroup); - string current_fpr = julio->fpr; - - // Passes if you step through and ignore the send_key_to_recents part of key reset, because the attempt to pass the static class vars above doesn't work. - // FIXME: KB, reimplement according to now-standard method used in key reset tests - disable_identity_for_sync(sync, julio); - adapter.processing(); - status = myself(sync, julio); - ASSERT_OK; - ASSERT_EQ(julio->flags, PEP_idf_not_for_sync); - ASSERT_STRNE(current_fpr.c_str(), julio->fpr); - - pEp_identity* juan = new_identity("juan.valdez@columbian.coffee.co", NULL, PEP_OWN_USERID, "Juan Valdez"); - status = myself(sync, juan); - ASSERT_OK; - disable_identity_for_sync(sync, juan); - adapter.processing(); - status = myself(sync, juan); - ASSERT_OK; - ASSERT_EQ(juan->flags, PEP_idf_not_for_sync); - ASSERT_FALSE(EMPTYSTR(juan->fpr)); -} -*/ From a06718c0700da8d57fc4497b47095a99db74337e Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Wed, 5 Aug 2020 14:23:44 +0200 Subject: [PATCH 46/50] removed parameter assert checks --- src/pEpEngine.c | 391 +++++-------------------------------------- src/pEpEngine.h | 20 --- src/pEp_internal.h | 3 - test/src/Engine.cc | 7 - test/src/SyncTest.cc | 342 ------------------------------------- 5 files changed, 39 insertions(+), 724 deletions(-) delete mode 100644 test/src/SyncTest.cc diff --git a/src/pEpEngine.c b/src/pEpEngine.c index 738ad53e..e0112b58 100644 --- a/src/pEpEngine.c +++ b/src/pEpEngine.c @@ -538,9 +538,6 @@ static const char *sql_get_last_contacted = static int user_version(void *_version, int count, char **text, char **name) { - assert(_version); - assert(count == 1); - assert(text && text[0]); if (!(_version && count == 1 && text && text[0])) return -1; @@ -984,7 +981,6 @@ DYNAMIC_API PEP_STATUS init( // client session, or by using synchronization primitive to protect // creation/deletion of first/last session from the app. - assert(session); if (session == NULL) return PEP_ILLEGAL_VALUE; @@ -1000,10 +996,6 @@ DYNAMIC_API PEP_STATUS init( _session->inject_sync_event = inject_sync_event; _session->ensure_passphrase = ensure_passphrase; -#ifdef DEBUG_ERRORSTACK - _session->errorstack = new_stringlist("init()"); -#endif - assert(LOCAL_DB); if (LOCAL_DB == NULL) { status = PEP_INIT_CANNOT_OPEN_DB; @@ -2130,10 +2122,7 @@ DYNAMIC_API void release(PEP_SESSION session) bool out_last = false; int _count = --init_count; - assert(_count >= -1); - assert(session); - - if (!((_count >= -1) && session)) + if ((_count < -1) || !session) return; // a small race condition but still a race condition @@ -2310,9 +2299,6 @@ DYNAMIC_API void release(PEP_SESSION session) release_transport_system(session, out_last); release_cryptotech(session, out_last); -#ifdef DEBUG_ERRORSTACK - free_stringlist(session->errorstack); -#endif free(session); } } @@ -2404,11 +2390,7 @@ DYNAMIC_API PEP_STATUS log_event( session->service_log = true; int result; - - assert(session); - assert(title); - assert(entity); - + if (!(session && title && entity)) return PEP_ILLEGAL_VALUE; @@ -2438,7 +2420,6 @@ DYNAMIC_API PEP_STATUS log_service( const char *comment ) { - assert(session); if (!session) return PEP_ILLEGAL_VALUE; @@ -2455,10 +2436,6 @@ DYNAMIC_API PEP_STATUS trustword( { PEP_STATUS status = PEP_STATUS_OK; - assert(session); - assert(word); - assert(wsize); - if (!(session && word && wsize)) return PEP_ILLEGAL_VALUE; @@ -2468,6 +2445,7 @@ DYNAMIC_API PEP_STATUS trustword( if (lang == NULL) lang = "en"; + // FIXME: should this not be an actual check??? assert((lang[0] >= 'A' && lang[0] <= 'Z') || (lang[0] >= 'a' && lang[0] <= 'z')); assert((lang[1] >= 'A' && lang[1] <= 'Z') @@ -2500,12 +2478,6 @@ DYNAMIC_API PEP_STATUS trustwords( { const char *source = fingerprint; - assert(session); - assert(fingerprint); - assert(words); - assert(wsize); - assert(max_words >= 0); - if (!(session && fingerprint && words && wsize && max_words >= 0)) return PEP_ILLEGAL_VALUE; @@ -2523,6 +2495,7 @@ DYNAMIC_API PEP_STATUS trustwords( if (!lang || !lang[0]) lang = "en"; + // FIXME: Should this not be an actual check? assert((lang[0] >= 'A' && lang[0] <= 'Z') || (lang[0] >= 'a' && lang[0] <= 'z')); assert((lang[1] >= 'A' && lang[1] <= 'Z') @@ -2588,7 +2561,6 @@ pEp_identity *new_identity( ) { pEp_identity *result = calloc(1, sizeof(pEp_identity)); - assert(result); if (result) { if (address) { result->address = strdup(address); @@ -2628,23 +2600,23 @@ pEp_identity *new_identity( pEp_identity *identity_dup(const pEp_identity *src) { - assert(src); - - pEp_identity *dup = new_identity(src->address, src->fpr, src->user_id, - src->username); - assert(dup); - if (dup == NULL) - return NULL; - - dup->comm_type = src->comm_type; - dup->lang[0] = src->lang[0]; - dup->lang[1] = src->lang[1]; - dup->lang[2] = 0; - dup->flags = src->flags; - dup->me = src->me; - dup->major_ver = src->major_ver; - dup->minor_ver = src->minor_ver; - + pEp_identity* dup = NULL; + if (src) { + dup = new_identity(src->address, src->fpr, src->user_id, + src->username); + assert(dup); + if (dup == NULL) + return NULL; + + dup->comm_type = src->comm_type; + dup->lang[0] = src->lang[0]; + dup->lang[1] = src->lang[1]; + dup->lang[2] = 0; + dup->flags = src->flags; + dup->me = src->me; + dup->major_ver = src->major_ver; + dup->minor_ver = src->minor_ver; + } return dup; } @@ -2664,8 +2636,6 @@ DYNAMIC_API PEP_STATUS get_default_own_userid( char** userid ) { - assert(session); - assert(userid); if (!session || !userid) return PEP_ILLEGAL_VALUE; @@ -2708,11 +2678,6 @@ DYNAMIC_API PEP_STATUS get_userid_alias_default( const char* alias_id, char** default_id) { - assert(session); - assert(alias_id); - assert(alias_id[0]); - assert(default_id); - if (!(session && alias_id && alias_id[0] && default_id)) return PEP_ILLEGAL_VALUE; @@ -2753,10 +2718,6 @@ DYNAMIC_API PEP_STATUS set_userid_alias ( int result; - assert(session); - assert(default_id); - assert(alias_id); - if (!(session && default_id && alias_id && default_id[0] != '\0' && alias_id[0] != '\0')) return PEP_ILLEGAL_VALUE; @@ -2792,11 +2753,6 @@ DYNAMIC_API PEP_STATUS get_identity( PEP_STATUS status = PEP_STATUS_OK; pEp_identity *_identity = NULL; - assert(session); - assert(address); - assert(address[0]); - assert(identity); - if (!(session && address && address[0] && identity)) return PEP_ILLEGAL_VALUE; @@ -3021,11 +2977,6 @@ PEP_STATUS get_identity_without_trust_check( PEP_STATUS status = PEP_STATUS_OK; pEp_identity *_identity = NULL; - assert(session); - assert(address); - assert(address[0]); - assert(identity); - if (!(session && address && address[0] && identity)) return PEP_ILLEGAL_VALUE; @@ -3090,10 +3041,6 @@ PEP_STATUS get_identities_by_address( identity_list** id_list ) { - assert(session); - assert(address); - assert(address[0]); - assert(id_list); if (!(session && address && address[0] && id_list)) return PEP_ILLEGAL_VALUE; @@ -3161,11 +3108,7 @@ PEP_STATUS get_identities_by_address( PEP_STATUS exists_identity_entry(PEP_SESSION session, pEp_identity* identity, bool* exists) { - assert(session); - assert(identity); - assert(!EMPTYSTR(identity->user_id)); - assert(!EMPTYSTR(identity->address)); - if (!session || !exists || EMPTYSTR(identity->user_id) || EMPTYSTR(identity->address)) + if (!session || !exists || !identity || EMPTYSTR(identity->user_id) || EMPTYSTR(identity->address)) return PEP_ILLEGAL_VALUE; *exists = false; @@ -3196,11 +3139,7 @@ PEP_STATUS exists_identity_entry(PEP_SESSION session, pEp_identity* identity, PEP_STATUS exists_trust_entry(PEP_SESSION session, pEp_identity* identity, bool* exists) { - assert(session); - assert(identity); - assert(!EMPTYSTR(identity->user_id)); - assert(!EMPTYSTR(identity->fpr)); - if (!session || !exists || EMPTYSTR(identity->user_id) || EMPTYSTR(identity->fpr)) + if (!session || !exists || !identity || EMPTYSTR(identity->user_id) || EMPTYSTR(identity->fpr)) return PEP_ILLEGAL_VALUE; *exists = false; @@ -3271,11 +3210,6 @@ PEP_STATUS clear_trust_info(PEP_SESSION session, static PEP_STATUS _set_or_update_trust(PEP_SESSION session, pEp_identity* identity, sqlite3_stmt* set_or_update) { - - assert(session); - assert(identity); - assert(identity->user_id); - assert(identity->fpr); if (!session || !identity || EMPTYSTR(identity->user_id) || EMPTYSTR(identity->fpr)) return PEP_ILLEGAL_VALUE; @@ -3304,9 +3238,6 @@ static PEP_STATUS _set_or_update_trust(PEP_SESSION session, static PEP_STATUS _set_or_update_identity_entry(PEP_SESSION session, pEp_identity* identity, sqlite3_stmt* set_or_update) { - assert(session); - assert(identity); - assert(set_or_update); if (!session || !identity || !identity->user_id || !identity->address) return PEP_ILLEGAL_VALUE; @@ -3334,9 +3265,6 @@ static PEP_STATUS _set_or_update_identity_entry(PEP_SESSION session, static PEP_STATUS _set_or_update_person(PEP_SESSION session, pEp_identity* identity, sqlite3_stmt* set_or_update) { - assert(session); - assert(identity); - assert(set_or_update); if (!session || !identity || !identity->user_id || !identity->username) return PEP_ILLEGAL_VALUE; @@ -3443,12 +3371,6 @@ DYNAMIC_API PEP_STATUS set_identity( { int result; - assert(session); - assert(identity); - assert(identity->address); - assert(identity->user_id); - assert(identity->username); - if (!(session && identity && identity->address && identity->user_id && identity->username)) return PEP_ILLEGAL_VALUE; @@ -3541,10 +3463,6 @@ PEP_STATUS update_pEp_user_trust_vals(PEP_SESSION session, // This ONLY sets the user flag. Must be called outside of a transaction. DYNAMIC_API PEP_STATUS set_as_pEp_user(PEP_SESSION session, pEp_identity* user) { - - assert(session); - assert(user); - assert(!EMPTYSTR(user->user_id)); if (!session || !user || EMPTYSTR(user->user_id)) return PEP_ILLEGAL_VALUE; @@ -3578,10 +3496,10 @@ DYNAMIC_API PEP_STATUS set_as_pEp_user(PEP_SESSION session, pEp_identity* user) // This ONLY sets the version flag. Must be called outside of a transaction. PEP_STATUS set_pEp_version(PEP_SESSION session, pEp_identity* ident, unsigned int new_ver_major, unsigned int new_ver_minor) { - assert(session); - assert(!EMPTYSTR(ident->user_id)); - assert(!EMPTYSTR(ident->address)); - + + if (!session || !ident || EMPTYSTR(ident->user_id) || EMPTYSTR(ident->address)) + return PEP_ILLEGAL_VALUE; + sqlite3_reset(session->set_pEp_version); sqlite3_bind_double(session->set_pEp_version, 1, new_ver_major); sqlite3_bind_double(session->set_pEp_version, 2, new_ver_minor); @@ -3606,8 +3524,9 @@ PEP_STATUS upgrade_pEp_version_by_user_id(PEP_SESSION session, unsigned int new_ver_minor ) { - assert(session); - assert(!EMPTYSTR(ident->user_id)); + + if (!session || !ident || EMPTYSTR(ident->user_id)) + return PEP_ILLEGAL_VALUE; sqlite3_reset(session->upgrade_pEp_version_by_user_id); sqlite3_bind_int(session->upgrade_pEp_version_by_user_id, 1, new_ver_major); @@ -3626,14 +3545,7 @@ PEP_STATUS upgrade_pEp_version_by_user_id(PEP_SESSION session, PEP_STATUS exists_person(PEP_SESSION session, pEp_identity* identity, bool* exists) { - - // const char* user_id, - // char** default_id, bool* exists) { - assert(session); - assert(exists); - assert(identity); - assert(!EMPTYSTR(identity->user_id)); - + if (!session || !exists || !identity || EMPTYSTR(identity->user_id)) return PEP_ILLEGAL_VALUE; @@ -3675,8 +3587,7 @@ PEP_STATUS exists_person(PEP_SESSION session, pEp_identity* identity, } PEP_STATUS delete_person(PEP_SESSION session, const char* user_id) { - assert(session); - assert(!EMPTYSTR(user_id)); + if (!session || EMPTYSTR(user_id)) return PEP_ILLEGAL_VALUE; @@ -3697,10 +3608,6 @@ PEP_STATUS delete_person(PEP_SESSION session, const char* user_id) { DYNAMIC_API PEP_STATUS is_pEp_user(PEP_SESSION session, pEp_identity *identity, bool* is_pEp) { - assert(session); - assert(is_pEp); - assert(identity); - assert(!EMPTYSTR(identity->user_id)); if (!session || !is_pEp || !identity || EMPTYSTR(identity->user_id)) return PEP_ILLEGAL_VALUE; @@ -3742,9 +3649,6 @@ DYNAMIC_API PEP_STATUS is_pEp_user(PEP_SESSION session, pEp_identity *identity, PEP_STATUS is_own_address(PEP_SESSION session, const char* address, bool* is_own_addr) { - assert(session); - assert(is_own_addr); - assert(!EMPTYSTR(address)); if (!session || !is_own_addr || EMPTYSTR(address)) return PEP_ILLEGAL_VALUE; @@ -3802,12 +3706,7 @@ PEP_STATUS bind_own_ident_with_contact_ident(PEP_SESSION session, // since this could be either way PEP_STATUS has_partner_contacted_address(PEP_SESSION session, const char* partner_id, const char* own_address, bool* was_contacted) { - - assert(session); - assert(!EMPTYSTR(partner_id)); - assert(!EMPTYSTR(own_address)); - assert(was_contacted); - + if (!session || !was_contacted || EMPTYSTR(partner_id) || EMPTYSTR(own_address)) return PEP_ILLEGAL_VALUE; @@ -3885,7 +3784,6 @@ PEP_STATUS get_own_ident_for_contact_id(PEP_SESSION session, PEP_STATUS remove_fpr_as_default(PEP_SESSION session, const char* fpr) { - assert(fpr); if (!session || !fpr) return PEP_ILLEGAL_VALUE; @@ -3918,8 +3816,6 @@ PEP_STATUS replace_identities_fpr(PEP_SESSION session, const char* old_fpr, const char* new_fpr) { - assert(old_fpr); - assert(new_fpr); if (!old_fpr || !new_fpr) return PEP_ILLEGAL_VALUE; @@ -3967,11 +3863,6 @@ DYNAMIC_API PEP_STATUS set_identity_flags( { int result; - assert(session); - assert(identity); - assert(identity->address); - assert(identity->user_id); - if (!(session && identity && identity->address && identity->user_id)) return PEP_ILLEGAL_VALUE; @@ -4000,11 +3891,6 @@ DYNAMIC_API PEP_STATUS unset_identity_flags( { int result; - assert(session); - assert(identity); - assert(identity->address); - assert(identity->user_id); - if (!(session && identity && identity->address && identity->user_id)) return PEP_ILLEGAL_VALUE; @@ -4032,11 +3918,6 @@ DYNAMIC_API PEP_STATUS set_ident_enc_format( { int result; - assert(session); - assert(identity); - assert(identity->address); - assert(identity->user_id); - if (!(session && identity && identity->address && identity->user_id)) return PEP_ILLEGAL_VALUE; @@ -4377,9 +4258,6 @@ pEp_free: PEP_STATUS replace_userid(PEP_SESSION session, const char* old_uid, const char* new_uid) { - assert(session); - assert(old_uid); - assert(new_uid); if (!session || !old_uid || !new_uid) return PEP_ILLEGAL_VALUE; @@ -4416,8 +4294,6 @@ PEP_STATUS replace_userid(PEP_SESSION session, const char* old_uid, } PEP_STATUS remove_key(PEP_SESSION session, const char* fpr) { - assert(session); - assert(fpr); if (!session || EMPTYSTR(fpr)) return PEP_ILLEGAL_VALUE; @@ -4437,8 +4313,6 @@ PEP_STATUS remove_key(PEP_SESSION session, const char* fpr) { PEP_STATUS refresh_userid_default_key(PEP_SESSION session, const char* user_id) { - assert(session); - assert(user_id); if (!session || !user_id) return PEP_ILLEGAL_VALUE; @@ -4458,9 +4332,6 @@ PEP_STATUS refresh_userid_default_key(PEP_SESSION session, const char* user_id) PEP_STATUS replace_main_user_fpr(PEP_SESSION session, const char* user_id, const char* new_fpr) { - assert(session); - assert(user_id); - assert(new_fpr); if (!session || !user_id || !new_fpr) return PEP_ILLEGAL_VALUE; @@ -4482,9 +4353,6 @@ PEP_STATUS replace_main_user_fpr(PEP_SESSION session, const char* user_id, PEP_STATUS replace_main_user_fpr_if_equal(PEP_SESSION session, const char* user_id, const char* new_fpr, const char* compare_fpr) { - assert(session); - assert(user_id); - assert(compare_fpr); if (!session || !user_id || !compare_fpr) return PEP_ILLEGAL_VALUE; @@ -4515,11 +4383,7 @@ PEP_STATUS get_main_user_fpr(PEP_SESSION session, { PEP_STATUS status = PEP_STATUS_OK; int result; - - assert(session); - assert(user_id); - assert(main_fpr); - + if (!(session && user_id && user_id[0] && main_fpr)) return PEP_ILLEGAL_VALUE; @@ -4567,9 +4431,6 @@ DYNAMIC_API PEP_STATUS mark_as_compromised( { int result; - assert(session); - assert(fpr && fpr[0]); - if (!(session && fpr && fpr[0])) return PEP_ILLEGAL_VALUE; @@ -4600,15 +4461,6 @@ DYNAMIC_API PEP_STATUS get_trust(PEP_SESSION session, pEp_identity *identity) PEP_STATUS status = PEP_STATUS_OK; int result; - // We need to be able to test that we break correctly without shutting - // asserts off everywhere. - // assert(session); - // assert(identity); - // assert(identity->user_id); - // assert(identity->user_id[0]); - // assert(identity->fpr); - // assert(identity->fpr[0]); - if (!(session && identity && identity->user_id && identity->user_id[0] && identity->fpr && identity->fpr[0])) return PEP_ILLEGAL_VALUE; @@ -4647,10 +4499,6 @@ DYNAMIC_API PEP_STATUS least_trust( PEP_STATUS status = PEP_STATUS_OK; int result; - assert(session); - assert(fpr); - assert(comm_type); - if (!(session && fpr && comm_type)) return PEP_ILLEGAL_VALUE; @@ -4702,12 +4550,6 @@ DYNAMIC_API PEP_STATUS decrypt_and_verify( char** filename_ptr ) { - assert(session); - assert(ctext); - assert(csize); - assert(ptext); - assert(psize); - assert(keylist); if (!(session && ctext && csize && ptext && psize && keylist)) return PEP_ILLEGAL_VALUE; @@ -4730,12 +4572,6 @@ DYNAMIC_API PEP_STATUS encrypt_and_sign( size_t psize, char **ctext, size_t *csize ) { - assert(session); - assert(keylist); - assert(ptext); - assert(psize); - assert(ctext); - assert(csize); if (!(session && keylist && ptext && psize && ctext && csize)) return PEP_ILLEGAL_VALUE; @@ -4749,12 +4585,6 @@ PEP_STATUS encrypt_only( size_t psize, char **ctext, size_t *csize ) { - assert(session); - assert(keylist); - assert(ptext); - assert(psize); - assert(ctext); - assert(csize); if (!(session && keylist && ptext && psize && ctext && csize)) return PEP_ILLEGAL_VALUE; @@ -4769,12 +4599,6 @@ PEP_STATUS sign_only(PEP_SESSION session, const char *fpr, char **sign, size_t *sign_size) { - assert(session); - assert(fpr); - assert(data); - assert(data_size); - assert(sign); - assert(sign_size); if (!(session && fpr && data && data_size && sign && sign_size)) return PEP_ILLEGAL_VALUE; @@ -4791,12 +4615,6 @@ DYNAMIC_API PEP_STATUS verify_text( const char *signature, size_t sig_size, stringlist_t **keylist ) { - assert(session); - assert(text); - assert(size); - assert(signature); - assert(sig_size); - assert(keylist); if (!(session && text && size && signature && sig_size && keylist)) return PEP_ILLEGAL_VALUE; @@ -4807,8 +4625,6 @@ DYNAMIC_API PEP_STATUS verify_text( DYNAMIC_API PEP_STATUS delete_keypair(PEP_SESSION session, const char *fpr) { - assert(session); - assert(fpr); if (!(session && fpr)) return PEP_ILLEGAL_VALUE; @@ -4820,10 +4636,6 @@ DYNAMIC_API PEP_STATUS export_key( PEP_SESSION session, const char *fpr, char **key_data, size_t *size ) { - assert(session); - assert(fpr); - assert(key_data); - assert(size); if (!(session && fpr && key_data && size)) return PEP_ILLEGAL_VALUE; @@ -4836,11 +4648,6 @@ DYNAMIC_API PEP_STATUS export_secret_key( PEP_SESSION session, const char *fpr, char **key_data, size_t *size ) { - assert(session); - assert(fpr); - assert(key_data); - assert(size); - if (!(session && fpr && key_data && size)) return PEP_ILLEGAL_VALUE; @@ -4864,10 +4671,6 @@ DYNAMIC_API PEP_STATUS find_keys( PEP_SESSION session, const char *pattern, stringlist_t **keylist ) { - assert(session); - assert(pattern); - assert(keylist); - if (!(session && pattern && keylist)) return PEP_ILLEGAL_VALUE; @@ -4888,11 +4691,6 @@ PEP_STATUS _generate_keypair(PEP_SESSION session, bool suppress_event ) { - assert(session); - assert(identity); - assert(identity->address); - assert(identity->fpr == NULL || identity->fpr[0] == 0); -// assert(identity->username); // N.B. We now allow empty usernames, so the underlying layer for // non-sequoia crypto implementations will have to deal with this. @@ -4951,10 +4749,6 @@ DYNAMIC_API PEP_STATUS get_key_rating( PEP_comm_type *comm_type ) { - assert(session); - assert(fpr); - assert(comm_type); - if (!(session && fpr && comm_type)) return PEP_ILLEGAL_VALUE; @@ -4980,9 +4774,6 @@ PEP_STATUS _import_key_with_fpr_return( uint64_t* changed_public_keys ) { - assert(session); - assert(key_data); - if (!(session && key_data)) return PEP_ILLEGAL_VALUE; @@ -4994,10 +4785,7 @@ PEP_STATUS _import_key_with_fpr_return( } DYNAMIC_API PEP_STATUS recv_key(PEP_SESSION session, const char *pattern) -{ - assert(session); - assert(pattern); - +{ if (!(session && pattern)) return PEP_ILLEGAL_VALUE; @@ -5006,9 +4794,6 @@ DYNAMIC_API PEP_STATUS recv_key(PEP_SESSION session, const char *pattern) DYNAMIC_API PEP_STATUS send_key(PEP_SESSION session, const char *pattern) { - assert(session); - assert(pattern); - if (!(session && pattern)) return PEP_ILLEGAL_VALUE; @@ -5021,9 +4806,6 @@ DYNAMIC_API PEP_STATUS renew_key( const timestamp *ts ) { - assert(session); - assert(fpr); - if (!(session && fpr)) return PEP_ILLEGAL_VALUE; @@ -5036,9 +4818,6 @@ DYNAMIC_API PEP_STATUS revoke_key( const char *reason ) { - assert(session); - assert(fpr); - if (!(session && fpr)) return PEP_ILLEGAL_VALUE; @@ -5062,10 +4841,6 @@ DYNAMIC_API PEP_STATUS key_expired( bool *expired ) { - assert(session); - assert(fpr); - assert(expired); - if (!(session && fpr && expired)) return PEP_ILLEGAL_VALUE; @@ -5078,11 +4853,7 @@ DYNAMIC_API PEP_STATUS key_revoked( const char *fpr, bool *revoked ) -{ - assert(session); - assert(fpr); - assert(revoked); - +{ if (!(session && fpr && revoked)) return PEP_ILLEGAL_VALUE; @@ -5093,7 +4864,6 @@ DYNAMIC_API PEP_STATUS key_revoked( DYNAMIC_API PEP_STATUS config_cipher_suite(PEP_SESSION session, PEP_CIPHER_SUITE suite) { - assert(session); if (!session) return PEP_ILLEGAL_VALUE; @@ -5143,10 +4913,6 @@ DYNAMIC_API PEP_STATUS get_crashdump_log( PEP_STATUS status = PEP_STATUS_OK; char *_logdata= NULL; - assert(session); - assert(maxlines >= 0 && maxlines <= CRASHDUMP_MAX_LINES); - assert(logdata); - if (!(session && logdata && maxlines >= 0 && maxlines <= CRASHDUMP_MAX_LINES)) return PEP_ILLEGAL_VALUE; @@ -5241,9 +5007,6 @@ DYNAMIC_API PEP_STATUS get_languagelist( PEP_STATUS status = PEP_STATUS_OK; char *_languages= NULL; - assert(session); - assert(languages); - if (!(session && languages)) return PEP_ILLEGAL_VALUE; @@ -5313,7 +5076,6 @@ DYNAMIC_API PEP_STATUS get_phrase( { PEP_STATUS status = PEP_STATUS_OK; - assert(session && lang && lang[0] && lang[1] && lang[2] == 0 && phrase); if (!(session && lang && lang[0] && lang[1] && lang[2] == 0 && phrase)) return PEP_ILLEGAL_VALUE; @@ -5359,7 +5121,6 @@ the_end: static PEP_STATUS _get_sequence_value(PEP_SESSION session, const char *name, int32_t *value) { - assert(session && name && value); if (!(session && name && value)) return PEP_ILLEGAL_VALUE; @@ -5390,7 +5151,6 @@ static PEP_STATUS _get_sequence_value(PEP_SESSION session, const char *name, static PEP_STATUS _increment_sequence_value(PEP_SESSION session, const char *name) { - assert(session && name); if (!(session && name)) return PEP_ILLEGAL_VALUE; @@ -5413,9 +5173,6 @@ DYNAMIC_API PEP_STATUS sequence_value( { PEP_STATUS status = PEP_STATUS_OK; - assert(session); - assert(name && value); - if (!(session && name && name[0] && value)) return PEP_ILLEGAL_VALUE; @@ -5478,12 +5235,7 @@ DYNAMIC_API PEP_STATUS set_revoked( ) { PEP_STATUS status = PEP_STATUS_OK; - - assert(session && - revoked_fpr && revoked_fpr[0] && - replacement_fpr && replacement_fpr[0] - ); - + if (!(session && revoked_fpr && revoked_fpr[0] && replacement_fpr && replacement_fpr[0] @@ -5520,16 +5272,8 @@ DYNAMIC_API PEP_STATUS get_revoked( ) { PEP_STATUS status = PEP_STATUS_OK; - - assert(session && - revoked_fpr && - fpr && fpr[0] - ); - - if (!(session && - revoked_fpr && - fpr && fpr[0] - )) + + if (!(session && revoked_fpr && fpr && fpr[0])) return PEP_ILLEGAL_VALUE; *revoked_fpr = NULL; @@ -5570,8 +5314,6 @@ DYNAMIC_API PEP_STATUS get_replacement_fpr( ) { PEP_STATUS status = PEP_STATUS_OK; - - assert(session && revoked_fpr && !EMPTYSTR(fpr) && revocation_date); if (!session || !revoked_fpr || EMPTYSTR(fpr) || !revocation_date) return PEP_ILLEGAL_VALUE; @@ -5611,9 +5353,6 @@ PEP_STATUS get_last_contacted( identity_list** id_list ) { - assert(session); - assert(id_list); - if (!(session && id_list)) return PEP_ILLEGAL_VALUE; @@ -5659,7 +5398,6 @@ PEP_STATUS key_created( time_t *created ) { - assert(session && fpr && created); if (!(session && fpr && created)) return PEP_ILLEGAL_VALUE; @@ -5669,7 +5407,6 @@ PEP_STATUS key_created( PEP_STATUS find_private_keys(PEP_SESSION session, const char* pattern, stringlist_t **keylist) { - assert(session && keylist); if (!(session && keylist)) return PEP_ILLEGAL_VALUE; @@ -5688,7 +5425,6 @@ DYNAMIC_API const char* get_protocol_version() { DYNAMIC_API PEP_STATUS reset_pEptest_hack(PEP_SESSION session) { - assert(session); if (!session) return PEP_ILLEGAL_VALUE; @@ -5708,55 +5444,6 @@ DYNAMIC_API PEP_STATUS reset_pEptest_hack(PEP_SESSION session) return PEP_STATUS_OK; } -#ifdef DEBUG_ERRORSTACK -PEP_STATUS session_add_error(PEP_SESSION session, const char* file, unsigned line, PEP_STATUS status) -{ - char logline[48]; - if(status>0) - { - snprintf(logline,47, "%.24s:%u status=%u (0x%x)", file, line, status, status); - }else{ - snprintf(logline,47, "%.24s:%u status=%i.", file, line, status); - } - stringlist_add(session->errorstack, logline); // logline is copied! :-) - return status; -} - -DYNAMIC_API const stringlist_t* get_errorstack(PEP_SESSION session) -{ - return session->errorstack; -} - -DYNAMIC_API void clear_errorstack(PEP_SESSION session) -{ - const int old_len = stringlist_length(session->errorstack); - char buf[48]; - free_stringlist(session->errorstack); - snprintf(buf, 47, "(%i elements cleared)", old_len); - session->errorstack = new_stringlist(buf); -} - -#else - -static stringlist_t* dummy_errorstack = NULL; - -DYNAMIC_API const stringlist_t* get_errorstack(PEP_SESSION session) -{ - if(dummy_errorstack == NULL) - { - dummy_errorstack = new_stringlist("( Please recompile pEpEngine with -DDEBUG_ERRORSTACK )"); - } - - return dummy_errorstack; -} - -DYNAMIC_API void clear_errorstack(PEP_SESSION session) -{ - // nothing to do here -} - -#endif - DYNAMIC_API void _service_error_log(PEP_SESSION session, const char *entity, PEP_STATUS status, const char *where) { diff --git a/src/pEpEngine.h b/src/pEpEngine.h index b348df37..5aaad103 100644 --- a/src/pEpEngine.h +++ b/src/pEpEngine.h @@ -285,26 +285,6 @@ DYNAMIC_API PEP_STATUS init( DYNAMIC_API void release(PEP_SESSION session); - -// const stringlist_t* get_errorstack(PEP_SESSION) - get the error stack for that session, if any -// -// parameters: -// session (in) session handle -// -// caveat: -// To get a useful error stack you have to compile with -DDEBUG_ERRORSTACK -// The error stack belongs to the session. Do no not change it! -DYNAMIC_API const stringlist_t* get_errorstack(PEP_SESSION session); - - -// void clear_errorstack(PEP_SESSION) - clear the error stack for that session, if any -// -// parameters: -// session (in) session handle -// -DYNAMIC_API void clear_errorstack(PEP_SESSION session); - - // config_passive_mode() - enable passive mode // // parameters: diff --git a/src/pEp_internal.h b/src/pEp_internal.h index e19e7809..2c6cc848 100644 --- a/src/pEp_internal.h +++ b/src/pEp_internal.h @@ -269,9 +269,6 @@ struct _pEpSession { bool service_log; #ifndef NDEBUG -# ifdef DEBUG_ERRORSTACK - stringlist_t* errorstack; -# endif int debug_color; #endif }; diff --git a/test/src/Engine.cc b/test/src/Engine.cc index 03b79055..14e6dbcb 100644 --- a/test/src/Engine.cc +++ b/test/src/Engine.cc @@ -95,13 +95,6 @@ void Engine::start() { PEP_STATUS status = init(&session, cached_messageToSend, cached_inject_sync_event, cached_ensure_passphrase); assert(status == PEP_STATUS_OK); assert(session); - -#ifdef USE_GPG - success = system("gpgconf --create-socketdir"); - if (success != 0) - throw std::runtime_error("RESTORE: Error when executing 'gpgconf --create-socketdir'."); - system("gpg-connect-agent /bye 2>/dev/null"); // Just in case - otherwise, we die on MacOS sometimes. Is this enough?? -#endif } void Engine::copy_conf_file_to_test_dir(const char* dest_path, const char* conf_orig_path, const char* conf_dest_name) { diff --git a/test/src/SyncTest.cc b/test/src/SyncTest.cc deleted file mode 100644 index 1e4a3a91..00000000 --- a/test/src/SyncTest.cc +++ /dev/null @@ -1,342 +0,0 @@ -// This file is under GNU General Public License 3.0 -// see LICENSE.txt - -#include -#include -#include -#include - -#include "locked_queue.hh" -#include "sync_api.h" -#include "Sync_impl.h" - -#include "test_util.h" - -#include "pEpEngine.h" - -#include "pEp_internal.h" -#include "KeySync_fsm.h" -#include "sync_codec.h" - -#include "Engine.h" - -#include - -class Sync_Adapter; - -// wrappers for static callbacks. Don't ask me about this mess. -PEP_STATUS ST_message_send_callback(message* msg); -int ST_inject_sync_event_callback(SYNC_EVENT ev, void *management); -Sync_event_t* ST_retrieve_next_sync_event_callback(void *management, unsigned threshold); -void ST_sync_thread_callback(PEP_SESSION session, Sync_Adapter *adapter); -PEP_STATUS ST_notifyHandshake_callback(pEp_identity *me, pEp_identity *partner, sync_handshake_signal signal); - -static void* ST_fake_this; - -class Sync_Adapter { -public: - utility::locked_queue< Sync_event_t * > q; - - void processing(); - - static PEP_STATUS notifyHandshake( - pEp_identity *me, - pEp_identity *partner, - sync_handshake_signal signal - ); - static int inject_sync_event(SYNC_EVENT ev, void *management); - static Sync_event_t *retrieve_next_sync_event(void *management, unsigned threshold); - static PEP_STATUS messageToSend(struct _message *msg); - - static void sync_thread(PEP_SESSION session, Sync_Adapter *adapter); -}; - - -void Sync_Adapter::processing() -{ - output_stream << "waiting for processing\n"; - const struct timespec arr[] = {{0, 100000000L}}; - while (!q.empty()) { - nanosleep(arr, NULL); - } -} - -PEP_STATUS Sync_Adapter::notifyHandshake( - pEp_identity *me, - pEp_identity *partner, - sync_handshake_signal signal - ) -{ - return PEP_STATUS_OK; -} - -PEP_STATUS ST_notifyHandshake_callback( - pEp_identity*me, - pEp_identity *partner, - sync_handshake_signal signal - ) { - return ((Sync_Adapter*)ST_fake_this)->notifyHandshake(me, partner, signal); -} - -int Sync_Adapter::inject_sync_event(SYNC_EVENT ev, void *management) -{ - Sync_event_t *_ev = ev; - switch (_ev->fsm) { - case Sync_PR_keysync: - output_stream << "injecting event " << KeySync_event_name(_ev->event) << "\n"; - break; - default: - output_stream << "unknown state machine: " << _ev->fsm << "\n"; - assert(0); - } - auto adapter = static_cast< Sync_Adapter *>(management); - adapter->q.push_front(ev); - return 0; -} - -int ST_inject_sync_event_callback(SYNC_EVENT ev, void *management) { - return ((Sync_Adapter*)ST_fake_this)->inject_sync_event(ev, management); -} - -Sync_event_t *Sync_Adapter::retrieve_next_sync_event(void *management, unsigned threshold) -{ - // N.B. I think it's too late by the time you get here. - auto adapter = static_cast< Sync_Adapter *>(management); - time_t started = time(nullptr); - bool timeout = false; - - while (adapter->q.empty()) { - int i = 0; - ++i; - if (i > 10) { - if (time(nullptr) > started + threshold) { - timeout = true; - break; - } - i = 0; - } - const struct timespec arr[] = {{0, 100000000L}}; - nanosleep(arr, NULL); - } - - if (timeout) - return SYNC_TIMEOUT_EVENT; - - Sync_event_t *ev = adapter->q.pop_front(); - if (ev) { - switch (ev->fsm) { - case Sync_PR_keysync: - output_stream << "sync thread: retrieving event " << KeySync_event_name(ev->event) << "\n"; - break; - default: - output_stream << "sync thread: unknown state machine: " << ev->fsm << "\n"; - assert(0); - } - } - else { - output_stream << "sync thread: retrieving shutdown\n"; - } - - return ev; -} - -Sync_event_t* ST_retrieve_next_sync_event_callback(void *management, - unsigned threshold) { - - return ((Sync_Adapter*)ST_fake_this)->retrieve_next_sync_event(management, threshold); -} - -PEP_STATUS Sync_Adapter::messageToSend(struct _message *msg) -{ - assert(msg && msg->attachments); - - output_stream << "sending message:\n"; - - for (bloblist_t *b = msg->attachments; b && b->value; b = b->next) { - if (b->mime_type && strcasecmp(b->mime_type, "application/pEp.sync") == 0) { - assert(msg->from && msg->from->address && msg->from->username); - output_stream << "\n"; - char *text = NULL; - PEP_STATUS status = PER_to_XER_Sync_msg(msg->attachments->value, msg->attachments->size, &text); - assert(status == PEP_STATUS_OK); - output_stream << text << "\n"; - free(text); - } - } - - free_message(msg); - return PEP_STATUS_OK; -} - -PEP_STATUS ST_message_send_callback(message* msg) { - return ((Sync_Adapter*)ST_fake_this)->messageToSend(msg); -} - - -void Sync_Adapter::sync_thread(PEP_SESSION session, Sync_Adapter *adapter) -{ - output_stream << "sync_thread: startup\n"; - do_sync_protocol(session, adapter); - output_stream << "sync_thread: shutdown\n"; -} - -void ST_sync_thread_callback(PEP_SESSION session, Sync_Adapter *adapter) { - ((Sync_Adapter*)ST_fake_this)->sync_thread(session, adapter); -} - -namespace { - - //The fixture for SyncTest - class SyncTest : public ::testing::Test { - public: - Engine* engine; - PEP_SESSION session; - - Sync_Adapter adapter; - PEP_SESSION sync = NULL; - thread *sync_thread; - - - protected: - // You can remove any or all of the following functions if its body - // is empty. - SyncTest() { - // You can do set-up work for each test here. - test_suite_name = ::testing::UnitTest::GetInstance()->current_test_info()->GTEST_SUITE_SYM(); - test_name = ::testing::UnitTest::GetInstance()->current_test_info()->name(); - test_path = get_main_test_home_dir() + "/" + test_suite_name + "/" + test_name; - } - - ~SyncTest() override { - // You can do clean-up work that doesn't throw exceptions here. - } - - // If the constructor and destructor are not enough for setting up - // and cleaning up each test, you can define the following methods: - - void SetUp() override { - // Code here will be called immediately after the constructor (right - // before each test). - - // Leave this empty if there are no files to copy to the home directory path - std::vector> init_files = std::vector>(); - - // Get a new test Engine. - engine = new Engine(test_path); - ASSERT_NE(engine, nullptr); - - // Ok, let's initialize test directories etc. - engine->prep(NULL, NULL, NULL, init_files); - - // Ok, try to start this bugger. Is this totally irrelevant for this case?? - engine->start(); - ASSERT_NE(engine->session, nullptr); - session = engine->session; - - // Engine is up. Keep on truckin' - - pEp_identity *self = new_identity("alice@synctests.pEp", nullptr, "23", "Alice Miller"); - assert(self); - output_stream << "setting own identity for " << self->address << "\n"; - PEP_STATUS status = myself(session, self); - assert(self->me); - assert(self->fpr); - output_stream << "fpr: " << self->fpr << "\n"; - free_identity(self); - - ST_fake_this = (void*)(&adapter); - - status = init(&sync, ST_message_send_callback, ST_inject_sync_event_callback, NULL); - if (status != PEP_STATUS_OK) - throw std::runtime_error((string("init returned ") + tl_status_string(status)).c_str()); - - output_stream << "initialize sync and start first state machine\n"; - status = register_sync_callbacks( - sync, - (void *) &adapter.q, - ST_notifyHandshake_callback, - ST_retrieve_next_sync_event_callback - ); - if (status != PEP_STATUS_OK) - throw std::runtime_error((string("register sync status returned ") + tl_status_string(status)).c_str()); - if (sync->sync_state.keysync.state != Sole) - throw std::runtime_error((string("keysync.state was supposed to be ") + to_string((int)Sole) + " but was " + to_string((int)(sync->sync_state.keysync.state))).c_str()); - - output_stream << "creating thread for sync\n"; - sync_thread = new thread(ST_sync_thread_callback, sync, &adapter); - - } - - void TearDown() override { - // Code here will be called immediately after each test (right - // before the destructor). - - adapter.processing(); - - output_stream << "sending shutdown to sync thread\n"; - adapter.q.push_front(nullptr); - sync_thread->join(); - - unregister_sync_callbacks(sync); - release(sync); - - engine->shut_down(); - delete engine; - engine = NULL; - session = NULL; - } - - private: - const char* test_suite_name; - const char* test_name; - string test_path; - // Objects declared here can be used by all tests in the SyncTest suite. - - }; - -} // namespace - -TEST_F(SyncTest, check_sync) -{ - output_stream << "check_sync(): trigger KeyGen event\n"; - signal_Sync_event(sync, Sync_PR_keysync, KeyGen, NULL); - adapter.processing(); - - output_stream << "check_sync(): cry for unknown key\n"; - signal_Sync_event(sync, Sync_PR_keysync, CannotDecrypt, NULL); -} - -/* - * This wont work because of threading stuff. Don't put it back in. - -TEST_F(SyncTest, check_sync_enable) -{ - pEp_identity* julio = new_identity("julio.iglesias@truhan.senor.es", NULL, PEP_OWN_USERID, "Julio Iglesias"); - PEP_STATUS status = myself(sync, julio); - ASSERT_OK; - enable_identity_for_sync(sync, julio); - adapter.processing(); - myself(sync, julio); - ASSERT_EQ(julio->flags, PEP_idf_devicegroup); - string current_fpr = julio->fpr; - - // Passes if you step through and ignore the send_key_to_recents part of key reset, because the attempt to pass the static class vars above doesn't work. - // FIXME: KB, reimplement according to now-standard method used in key reset tests - disable_identity_for_sync(sync, julio); - adapter.processing(); - status = myself(sync, julio); - ASSERT_OK; - ASSERT_EQ(julio->flags, PEP_idf_not_for_sync); - ASSERT_STRNE(current_fpr.c_str(), julio->fpr); - - pEp_identity* juan = new_identity("juan.valdez@columbian.coffee.co", NULL, PEP_OWN_USERID, "Juan Valdez"); - status = myself(sync, juan); - ASSERT_OK; - disable_identity_for_sync(sync, juan); - adapter.processing(); - status = myself(sync, juan); - ASSERT_OK; - ASSERT_EQ(juan->flags, PEP_idf_not_for_sync); - ASSERT_FALSE(EMPTYSTR(juan->fpr)); -} -*/ From 24c535387e06c6ad171ab40519bacb211a5702eb Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Wed, 5 Aug 2020 14:52:50 +0200 Subject: [PATCH 47/50] removed parameter asserts so that we can test failure cases in pEpEngine.c --- src/pEpEngine.c | 335 ++++++------------------------------------------ 1 file changed, 39 insertions(+), 296 deletions(-) diff --git a/src/pEpEngine.c b/src/pEpEngine.c index fda3f1c5..b56d17a4 100644 --- a/src/pEpEngine.c +++ b/src/pEpEngine.c @@ -538,9 +538,6 @@ static const char *sql_get_last_contacted = static int user_version(void *_version, int count, char **text, char **name) { - assert(_version); - assert(count == 1); - assert(text && text[0]); if (!(_version && count == 1 && text && text[0])) return -1; @@ -983,7 +980,6 @@ DYNAMIC_API PEP_STATUS init( // client session, or by using synchronization primitive to protect // creation/deletion of first/last session from the app. - assert(session); if (session == NULL) return PEP_ILLEGAL_VALUE; @@ -2124,10 +2120,7 @@ DYNAMIC_API void release(PEP_SESSION session) bool out_last = false; int _count = --init_count; - assert(_count >= -1); - assert(session); - - if (!((_count >= -1) && session)) + if ((_count < -1) || !session) return; // a small race condition but still a race condition @@ -2394,11 +2387,7 @@ DYNAMIC_API PEP_STATUS log_event( session->service_log = true; int result; - - assert(session); - assert(title); - assert(entity); - + if (!(session && title && entity)) return PEP_ILLEGAL_VALUE; @@ -2428,7 +2417,6 @@ DYNAMIC_API PEP_STATUS log_service( const char *comment ) { - assert(session); if (!session) return PEP_ILLEGAL_VALUE; @@ -2445,10 +2433,6 @@ DYNAMIC_API PEP_STATUS trustword( { PEP_STATUS status = PEP_STATUS_OK; - assert(session); - assert(word); - assert(wsize); - if (!(session && word && wsize)) return PEP_ILLEGAL_VALUE; @@ -2458,6 +2442,7 @@ DYNAMIC_API PEP_STATUS trustword( if (lang == NULL) lang = "en"; + // FIXME: should this not be an actual check??? assert((lang[0] >= 'A' && lang[0] <= 'Z') || (lang[0] >= 'a' && lang[0] <= 'z')); assert((lang[1] >= 'A' && lang[1] <= 'Z') @@ -2490,12 +2475,6 @@ DYNAMIC_API PEP_STATUS trustwords( { const char *source = fingerprint; - assert(session); - assert(fingerprint); - assert(words); - assert(wsize); - assert(max_words >= 0); - if (!(session && fingerprint && words && wsize && max_words >= 0)) return PEP_ILLEGAL_VALUE; @@ -2513,6 +2492,7 @@ DYNAMIC_API PEP_STATUS trustwords( if (!lang || !lang[0]) lang = "en"; + // FIXME: Should this not be an actual check? assert((lang[0] >= 'A' && lang[0] <= 'Z') || (lang[0] >= 'a' && lang[0] <= 'z')); assert((lang[1] >= 'A' && lang[1] <= 'Z') @@ -2578,7 +2558,6 @@ pEp_identity *new_identity( ) { pEp_identity *result = calloc(1, sizeof(pEp_identity)); - assert(result); if (result) { if (address) { result->address = strdup(address); @@ -2618,23 +2597,23 @@ pEp_identity *new_identity( pEp_identity *identity_dup(const pEp_identity *src) { - assert(src); - - pEp_identity *dup = new_identity(src->address, src->fpr, src->user_id, - src->username); - assert(dup); - if (dup == NULL) - return NULL; - - dup->comm_type = src->comm_type; - dup->lang[0] = src->lang[0]; - dup->lang[1] = src->lang[1]; - dup->lang[2] = 0; - dup->flags = src->flags; - dup->me = src->me; - dup->major_ver = src->major_ver; - dup->minor_ver = src->minor_ver; - + pEp_identity* dup = NULL; + if (src) { + dup = new_identity(src->address, src->fpr, src->user_id, + src->username); + assert(dup); + if (dup == NULL) + return NULL; + + dup->comm_type = src->comm_type; + dup->lang[0] = src->lang[0]; + dup->lang[1] = src->lang[1]; + dup->lang[2] = 0; + dup->flags = src->flags; + dup->me = src->me; + dup->major_ver = src->major_ver; + dup->minor_ver = src->minor_ver; + } return dup; } @@ -2654,8 +2633,6 @@ DYNAMIC_API PEP_STATUS get_default_own_userid( char** userid ) { - assert(session); - assert(userid); if (!session || !userid) return PEP_ILLEGAL_VALUE; @@ -2698,11 +2675,6 @@ DYNAMIC_API PEP_STATUS get_userid_alias_default( const char* alias_id, char** default_id) { - assert(session); - assert(alias_id); - assert(alias_id[0]); - assert(default_id); - if (!(session && alias_id && alias_id[0] && default_id)) return PEP_ILLEGAL_VALUE; @@ -2743,10 +2715,6 @@ DYNAMIC_API PEP_STATUS set_userid_alias ( int result; - assert(session); - assert(default_id); - assert(alias_id); - if (!(session && default_id && alias_id && default_id[0] != '\0' && alias_id[0] != '\0')) return PEP_ILLEGAL_VALUE; @@ -2782,11 +2750,6 @@ DYNAMIC_API PEP_STATUS get_identity( PEP_STATUS status = PEP_STATUS_OK; pEp_identity *_identity = NULL; - assert(session); - assert(address); - assert(address[0]); - assert(identity); - if (!(session && address && address[0] && identity)) return PEP_ILLEGAL_VALUE; @@ -3011,11 +2974,6 @@ PEP_STATUS get_identity_without_trust_check( PEP_STATUS status = PEP_STATUS_OK; pEp_identity *_identity = NULL; - assert(session); - assert(address); - assert(address[0]); - assert(identity); - if (!(session && address && address[0] && identity)) return PEP_ILLEGAL_VALUE; @@ -3080,10 +3038,6 @@ PEP_STATUS get_identities_by_address( identity_list** id_list ) { - assert(session); - assert(address); - assert(address[0]); - assert(id_list); if (!(session && address && address[0] && id_list)) return PEP_ILLEGAL_VALUE; @@ -3151,11 +3105,7 @@ PEP_STATUS get_identities_by_address( PEP_STATUS exists_identity_entry(PEP_SESSION session, pEp_identity* identity, bool* exists) { - assert(session); - assert(identity); - assert(!EMPTYSTR(identity->user_id)); - assert(!EMPTYSTR(identity->address)); - if (!session || !exists || EMPTYSTR(identity->user_id) || EMPTYSTR(identity->address)) + if (!session || !exists || !identity || EMPTYSTR(identity->user_id) || EMPTYSTR(identity->address)) return PEP_ILLEGAL_VALUE; *exists = false; @@ -3186,11 +3136,7 @@ PEP_STATUS exists_identity_entry(PEP_SESSION session, pEp_identity* identity, PEP_STATUS exists_trust_entry(PEP_SESSION session, pEp_identity* identity, bool* exists) { - assert(session); - assert(identity); - assert(!EMPTYSTR(identity->user_id)); - assert(!EMPTYSTR(identity->fpr)); - if (!session || !exists || EMPTYSTR(identity->user_id) || EMPTYSTR(identity->fpr)) + if (!session || !exists || !identity || EMPTYSTR(identity->user_id) || EMPTYSTR(identity->fpr)) return PEP_ILLEGAL_VALUE; *exists = false; @@ -3261,11 +3207,6 @@ PEP_STATUS clear_trust_info(PEP_SESSION session, static PEP_STATUS _set_or_update_trust(PEP_SESSION session, pEp_identity* identity, sqlite3_stmt* set_or_update) { - - assert(session); - assert(identity); - assert(identity->user_id); - assert(identity->fpr); if (!session || !identity || EMPTYSTR(identity->user_id) || EMPTYSTR(identity->fpr)) return PEP_ILLEGAL_VALUE; @@ -3294,9 +3235,6 @@ static PEP_STATUS _set_or_update_trust(PEP_SESSION session, static PEP_STATUS _set_or_update_identity_entry(PEP_SESSION session, pEp_identity* identity, sqlite3_stmt* set_or_update) { - assert(session); - assert(identity); - assert(set_or_update); if (!session || !identity || !identity->user_id || !identity->address) return PEP_ILLEGAL_VALUE; @@ -3324,9 +3262,6 @@ static PEP_STATUS _set_or_update_identity_entry(PEP_SESSION session, static PEP_STATUS _set_or_update_person(PEP_SESSION session, pEp_identity* identity, sqlite3_stmt* set_or_update) { - assert(session); - assert(identity); - assert(set_or_update); if (!session || !identity || !identity->user_id || !identity->username) return PEP_ILLEGAL_VALUE; @@ -3433,12 +3368,6 @@ DYNAMIC_API PEP_STATUS set_identity( { int result; - assert(session); - assert(identity); - assert(identity->address); - assert(identity->user_id); - assert(identity->username); - if (!(session && identity && identity->address && identity->user_id && identity->username)) return PEP_ILLEGAL_VALUE; @@ -3531,10 +3460,6 @@ PEP_STATUS update_pEp_user_trust_vals(PEP_SESSION session, // This ONLY sets the user flag. Must be called outside of a transaction. DYNAMIC_API PEP_STATUS set_as_pEp_user(PEP_SESSION session, pEp_identity* user) { - - assert(session); - assert(user); - assert(!EMPTYSTR(user->user_id)); if (!session || !user || EMPTYSTR(user->user_id)) return PEP_ILLEGAL_VALUE; @@ -3568,10 +3493,10 @@ DYNAMIC_API PEP_STATUS set_as_pEp_user(PEP_SESSION session, pEp_identity* user) // This ONLY sets the version flag. Must be called outside of a transaction. PEP_STATUS set_pEp_version(PEP_SESSION session, pEp_identity* ident, unsigned int new_ver_major, unsigned int new_ver_minor) { - assert(session); - assert(!EMPTYSTR(ident->user_id)); - assert(!EMPTYSTR(ident->address)); - + + if (!session || !ident || EMPTYSTR(ident->user_id) || EMPTYSTR(ident->address)) + return PEP_ILLEGAL_VALUE; + sqlite3_reset(session->set_pEp_version); sqlite3_bind_double(session->set_pEp_version, 1, new_ver_major); sqlite3_bind_double(session->set_pEp_version, 2, new_ver_minor); @@ -3596,8 +3521,9 @@ PEP_STATUS upgrade_pEp_version_by_user_id(PEP_SESSION session, unsigned int new_ver_minor ) { - assert(session); - assert(!EMPTYSTR(ident->user_id)); + + if (!session || !ident || EMPTYSTR(ident->user_id)) + return PEP_ILLEGAL_VALUE; sqlite3_reset(session->upgrade_pEp_version_by_user_id); sqlite3_bind_int(session->upgrade_pEp_version_by_user_id, 1, new_ver_major); @@ -3616,14 +3542,7 @@ PEP_STATUS upgrade_pEp_version_by_user_id(PEP_SESSION session, PEP_STATUS exists_person(PEP_SESSION session, pEp_identity* identity, bool* exists) { - - // const char* user_id, - // char** default_id, bool* exists) { - assert(session); - assert(exists); - assert(identity); - assert(!EMPTYSTR(identity->user_id)); - + if (!session || !exists || !identity || EMPTYSTR(identity->user_id)) return PEP_ILLEGAL_VALUE; @@ -3665,8 +3584,7 @@ PEP_STATUS exists_person(PEP_SESSION session, pEp_identity* identity, } PEP_STATUS delete_person(PEP_SESSION session, const char* user_id) { - assert(session); - assert(!EMPTYSTR(user_id)); + if (!session || EMPTYSTR(user_id)) return PEP_ILLEGAL_VALUE; @@ -3687,10 +3605,6 @@ PEP_STATUS delete_person(PEP_SESSION session, const char* user_id) { DYNAMIC_API PEP_STATUS is_pEp_user(PEP_SESSION session, pEp_identity *identity, bool* is_pEp) { - assert(session); - assert(is_pEp); - assert(identity); - assert(!EMPTYSTR(identity->user_id)); if (!session || !is_pEp || !identity || EMPTYSTR(identity->user_id)) return PEP_ILLEGAL_VALUE; @@ -3732,9 +3646,6 @@ DYNAMIC_API PEP_STATUS is_pEp_user(PEP_SESSION session, pEp_identity *identity, PEP_STATUS is_own_address(PEP_SESSION session, const char* address, bool* is_own_addr) { - assert(session); - assert(is_own_addr); - assert(!EMPTYSTR(address)); if (!session || !is_own_addr || EMPTYSTR(address)) return PEP_ILLEGAL_VALUE; @@ -3792,12 +3703,7 @@ PEP_STATUS bind_own_ident_with_contact_ident(PEP_SESSION session, // since this could be either way PEP_STATUS has_partner_contacted_address(PEP_SESSION session, const char* partner_id, const char* own_address, bool* was_contacted) { - - assert(session); - assert(!EMPTYSTR(partner_id)); - assert(!EMPTYSTR(own_address)); - assert(was_contacted); - + if (!session || !was_contacted || EMPTYSTR(partner_id) || EMPTYSTR(own_address)) return PEP_ILLEGAL_VALUE; @@ -3875,7 +3781,6 @@ PEP_STATUS get_own_ident_for_contact_id(PEP_SESSION session, PEP_STATUS remove_fpr_as_default(PEP_SESSION session, const char* fpr) { - assert(fpr); if (!session || !fpr) return PEP_ILLEGAL_VALUE; @@ -3908,8 +3813,6 @@ PEP_STATUS replace_identities_fpr(PEP_SESSION session, const char* old_fpr, const char* new_fpr) { - assert(old_fpr); - assert(new_fpr); if (!old_fpr || !new_fpr) return PEP_ILLEGAL_VALUE; @@ -3957,11 +3860,6 @@ DYNAMIC_API PEP_STATUS set_identity_flags( { int result; - assert(session); - assert(identity); - assert(identity->address); - assert(identity->user_id); - if (!(session && identity && identity->address && identity->user_id)) return PEP_ILLEGAL_VALUE; @@ -3990,11 +3888,6 @@ DYNAMIC_API PEP_STATUS unset_identity_flags( { int result; - assert(session); - assert(identity); - assert(identity->address); - assert(identity->user_id); - if (!(session && identity && identity->address && identity->user_id)) return PEP_ILLEGAL_VALUE; @@ -4022,11 +3915,6 @@ DYNAMIC_API PEP_STATUS set_ident_enc_format( { int result; - assert(session); - assert(identity); - assert(identity->address); - assert(identity->user_id); - if (!(session && identity && identity->address && identity->user_id)) return PEP_ILLEGAL_VALUE; @@ -4367,9 +4255,6 @@ pEp_free: PEP_STATUS replace_userid(PEP_SESSION session, const char* old_uid, const char* new_uid) { - assert(session); - assert(old_uid); - assert(new_uid); if (!session || !old_uid || !new_uid) return PEP_ILLEGAL_VALUE; @@ -4406,8 +4291,6 @@ PEP_STATUS replace_userid(PEP_SESSION session, const char* old_uid, } PEP_STATUS remove_key(PEP_SESSION session, const char* fpr) { - assert(session); - assert(fpr); if (!session || EMPTYSTR(fpr)) return PEP_ILLEGAL_VALUE; @@ -4427,8 +4310,6 @@ PEP_STATUS remove_key(PEP_SESSION session, const char* fpr) { PEP_STATUS refresh_userid_default_key(PEP_SESSION session, const char* user_id) { - assert(session); - assert(user_id); if (!session || !user_id) return PEP_ILLEGAL_VALUE; @@ -4448,9 +4329,6 @@ PEP_STATUS refresh_userid_default_key(PEP_SESSION session, const char* user_id) PEP_STATUS replace_main_user_fpr(PEP_SESSION session, const char* user_id, const char* new_fpr) { - assert(session); - assert(user_id); - assert(new_fpr); if (!session || !user_id || !new_fpr) return PEP_ILLEGAL_VALUE; @@ -4472,9 +4350,6 @@ PEP_STATUS replace_main_user_fpr(PEP_SESSION session, const char* user_id, PEP_STATUS replace_main_user_fpr_if_equal(PEP_SESSION session, const char* user_id, const char* new_fpr, const char* compare_fpr) { - assert(session); - assert(user_id); - assert(compare_fpr); if (!session || !user_id || !compare_fpr) return PEP_ILLEGAL_VALUE; @@ -4505,11 +4380,7 @@ PEP_STATUS get_main_user_fpr(PEP_SESSION session, { PEP_STATUS status = PEP_STATUS_OK; int result; - - assert(session); - assert(user_id); - assert(main_fpr); - + if (!(session && user_id && user_id[0] && main_fpr)) return PEP_ILLEGAL_VALUE; @@ -4557,9 +4428,6 @@ DYNAMIC_API PEP_STATUS mark_as_compromised( { int result; - assert(session); - assert(fpr && fpr[0]); - if (!(session && fpr && fpr[0])) return PEP_ILLEGAL_VALUE; @@ -4590,15 +4458,6 @@ DYNAMIC_API PEP_STATUS get_trust(PEP_SESSION session, pEp_identity *identity) PEP_STATUS status = PEP_STATUS_OK; int result; - // We need to be able to test that we break correctly without shutting - // asserts off everywhere. - // assert(session); - // assert(identity); - // assert(identity->user_id); - // assert(identity->user_id[0]); - // assert(identity->fpr); - // assert(identity->fpr[0]); - if (!(session && identity && identity->user_id && identity->user_id[0] && identity->fpr && identity->fpr[0])) return PEP_ILLEGAL_VALUE; @@ -4637,10 +4496,6 @@ DYNAMIC_API PEP_STATUS least_trust( PEP_STATUS status = PEP_STATUS_OK; int result; - assert(session); - assert(fpr); - assert(comm_type); - if (!(session && fpr && comm_type)) return PEP_ILLEGAL_VALUE; @@ -4692,12 +4547,6 @@ DYNAMIC_API PEP_STATUS decrypt_and_verify( char** filename_ptr ) { - assert(session); - assert(ctext); - assert(csize); - assert(ptext); - assert(psize); - assert(keylist); if (!(session && ctext && csize && ptext && psize && keylist)) return PEP_ILLEGAL_VALUE; @@ -4720,12 +4569,6 @@ DYNAMIC_API PEP_STATUS encrypt_and_sign( size_t psize, char **ctext, size_t *csize ) { - assert(session); - assert(keylist); - assert(ptext); - assert(psize); - assert(ctext); - assert(csize); if (!(session && keylist && ptext && psize && ctext && csize)) return PEP_ILLEGAL_VALUE; @@ -4739,12 +4582,6 @@ PEP_STATUS encrypt_only( size_t psize, char **ctext, size_t *csize ) { - assert(session); - assert(keylist); - assert(ptext); - assert(psize); - assert(ctext); - assert(csize); if (!(session && keylist && ptext && psize && ctext && csize)) return PEP_ILLEGAL_VALUE; @@ -4759,12 +4596,6 @@ PEP_STATUS sign_only(PEP_SESSION session, const char *fpr, char **sign, size_t *sign_size) { - assert(session); - assert(fpr); - assert(data); - assert(data_size); - assert(sign); - assert(sign_size); if (!(session && fpr && data && data_size && sign && sign_size)) return PEP_ILLEGAL_VALUE; @@ -4781,12 +4612,6 @@ DYNAMIC_API PEP_STATUS verify_text( const char *signature, size_t sig_size, stringlist_t **keylist ) { - assert(session); - assert(text); - assert(size); - assert(signature); - assert(sig_size); - assert(keylist); if (!(session && text && size && signature && sig_size && keylist)) return PEP_ILLEGAL_VALUE; @@ -4797,8 +4622,6 @@ DYNAMIC_API PEP_STATUS verify_text( DYNAMIC_API PEP_STATUS delete_keypair(PEP_SESSION session, const char *fpr) { - assert(session); - assert(fpr); if (!(session && fpr)) return PEP_ILLEGAL_VALUE; @@ -4810,10 +4633,6 @@ DYNAMIC_API PEP_STATUS export_key( PEP_SESSION session, const char *fpr, char **key_data, size_t *size ) { - assert(session); - assert(fpr); - assert(key_data); - assert(size); if (!(session && fpr && key_data && size)) return PEP_ILLEGAL_VALUE; @@ -4826,11 +4645,6 @@ DYNAMIC_API PEP_STATUS export_secret_key( PEP_SESSION session, const char *fpr, char **key_data, size_t *size ) { - assert(session); - assert(fpr); - assert(key_data); - assert(size); - if (!(session && fpr && key_data && size)) return PEP_ILLEGAL_VALUE; @@ -4854,10 +4668,6 @@ DYNAMIC_API PEP_STATUS find_keys( PEP_SESSION session, const char *pattern, stringlist_t **keylist ) { - assert(session); - assert(pattern); - assert(keylist); - if (!(session && pattern && keylist)) return PEP_ILLEGAL_VALUE; @@ -4878,11 +4688,6 @@ PEP_STATUS _generate_keypair(PEP_SESSION session, bool suppress_event ) { - assert(session); - assert(identity); - assert(identity->address); - assert(identity->fpr == NULL || identity->fpr[0] == 0); -// assert(identity->username); // N.B. We now allow empty usernames, so the underlying layer for // non-sequoia crypto implementations will have to deal with this. @@ -4941,10 +4746,6 @@ DYNAMIC_API PEP_STATUS get_key_rating( PEP_comm_type *comm_type ) { - assert(session); - assert(fpr); - assert(comm_type); - if (!(session && fpr && comm_type)) return PEP_ILLEGAL_VALUE; @@ -4970,9 +4771,6 @@ PEP_STATUS _import_key_with_fpr_return( uint64_t* changed_public_keys ) { - assert(session); - assert(key_data); - if (!(session && key_data)) return PEP_ILLEGAL_VALUE; @@ -4984,10 +4782,7 @@ PEP_STATUS _import_key_with_fpr_return( } DYNAMIC_API PEP_STATUS recv_key(PEP_SESSION session, const char *pattern) -{ - assert(session); - assert(pattern); - +{ if (!(session && pattern)) return PEP_ILLEGAL_VALUE; @@ -4996,9 +4791,6 @@ DYNAMIC_API PEP_STATUS recv_key(PEP_SESSION session, const char *pattern) DYNAMIC_API PEP_STATUS send_key(PEP_SESSION session, const char *pattern) { - assert(session); - assert(pattern); - if (!(session && pattern)) return PEP_ILLEGAL_VALUE; @@ -5011,9 +4803,6 @@ DYNAMIC_API PEP_STATUS renew_key( const timestamp *ts ) { - assert(session); - assert(fpr); - if (!(session && fpr)) return PEP_ILLEGAL_VALUE; @@ -5026,9 +4815,6 @@ DYNAMIC_API PEP_STATUS revoke_key( const char *reason ) { - assert(session); - assert(fpr); - if (!(session && fpr)) return PEP_ILLEGAL_VALUE; @@ -5052,10 +4838,6 @@ DYNAMIC_API PEP_STATUS key_expired( bool *expired ) { - assert(session); - assert(fpr); - assert(expired); - if (!(session && fpr && expired)) return PEP_ILLEGAL_VALUE; @@ -5068,11 +4850,7 @@ DYNAMIC_API PEP_STATUS key_revoked( const char *fpr, bool *revoked ) -{ - assert(session); - assert(fpr); - assert(revoked); - +{ if (!(session && fpr && revoked)) return PEP_ILLEGAL_VALUE; @@ -5083,7 +4861,6 @@ DYNAMIC_API PEP_STATUS key_revoked( DYNAMIC_API PEP_STATUS config_cipher_suite(PEP_SESSION session, PEP_CIPHER_SUITE suite) { - assert(session); if (!session) return PEP_ILLEGAL_VALUE; @@ -5133,10 +4910,6 @@ DYNAMIC_API PEP_STATUS get_crashdump_log( PEP_STATUS status = PEP_STATUS_OK; char *_logdata= NULL; - assert(session); - assert(maxlines >= 0 && maxlines <= CRASHDUMP_MAX_LINES); - assert(logdata); - if (!(session && logdata && maxlines >= 0 && maxlines <= CRASHDUMP_MAX_LINES)) return PEP_ILLEGAL_VALUE; @@ -5231,9 +5004,6 @@ DYNAMIC_API PEP_STATUS get_languagelist( PEP_STATUS status = PEP_STATUS_OK; char *_languages= NULL; - assert(session); - assert(languages); - if (!(session && languages)) return PEP_ILLEGAL_VALUE; @@ -5303,7 +5073,6 @@ DYNAMIC_API PEP_STATUS get_phrase( { PEP_STATUS status = PEP_STATUS_OK; - assert(session && lang && lang[0] && lang[1] && lang[2] == 0 && phrase); if (!(session && lang && lang[0] && lang[1] && lang[2] == 0 && phrase)) return PEP_ILLEGAL_VALUE; @@ -5349,7 +5118,6 @@ the_end: static PEP_STATUS _get_sequence_value(PEP_SESSION session, const char *name, int32_t *value) { - assert(session && name && value); if (!(session && name && value)) return PEP_ILLEGAL_VALUE; @@ -5380,7 +5148,6 @@ static PEP_STATUS _get_sequence_value(PEP_SESSION session, const char *name, static PEP_STATUS _increment_sequence_value(PEP_SESSION session, const char *name) { - assert(session && name); if (!(session && name)) return PEP_ILLEGAL_VALUE; @@ -5403,9 +5170,6 @@ DYNAMIC_API PEP_STATUS sequence_value( { PEP_STATUS status = PEP_STATUS_OK; - assert(session); - assert(name && value); - if (!(session && name && name[0] && value)) return PEP_ILLEGAL_VALUE; @@ -5468,12 +5232,7 @@ DYNAMIC_API PEP_STATUS set_revoked( ) { PEP_STATUS status = PEP_STATUS_OK; - - assert(session && - revoked_fpr && revoked_fpr[0] && - replacement_fpr && replacement_fpr[0] - ); - + if (!(session && revoked_fpr && revoked_fpr[0] && replacement_fpr && replacement_fpr[0] @@ -5510,16 +5269,8 @@ DYNAMIC_API PEP_STATUS get_revoked( ) { PEP_STATUS status = PEP_STATUS_OK; - - assert(session && - revoked_fpr && - fpr && fpr[0] - ); - - if (!(session && - revoked_fpr && - fpr && fpr[0] - )) + + if (!(session && revoked_fpr && fpr && fpr[0])) return PEP_ILLEGAL_VALUE; *revoked_fpr = NULL; @@ -5560,8 +5311,6 @@ DYNAMIC_API PEP_STATUS get_replacement_fpr( ) { PEP_STATUS status = PEP_STATUS_OK; - - assert(session && revoked_fpr && !EMPTYSTR(fpr) && revocation_date); if (!session || !revoked_fpr || EMPTYSTR(fpr) || !revocation_date) return PEP_ILLEGAL_VALUE; @@ -5601,9 +5350,6 @@ PEP_STATUS get_last_contacted( identity_list** id_list ) { - assert(session); - assert(id_list); - if (!(session && id_list)) return PEP_ILLEGAL_VALUE; @@ -5649,7 +5395,6 @@ PEP_STATUS key_created( time_t *created ) { - assert(session && fpr && created); if (!(session && fpr && created)) return PEP_ILLEGAL_VALUE; @@ -5659,7 +5404,6 @@ PEP_STATUS key_created( PEP_STATUS find_private_keys(PEP_SESSION session, const char* pattern, stringlist_t **keylist) { - assert(session && keylist); if (!(session && keylist)) return PEP_ILLEGAL_VALUE; @@ -5678,7 +5422,6 @@ DYNAMIC_API const char* get_protocol_version() { DYNAMIC_API PEP_STATUS reset_pEptest_hack(PEP_SESSION session) { - assert(session); if (!session) return PEP_ILLEGAL_VALUE; From 02d9389c510e0ca3e4461182531df50a4248422c Mon Sep 17 00:00:00 2001 From: Krista 'DarthMama' Bennett Date: Wed, 5 Aug 2020 21:23:58 +0200 Subject: [PATCH 49/50] Automatically bumped RC in source for future release. Next RC after this one will be 2.1.0-RC26 **if released**. --- src/pEpEngine.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pEpEngine.h b/src/pEpEngine.h index 5aaad103..63bbf5b1 100644 --- a/src/pEpEngine.h +++ b/src/pEpEngine.h @@ -25,7 +25,7 @@ extern "C" { #define PEP_ENGINE_VERSION_MAJOR 2 #define PEP_ENGINE_VERSION_MINOR 1 #define PEP_ENGINE_VERSION_PATCH 0 -#define PEP_ENGINE_VERSION_RC 25 +#define PEP_ENGINE_VERSION_RC 26 #define PEP_OWN_USERID "pEp_own_userId" From d0a9f9f6e96977841607ad59301bdc6b1a900959 Mon Sep 17 00:00:00 2001 From: Volker Birk Date: Thu, 6 Aug 2020 21:10:09 +0200 Subject: [PATCH 50/50] enable the possibility that passphrases are required for new keys but a passphrase is not yet known --- src/pEpEngine.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/pEpEngine.c b/src/pEpEngine.c index c9dbc478..8a66d101 100644 --- a/src/pEpEngine.c +++ b/src/pEpEngine.c @@ -2333,16 +2333,16 @@ DYNAMIC_API PEP_STATUS config_passphrase(PEP_SESSION session, const char *passph } DYNAMIC_API PEP_STATUS config_passphrase_for_new_keys(PEP_SESSION session, bool enable, const char *passphrase) { - if (enable && EMPTYSTR(passphrase)) - return PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED; - + if (!session) + return PEP_ILLEGAL_VALUE; + session->new_key_pass_enable = enable; PEP_STATUS status = PEP_STATUS_OK; free(session->generation_passphrase); - if (!passphrase) + if (EMPTYSTR(passphrase)) { session->generation_passphrase = NULL; - else { + } else { session->generation_passphrase = strdup(passphrase); if (!session->generation_passphrase) status = PEP_OUT_OF_MEMORY;