Browse Source

ENGINE-750: Untested as yet.

sync
parent
commit
d9e7085056
3 changed files with 90 additions and 1 deletions
  1. +82
    -0
      src/keymanagement.c
  2. +2
    -0
      src/keymanagement.h
  3. +6
    -1
      src/pEpEngine.c

+ 82
- 0
src/keymanagement.c View File

@ -2023,6 +2023,88 @@ PEP_STATUS is_mistrusted_key(PEP_SESSION session, const char* fpr,
return status;
}
static PEP_STATUS _wipe_default_key_if_invalid(PEP_SESSION session,
pEp_identity* ident) {
PEP_STATUS status = PEP_STATUS_OK;
if (!ident->user_id)
return PEP_ILLEGAL_VALUE;
PEP_STATUS keystatus = validate_fpr(session, ident, true, false);
switch (keystatus) {
case PEP_STATUS_OK:
// Check for non-renewable expiry and
// if so, fallthrough
if (ident->comm_type != PEP_ct_key_expired_but_confirmed &&
ident->comm_type != PEP_ct_key_expired) {
break;
}
case PEP_KEY_UNSUITABLE:
case PEP_KEY_BLACKLISTED:
// Remove key as default for all identities and users
status = remove_fpr_as_default(session, ident->fpr);
break;
default:
break;
}
return status;
}
PEP_STATUS clean_own_key_defaults(PEP_SESSION session) {
identity_list* idents = NULL;
PEP_STATUS status = own_identities_retrieve(session, &idents);
if (status != PEP_STATUS_OK)
return status;
if (!idents)
return PEP_STATUS_OK;
if (!idents->ident && !idents->next) {
free_identity_list(idents);
return PEP_STATUS_OK;
} // Kludge: FIX own_identities_retrieve. Should return NULL, not empty list
identity_list* curr = idents;
for ( ; curr ; curr = curr->next) {
pEp_identity* ident = curr->ident;
if (!ident)
continue;
_wipe_default_key_if_invalid(session, ident);
}
free_identity_list(idents);
// Also remove invalid default user key
char* own_id = NULL;
status = get_default_own_userid(session, &own_id);
if (status != PEP_STATUS_OK)
return status;
if (own_id) {
char* user_default_key = NULL;
status = get_user_default_key(session, own_id, &user_default_key);
if (status != PEP_STATUS_OK) {
free(own_id);
if (status == PEP_KEY_NOT_FOUND)
status = PEP_STATUS_OK;
else
return status;
}
else if (user_default_key) {
pEp_identity* empty_user = new_identity(NULL, user_default_key, NULL, own_id);
_wipe_default_key_if_invalid(session, empty_user);
free(user_default_key);
}
free(own_id);
}
return status;
}
#ifdef USE_GPG
PEP_STATUS pgp_find_trusted_private_keys(
PEP_SESSION session, stringlist_t **keylist


+ 2
- 0
src/keymanagement.h View File

@ -408,6 +408,8 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session,
bool* is_address_default,
bool check_blacklist);
PEP_STATUS clean_own_key_defaults(PEP_SESSION session);
#ifdef __cplusplus
}
#endif

+ 6
- 1
src/pEpEngine.c View File

@ -454,7 +454,7 @@ static const char* sql_get_default_own_userid =
"select id from person"
" join identity on id = identity.user_id"
" where identity.is_own = 1";
// Sequence
static const char *sql_sequence_value1 =
"insert or replace into sequences (name, value) "
@ -2080,6 +2080,11 @@ DYNAMIC_API PEP_STATUS init(
status = pgp_import_ultimately_trusted_keypairs(_session);
#endif // USE_GPG
}
// clean up invalid keys
status = clean_own_key_defaults(_session);
if (status != PEP_STATUS_OK)
goto pEp_error;
*session = _session;


Loading…
Cancel
Save