ENGINE-140 changed identities flags update policy

doc_update_sequoia
Edouard Tisserant 7 years ago
parent c96ba25107
commit db4696a34a

@ -73,7 +73,7 @@ PEP_STATUS elect_pubkey(
return PEP_STATUS_OK;
}
PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen);
PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen, bool ignore_flags);
DYNAMIC_API PEP_STATUS update_identity(
PEP_SESSION session, pEp_identity * identity
@ -92,7 +92,7 @@ DYNAMIC_API PEP_STATUS update_identity(
if (identity->me || (identity->user_id && strcmp(identity->user_id, PEP_OWN_USERID) == 0)) {
identity->me = true;
return _myself(session, identity, false);
return _myself(session, identity, false, true);
}
int _no_user_id = EMPTYSTR(identity->user_id);
@ -104,7 +104,7 @@ DYNAMIC_API PEP_STATUS update_identity(
&stored_identity);
if (status == PEP_STATUS_OK) {
free_identity(stored_identity);
return _myself(session, identity, false);
return _myself(session, identity, false, true);
}
free(identity->user_id);
@ -400,7 +400,7 @@ PEP_STATUS _has_usable_priv_key(PEP_SESSION session, char* fpr,
return status;
}
PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen)
PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen, bool ignore_flags)
{
pEp_identity *stored_identity;
PEP_STATUS status;
@ -419,6 +419,8 @@ PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen)
identity->comm_type = PEP_ct_pEp;
identity->me = true;
if(ignore_flags)
identity->flags = 0;
if (EMPTYSTR(identity->user_id))
{
@ -463,7 +465,7 @@ PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen)
}
}
identity->flags = stored_identity->flags;
identity->flags = (identity->flags & 255) | stored_identity->flags;
free_identity(stored_identity);
}
@ -483,7 +485,6 @@ PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen)
// N.B. has_private is never true if the returned status is not PEP_STATUS_OK
if (has_private) {
identity->flags = 0;
dont_use_input_fpr = false;
}
}
@ -510,7 +511,6 @@ PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen)
}
if (has_private) {
identity->flags = 0;
dont_use_input_fpr = false;
}
else { // OK, we've tried everything. Time to generate new keys.
@ -621,7 +621,7 @@ PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen)
DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
{
return _myself(session, identity, true);
return _myself(session, identity, true, false);
}
DYNAMIC_API PEP_STATUS register_examine_function(

@ -43,12 +43,10 @@ DYNAMIC_API PEP_STATUS update_identity(
// it can need a decent amount of time to return
// if you need to do this asynchronous, you need to return an identity
// with retrieve_next_identity() where pEp_identity.me is true
// myself() never writes flags; use set_identity_flags() for writing
DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity);
PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen);
PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen, bool ignore_flags);
// retrieve_next_identity() - callback being called by do_keymanagement()
//

@ -1858,7 +1858,7 @@ DYNAMIC_API PEP_STATUS identity_rating(
return PEP_ILLEGAL_VALUE;
if (ident->me)
status = _myself(session, ident, false);
status = _myself(session, ident, false, true);
else
status = update_identity(session, ident);

@ -339,13 +339,15 @@ DYNAMIC_API PEP_STATUS init(PEP_SESSION *session)
" ?1,"
" upper(replace(?2,' ','')),"
" ?3,"
" (select"
" coalesce("
" (select flags from identity"
" where address = ?1 and"
" user_id = ?3),"
" 0)"
" ) | (?4 & 255)"
// " (select"
// " coalesce("
// " (select flags from identity"
// " where address = ?1 and"
// " user_id = ?3),"
// " 0)"
// " ) | (?4 & 255)"
/* set_identity ignores previous flags, and doesn't filter machine flags */
" ?4"
");";
sql_set_identity_flags = "update identity set flags = "
@ -1246,7 +1248,7 @@ DYNAMIC_API PEP_STATUS set_identity_flags(
if (result != SQLITE_DONE)
return PEP_CANNOT_SET_IDENTITY;
identity->flags = flags;
identity->flags |= flags;
return PEP_STATUS_OK;
}
@ -1277,7 +1279,7 @@ DYNAMIC_API PEP_STATUS unset_identity_flags(
if (result != SQLITE_DONE)
return PEP_CANNOT_SET_IDENTITY;
identity->flags = flags;
identity->flags &= ~flags;
return PEP_STATUS_OK;
}

@ -590,6 +590,25 @@ DYNAMIC_API PEP_STATUS set_identity_flags(
unsigned int flags
);
// unset_identity_flags() - update identity flags on existing identity
//
// parameters:
// session (in) session handle
// identity (in,out) pointer to pEp_identity structure
// flags (in) new value for flags
//
// return value:
// PEP_STATUS_OK = 0 encryption and signing succeeded
// PEP_CANNOT_SET_IDENTITY update of identity failed
//
// caveat:
// address and user_id must be given in identity
DYNAMIC_API PEP_STATUS unset_identity_flags(
PEP_SESSION session,
pEp_identity *identity,
unsigned int flags
);
// mark_as_compromized() - mark key in trust db as compromized
//

Loading…
Cancel
Save