ENGINE-140 changed identities flags update policy

6 years ago · db4696a34a
--- a/src/keymanagement.c
+++ b/src/keymanagement.c
@ -73,7 +73,7 @@ PEP_STATUS elect_pubkey(
    return PEP_STATUS_OK;
 }

 PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen);
 PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen, bool ignore_flags);

 DYNAMIC_API PEP_STATUS update_identity(
        PEP_SESSION session, pEp_identity * identity
@ -92,7 +92,7 @@ DYNAMIC_API PEP_STATUS update_identity(

    if (identity->me || (identity->user_id && strcmp(identity->user_id, PEP_OWN_USERID) == 0)) {
        identity->me = true;
        return _myself(session, identity, false);
        return _myself(session, identity, false, true);
    }

    int _no_user_id = EMPTYSTR(identity->user_id);
@ -104,7 +104,7 @@ DYNAMIC_API PEP_STATUS update_identity(
                &stored_identity);
        if (status == PEP_STATUS_OK) {
            free_identity(stored_identity);
            return _myself(session, identity, false);
            return _myself(session, identity, false, true);
        }

        free(identity->user_id);
@ -400,7 +400,7 @@ PEP_STATUS _has_usable_priv_key(PEP_SESSION session, char* fpr,
    return status;
 }

 PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen)
 PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen, bool ignore_flags)
 {
    pEp_identity *stored_identity;
    PEP_STATUS status;
@ -419,6 +419,8 @@ PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen)

    identity->comm_type = PEP_ct_pEp;
    identity->me = true;
    if(ignore_flags)
        identity->flags = 0;
    
    if (EMPTYSTR(identity->user_id))
    {
@ -463,7 +465,7 @@ PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen)
            }
        }
        
        identity->flags = stored_identity->flags;
        identity->flags = (identity->flags & 255) | stored_identity->flags;

        free_identity(stored_identity);
    }
@ -483,7 +485,6 @@ PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen)
        
        // N.B. has_private is never true if the returned status is not PEP_STATUS_OK
        if (has_private) {
            identity->flags = 0;
            dont_use_input_fpr = false;
        }
    }
@ -510,7 +511,6 @@ PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen)
        }
        
        if (has_private) {
            identity->flags = 0;
            dont_use_input_fpr = false;
        }
        else { // OK, we've tried everything. Time to generate new keys.
@ -621,7 +621,7 @@ PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen)

 DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
 {
    return _myself(session, identity, true);
    return _myself(session, identity, true, false);
 }

 DYNAMIC_API PEP_STATUS register_examine_function(
--- a/src/keymanagement.h
+++ b/src/keymanagement.h
@ -43,12 +43,10 @@ DYNAMIC_API PEP_STATUS update_identity(
 //      it can need a decent amount of time to return
 //      if you need to do this asynchronous, you need to return an identity
 //      with retrieve_next_identity() where pEp_identity.me is true
 //      myself() never writes flags; use set_identity_flags() for writing

 DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity);

 PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen);

 PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen, bool ignore_flags);

 // retrieve_next_identity() - callback being called by do_keymanagement()
 //
--- a/src/message_api.c
+++ b/src/message_api.c
@ -1858,7 +1858,7 @@ DYNAMIC_API PEP_STATUS identity_rating(
        return PEP_ILLEGAL_VALUE;

    if (ident->me)
        status = _myself(session, ident, false);
        status = _myself(session, ident, false, true);
    else
        status = update_identity(session, ident);

--- a/src/pEpEngine.c
+++ b/src/pEpEngine.c
@ -339,13 +339,15 @@ DYNAMIC_API PEP_STATUS init(PEP_SESSION *session)
                           " ?1,"
                           " upper(replace(?2,' ','')),"
                           " ?3,"
                           " (select"
                           "   coalesce("
                           "    (select flags from identity"
                           "     where address = ?1 and"
                           "           user_id = ?3),"
                           "    0)"
                           " ) | (?4 & 255)"
                           // " (select"
                           // "   coalesce("
                           // "    (select flags from identity"
                           // "     where address = ?1 and"
                           // "           user_id = ?3),"
                           // "    0)"
                           // " ) | (?4 & 255)"
                           /* set_identity ignores previous flags, and doesn't filter machine flags */
                           " ?4"
                           ");";
        
        sql_set_identity_flags = "update identity set flags = "
@ -1246,7 +1248,7 @@ DYNAMIC_API PEP_STATUS set_identity_flags(
    if (result != SQLITE_DONE)
        return PEP_CANNOT_SET_IDENTITY;

    identity->flags = flags;
    identity->flags |= flags;
    return PEP_STATUS_OK;
 }

@ -1277,7 +1279,7 @@ DYNAMIC_API PEP_STATUS unset_identity_flags(
    if (result != SQLITE_DONE)
        return PEP_CANNOT_SET_IDENTITY;

    identity->flags = flags;
    identity->flags &= ~flags;
    return PEP_STATUS_OK;
 }

--- a/src/pEpEngine.h
+++ b/src/pEpEngine.h
@ -590,6 +590,25 @@ DYNAMIC_API PEP_STATUS set_identity_flags(
        unsigned int flags
    );

 // unset_identity_flags() - update identity flags on existing identity
 //
 //    parameters:
 //        session (in)        session handle
 //        identity (in,out)   pointer to pEp_identity structure
 //        flags (in)          new value for flags
 //
 //    return value:
 //        PEP_STATUS_OK = 0             encryption and signing succeeded
 //        PEP_CANNOT_SET_IDENTITY       update of identity failed
 //
 //    caveat:
 //        address and user_id must be given in identity

 DYNAMIC_API PEP_STATUS unset_identity_flags(
        PEP_SESSION session,
        pEp_identity *identity,
        unsigned int flags
    );

 // mark_as_compromized() - mark key in trust db as compromized
 //