|
|
|
|
@ -127,71 +127,76 @@ DYNAMIC_API PEP_STATUS update_identity(
|
|
|
|
|
if (status == PEP_OUT_OF_MEMORY)
|
|
|
|
|
goto exit_free;
|
|
|
|
|
|
|
|
|
|
/* We elect a pubkey first in case there's no acceptable stored fpr */
|
|
|
|
|
temp_id = identity_dup(identity);
|
|
|
|
|
|
|
|
|
|
status = elect_pubkey(session, temp_id);
|
|
|
|
|
if (status != PEP_STATUS_OK)
|
|
|
|
|
goto exit_free;
|
|
|
|
|
|
|
|
|
|
/* We don't take given fpr.
|
|
|
|
|
In case there's no acceptable stored fpr, it will be elected. */
|
|
|
|
|
free(temp_id->fpr);
|
|
|
|
|
temp_id->fpr = NULL;
|
|
|
|
|
temp_id->comm_type = PEP_ct_unknown;
|
|
|
|
|
|
|
|
|
|
if (stored_identity) {
|
|
|
|
|
PEP_comm_type _comm_type_key;
|
|
|
|
|
|
|
|
|
|
bool dont_use_fpr = true;
|
|
|
|
|
bool dont_use_stored_fpr = true;
|
|
|
|
|
|
|
|
|
|
/* if we have a stored_identity fpr */
|
|
|
|
|
if (!EMPTYSTR(stored_identity->fpr) && !EMPTYSTR(temp_id->fpr)) {
|
|
|
|
|
status = blacklist_is_listed(session, stored_identity->fpr, &dont_use_fpr);
|
|
|
|
|
if (!EMPTYSTR(stored_identity->fpr)) {
|
|
|
|
|
status = blacklist_is_listed(session, stored_identity->fpr, &dont_use_stored_fpr);
|
|
|
|
|
if (status != PEP_STATUS_OK)
|
|
|
|
|
dont_use_fpr = true;
|
|
|
|
|
dont_use_stored_fpr = true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (!dont_use_fpr) {
|
|
|
|
|
free(temp_id->fpr);
|
|
|
|
|
if (!dont_use_stored_fpr) {
|
|
|
|
|
temp_id->fpr = strdup(stored_identity->fpr);
|
|
|
|
|
assert(temp_id->fpr);
|
|
|
|
|
if (temp_id->fpr == NULL) {
|
|
|
|
|
status = PEP_OUT_OF_MEMORY;
|
|
|
|
|
goto exit_free;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else if (!EMPTYSTR(temp_id->fpr)) {
|
|
|
|
|
status = blacklist_is_listed(session, temp_id->fpr, &dont_use_fpr);
|
|
|
|
|
if (dont_use_fpr) {
|
|
|
|
|
free(temp_id->fpr);
|
|
|
|
|
temp_id->fpr = strdup("");
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
_did_elect_new_key = 1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
if (temp_id->fpr == NULL)
|
|
|
|
|
temp_id->fpr = strdup("");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* ok, from here on out, use temp_id */
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* At this point, we either have a non-blacklisted fpr we can work */
|
|
|
|
|
/* with, or we've got nada. */
|
|
|
|
|
if (!EMPTYSTR(temp_id->fpr)) {
|
|
|
|
|
|
|
|
|
|
/* Check stored comm_type */
|
|
|
|
|
PEP_comm_type _comm_type_key;
|
|
|
|
|
status = get_key_rating(session, temp_id->fpr, &_comm_type_key);
|
|
|
|
|
assert(status != PEP_OUT_OF_MEMORY);
|
|
|
|
|
if (status == PEP_OUT_OF_MEMORY)
|
|
|
|
|
goto exit_free;
|
|
|
|
|
if (_comm_type_key < PEP_ct_unconfirmed_encryption) {
|
|
|
|
|
/* if key not good anymore,
|
|
|
|
|
downgrade eventually trusted comm_type */
|
|
|
|
|
temp_id->comm_type = _comm_type_key;
|
|
|
|
|
} else{
|
|
|
|
|
} else {
|
|
|
|
|
/* otherwise take stored comm_type as-is */
|
|
|
|
|
temp_id->comm_type = stored_identity->comm_type;
|
|
|
|
|
if (temp_id->comm_type == PEP_ct_unknown) {
|
|
|
|
|
/* except if unknown */
|
|
|
|
|
temp_id->comm_type = _comm_type_key;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
/* Set comm_type accordingly */
|
|
|
|
|
status = elect_pubkey(session, temp_id);
|
|
|
|
|
if (status != PEP_STATUS_OK)
|
|
|
|
|
goto exit_free;
|
|
|
|
|
bool dont_use_elected_fpr = true;
|
|
|
|
|
status = blacklist_is_listed(session, temp_id->fpr, &dont_use_elected_fpr);
|
|
|
|
|
if (dont_use_elected_fpr) {
|
|
|
|
|
free(temp_id->fpr);
|
|
|
|
|
temp_id->fpr = NULL;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
_did_elect_new_key = 1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* ok, from here on out, use temp_id */
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* At this point, we either have a non-blacklisted fpr we can work */
|
|
|
|
|
/* with, or we've got nada. */
|
|
|
|
|
|
|
|
|
|
if (EMPTYSTR(temp_id->fpr)) {
|
|
|
|
|
/* nada : set comm_type accordingly */
|
|
|
|
|
temp_id->comm_type = PEP_ct_key_not_found;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@ -216,40 +221,46 @@ DYNAMIC_API PEP_STATUS update_identity(
|
|
|
|
|
else /* stored_identity == NULL */ {
|
|
|
|
|
temp_id->flags = 0;
|
|
|
|
|
|
|
|
|
|
/* Work with the elected key from above */
|
|
|
|
|
/* We elect a pubkey */
|
|
|
|
|
status = elect_pubkey(session, temp_id);
|
|
|
|
|
if (status != PEP_STATUS_OK)
|
|
|
|
|
goto exit_free;
|
|
|
|
|
|
|
|
|
|
/* Work with the elected key */
|
|
|
|
|
if (!EMPTYSTR(temp_id->fpr)) {
|
|
|
|
|
|
|
|
|
|
bool dont_use_fpr = true;
|
|
|
|
|
status = blacklist_is_listed(session, temp_id->fpr, &dont_use_fpr);
|
|
|
|
|
bool dont_use_elected_fpr = true;
|
|
|
|
|
status = blacklist_is_listed(session, temp_id->fpr, &dont_use_elected_fpr);
|
|
|
|
|
if (status != PEP_STATUS_OK)
|
|
|
|
|
dont_use_fpr = true;
|
|
|
|
|
dont_use_elected_fpr = true;
|
|
|
|
|
|
|
|
|
|
if (!dont_use_fpr) {
|
|
|
|
|
PEP_comm_type _comm_type_key;
|
|
|
|
|
if (!dont_use_elected_fpr) {
|
|
|
|
|
PEP_comm_type _comm_type_key = temp_id->comm_type;
|
|
|
|
|
|
|
|
|
|
_did_elect_new_key = 1;
|
|
|
|
|
|
|
|
|
|
// We don't want to lose a previous trust entry!!!
|
|
|
|
|
status = get_trust(session, temp_id);
|
|
|
|
|
|
|
|
|
|
bool has_trust_status = (status == PEP_STATUS_OK);
|
|
|
|
|
|
|
|
|
|
status = get_key_rating(session, temp_id->fpr, &_comm_type_key);
|
|
|
|
|
|
|
|
|
|
assert(status != PEP_OUT_OF_MEMORY);
|
|
|
|
|
if (status == PEP_OUT_OF_MEMORY)
|
|
|
|
|
goto exit_free;
|
|
|
|
|
|
|
|
|
|
if (!has_trust_status || _comm_type_key > temp_id->comm_type)
|
|
|
|
|
if (!has_trust_status)
|
|
|
|
|
temp_id->comm_type = _comm_type_key;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
free(temp_id->fpr);
|
|
|
|
|
temp_id->fpr = strdup("");
|
|
|
|
|
temp_id->fpr = NULL;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (temp_id->fpr == NULL)
|
|
|
|
|
if (temp_id->fpr == NULL) {
|
|
|
|
|
temp_id->fpr = strdup("");
|
|
|
|
|
if (temp_id->fpr == NULL) {
|
|
|
|
|
status = PEP_OUT_OF_MEMORY;
|
|
|
|
|
goto exit_free;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
status = PEP_STATUS_OK;
|
|
|
|
|
|
Edouard Tisserant
7 years ago