Commit Graph

146 Commits

Author SHA1 Message Date
Jeremy Lakeman
dfe108d287 Allow checking for a self signed manifest author with no loaded keyring 2017-09-12 15:04:24 +09:30
Jeremy Lakeman
e158a38137 Clean up a number of memory leaks, as revealed by clang's sanitiser 2017-09-11 14:09:27 +09:30
Andrew Bettison
093bdfdcd3 Add FALLTHROUGH macro to silence -Wimplicit-fallthrough in GCC7 2017-09-11 12:43:38 +09:30
Andrew Bettison
ccacd19dfa Add global keyring assertions
Many functions require that the global 'keyring' pointer is set,
but there were no assertions to document this precondition.
2016-11-14 11:28:08 +10:30
Jeremy Lakeman
30aa1c16b8 Set authorship to remote if the sender sid can be generated from the id 2016-10-20 08:51:46 -04:00
Jeremy Lakeman
b927af79a8 Introduce new typedef for signing keys to expose their internal structure 2016-09-27 10:28:46 +09:30
Andrew Bettison
6e65a2399f Add missing #include "str.h" 2016-09-21 18:47:49 +09:30
Andrew Bettison
cd766cd480 Move numeric conversions from "str.h" to "numeric_str.h" 2016-09-21 18:47:49 +09:30
Jeremy Lakeman
b6256ea89a Add identity_t type & rename signing key api to identity. 2016-08-16 12:22:13 +09:30
Jeremy Lakeman
dc7226b6a5 Remove file hash command 2016-08-16 12:22:13 +09:30
Jeremy Lakeman
dbded493c1 Refactor meshms ply handling into separate source file 2016-07-25 16:54:11 +09:30
Jeremy Lakeman
16a14269af Encrypt payloads without needing a sender
- reworked keyring identity handling to reduce memory searching
2016-05-31 12:50:32 +09:30
Jeremy Lakeman
c625a598d9 Use malloc / free for manifest structs 2016-05-09 11:10:50 +09:30
Jeremy Lakeman
e15e332072 Swap from included nacl to host libsodium 2016-05-09 10:32:04 +09:30
Jeremy Lakeman
3cacf63eaa Add sqlite column for the hash of the manifest (before any signatures) 2016-03-07 14:34:53 +10:30
Jeremy Lakeman
f2e2b4acb5 Replace nacl & sha methods with versions from libsodium to avoid undefined behaviour 2016-01-27 16:27:04 +10:30
Andrew Bettison
3f8f0f6fc7 Improve Rhizome HTTP API diagnostics
Add RHIZOME_BUNDLE_STATUS_MANIFEST_TOO_BIG enum option to indicate
that the manifest exceeded 8 KiB in size.

Refactor rhizome_add_manifest() and rhizome_manifest_finalise()
to return 'struct rhizome_bundle_result' instead of 'enum
rhizome_bundle_status', so that that their detailed failure messages
can reach the HTTP API layer instead of just being logged.

Fix HTTP response status codes produced Rhizome direct HTTP requests
to be consistent with the Rhizome RESTful API.
2015-12-07 22:35:42 +10:30
Andrew Bettison
74735339aa Fix minor bug in Rhizome manifest parsing
Did not indicate failure if last line was missing a newline.
2015-12-07 22:35:42 +10:30
Andrew Bettison
98ed0406c5 Refactor Rhizome result handling
- Introduce the new 'struct rhizome_bundle_result' that contains a
  rhizome_bundle_status enum value and an optional, nul-terminated
  string that provides an explanation of the cause of the status; add
  functions to construct, query, and free the struct

- Replace 'enum rhizome_add_result' with 'struct rhizome_bundle_result',
  removing an unnecessary level of enum interpretation

- Make rhizome_fill_manifest() return 'struct rhizome_bundle_result' and
  add logic to check that the supplied author SID is correct (previous
  behaviour was: if an incorrect author SID was supplied but the correct
  author could be found in the keyring, then the incorrect one was
  silently ignored)

- Simplify the response code in rhizome_restful.cc to take advantage of
  the new 'struct rhizome_bundle_result'; in particular, the mapping
  from 'enum rhizome_bundle_status' codes to HTTP status codes is now
  expressed in a single switch statement

- Fix some minor failures in test scripts revealed by the changes
2015-12-01 00:51:15 +10:30
Andrew Bettison
17b0644277 Allow anonymous bundles to have a 'sender' field 2015-12-01 00:51:15 +10:30
Andrew Bettison
3c993f0273 Add fromhere=2 to Rhizome list output
Need a way for the client to distinguish between authenticated (certain)
and unauthenticated (likely) author SIDs in the context of a bundle list,
since the bundle list does not verify manifest signatures for performance
and battery life reasons.
2015-11-02 12:26:40 +10:30
Andrew Bettison
a060642fdb Add strbuf_local_buf() macro 2015-11-02 10:11:41 +10:30
Andrew Bettison
90e02141d1 Reimplement WHY() macro without comma operator
GCC 4.9 and later warn about unused values produced by the comma
operator.  Since the -Wno-unused-value option was removed from the
non-Android Makefile.in, it will not compile the WHY() macro and its
variants, with the -Wall option.

This commit removes the comma operator from the WHY() macro and its
variants, and replaces it with a new inline wrapper function.

This commit also removes the WHYNULL() macro and fixes the three places
it was used.
2015-10-26 15:58:52 +10:30
Andrew Bettison
7d9a5faa4e Move if(config.debug.xxx) tests into DEBUGF()
Original DEBUG() and DEBUGF() macros renamed to _DEBUG() and _DEBUGF()
New DEBUG() and DEBUGF() macros, first argument is flagname
New DEBUGF2(foo, bar, ...) macro does if(config.debug.foo||config.debug.bar) test
Replace almost all config.debug.xxx references to IF_DEBUG(xxx)
2015-07-13 16:00:05 +09:30
Andrew Bettison
5120e50dd7 Suppress Rhizome add de-duplication for journals 2015-04-13 16:24:05 +09:30
Andrew Bettison
dbe0cf862f Remove 'debug.manifests' option
Use existing 'debug.rhizome_manifest' instead
Improve format of manifest alloc/free log messages
2015-03-30 18:19:26 +10:30
Andrew Bettison
7f564e4dcf Make strn_to_xxx() functions consistent
All strn_to_xxx() functions should take a 'size_t len' parameter

All functions that take a 'const char **endp' parameter should
be named parse_xxx(), and should also have a 'ssize_t len' parameter
which can be -1 to indicate a null-terminated string
2015-03-28 04:53:09 +10:30
Andrew Bettison
015b4a0b07 Refactor and improve "journal append"
Distinguish between fatal and user-supplied-input errors, return
error descriptive text in a strbuf to allow dynamic content, apply
user-supplied field assgnments/deletions _after_ copying existing
manifest fields, use exit status 4 (invalid manifest) when applying
journal append to a non-journal or vice versa
2015-03-23 17:38:46 +10:30
Andrew Bettison
73a4191547 Improve manifest field copy/unset logging
Add __whence arguments to all field copy and unset functions
2015-03-23 17:32:57 +10:30
Andrew Bettison
655b94eb3c Fix failing 'rhizomeops' tests 2015-03-19 03:21:27 +10:30
Andrew Bettison
4d5cded047 Change return type of rhizome_fill_manifest()
To help improve diagnostic feedback through APIs
2015-03-16 22:40:08 +10:30
Andrew Bettison
016bb32b89 Add rhizome_manifest_overwrite() function 2015-03-16 22:36:38 +10:30
Andrew Bettison
a23c56626d Update some copyright notices 2014-11-20 00:01:12 +10:30
Andrew Bettison
e633c0fa0a "rhizome add file" manifest field=value varargs
Now a new manifest can be formed, and an existing manifest modified, by
giving "field=value" or "!field" command-line arguments at the end of
the "rhizome add file" command (after the <bsk> argument).

This makes it easier to script rhizome operations.
2014-11-19 13:26:50 +10:30
Andrew Bettison
c95807b002 Refactor manifest parsing
Consolidate tests for valid field names and values into
one place
2014-11-19 13:17:40 +10:30
Andrew Bettison
ff339011b4 Refactor Rhizome manifest parsing
Now the parsing code uses the set/del functions for all supported
manifest fields, so no duplicate logic any more
2014-11-19 10:49:13 +10:30
Andrew Bettison
2f1843858d Support unrecognised manifest fields
Refactor Rhizome manifest parsing in preparation for command-line
field assignment
2014-11-19 10:47:31 +10:30
Andrew Bettison
65d6005cbf Create authored bundle from bundle secret
Improve the logic in rhizome_fill_manifest() to handle the case where
the secret and author are both supplied, by setting the BK field so the
secret can be recovered from the manifest later
2014-11-14 13:11:44 +10:30
Jeremy Lakeman
851144ea0a Refactor keyring identity iteration 2014-10-31 15:19:59 +10:30
Andrew Bettison
cf43635789 Improve Rhizome HTTP RESTful interface
Add RHIZOME_BUNDLE_STATUS_READONLY enum value

Tighten up switch statements on bundle and payload status enums (no
default labels)

Rename some recently added enum entries

Return bundle status and payload status in HTTP responses

Add test for failing to decrypt a foreign encrypted bundle payload,
fix bug that caused an assertion failure

Add tests for fetching a non-existent manifest and fetching bundles
whose payload blob is not in the store
2014-07-10 06:29:51 +09:30
Andrew Bettison
61023287b1 Refactor Rhizome manifest validation
New function returns text describing the failed validation
2014-07-10 06:29:09 +09:30
Andrew Bettison
00dc3bf27e Fix Rhizome manifest parsing bug
If an over-large manifest was supplied, signature extraction went
into a tight loop
2014-04-29 15:08:02 +09:30
Andrew Bettison
dc588e964d Fix "name=/file" bug in Rhizome add
Improved Rhizome test scripts and added new assert_manifest_fields()
function to Rhizome test defs
2014-03-12 15:48:00 +10:30
Andrew Bettison
42e6168998 Improve Rhizome manifest setter functions
Remove interactions between rhizome_manifest_set_filesize()
and rhizome_manifest_set_filehash(), since any inconsistency
is caught by rhizome_manifest_validate() in any case
2013-12-30 16:30:43 +10:30
Andrew Bettison
dd5048bd43 rhizome_manifest_set_name_from_path()
Refactor rhizome_fill_manifest() to use it
2013-12-30 16:30:43 +10:30
Andrew Bettison
72040517e1 New enum rhizome_payload_status
Refactor a lot of Rhizome bundle storage code to use the new "enum
rhizome_payload_status" instead of mysterious int values to represent
the outcome of the operation.
2013-12-30 16:30:35 +10:30
Andrew Bettison
9ebef81a49 Formalise "rhizome add file" exit status
Formalise add-bundle result in "enum rhizome_bundle_status"

Rewrite rhizome_manifest_finalise(), rhizome_find_duplicate() and
rhizome_add_manifest() to return enum rhizome_bundle_status

New function rhizome_manifest_check_stored() that compares a manifest
with its stored counterpart and returns enum rhizome_bundle_status

Remove redundant rhizome_manifest_check_sanity(), consolidating all
manifest validation rules in rhizome_manifest_validate(), which now
checks the 'id' field is present, and that 'sender' and 'recipient' are
both present for MeshMS

Correct manifest finalisation logic: set the 'finalised' flag in
rhizome_manifest_validate(), not in rhizome_manifest_verify() (which
sets 'selfSigned'), and consistently clear 'finalised' flag in all
attribute setter functions

Remove manifest 'ttl' field and all references thereof (leaving unused
space in Rhizome BAR)

Rename some payload functions for clarity
2013-12-21 14:37:18 +10:30
Andrew Bettison
273c5f2689 Make rhizome_manifest_pack_variables() static 2013-12-20 11:29:26 +10:30
Andrew Bettison
8a1ce7f373 Use manifest 'has_id' consistently 2013-12-20 11:29:26 +10:30
Andrew Bettison
d52ba4c871 Remove rhizome_read_manifest_file()
Replace with memcpy() followed by rhizome_manifest_parse()
for memory buffers

Replace with rhizome_read_manifest_from_file() for files
2013-12-20 11:29:17 +10:30