Skip to content

Commit 1a28ae3

Browse files
jolavillettejolavillette
committed
fix persistence for denied list & fix zero-ID not handled properly
1 parent 576d806 commit 1a28ae3

2 files changed

Lines changed: 12 additions & 3 deletions

File tree

src/pqi/authssl.cc

Lines changed: 11 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1312,6 +1312,14 @@ int AuthSSLimpl::VerifyX509Callback(int /*preverify_ok*/, X509_STORE_CTX* ctx)
13121312
return std::string();
13131313
};
13141314

1315+
auto isStringDenied = [&](const std::string& s) -> bool {
1316+
RsStackMutex stack(sslMtx);
1317+
for(const auto& pair : mDenyList) {
1318+
if(pair.first.toStdString() == s) return true;
1319+
}
1320+
return false;
1321+
};
1322+
13151323
using Evt_t = RsAuthSslConnectionAutenticationEvent;
13161324
std::unique_ptr<Evt_t> ev = std::unique_ptr<Evt_t>(new Evt_t);
13171325

@@ -1339,14 +1347,14 @@ int AuthSSLimpl::VerifyX509Callback(int /*preverify_ok*/, X509_STORE_CTX* ctx)
13391347
if(!pgpFpr.isNull())
13401348
pgpId = PGPHandler::pgpIdFromFingerprint(pgpFpr); // in the future, we drop PGP ids and keep the fingerprint all along
13411349
}
1342-
1350+
13431351
if(sslId.isNull())
13441352
{
13451353
std::string errMsg = "x509Cert has invalid sslId!";
13461354

13471355
RsInfo() << __PRETTY_FUNCTION__ << " " << errMsg << std::endl;
13481356

1349-
if(rsEvents)
1357+
if(rsEvents && !isNotifyDenied(pgpId) && !isStringDenied(pgpId.toStdString()))
13501358
{
13511359
ev->mSslCn = sslCn;
13521360
ev->mSslId = sslId;
@@ -1368,7 +1376,7 @@ int AuthSSLimpl::VerifyX509Callback(int /*preverify_ok*/, X509_STORE_CTX* ctx)
13681376

13691377
RsInfo() << __PRETTY_FUNCTION__ << " " << errMsg << std::endl;
13701378

1371-
if(rsEvents)
1379+
if(rsEvents && !isNotifyDenied(pgpId) && !isStringDenied(pgpId.toStdString()))
13721380
{
13731381
ev->mSslId = sslId;
13741382
ev->mSslCn = sslCn;

src/rsserver/rsinit.cc

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1757,6 +1757,7 @@ int RsServer::StartupRetroShare()
17571757
mConfigMgr->addConfiguration("gxsnettunnel.cfg", mGxsNetTunnel);
17581758
mConfigMgr->addConfiguration("peers.cfg" , mPeerMgr);
17591759
mConfigMgr->addConfiguration("general.cfg" , mGeneralConfig);
1760+
mConfigMgr->addConfiguration("authssl.cfg" , dynamic_cast<p3Config*>(&AuthSSL::instance()));
17601761
mConfigMgr->addConfiguration("msgs.cfg" , msgSrv);
17611762
mConfigMgr->addConfiguration("chat.cfg" , chatSrv);
17621763
mConfigMgr->addConfiguration("p3History.cfg" , mHistoryMgr);

0 commit comments

Comments
 (0)