diff --git a/src/client/configurationmanager.cpp b/src/client/configurationmanager.cpp
index d7bfaf16f89ce9c8ddab73262cecc43421ba7aee..cbdfb9b8c69065411d6261f46b613f2d0979924e 100644
--- a/src/client/configurationmanager.cpp
+++ b/src/client/configurationmanager.cpp
@@ -181,10 +181,8 @@ unpinCertificatePath(const std::string& path)
bool
pinRemoteCertificate(const std::string& accountId, const std::string& certId)
{
- if (auto acc = jami::Manager::instance().getAccount<jami::JamiAccount>(accountId)) {
- acc->dht()->findCertificate(dht::InfoHash(certId), [](const std::shared_ptr<dht::crypto::Certificate>& crt) {});
- return true;
- }
+ if (auto acc = jami::Manager::instance().getAccount<jami::JamiAccount>(accountId))
+ return acc->findCertificate(certId);
return false;
}
diff --git a/src/connectivity/connectionmanager.cpp b/src/connectivity/connectionmanager.cpp
index 51bc23f7e9a0e95264088e777b31290a09b9de57..1d15b21b4f66eaa83f61f742fe4862c8fc66035b 100644
--- a/src/connectivity/connectionmanager.cpp
+++ b/src/connectivity/connectionmanager.cpp
@@ -687,7 +687,7 @@ ConnectionManager::Impl::onDhtConnected(const dht::crypto::PublicKey& devicePk)
shared->onPeerResponse(req);
} else {
// Async certificate checking
- shared->account.dht()->findCertificate(
+ shared->account.findCertificate(
req.from,
[w, req = std::move(req)](
const std::shared_ptr<dht::crypto::Certificate>& cert) mutable {
diff --git a/src/jamidht/account_manager.cpp b/src/jamidht/account_manager.cpp
index 096bc3487b25d051ab105bbe0d7f3d4bdd4e3f47..17519a654d45c10271f118b853aeb29c7911d91e 100644
--- a/src/jamidht/account_manager.cpp
+++ b/src/jamidht/account_manager.cpp
@@ -219,12 +219,12 @@ AccountManager::startSync(const OnNewDeviceCb& cb, const OnDeviceAnnouncedCb& dc
for (const auto& crl : info_->identity.second->issuer->getRevocationLists())
dht_->put(h, crl, dht::DoneCallback {}, {}, true);
dht_->listen<DeviceAnnouncement>(h, [this, cb = std::move(cb)](DeviceAnnouncement&& dev) {
- dht_->findCertificate(dev.dev,
- [this, cb](const std::shared_ptr<dht::crypto::Certificate>& crt) {
- foundAccountDevice(crt);
- if (cb)
- cb(crt);
- });
+ findCertificate(dev.dev,
+ [this, cb](const std::shared_ptr<dht::crypto::Certificate>& crt) {
+ foundAccountDevice(crt);
+ if (cb)
+ cb(crt);
+ });
return true;
});
dht_->listen<dht::crypto::RevocationList>(h, [this](dht::crypto::RevocationList&& crl) {
@@ -268,8 +268,7 @@ AccountManager::startSync(const OnNewDeviceCb& cb, const OnDeviceAnnouncedCb& dc
auto conversationId = v.conversationId;
// Check if there was an old active conversation.
auto details = info_->contacts->getContactDetails(peer_account);
- auto oldConvIt = details.find(
- libjami::Account::TrustRequest::CONVERSATIONID);
+ auto oldConvIt = details.find(libjami::Account::TrustRequest::CONVERSATIONID);
if (oldConvIt != details.end() && oldConvIt->second != "") {
if (conversationId == oldConvIt->second)
return;
@@ -366,14 +365,14 @@ AccountManager::onPeerMessage(const dht::crypto::PublicKey& peer_device,
return;
}
- dht_->findCertificate(peer_device.getId(),
- [this, cb = std::move(cb), allowPublic](
- const std::shared_ptr<dht::crypto::Certificate>& cert) {
- dht::InfoHash peer_account_id;
- if (onPeerCertificate(cert, allowPublic, peer_account_id)) {
- cb(cert, peer_account_id);
- }
- });
+ findCertificate(peer_device.getId(),
+ [this, cb = std::move(cb), allowPublic](
+ const std::shared_ptr<dht::crypto::Certificate>& cert) {
+ dht::InfoHash peer_account_id;
+ if (onPeerCertificate(cert, allowPublic, peer_account_id)) {
+ cb(cert, peer_account_id);
+ }
+ });
}
bool
@@ -484,6 +483,27 @@ AccountManager::getContactDetails(const std::string& uri) const
return info_->contacts->getContactDetails(h);
}
+bool
+AccountManager::findCertificate(
+ const dht::InfoHash& h,
+ std::function<void(const std::shared_ptr<dht::crypto::Certificate>&)>&& cb)
+{
+ if (auto cert = tls::CertificateStore::instance().getCertificate(h.toString())) {
+ if (cb)
+ cb(cert);
+ } else {
+ dht_->findCertificate(h,
+ [cb = std::move(cb)](
+ const std::shared_ptr<dht::crypto::Certificate>& crt) {
+ if (crt)
+ tls::CertificateStore::instance().pinCertificate(crt);
+ if (cb)
+ cb(crt);
+ });
+ }
+ return true;
+}
+
bool
AccountManager::findCertificate(
const dht::PkId& id, std::function<void(const std::shared_ptr<dht::crypto::Certificate>&)>&& cb)
@@ -671,13 +691,10 @@ AccountManager::forEachDevice(
if (dev.from != to)
return true;
state->remaining++;
- dht_->findCertificate(dev.dev,
- [state](const std::shared_ptr<dht::crypto::Certificate>& cert) {
- state->found(
- cert ? std::make_shared<dht::crypto::PublicKey>(
- cert->getPublicKey())
- : std::shared_ptr<dht::crypto::PublicKey> {});
- });
+ findCertificate(dev.dev, [state](const std::shared_ptr<dht::crypto::Certificate>& cert) {
+ state->found(cert ? std::make_shared<dht::crypto::PublicKey>(cert->getPublicKey())
+ : std::shared_ptr<dht::crypto::PublicKey> {});
+ });
return true;
},
[state](bool /*ok*/) { state->found({}); });
diff --git a/src/jamidht/account_manager.h b/src/jamidht/account_manager.h
index aea04de689f17a4288c601a348e4e08387bf5bbc..f26dafe2f41d936ea1feb1a1acc21c92cc55c9ae 100644
--- a/src/jamidht/account_manager.h
+++ b/src/jamidht/account_manager.h
@@ -224,6 +224,10 @@ public:
/** Obtain details about one account contact in serializable form. */
std::map<std::string, std::string> getContactDetails(const std::string& uri) const;
+ virtual bool findCertificate(
+ const dht::InfoHash& h,
+ std::function<void(const std::shared_ptr<dht::crypto::Certificate>&)>&& cb = {});
+
virtual bool findCertificate(
const dht::PkId& h,
std::function<void(const std::shared_ptr<dht::crypto::Certificate>&)>&& cb = {});
diff --git a/src/jamidht/archive_account_manager.cpp b/src/jamidht/archive_account_manager.cpp
index 5da9a6e7f490396e68c63c6bb83ba240826a53e4..18ffbb8f47618f421cdffbf62add3864f8ba2d5f 100644
--- a/src/jamidht/archive_account_manager.cpp
+++ b/src/jamidht/archive_account_manager.cpp
@@ -369,7 +369,8 @@ ArchiveAccountManager::migrateAccount(AuthContext& ctx)
}
void
-ArchiveAccountManager::onArchiveLoaded(AuthContext& ctx, AccountArchive&& a)
+ArchiveAccountManager::onArchiveLoaded(AuthContext& ctx,
+ AccountArchive&& a)
{
auto ethAccount = dev::KeyPair(dev::Secret(a.eth_key)).address().hex();
fileutils::check_dir(path_.c_str(), 0700);
@@ -391,7 +392,7 @@ ArchiveAccountManager::onArchiveLoaded(AuthContext& ctx, AccountArchive&& a)
deviceCertificate = oldId;
usePreviousIdentity = true;
JAMI_WARN("[Auth] Using previously generated certificate %s",
- deviceCertificate->getLongId().toString().c_str());
+ deviceCertificate->getLongId().toString().c_str());
} else {
contacts.reset();
}
@@ -547,18 +548,18 @@ ArchiveAccountManager::startSync(const OnNewDeviceCb& cb, const OnDeviceAnnounce
[this](DeviceSync&& sync) {
// Received device sync data.
// check device certificate
- dht_->findCertificate(sync.from,
- [this, sync](
- const std::shared_ptr<dht::crypto::Certificate>& cert) mutable {
- if (!cert or cert->getId() != sync.from) {
- JAMI_WARN("Can't find certificate for device %s",
- sync.from.toString().c_str());
- return;
- }
- if (not foundAccountDevice(cert))
- return;
- onSyncData(std::move(sync));
- });
+ findCertificate(sync.from,
+ [this,
+ sync](const std::shared_ptr<dht::crypto::Certificate>& cert) mutable {
+ if (!cert or cert->getId() != sync.from) {
+ JAMI_WARN("Can't find certificate for device %s",
+ sync.from.toString().c_str());
+ return;
+ }
+ if (not foundAccountDevice(cert))
+ return;
+ onSyncData(std::move(sync));
+ });
return true;
});
@@ -577,25 +578,24 @@ ArchiveAccountManager::onSyncData(DeviceSync&& sync, bool checkDevice)
// Sync known devices
JAMI_DEBUG("[Contacts] received device sync data ({:d} devices, {:d} contacts)",
- sync.devices_known.size() + sync.devices.size(),
- sync.peers.size());
+ sync.devices_known.size() + sync.devices.size(),
+ sync.peers.size());
for (const auto& d : sync.devices_known) {
- dht_->findCertificate(d.first,
- [this, d](const std::shared_ptr<dht::crypto::Certificate>& crt) {
- if (not crt)
- return;
- // std::lock_guard<std::mutex> lock(deviceListMutex_);
- foundAccountDevice(crt, d.second);
- });
+ findCertificate(d.first, [this, d](const std::shared_ptr<dht::crypto::Certificate>& crt) {
+ if (not crt)
+ return;
+ // std::lock_guard<std::mutex> lock(deviceListMutex_);
+ foundAccountDevice(crt, d.second);
+ });
}
for (const auto& d : sync.devices) {
- dht_->findCertificate(d.second.sha1,
- [this, d](const std::shared_ptr<dht::crypto::Certificate>& crt) {
- if (not crt || crt->getLongId() != d.first)
- return;
- // std::lock_guard<std::mutex> lock(deviceListMutex_);
- foundAccountDevice(crt, d.second.name);
- });
+ findCertificate(d.second.sha1,
+ [this, d](const std::shared_ptr<dht::crypto::Certificate>& crt) {
+ if (not crt || crt->getLongId() != d.first)
+ return;
+ // std::lock_guard<std::mutex> lock(deviceListMutex_);
+ foundAccountDevice(crt, d.second.name);
+ });
}
// saveKnownDevices();
diff --git a/src/jamidht/jamiaccount.cpp b/src/jamidht/jamiaccount.cpp
index 96b42e2c43c0eb8fa98a2368d181a8e478f1b2fa..258f3e1d3865ce6a40d61fadd28600a0a8816f8a 100644
--- a/src/jamidht/jamiaccount.cpp
+++ b/src/jamidht/jamiaccount.cpp
@@ -1654,7 +1654,7 @@ JamiAccount::trackPresence(const dht::InfoHash& h, BuddyInfo& buddy)
if (not expired) {
// Retry messages every time a new device announce its presence
sthis->messageEngine_.onPeerOnline(h.toString());
- sthis->dht_->findCertificate(
+ sthis->findCertificate(
dev.dev, [sthis, h](const std::shared_ptr<dht::crypto::Certificate>& cert) {
if (cert) {
auto pk = std::make_shared<dht::crypto::PublicKey>(cert->getPublicKey());
@@ -2354,6 +2354,16 @@ JamiAccount::connectivityChanged()
setPublishedAddress({});
}
+bool
+JamiAccount::findCertificate(
+ const dht::InfoHash& h,
+ std::function<void(const std::shared_ptr<dht::crypto::Certificate>&)>&& cb)
+{
+ if (accountManager_)
+ return accountManager_->findCertificate(h, std::move(cb));
+ return false;
+}
+
bool
JamiAccount::findCertificate(
const dht::PkId& id, std::function<void(const std::shared_ptr<dht::crypto::Certificate>&)>&& cb)
@@ -2363,16 +2373,25 @@ JamiAccount::findCertificate(
return false;
}
+bool
+JamiAccount::findCertificate(const std::string& crt_id)
+{
+ if (accountManager_)
+ return accountManager_->findCertificate(dht::InfoHash(crt_id));
+ return false;
+}
+
bool
JamiAccount::setCertificateStatus(const std::string& cert_id,
tls::TrustStore::PermissionStatus status)
{
bool done = accountManager_ ? accountManager_->setCertificateStatus(cert_id, status) : false;
if (done) {
- dht_->findCertificate(dht::InfoHash(cert_id),
- [](const std::shared_ptr<dht::crypto::Certificate>& crt) {});
- emitSignal<libjami::ConfigurationSignal::CertificateStateChanged>(
- getAccountID(), cert_id, tls::TrustStore::statusToStr(status));
+ findCertificate(cert_id);
+ emitSignal<libjami::ConfigurationSignal::CertificateStateChanged>(getAccountID(),
+ cert_id,
+ tls::TrustStore::statusToStr(
+ status));
}
return done;
}
diff --git a/src/jamidht/jamiaccount.h b/src/jamidht/jamiaccount.h
index 3a1741095b01d5dc18e1a75ea3c5d646606e3408..2b5bb1f29c2ce77ad762921a817e3d44140c8b1a 100644
--- a/src/jamidht/jamiaccount.h
+++ b/src/jamidht/jamiaccount.h
@@ -272,6 +272,10 @@ public:
bool setCertificateStatus(const std::string& cert_id, tls::TrustStore::PermissionStatus status);
std::vector<std::string> getCertificatesByStatus(tls::TrustStore::PermissionStatus status);
+ bool findCertificate(const std::string& id);
+ bool findCertificate(
+ const dht::InfoHash& h,
+ std::function<void(const std::shared_ptr<dht::crypto::Certificate>&)>&& cb = {});
bool findCertificate(
const dht::PkId& h,
std::function<void(const std::shared_ptr<dht::crypto::Certificate>&)>&& cb = {});