Commit 73f208d1 authored by Adrien Béraud's avatar Adrien Béraud Committed by Guillaume Roguez

ringaccount: update account certificate through account migration

Multi-device account migration used a certificate without the CA flag
to sign the device certificate, preventing to properly validate the
device certificate chain.
Fix this by reusing the existing account migration API to ask for the
account password when the case is detected, placing the account in the
ERROR_NEED_MIGRATION state.
ERROR_NEED_MIGRATION could also be used for future account migrations,
when the password is needed to unlock the archive.

Bump OpenDHT to check the certificate expiration date.

Tuleap: #1434
Change-Id: I5527cf5bd31310d969819570cd984e622029fa71
parent 55e892f1
# OPENDHT
OPENDHT_VERSION := 7f84c1e3975a349d288e7951a2667adeef5dab75
OPENDHT_VERSION := e7295bac7b57540905e287a37904c615de971392
OPENDHT_URL := https://github.com/savoirfairelinux/opendht/archive/$(OPENDHT_VERSION).tar.gz
PKGS += opendht
......
This diff is collapsed.
......@@ -233,14 +233,14 @@ class RingAccount : public SIPAccountBase {
* The type of this instance is given in template argument.
* This type can be any base class of SIPCall class (included).
*/
#ifndef RING_UWP
template <class T=SIPCall>
std::shared_ptr<enable_if_base_of<T, SIPCall> >
newOutgoingCall(const std::string& toUrl);
#else
template <class T>
std::shared_ptr<T>
newOutgoingCall(const std::string& toUrl);
#ifndef RING_UWP
template <class T=SIPCall>
std::shared_ptr<enable_if_base_of<T, SIPCall> >
newOutgoingCall(const std::string& toUrl);
#else
template <class T>
std::shared_ptr<T>
newOutgoingCall(const std::string& toUrl);
#endif
/**
......@@ -436,10 +436,13 @@ class RingAccount : public SIPAccountBase {
bool hasCertificate() const;
bool hasPrivateKey() const;
bool hasSignedReceipt();
bool needsMigration() const;
std::string makeReceipt(const dht::crypto::Identity& id);
void createRingDevice(const dht::crypto::Identity& id);
void initRingDevice(const ArchiveContent& a);
bool migrateAccount(const std::string& pwd);
static bool updateCertificates(ArchiveContent& archive, dht::crypto::Identity& device);
void createAccount(const std::string& archive_password);
std::vector<uint8_t> makeArchive(const ArchiveContent& content) const;
......@@ -448,7 +451,7 @@ class RingAccount : public SIPAccountBase {
static ArchiveContent loadArchive(const std::vector<uint8_t>& data);
std::vector<std::pair<sockaddr_storage, socklen_t>> loadBootstrap() const;
void saveIdentity(const dht::crypto::Identity id, const std::string& path) const;
std::pair<std::string, std::string> saveIdentity(const dht::crypto::Identity id, const std::string& path) const;
void saveNodes(const std::vector<dht::NodeExport>&) const;
void saveValues(const std::vector<dht::ValuesExport>&) const;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment