# # # patch "README.encapsulation" # from [0091d08cf3c4ac0578368780fd08a11e6990aa33] # to [d3004d624009fb32985b6fd253eb58abe6836471] # # patch "automate.cc" # from [c61fe18e3ba545a15567ef4420234e4aba2f4feb] # to [d09f4d5c7b28028f706714c98efebff98fecc3a9] # # patch "key_store.cc" # from [132dd0af87dd960d35abf5fb4f35304f63b77d97] # to [d9d884883cba69e5cf6a3a4d452eabe6880d164e] # # patch "key_store.hh" # from [a3580882fe759d7188d22f625de493d11fb72b68] # to [43bb15d9678fd04e7ecea6357019bf3c57322345] # # patch "netsync.cc" # from [b7bc58a58a56434b4bd82fc094b763d29dd29ece] # to [2840a4879df54163b34f37248c0d01d28c24ed74] # ============================================================ --- README.encapsulation 0091d08cf3c4ac0578368780fd08a11e6990aa33 +++ README.encapsulation d3004d624009fb32985b6fd253eb58abe6836471 @@ -33,9 +33,6 @@ key_store.cc: key_store.cc: app is a member variable of class key_store, used by: - key_store::ensure_in_database() - app.db - key_store::hook_get_passphrase() app.lua.hook_get_passphrase() ============================================================ --- automate.cc c61fe18e3ba545a15567ef4420234e4aba2f4feb +++ automate.cc d09f4d5c7b28028f706714c98efebff98fecc3a9 @@ -1625,7 +1625,7 @@ CMD_AUTOMATE(genkey, N_("KEYID PASSPHRAS utf8 passphrase = idx(args, 1); - key_store & keys = db.get_key_store(); + key_store & keys = app.keys; bool exists = keys.key_pair_exists(ident); if (db.database_specified()) { ============================================================ --- key_store.cc 132dd0af87dd960d35abf5fb4f35304f63b77d97 +++ key_store.cc d9d884883cba69e5cf6a3a4d452eabe6880d164e @@ -104,33 +104,6 @@ void } void -key_store::ensure_in_database(rsa_keypair_id const & ident) -{ - maybe_read_key_dir(); - map::iterator i = keys.find(ident); - - // if this object does not have the key, the database had better. - if (i == keys.end()) - { - I(app.db.public_key_exists(ident)); - return; - } - - if (app.db.put_key(ident, i->second.pub)) - L(FL("loaded public key '%s' into db") % ident); -} - -bool -key_store::try_ensure_in_db(hexenc const & hash) -{ - map, rsa_keypair_id>::const_iterator i = hashes.find(hash); - if (i == hashes.end()) - return false; - ensure_in_database(i->second); - return true; -} - -void key_store::get_key_ids(globish const & pattern, vector & priv) { @@ -159,19 +132,47 @@ key_store::key_pair_exists(rsa_keypair_i return keys.find(ident) != keys.end(); } +bool +key_store::maybe_get_key_pair(rsa_keypair_id const & ident, + keypair & kp) +{ + maybe_read_key_dir(); + map::const_iterator i = keys.find(ident); + if (i == keys.end()) + return false; + kp = i->second; + return true; +} + void key_store::get_key_pair(rsa_keypair_id const & ident, keypair & kp) { + bool found = maybe_get_key_pair(ident, kp); + I(found); +} + +bool +key_store::maybe_get_key_pair(hexenc const & hash, + rsa_keypair_id & keyid, + keypair & kp) +{ maybe_read_key_dir(); - map::const_iterator i = keys.find(ident); - I(i != keys.end()); - kp = i->second; + map, rsa_keypair_id>::const_iterator hi = hashes.find(hash); + if (hi == hashes.end()) + return false; + + map::const_iterator ki = keys.find(hi->second); + if (ki == keys.end()) + return false; + keyid = hi->second; + kp = ki->second; + return true; } void key_store::get_key_file(rsa_keypair_id const & ident, - system_path & file) + system_path & file) { // filename is the keypair id, except that some characters can't be put in // filenames (especially on windows). @@ -179,7 +180,7 @@ key_store::get_key_file(rsa_keypair_id c for (unsigned int i = 0; i < leaf.size(); ++i) if (leaf.at(i) == '+') leaf.at(i) = '_'; - + file = key_dir / path_component(leaf); } ============================================================ --- key_store.hh a3580882fe759d7188d22f625de493d11fb72b68 +++ key_store.hh 43bb15d9678fd04e7ecea6357019bf3c57322345 @@ -40,9 +40,6 @@ public: void set_key_dir(system_path const & kd); system_path const & get_key_dir(); - void ensure_in_database(rsa_keypair_id const & ident); - bool try_ensure_in_db(hexenc const & hash); - void get_key_ids(std::vector & priv); void get_key_ids(globish const & pattern, std::vector & priv); @@ -51,6 +48,11 @@ public: void get_key_pair(rsa_keypair_id const & ident, keypair & kp); + bool maybe_get_key_pair(rsa_keypair_id const & ident, + keypair & kp); + bool maybe_get_key_pair(hexenc const & hash, + rsa_keypair_id & ident, + keypair & kp); bool put_key_pair(rsa_keypair_id const & ident, keypair const & kp); ============================================================ --- netsync.cc b7bc58a58a56434b4bd82fc094b763d29dd29ece +++ netsync.cc 2840a4879df54163b34f37248c0d01d28c24ed74 @@ -1530,7 +1530,11 @@ session::process_auth_cmd(protocol_role { // If it's not in the db, it still could be in the keystore if we // have the private key that goes with it. - if (!keys.try_ensure_in_db(their_key_hash)) + rsa_keypair_id their_key_id; + keypair their_keypair; + if (keys.maybe_get_key_pair(their_key_hash, their_key_id, their_keypair)) + db.put_key(their_key_id, their_keypair.pub); + else { this->saved_nonce = id(""); @@ -1539,7 +1543,8 @@ session::process_auth_cmd(protocol_role their_include_pattern, their_exclude_pattern); error(unknown_key, - (F("remote public key hash '%s' is unknown") % their_key_hash).str()); + (F("remote public key hash '%s' is unknown") + % their_key_hash).str()); } } @@ -3260,8 +3265,9 @@ session::rebuild_merkle_trees(set