示例#1
0
func (w *Worker) PRCOTLVerify(otlv *hkp.OTLVerify) (result_code int) {
	//fmt.Println("prcotlv:raw otlv=", otlv)
	//fmt.Println("prcotlv otl=", otlv.OTLtext)
	/*

		1.Lookup otl_hash in verify DB >>if1
			2.if2>> Check weather it has been more than two days

				3. Show add screen with
						extra message (ur email id was detected in following request)
						show armor of the add request

						//ADD Button
							4.Set is_verified = true,veri_time=now
							again sends add request to PKS with armor data
						//CANCEL Button stops
							4.Set is_verified = false,veri_time=now

			5.else2>> Show message saying otl expiration
		6.else1>> Show message saying no such otl exists

	*/

	Temp_veri := []Veri_data{}

	veri := new(Veri_data)

	w.db.Select(&Temp_veri, `SELECT * FROM verify_email
		WHERE otl_hash=$1`, otlv.OTLtext)

	if len(Temp_veri) == 0 {
		result_code = OTLNotFound
		veri.Is_verified = false
		//fmt.Println("prc_otl_handler.go:No such OTL NOT FOUND in DB")
		//alr_verifAdd := new(hkp.Add)
		//aResp := new(AddResponse)
		keyCh := new(KeyChange)
		keyCh.ChangeMessage = "We are extremely Sorry but NO such Link Exists on this server"
		keyCh.Type = KeyNotChanged
		var changes []*KeyChange
		changes = append(changes, keyCh)
		otlv.Response() <- &AddResponse{Changes: changes}
	} else {
		*veri = Temp_veri[0]
		if veri.Expi_time.Before(time.Now()) {
			result_code = OTLExpired
			keyCh := new(KeyChange)
			keyCh.ChangeMessage = fmt.Sprintf("The link you have clicked has expired at %s", veri.Expi_time.Format(time.RFC850))
			keyCh.Type = KeyNotChanged
			var changes []*KeyChange
			changes = append(changes, keyCh)
			otlv.Response() <- &AddResponse{Changes: changes}
		} else if veri.Is_verified != true {
			//OTL has been found and it has not yet expired or verified
			result_code = OTLNotVerified
			//set isverified =true,verification time=now
			veri.Is_verified = true
			veri.Veri_time = time.Now()

			//Change isverified into DB

			if _, err := w.Begin(); err != nil {
				log.Println("OTL Verifier:Begining...", err)
				keyCh := new(KeyChange)
				keyCh.ChangeMessage = fmt.Sprintf("Problem at server.DB cant begin")
				keyCh.Type = KeyNotChanged
				var changes []*KeyChange
				changes = append(changes, keyCh)
				otlv.Response() <- &AddResponse{Changes: changes}
				return
			}
			w.tx.Execl(`UPDATE verify_email SET veri_time = $1,is_verified= $2
				WHERE otl_hash = $3`, veri.Veri_time, veri.Is_verified, veri.Otl_hash)
			if err := w.Commit(); err != nil {
				log.Println("OTL Verifier:Commiting...", err)
				keyCh := new(KeyChange)
				keyCh.ChangeMessage = fmt.Sprintf("Problem at server.DB cant commit")
				keyCh.Type = KeyNotChanged
				var changes []*KeyChange
				changes = append(changes, keyCh)
				otlv.Response() <- &AddResponse{Changes: changes}
				return
			}

			result_code = OTLVerified
			if veri.Operation == int16(1) {
				verifiedAdd := new(hkp.Add)
				verifiedAdd.Keytext = veri.Key_text
				verifiedAdd.Request = otlv.Request
				verifiedAdd.ShaOfTarget = veri.Hash_pubkey
				verifiedAdd.SetResponse(otlv.Response())
				w.Add(verifiedAdd)
			} else if veri.Operation == int16(2) {
				verifiedDelete := new(hkp.DeleteReq)
				verifiedDelete.EmailToDelete = veri.Pubkey_id
				verifiedDelete.KeyID = veri.Pubkey_id
				verifiedDelete.SetResponse(otlv.Response())
				verifiedDelete.Request = otlv.Request
				w.HandleDeleteReq(verifiedDelete)
			}
		} else if veri.Is_verified { //OTL is already verified
			//fmt.Println("prc_otl_handler.go: OTL is already verified")
			result_code = OTLAlereadyVerified
			//alr_verifAdd := new(hkp.Add)
			//			aResp := new(AddResponse)

			keyCh := new(KeyChange)
			keyCh.ChangeMessage = "The link you have clicked is already used once"
			keyCh.Type = KeyNotChanged
			var changes []*KeyChange
			changes = append(changes, keyCh)
			otlv.Response() <- &AddResponse{Changes: changes}
		}

	}

	/* TO Delete a key
	deleteString := otlv.OTLtext
	//tx := w.db.MustBegin()
	tx.Execl(`DELETE FROM openpgp_pubkey
				WHERE uuid = $1`, deleteString)
	//tx.Commit()
	//DELETE FROM table_name
	//WHERE some_column = some_value
	*/
	return

}
示例#2
0
func (w *Worker) HandleDeleteReq(delReq *hkp.DeleteReq) {
	var allResults []*DeleteResult
	delres := new(DeleteResult)

	resKeys, err := w.LookupKeys(delReq.EmailToDelete, 2)
	if err == ErrKeyNotFound || len(resKeys) <= 0 { //No key found by Email
		log.Println("Not found by email,Search by Id = ", delReq.EmailToDelete)
		foundKey, err1 := w.LookupKey(delReq.EmailToDelete) //Find by ID
		if err1 == nil && foundKey != nil {
			resKeys = append(resKeys, foundKey)
		} else {
			err = err1
		}
		//fmt.Println(err)
	}

	//Handling OTL verified when multiple keys with same email is to be deleted.
	//OTL handeler will set delreq.KeyID to get unique key
	if delReq.KeyID != "" {
		fmt.Println("Search by delReq.KeyID = ", delReq.KeyID)
		foundKey, err1 := w.LookupKey(delReq.KeyID) //Find by ID
		if err1 == nil && foundKey != nil {
			resKeys = nil
			resKeys = append(resKeys, foundKey)
		}
		err = err1
		//fmt.Println(err)
	}

	if err == ErrKeyNotFound || len(resKeys) <= 0 { //No key found

		delres.DeleteMessage = "No such key found on the server."
		delres.Email = ""
	} else if err == ErrTooManyResponses || len(resKeys) > 1 {
		delres.DeleteMessage = "Please type full e-mail and try again"
		delres.Email = ""

	} else if err != nil {
		delres.DeleteMessage = err.Error()
	} else { //Key Found,Formulate veri_data

		uIds := resKeys[0].UserIds()
		if len(uIds) > 0 {
			delres.Email = uIds[0].UserId.Email
		}
		//delres.DeleteMessage = fmt.Sprintf("Key Found For E-mail %s \nA verification link has been sent to above E-mail address.The link will expire in %d day/s. Please Check your email.",
		//	delres.Email, ExpInDays)

		//First Check weather we are the authority for it
		ownAuth, err1 := GetOwnAuthority()
		if err1 != nil {
			delres.Email = delres.Email
			delres.DeleteMessage = "Couldnt Get Own Authority"
			allResults = append(allResults, delres)
			delReq.Response() <- &DeleteResponse{DeleteResults: allResults}
			return
		}
		underAuth := false
		email1 := delres.Email
		splits := strings.Split(email1, "@")
		domain := splits[len(splits)-1]
		msg := "Sorry. You can Delete keys of the following domains only : "
		for _, dom := range ownAuth.DomainsUnderAuth {
			msg += dom + " "
			if dom == domain {
				underAuth = true
				break
			}
		}

		if underAuth == false { //Check by explicit Auths
			err = GetExplicitAuths(email1)
			if err == nil {
				underAuth = true
			}
		}

		if underAuth == false {
			delres.Email = delReq.EmailToDelete
			delres.DeleteMessage = msg
			allResults = append(allResults, delres)
			delReq.Response() <- &DeleteResponse{DeleteResults: allResults}
			return
		}
		//Checked weather its under our own authority

		pubKeyToDelete := resKeys[0]
		isVerified, otlState := w.Verify(delres.Email, "", *pubKeyToDelete, int16(2))
		fmt.Println("prc_delete.go:Is Request Verified??: ", isVerified)

		if isVerified {

			if _, err = w.Begin(); err != nil {
				log.Println("Delete", err)
				delres.Email = delres.Email
				delres.DeleteMessage = "Unfortunately we couldn't delete the requested key.Please try again later with new request."
				allResults = append(allResults, delres)
				delReq.Response() <- &DeleteResponse{DeleteResults: allResults}
				return
			}
			change, err1 := w.deleteKey(pubKeyToDelete)
			if err = w.Commit(); err != nil {
				log.Println("Delete", err)
				delres.Email = delres.Email
				delres.DeleteMessage = "Unfortunately we couldn't delete the requested key.Please try again later with new request."
				allResults = append(allResults, delres)
				delReq.Response() <- &DeleteResponse{DeleteResults: allResults}
				return
			}

			if err1 != nil {
				delres.DeleteMessage = "Unfortunately we couldn't delete the requested key.Please try again later with new request."
			} else {
				delres.DeleteMessage = "Successfully Deleted key."
				w.notifyChange(&change)
			}

		} else {

			if otlState == OTLNewOtlMade {
				delres.DeleteMessage = fmt.Sprintf("Key Found For E-mail %s \nA verification link has been sent to above E-mail address.The link will expire in %d day/s. Please Check your email.", delres.Email, ExpInDays)
				//fmt.Println("OTL NOT FOUND!!")

			} else if otlState == OTLExpired {
				delres.DeleteMessage = fmt.Sprintf("The link you have clicked has expired. Please submit your key again.")
				//fmt.Println("OTL Expired!!")

			} else if otlState == OTLNotVerified {
				delres.DeleteMessage = fmt.Sprintf("A request for same key has already been made.Please Check your email %s", delres.Email)
				//fmt.Println("OTL Not Verified!!")
			} else if otlState == ErrorSendingMail {
				delres.DeleteMessage = fmt.Sprintf("Unfortunately we were unable to send an e-mail to %s Please try after sometime with new request", delres)
			}
		}

	}
	allResults = append(allResults, delres)
	delReq.Response() <- &DeleteResponse{DeleteResults: allResults}
	//a.Response() <- &AddResponse{Changes: changes, Errors: readErrors}
	return
}