Merge branch 'docs'

README.md

@@ -1,5 +1,6 @@
-About
------
+#README
+
+## About
 
 Wallet is  open source software intended to become the manager of hierarchical
  deterministic keys for a social network that a superset of the Bitmessage social net,
@@ -9,24 +10,27 @@ it will not be private for much longer).
 
 You cannot have truly end to end encryption, except you control your own keys directly.
 
-To make an actually useful social net requires a lot of engineers doing a lot of work, which requires funding, which requires a a profit model.  The current business plan being to [eat SWIFT's lunch](./docs/manifesto/SWIFT.html), by creating an environment in which one can create and operate the necessary Daos.
+To make an actually useful social net requires a lot of engineers doing a lot of work,
+which requires funding, which requires a profit model.
+The current business plan being to [eat SWIFT's lunch](./docs/manifesto/SWIFT.html),
+by creating an environment in which one can create and operate the necessary Daos.
 
-The rest of the documentation is in Pandoc markdown, rather than Gitea or Github markdown, so you will have to build it before any of these links work.
+We need uncensorable speech to save civilisation, but uncensorable speech does not pay the bills.
+Uncensorable money does pay the bills.
 
-[pre alpha documentation (mostly a wish list)](docs/index.htm)
+The rest of the documentation is in Pandoc markdown, rather than Gitea or Github markdown,
+so you will have to build it before any of these links work.
 
 [copyright © and license](./license.txt)
 
 
-Prerequisites
----------
+## Prerequisites
 
 pre-requisite, Pandoc to build the html documentation from the markdown files.
 
 Windows pre-requisites:  Visual Studio and git-bash.  This software is supposed to be cross platform, and is unlikely to get traction with highly motivate early adopters unless it is cross platform, but currently only builds on Windows.
 
-Download
----------
+## Download
 
 To obtain the source code from which the project can be built,
 including this README.html, from the bash command line (git-bash in windows).
@@ -41,6 +45,9 @@ wallet/docs/mkdocs.sh
 The above download relies on `https` for security, but `https` is vulnerable to enemy action by any adversary sufficiently powerful to have a certificate authority in his pocket, so our identity model relies on ssh keys, not domain names, so if you intend to make contributions, it would be preferable to create an account on `gitea.rho.la` with a fake email,
 upload your ssh public key to that account, and clone using `ssh` instead of `https`
 
+Fork the repository and provide a comment explaining the fork, otherwise your
+login might be deleted as spam.
+
 ```bash
 git clone --recurse-submodules gitea@gitea.rho.la:cheng/wallet.git
 wallet/docs/mkdocs.sh
@@ -53,8 +60,7 @@ cd wallet
 docs/mkdocs.sh
 ```
 
-Setup
-------
+## Setup
 
 To configure and build the required third party libraries in windows, then
 build the program and run unit test for the first time, you need to have
@@ -71,7 +77,7 @@ Or, if you are in the command shell or power shell,
 msvc\winConfigure.bat
 ```
 
-After a pull that gives you a status of modified submodules, a to fix the submodules
+After a pull that gives you a status of modified submodules, to fix the submodules
 
 ```bash
 git submodule update --init --recursive --remote
@@ -103,7 +109,6 @@ update in pushes, pulls, checkouts, and switches.
 
 [cryptographic software is under attack]:./docs/setup/contributor_code_of_conduct.html#code-will-be-cryptographically-signed
 "Contributor Code of Conduct"
-{target="_blank"}
 
 It will, however, also implement signed commits, and insist you have set up a key pair as
 explained in the contributor code of conduct because [cryptographic software is under attack] from NSA

docs/rootDocs/README.md

@@ -0,0 +1,128 @@
+---
+title: >-
+    README
+---
+
+# About
+
+Wallet is  open source software intended to become the manager of hierarchical
+ deterministic keys for a social network that a superset of the Bitmessage social net,
+ for securely pseudonymous uncensorable  public communication,
+ and securely private communication. (Telegraph looks like
+it will not be private for much longer).
+
+You cannot have truly end to end encryption, except you control your own keys directly.
+
+To make an actually useful social net requires a lot of engineers doing a lot of work,
+which requires funding, which requires a profit model.
+The current business plan being to [eat SWIFT's lunch](./docs/manifesto/SWIFT.html),
+by creating an environment in which one can create and operate the necessary Daos.
+
+We need uncensorable speech to save civilisation, but uncensorable speech does not pay the bills.
+Uncensorable money does pay the bills.
+
+The rest of the documentation is in Pandoc markdown, rather than Gitea or Github markdown,
+so you will have to build it before any of these links work.
+
+[copyright © and license](./license.txt){target="_blank"}
+
+# Prerequisites
+
+pre-requisite, Pandoc to build the html documentation from the markdown files.
+
+Windows pre-requisites:  Visual Studio and git-bash.  This software is supposed to be cross platform, and is unlikely to get traction with highly motivate early adopters unless it is cross platform, but currently only builds on Windows.
+
+# Download
+
+To obtain the source code from which the project can be built,
+including this README.html, from the bash command line (git-bash in windows).
+
+```bash
+# assuming Pandoc is installed, and git-bash if you are on
+# windows
+git clone --recurse-submodules https://gitea.rho.la/cheng/wallet.git
+wallet/docs/mkdocs.sh
+```
+
+The above download relies on `https` for security, but `https` is vulnerable to enemy action by any adversary sufficiently powerful to have a certificate authority in his pocket, so our identity model relies on ssh keys, not domain names, so if you intend to make contributions, it would be preferable to create an account on `gitea.rho.la` with a fake email,
+upload your ssh public key to that account, and clone using `ssh` instead of `https`
+
+Fork the repository and provide a comment explaining the fork, otherwise your
+login might be deleted as spam.
+
+```bash
+git clone --recurse-submodules gitea@gitea.rho.la:cheng/wallet.git
+wallet/docs/mkdocs.sh
+```
+
+To build the docs, including the license file, you need Pandoc on the path.
+
+```bash
+cd wallet
+docs/mkdocs.sh
+```
+
+# Setup
+
+To configure and build the required third party libraries in windows, then
+build the program and run unit test for the first time, you need to have
+Visual studio build tools at  their default location)
+
+```bash
+cd wallet
+msvc/winConfig.bat
+```
+
+Or, if you are in the command shell or power shell,
+
+```bat
+msvc\winConfigure.bat
+```
+
+After a pull that gives you a status of modified submodules, to fix the submodules
+
+```bash
+git submodule update --init --recursive --remote
+```
+
+After a checkout or branch switch that gives you a status of modified submodules.
+
+```bash
+git submodule update --recursive
+```
+
+The documentation is in pandoc flavored markdown, which is
+ conveniently edited in vscode with the `markdown lint` and `Pandoc`
+ extensions included and, if you have launched `code` in the docs directory,
+ with  `file/preferences/Extensions/Markdown/Styles` set to
+ `pandoc_templates\\style.css`, that being the style used by the `mkdocs.sh` documentation build script.
+
+ On Windows, if Git Bash and Pandoc has been installed, you should be
+ able to run this shell file in bash by double clicking on it.
+
+if you add the recommended repository configuration defaults to your local repository configuration
+
+```bash
+git config --local include.path ../.gitconfig
+```
+
+this will substantially mitigate the problem of submodules failing to
+update in pushes, pulls, checkouts, and switches.
+
+[cryptographic software is under attack]:./docs/setup/contributor_code_of_conduct.html#code-will-be-cryptographically-signed
+"Contributor Code of Conduct"
+{target="_blank"}
+
+It will, however, also implement signed commits, and insist you have set up a key pair as
+explained in the contributor code of conduct because [cryptographic software is under attack] from NSA
+entryists and shills, who seek to introduce backdoors.
+
+`.gitconfig` also adds several git aliases:
+
+1. `git lg` to display the git log with committer name from `.gitsigners` that corresponds to the public key
+1. `git graph` to graph the commit tree with the committer name from `.gitsigners` that corresponds to the public key
+1. `git alias` to display the git aliases.
+1. `git utcmt` to make a commit without revealing your time zone.
+
+[Pre alpha release](./RELEASE_NOTES.html), which means it does not yet work even well
+enough for it to be apparent what it would do if it did work.

docs/setup/contributor_code_of_conduct.md

@@ -16,7 +16,7 @@ that frequently strange and overcomplicated design decisions are made,
 decisions), decisions whose only apparent utility is to provide paths for
 hostile organizations to exploit subtle, complex, and unobvious security holes.
 
-McAffee reported that this is a result of plants - the state plants engineers
+McAffee reported that this is a result of plants -- the state plants engineers
 in nominally private organizations to create backdoors.  Shortly after he
 reported this he was arrested and murdered by the US government.  (To be
 precise he was arrested at the instigation of the US government, and then
@@ -131,10 +131,11 @@ identified cryptographically, rather than through the domain name system.
  then at the root of your repository
 
  ```bash
-ssh-keygen -t ed25519 - C gandalf -f  .git/gandalf #to create your key pair
-git config user.signingkey .git/gandalf.pub  #tell git to use this key pair
-git config user.name gandalf #will be ignored
-git config user.email gandalf@ #fake email will be ignored
+nm=gandalf
+ssh-keygen -t ed25519 -C $nm -f .git/$nm #to create your key pair
+git config user.signingkey .git/$nm.pub  #tell git to use this key pair
+git config user.name $nm #will be ignored
+git config user.email $nm@ #fake email will be ignored
 git config include.path ../.gitconfig #sets various defaults, ssh signing among them
  ```
 
@@ -143,7 +144,7 @@ git config include.path ../.gitconfig #sets various defaults, ssh signing among
  to the .gitsigners file to publish your public key to anyone
  who wants to make sure that commits are from the nym that they
  claim to be -- at least claim to be when their commits are
- displayed by the git aliases of `.gitconfig`
+ displayed by the git lg alias provided by `.gitconfig`
 
  The nym in `.gitsigners` is the one that matters, though `user.email`
  and `user.name` should be the same or sufficiently related to
@@ -266,13 +267,13 @@ practice people only used Zooko identity, and Web of Trust was a cloud
 of confusing complexity and user hostile interface on top of Zooko identity.
 What gpg identity is primarily used for in practice is to make sure you
 are getting the latest release from the same repository managed by the same person as
-you got the previous release - which is Zooko identity, not Web of Trust
+you got the previous release -- which is Zooko identity, not Web of Trust
 identity, and has no real relationship to email.  Zooko identity is about
 constancy of identity, Web of Trust is about rightful use of email
 addresses.  Web of trust was a true names mechanism, and today no one
 speaks the truth under their true name.
 
-Web of trust was designed for a high trust society - but in a high trust
-society you don't need it, and in a low trust society, the name servers were
+Web of trust was designed for a high trust society -- but in a high trust
+society you don't need it, and in our low trust society, the name servers were
 too vulnerable to enemy action, and died, leaving the Web of Trust user
 interface in every installed copy of gpg a useless obstacle.

docs/setup/set_up_build_environments.md

@@ -3085,6 +3085,29 @@ This is by far the simplest and most direct way of allowing the world to get at
 
 [Git Book for Git daemon](https://git-scm.com/book/en/v2/Git-on-the-Server-Git-Daemon)
 
+When you have submodules, an issue arises with people accessing the submodules through different protocols.
+The fix is to make `.gitmodules` protocol agnostic by using relative urls.  As for example
+
+```.gitmodules
+[submodule "libsodium"]
+        path = libsodium
+        url = ../libsodium.git
+        branch = rho-fork
+[submodule "mpir"]
+        path = mpir
+        url = ../mpir.git
+        branch = rho-fork
+[submodule "wxWidgets"]
+        path = wxWidgets
+        url = ../wxWidgets.git
+        branch = rho-fork
+```
+
+This will enable recursive cloning and all that to work regardless of the root protocol.
+
+After amending the `.gitmodules`  file  you need to execute the command `git submodule sync`,
+and now that you are using relative urls, when the base url changes, `git submodule sync --recursive`
+
 ### Gitweb
 
 Does much the same thing as git-daemon, makes your repository public with a

src/display_wallet.cpp

@@ -2,7 +2,7 @@
 using ro::base58;
 static constexpr char SrcFilename[]{ "src/display_wallet.cpp" };
 
-display_wallet::display_wallet(wxWindow* parent, wxFileName& walletfile) :
+display_wallet::display_wallet(wxWindow* parent, const wxFileName& walletfile) :
 	wxPanel(parent, myID_WALLET_UI, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL, wxT("Wallet")),
 	m_db(walletfile), m_DisplayWalletEditMenu(1),
 	m_read_names_and_keys(m_db, R"|(SELECT * FROM "UserZookoIDs"; )|"),

src/display_wallet.h

@@ -2,7 +2,7 @@
 class display_wallet :	public wxPanel
 {
 public:
-	display_wallet(wxWindow*, wxFileName&);
+	display_wallet(wxWindow*, const wxFileName&);
 	~display_wallet();
 private:
 	struct cleanup;

src/frame.cpp

@@ -114,7 +114,7 @@ void Frame::StorePositionToConfig() {
 		pConfig->SetPath(wxT("/"));
 	}
 }
-void RecursiveCreateDirectory(wxFileName& fn){
+void RecursiveCreateDirectory(const wxFileName& fn){
 //Bug workaround, because wxPATH_MKDIR_FULL simply does not work
 	if (!fn.DirExists()) {
 		wxFileName parent(fn);
@@ -341,7 +341,7 @@ void Frame::OnDeleteConfiguration(wxCommandEvent&)
 }
 
 using ro::bin2hex, ro::to_base64_string;
-void Frame::NewWallet(wxFileName& filename, ristretto255::hash<256>& secret) {
+void Frame::NewWallet(const wxFileName& filename, ristretto255::hash<256>& secret) {
 	RecursiveCreateDirectory(filename);
 	/*If creation fails, abort with exception.  If it succeeds, set LastUsed to default filename.
 		The exception in unit test should simply generate an error message, but if run during initialization,
@@ -439,8 +439,7 @@ COMMIT;
 	}
 }
 
-void Frame::OnSaveNew(wxCommandEvent& WXUNUSED(event))
-{
+wxFileName Frame::GetPathForNewWallet() {
 	wxFileName wxFileWallet;
 	if (m_DefaultWalletLocation.FileExists()) {
 		//	OK, the default wallet exists, so we need a new
@@ -486,16 +485,27 @@ void Frame::OnSaveNew(wxCommandEvent& WXUNUSED(event))
 		RecursiveCreateDirectory(m_DefaultWalletLocation);
 		wxFileWallet = m_DefaultWalletLocation;
 	}
-	if (wxFileWallet.IsOk()) {
-		ristretto255::hash<256> WalletSecret(wxFileWallet.GetFullPath().ToUTF8());
-		NewWallet(wxFileWallet, WalletSecret);
-		wxLogMessage("new wallet created: %s", wxFileWallet.GetFullPath());
-		if (m_panel)m_panel->Close(true);
-		m_panel = nullptr;
-		auto panel = new display_wallet(this, wxFileWallet);
-		m_panel = panel;
-		m_LastUsedWallet = wxFileWallet; //We do this last, so that if an exception occurs the filename is forgotten.
+	if (wxFileWallet.IsOk() == false) {
+		throw MyException(sz_unexpected_error, __LINE__, __func__, SrcFilename);
 	}
+	return wxFileWallet;
+}
+
+void Frame::NewWalletDisplay(const wxFileName& filename, const char* human_legible_secret) {
+	ristretto255::hash<256> WalletSecret(human_legible_secret);
+	NewWallet(filename, WalletSecret);
+	wxLogMessage("new wallet created: %s", filename.GetFullPath());
+	if (m_panel)m_panel->Close(true);
+	m_panel = nullptr;
+	auto panel = new display_wallet(this, filename);
+	m_panel = panel;
+	m_LastUsedWallet = filename; //We do this last, so that if an exception occurs the filename is forgotten.
+}
+
+void Frame::OnSaveNew(wxCommandEvent& WXUNUSED(event))
+{
+	wxFileName wxFileWallet = GetPathForNewWallet();
+	NewWalletDisplay(wxFileWallet, wxFileWallet.GetFullPath().ToUTF8());
 }
 
 void Frame::OnFileOpen(wxCommandEvent&) {

src/frame.h

@@ -114,8 +114,10 @@ private:
 	void OnMyCloseMPanel(wxCommandEvent&);
 
 public:
+	wxFileName GetPathForNewWallet();
+	void NewWalletDisplay(const wxFileName&, const char*);
 	void OnSaveNew(wxCommandEvent&);
-	void NewWallet(wxFileName&, ristretto255::hash<256>&);
+	void NewWallet(const wxFileName&, ristretto255::hash<256>&);
 	void RecreateWalletFromExistingSecret(wxCommandEvent&);
 	void OnFileOpen(wxCommandEvent&);
 	void OnClose(wxCloseEvent& event);

src/localization.h

@@ -73,6 +73,7 @@ inline constexpr auto sz_name_does_not_correspond{ R"|(Public key of name fails
 inline constexpr auto sz_public_key_of{ R"|(Public key of ")|" };
 inline constexpr auto sz_fails_to_correspond{ R"|(" fails to correspond to master secret.
 This wallet cannot communicate as this identity.)|" };
+constexpr auto sz_unexpected_error{ R"|(unexpected error)|" };
 
 //Command line parameters
 extern const wchar_t wsz_commandLineLogo[];

src/unit_test.cpp

@@ -569,12 +569,42 @@ COMMIT;
 }
 
 static bool StandardPaths(void) {
-	wxStandardPaths& StandardPaths{ wxStandardPaths::Get() };
-	StandardPaths.UseAppInfo(3);
-	ILogMessage("\tStandard paths");
-	wxLogMessage("\t\twxStandardPaths::GetUserLocalDataDir()\t %s", StandardPaths.GetUserLocalDataDir());
-	wxLogMessage("\t\twxStandardPaths::GetUserDataDir()     \t %s", StandardPaths.GetUserDataDir());
-	wxLogMessage("\t\twxStandardPaths::GetLocalDataDir()    \t %s", StandardPaths.GetLocalDataDir());
+	try{
+		wxStandardPaths& StandardPaths{ wxStandardPaths::Get() };
+		StandardPaths.UseAppInfo(3);
+		ILogMessage("\tStandard paths");
+		wxLogMessage("\t\twxStandardPaths::GetUserLocalDataDir()\t%s", StandardPaths.GetUserLocalDataDir());
+		wxLogMessage("\t\twxStandardPaths::GetUserDataDir()     \t%s", StandardPaths.GetUserDataDir());
+		wxLogMessage("\t\twxStandardPaths::GetLocalDataDir()    \t%s", StandardPaths.GetLocalDataDir());
+		wxLogMessage("\t\twxGetUserId()\t\t\t%s", wxGetUserId());
+		wxSecretStore store = wxSecretStore::GetDefault();
+		wxString errmsg;
+		if (!store.IsOk(&errmsg))throw MyException(std::string("Secret Store not working. ") + errmsg, __LINE__, __func__, SrcFilename);
+		wxSecretValue test_secret(9, "12345678");
+		wxSecretValue test_secret_ret;
+		if (!store.Save("MyApp/MyService", wxGetUserId(), test_secret))throw MyException("Failed to save credentials to the system secret store.", __LINE__, __func__, SrcFilename);
+		//	And to load it back :
+		wxString username;
+		if (!store.Load("MyApp/MyService", username, test_secret_ret))throw MyException("Unable to reload secret.", __LINE__, __func__, SrcFilename);
+		if (test_secret != test_secret_ret)throw MyException(wxString(R"|(Reloaded unexpected secret: ")|") + (const char *)(test_secret_ret.GetData()) + R"|(")|", __LINE__, __func__, SrcFilename);
+		if (username != wxGetUserId())throw MyException(std::string(R"|(Reloaded unexpected username: ")|") + username + R"|(")|", __LINE__, __func__, SrcFilename);
+		wxLogMessage("\t\tSecret Store working as expected.");
+	}
+	catch (const MyException& e) {
+		errorCode = e.what_num();
+		szError = e.what();
+		ILogError(szError.c_str());
+	}
+	catch (const std::exception& e) {
+		errorCode = 19;
+		szError = e.what();
+		ILogError(szError.c_str());
+	}
+	catch (...) {
+		szError = sz_unknown_error;
+		errorCode = 19;
+		ILogError(szError.c_str());
+	}
 	unit_test_action = &OpenWallet;
 	return true;
 }