summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2018-08-09 16:43:47 +0200
committerChristian Grothoff <christian@grothoff.org>2018-08-09 16:43:47 +0200
commit5b7ed686d4a6c4ecb8e0302a42e85bb9bff42cac (patch)
treea0f042cf8afdaa3fb57ba142990297c9a68ca9bb
parent7caba06019ecc5775d3dbb513b70f52f620affb5 (diff)
parentc1d682ec363c5cb4e8fdca5ee9b4dd8eaff29204 (diff)
merge
-rw-r--r--Dockerfile102
-rw-r--r--Makefile.am7
-rw-r--r--README8
-rw-r--r--README.md268
-rw-r--r--configure.ac6
-rw-r--r--contrib/.gitignore1
-rw-r--r--contrib/Makefile.am11
-rw-r--r--contrib/branding/logo/gnunet-logo-dark-text.svg1411
-rw-r--r--contrib/gnunet-arch-full.svg648
-rw-r--r--contrib/packages/guix/notest-guix-env.scm145
-rw-r--r--contrib/services/shepherd/ng0_wip/.gitignore1
-rw-r--r--contrib/services/shepherd/ng0_wip/00001-gnu-services-Add-gnunet-service.patch186
-rw-r--r--contrib/services/shepherd/ng0_wip/0001-gnu-services-Add-gnunet-service.patch225
-rw-r--r--contrib/services/shepherd/ng0_wip/001-gnu-services-Add-gnunet-service.patch204
-rw-r--r--contrib/services/shepherd/ng0_wip/README11
-rw-r--r--contrib/services/shepherd/ng0_wip/gnunet.scm173
-rw-r--r--contrib/services/shepherd/ng0_wip/janneke-os-modified.scm62
-rw-r--r--doc/documentation/Makefile.am5
-rw-r--r--doc/documentation/agpl-3.0.texi698
-rw-r--r--doc/documentation/chapters/contributing.texi25
-rw-r--r--doc/documentation/chapters/developer.texi13
-rw-r--r--doc/documentation/chapters/installation.texi129
-rw-r--r--doc/documentation/chapters/preface.texi67
-rw-r--r--doc/documentation/chapters/user.texi364
-rw-r--r--doc/documentation/gnunet.texi21
-rw-r--r--doc/man/Makefile.am1
-rw-r--r--doc/man/gnunet-gns.12
-rw-r--r--doc/man/gnunet-timeout.120
-rw-r--r--docker/README.md138
-rw-r--r--docker/docker-entrypoint.sh15
-rw-r--r--docker/gnunet.conf21
-rw-r--r--po/POTFILES.in136
-rw-r--r--src/Makefile.am6
-rw-r--r--src/arm/test_exponential_backoff.c3
-rw-r--r--src/cadet/cadet.conf.in2
-rw-r--r--src/cadet/cadet_api.c20
-rw-r--r--src/cadet/gnunet-cadet.c2
-rw-r--r--src/core/test_core_api_reliability.c4
-rw-r--r--src/core/test_core_quota_compliance.c5
-rw-r--r--src/datacache/plugin_datacache_sqlite.c5
-rw-r--r--src/gns/gns_api.c7
-rw-r--r--src/gns/gnunet-dns2gns.c1
-rw-r--r--src/gns/gnunet-gns.c10
-rw-r--r--src/gns/nss/nss_gns.c269
-rw-r--r--src/gns/nss/nss_gns_query.c25
-rw-r--r--src/gns/nss/nss_gns_query.h30
-rw-r--r--src/gns/plugin_rest_gns.c11
-rw-r--r--src/gnsrecord/plugin_gnsrecord_dns.c4
-rw-r--r--src/identity-provider/identity-token.conf2
-rw-r--r--src/identity-provider/jwt.c189
-rw-r--r--src/identity-provider/jwt.h9
-rw-r--r--src/identity-provider/test_idp.conf33
-rwxr-xr-xsrc/identity-provider/test_idp.sh31
-rwxr-xr-xsrc/identity-provider/test_idp_attribute.sh40
-rwxr-xr-xsrc/identity-provider/test_idp_consume.sh43
-rwxr-xr-xsrc/identity-provider/test_idp_issue.sh42
-rwxr-xr-xsrc/identity-provider/test_idp_revoke.sh65
-rw-r--r--src/identity/gnunet-service-identity.c49
-rw-r--r--src/identity/identity_api_lookup.c8
-rw-r--r--src/identity/plugin_rest_identity.c7
-rw-r--r--src/include/Makefile.am2
-rw-r--r--src/include/gnunet_abe_lib.h2
-rw-r--r--src/include/gnunet_common.h4
-rw-r--r--src/include/gnunet_crypto_lib.h26
-rw-r--r--src/include/gnunet_dnsparser_lib.h53
-rw-r--r--src/include/gnunet_gnsrecord_lib.h10
-rw-r--r--src/include/gnunet_protocols.h30
-rw-r--r--src/include/gnunet_reclaim_attribute_lib.h (renamed from src/include/gnunet_identity_attribute_lib.h)64
-rw-r--r--src/include/gnunet_reclaim_attribute_plugin.h (renamed from src/include/gnunet_identity_attribute_plugin.h)24
-rw-r--r--src/include/gnunet_reclaim_plugin.h (renamed from src/include/gnunet_identity_provider_plugin.h)28
-rw-r--r--src/include/gnunet_reclaim_service.h (renamed from src/include/gnunet_identity_provider_service.h)116
-rw-r--r--src/include/gnunet_signatures.h6
-rw-r--r--src/include/gnunet_strings_lib.h8
-rw-r--r--src/multicast/gnunet-service-multicast.c18
-rw-r--r--src/multicast/test_multicast_multipeer.c2
-rw-r--r--src/namestore/gnunet-zoneimport.c15
-rw-r--r--src/namestore/plugin_namestore_flat.c65
-rw-r--r--src/psyc/Makefile.am4
-rw-r--r--src/reclaim-attribute/Makefile.am (renamed from src/identity-attribute/Makefile.am)20
-rw-r--r--src/reclaim-attribute/plugin_reclaim_attribute_gnuid.c (renamed from src/identity-attribute/plugin_identity_attribute_gnuid.c)22
-rw-r--r--src/reclaim-attribute/reclaim_attribute.c (renamed from src/identity-attribute/identity_attribute.c)110
-rw-r--r--src/reclaim-attribute/reclaim_attribute.h (renamed from src/identity-attribute/identity_attribute.h)10
-rw-r--r--src/reclaim/.gitignore (renamed from src/identity-provider/.gitignore)0
-rw-r--r--src/reclaim/Makefile.am (renamed from src/identity-provider/Makefile.am)95
-rw-r--r--src/reclaim/gnunet-reclaim.c (renamed from src/identity-provider/gnunet-idp.c)269
-rw-r--r--src/reclaim/gnunet-service-reclaim.c (renamed from src/identity-provider/gnunet-service-identity-provider.c)206
-rw-r--r--src/reclaim/jwt.c1
-rw-r--r--src/reclaim/oidc_helper.c440
-rw-r--r--src/reclaim/oidc_helper.h109
-rw-r--r--src/reclaim/plugin_gnsrecord_reclaim.c (renamed from src/identity-provider/plugin_gnsrecord_identity_provider.c)12
-rw-r--r--src/reclaim/plugin_reclaim_sqlite.c (renamed from src/identity-provider/plugin_identity_provider_sqlite.c)72
-rw-r--r--src/reclaim/plugin_rest_openid_connect.c (renamed from src/identity-provider/plugin_rest_openid_connect.c)787
-rw-r--r--src/reclaim/plugin_rest_reclaim.c (renamed from src/identity-provider/plugin_rest_identity_provider.c)118
-rw-r--r--src/reclaim/reclaim.conf (renamed from src/identity-provider/identity-provider.conf)15
-rw-r--r--src/reclaim/reclaim.h (renamed from src/identity-provider/identity_provider.h)24
-rw-r--r--src/reclaim/reclaim_api.c (renamed from src/identity-provider/identity_provider_api.c)345
-rwxr-xr-xsrc/reclaim/test_reclaim.sh31
-rwxr-xr-xsrc/reclaim/test_reclaim_attribute.sh40
-rwxr-xr-xsrc/reclaim/test_reclaim_consume.sh43
-rw-r--r--src/reclaim/test_reclaim_defaults.conf (renamed from src/identity-provider/test_idp_defaults.conf)0
-rwxr-xr-xsrc/reclaim/test_reclaim_issue.sh42
-rwxr-xr-xsrc/reclaim/test_reclaim_revoke.sh65
-rw-r--r--src/rest/Makefile.am12
-rw-r--r--src/rest/plugin_rest_copying.c231
-rw-r--r--src/rps/gnunet-rps-profiler.c284
-rw-r--r--src/rps/gnunet-service-rps.c676
-rw-r--r--src/rps/gnunet-service-rps_custommap.c2
-rw-r--r--src/rps/rps-test_util.c80
-rw-r--r--src/set/gnunet-service-set_intersection.c19
-rw-r--r--src/set/gnunet-service-set_union.c39
-rw-r--r--src/transport/test_quota_compliance.c4
-rw-r--r--src/transport/test_transport_api_reliability.c4
-rw-r--r--src/util/.gitignore4
-rw-r--r--src/util/Makefile.am16
-rw-r--r--src/util/client.c13
-rw-r--r--src/util/crypto_hash.c26
-rw-r--r--src/util/dnsparser.c125
-rw-r--r--src/util/gnunet-service-resolver.c1173
-rw-r--r--src/util/gnunet-timeout-w32.c (renamed from contrib/timeout_watchdog_w32.c)6
-rw-r--r--src/util/gnunet-timeout.c (renamed from contrib/timeout_watchdog.c)82
-rw-r--r--src/util/resolver.h4
-rw-r--r--src/util/resolver_api.c26
-rw-r--r--src/util/scheduler.c189
-rw-r--r--src/util/strings.c39
124 files changed, 8230 insertions, 4223 deletions
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 000000000..4fdd91f60
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,102 @@
+FROM ubuntu:18.04
+
+ENV DEBIAN_FRONTEND noninteractive
+
+# Install tools and dependencies
+RUN apt-get update && \
+ apt-get -y install --no-install-recommends \
+ ca-certificates \
+ libsasl2-modules \
+ git \
+ automake \
+ autopoint \
+ autoconf \
+ texinfo \
+ libtool \
+ libltdl-dev \
+ libgpg-error-dev \
+ libidn11-dev \
+ libunistring-dev \
+ libglpk-dev \
+ libbluetooth-dev \
+ libextractor-dev \
+ libmicrohttpd-dev \
+ libgnutls28-dev \
+ libgcrypt20-dev \
+ libpq-dev \
+ libsqlite3-dev && \
+ apt-get clean all && \
+ apt-get -y autoremove && \
+ rm -rf \
+ /var/lib/apt/lists/* \
+ /tmp/*
+
+# Install GNUrl
+ENV GNURL_GIT_URL https://git.taler.net/gnurl.git
+ENV GNURL_GIT_BRANCH gnurl-7.57.0
+
+RUN git clone $GNURL_GIT_URL \
+ --branch $GNURL_GIT_BRANCH \
+ --depth=1 \
+ --quiet && \
+ cd /gnurl && \
+ autoreconf -i && \
+ ./configure \
+ --enable-ipv6 \
+ --with-gnutls \
+ --without-libssh2 \
+ --without-libmetalink \
+ --without-winidn \
+ --without-librtmp \
+ --without-nghttp2 \
+ --without-nss \
+ --without-cyassl \
+ --without-polarssl \
+ --without-ssl \
+ --without-winssl \
+ --without-darwinssl \
+ --disable-sspi \
+ --disable-ntlm-wb \
+ --disable-ldap \
+ --disable-rtsp \
+ --disable-dict \
+ --disable-telnet \
+ --disable-tftp \
+ --disable-pop3 \
+ --disable-imap \
+ --disable-smtp \
+ --disable-gopher \
+ --disable-file \
+ --disable-ftp \
+ --disable-smb && \
+ make install && \
+ cd - && \
+ rm -fr /gnurl
+
+# Install GNUnet
+ENV GNUNET_PREFIX /usr/local/gnunet
+ENV CFLAGS '-g -Wall -O0'
+
+COPY . /gnunet
+
+RUN cd /gnunet && \
+ ./bootstrap && \
+ ./configure \
+ --with-nssdir=/lib \
+ --prefix="$GNUNET_PREFIX" \
+ --enable-logging=verbose && \
+ make -j3 && \
+ make install && \
+ ldconfig && \
+ cd - && \
+ rm -fr /gnunet
+
+# Configure GNUnet
+COPY docker/gnunet.conf /etc/gnunet.conf
+COPY docker/docker-entrypoint.sh /usr/local/bin/docker-entrypoint
+RUN chmod 755 /usr/local/bin/docker-entrypoint
+
+ENV LOCAL_PORT_RANGE='40001 40200'
+ENV PATH "$GNUNET_PREFIX/bin:/usr/local/bin:$PATH"
+
+ENTRYPOINT ["docker-entrypoint"]
diff --git a/Makefile.am b/Makefile.am
index 45a693ac9..ad32cf920 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -3,8 +3,11 @@ AM_CPPFLAGS = -I$(top_srcdir)/src/include
if DOCUMENTATION_ONLY
SUBDIRS = doc
-else
- SUBDIRS = doc m4 src po pkgconfig
+else
+ SUBDIRS = m4 src po pkgconfig
+if DOCUMENTATION
+ SUBDIRS += doc
+endif
endif
if !TALER_ONLY
diff --git a/README b/README
index a00c5a0a9..256a6c69c 100644
--- a/README
+++ b/README
@@ -453,12 +453,12 @@ Further Reading
* Documentation
- A preliminary rendering of the new GNUnet manual is deployed at
+ A HTML version of the new GNUnet manual is deployed at
- https://d.n0.is/pub/doc/gnunet/manual/
+ https://docs.gnunet.org
- we plan to have a complete new gnunet.org up and running in 2019.
- This website output exists as a convenience solution until then.
+ which currently displays just GNUnet documentation. Until 2019
+ we will add more reading material.
* Academia / papers
diff --git a/README.md b/README.md
new file mode 100644
index 000000000..3f40b3d87
--- /dev/null
+++ b/README.md
@@ -0,0 +1,268 @@
+<p align="center">
+ <a href="https://gnunet.org"><img src="contrib/branding/logo/gnunet-logo-dark-text.svg" alt="GNUnet" width="300px"/></a>
+</p>
+
+> GNUnet is a *new* network protocol stack for building secure, distributed, and privacy-preserving applications.
+
+* [Install](#how-to-install-gnunet)
+ * [From Source](#from-source)
+ * [Using Docker](#docker)
+* [Using GNUnet](#using-gnunet)
+* [License](#license)
+
+How to Install GNUnet
+---------------------
+
+### 1. From Source
+
+**Dependencies**
+
+Install these packages. Some of them may need to be installed from source depending on your OS.
+
+```
+- libmicrohttpd >= 0.9.42 (available from https://www.gnu.org/software/libmicrohttpd/)
+- libgcrypt >= 1.6
+- libgnurl >= 7.35.0 (recommended, available from https://gnunet.org/gnurl)
+- libcurl >= 7.35.0 (alternative to libgnurl)
+- libunistring >= 0.9.2
+- gnutls >= 3.2.12 (highly recommended: a gnutls linked against libunbound)
+- libidn >= 1.0
+- libextractor >= 0.6.1 (highly recommended)
+- openssl >= 1.0 (binary, used to generate X.509 certificate)
+- libltdl >= 2.2 (part of GNU libtool)
+- sqlite >= 3.8 (default database, required)
+- mysql >= 5.1 (alternative to sqlite)
+- postgres >= 9.5 (alternative to sqlite)
+- Texinfo >= 5.2 [*1]
+- which (for the bootstrap script)
+- gettext
+- zlib
+- pkg-config
+```
+
+
+You can also install the dependencies with the [GNU Guix package manager:](https://https://www.gnu.org/software/guix/) by using the provided environment file:
+
+```shell
+guix package -l guix-env.scm
+```
+
+
+**Using GNU Make**
+
+```shell
+./bootstrap # Run this to generate the configure files.
+./configure # See the various flags avalable to you.
+make
+make install
+```
+
+**Using the [GNU Guix package manager:](https://https://www.gnu.org/software/guix/)**
+
+```shell
+# To build, run tests, and install:
+guix package -f guix-env.scm
+
+# To skip the testing phase:
+guix package -f guix-env.scm:notest
+```
+
+
+### 2. Docker
+
+```
+docker build -t gnunet .
+```
+
+
+
+Using GNUnet
+-------------
+
+There are many possible ways to use the subsystems of GNUnet, so we will provide a few examples in this section.
+
+<p align="center">
+ <a href="contrib/gnunet-arch-full.svg"><img src="contrib/gnunet-arch-full.svg" alt="GNUnet Modular Architecture" width="600px" border="1px"/></a>
+</p>
+
+>***GNUnet is composed of over 30 modular subsystems***
+
+
+### Start GNUnet Services
+
+Before we can begin using most of the components we must start them.
+
+```shell
+gnunet-arm --start
+```
+
+Now we can open up another shell and try using some of the modules.
+
+### Cadet
+
+#### Examples
+
+Open a Cadet connection:
+
+```shell
+# Node 1
+gnunet-cadet -o <shared secret>
+```
+
+Conect to peer:
+
+```shell
+# Node 2
+gnunet-cadet <peer-id of Node 1> <shared secret>
+```
+
+#### Sharing Files
+
+With the cli tool, you can also share files:
+
+```shell
+# Node 1
+gnunet-cadet -o <shared secret> > filename
+```
+
+On the Node 2 we're going to send the file to Node 1, and to do this we need to make use of [coprocesses](https://www.gnu.org/software/bash/manual/html_node/Coprocesses.html).
+The syntax for using coprocesses varies per shell. In our example we are assuming Bash. More info for different shells can be found [here](https://unix.stackexchange.com/questions/86270/how-do-you-use-the-command-coproc-in-various-shells)
+
+```shell
+# Node 2
+coproc gnunet-cadet <peer-id of Node 1> <shared secret>
+cat <file> >&"${COPROC[1]}"
+```
+
+Now this enables us to do some fun things, such as streaming video by piping to a media player:
+
+```shell
+# Node 1
+gnunet-cadet -o <shared secret> | vlc -
+```
+
+```shell
+# Node 2
+coproc gnunet-cadet <peer-id of Node 1> <shared secret>
+cat <video-file> >&"${COPROC[1]}"
+```
+
+### Filesharing
+
+You can use GNUnet as a content-addressed storage, much like IPFS: sharing immutable files in a decentralized fashion with added privacy.
+
+For instance, you can get a nice cat picture with
+```sh
+gnunet-download gnunet://fs/loc/CB0ZX5EM1ZNNRT7AX93RVHCN1H49242DWZ4AXBTCJBAG22Z33VHYMR61J71YJXTXHEC22TNE0PRWA6D5X7NFNY2J9BNMG0SFN5DKZ0G.R48JSE2T4Y3W2AMDHZYX2MMDJC4HR0BVTJYNWJT2DGK7EQXR35DT84H9ZRAK3QTCTHDBAE1S6W16P8PCKC4HGEEKNW2T42HXF9RS1J0.1906755.J5Z3BDEG2PW332001GGZ2SSKCCSV8WDM696HNARG49X9TMABC4DG.B6Y7BCJ6B5K40EXCXASX1HQAD8MBJ9WTFWPCE3F15Q3Q4Y2PB8BKVGCS5HA4FG4484858NB74PBEE5V1638MGG7NS40A82K7QKK3G0G.1577833200 --output cat.png
+```
+
+You can also give files to the network, like so:
+
+```sh
+$ echo "I love GNUnet" > ILoveGNUnet.txt
+$ gnunet-publish ILoveGNUnet.txt
+
+Publishing `/tmp/ILoveGNUnet.txt` done.
+URI is `gnunet://fs/chk/SXA4RGZWDHE4PDWD2F4XG778J4SZY3E3SNDZ9AWFRZYYBV52W1T2WQNZCF1NYAT842800SSBQ8F247TG6MX7H4S1RWZZSC8ZXGQ4YPR.AZ3B5WR1XCWCWR6W30S2365KFY7A3R5AMF5SRN3Z11R72SMVQDX3F6GXQSZMWZGM5BSYVDQEJ93CR024QAAE65CKHM52GH8MZK1BM90.14`.
+```
+
+The URI you get is what you can use to retrieve the file with `gnunet-download`.
+
+### GNS
+
+*coming soon*
+
+
+### VPN
+
+#### "Half-hidden" services
+
+You can tunnel IP traffic through GNUnet allowing you to offer web, [rsh](https://linux.die.net/man/1/rsh), messaging or other servers without revealing your IP address.
+
+This is similar to Tor's Hidden (aka Onion) services, but currently does not provide as much privacy as onion routing isn't yet implemented; on the other hand, you can tunnel UDP, unlike Tor.
+
+#### Configuring server
+
+First, set up access from GNUnet to IP with `exit`:
+
+`gnunet.conf`:
+```
+[exit]
+FORCESTART = YES
+EXIT_IPV4 = YES
+EXIT_RANGE_IPV4_POLICY = 169.254.86.1;
+```
+
+Exit, by the way can also be used as a general-purpose IP proxy i.e. exit relay but here we restrict IPs to be accessed to those we'll be serving stuff on only.
+
+Then, start up a server to be shared. For the sake of example,
+
+```sh
+python3 -m http.server 8080
+```
+
+Now to configure the actual "half-hidden service". The config syntax is as follows:
+
+```sh
+[<shared secret>.gnunet.]
+TCP_REDIRECTS = <exposed port>:<local IP>:<local port>
+```
+
+...which for our example would be
+
+```sh
+[myhttptest.gnunet.]
+TCP_REDIRECTS = 80:169.254.86.1:8080
+```
+
+Local IP can be anything (if allowed by other configuration) but a localhost address (in other words, you can't bind a hidden service to the loopback interface and say 127.0.0.1 in `TCP_REDIRECTS`). The packets will appear as coming from the exit TUN interface to whatever address is configured in `TCP_REDIRECTS` (unlike SSH local forwarding, where the packets appear as coming from the loopback interface) and so they will not be forwarded to 127.0.0.1.
+
+You can share access to this service with a peer id, shared secret and IP port numbler: here `gnunet-peerinfo -s`, `myhttptest` and `80` respectively.
+
+#### Connecting
+
+`gnunet-vpn` gives you ephemeral IPs to connect to if you tell it a peer id and a shared secret, like so:
+
+```sh
+$ gnunet-vpn -p N7R25J8ADR553EPW0NFWNCXK9V80RVCP69QJ47XMT82VKAR7Y300 -t -s myhttptest
+10.11.139.20
+
+# And just connect to the given IP
+$ wget 10.11.139.20
+Connecting to 10.11.139.20:80... connected.
+```
+
+(You can try it out with your browser too.)
+
+### Running a Hostlist Server
+
+*coming soon*
+
+GNUnet Configuration
+--------------------------
+### Examples
+
+```yaml
+[transport]
+OPTIONS = -L DEBUG
+PLUGINS = tcp
+#PLUGINS = udp
+
+[transport-tcp]
+OPTIONS = -L DEBUG
+BINDTO = 192.168.0.2
+```
+
+TODO: *explain what this does and add more*
+
+
+Philosophy
+-------------------------
+
+GNUnet is made for an open society: It's a self-organizing network and it's [http://www.gnu.org/philosophy/free-sw.html](free software) as in freedom. GNUnet puts you in control of your data. You determine which data to share with whom, and you're not pressured to accept compromises.
+
+
+Related Projects
+-------------------------
+
+ <a href="https://pep.foundation"><img src="https://pep.foundation/static/media/uploads/peplogo.svg" alt="pep.foundation" width="80px"/></a> <a href="https://secushare.org"><img src="https://secushare.org/img/secushare-0444.png" alt="Secushare" width="80px"/></a>
diff --git a/configure.ac b/configure.ac
index 5d308c658..535ce0ffe 100644
--- a/configure.ac
+++ b/configure.ac
@@ -677,7 +677,7 @@ AC_CHECK_LIB([kstat],[kstat_open])
# should the build process be building the documentation?
AC_MSG_CHECKING(whether to build documentation)
AC_ARG_ENABLE([documentation],
- [AS_HELP_STRING([--enable-documentation], [build the documentation])],
+ [AS_HELP_STRING([--disable-documentation], [do not build the documentation])],
[documentation=${enableval}],
[documentation=yes])
AC_MSG_RESULT($documentation)
@@ -1759,8 +1759,8 @@ src/zonemaster/Makefile
src/zonemaster/zonemaster.conf
src/rest/Makefile
src/abe/Makefile
-src/identity-attribute/Makefile
-src/identity-provider/Makefile
+src/reclaim-attribute/Makefile
+src/reclaim/Makefile
pkgconfig/Makefile
pkgconfig/gnunetarm.pc
pkgconfig/gnunetats.pc
diff --git a/contrib/.gitignore b/contrib/.gitignore
index 304706d7e..d6ef469ba 100644
--- a/contrib/.gitignore
+++ b/contrib/.gitignore
@@ -2,7 +2,6 @@ gnunet_janitor.py
gnunet_pyexpect.py
pydiffer.py
terminate.py
-timeout_watchdog
gnunet_pyexpect.py
gnunet_pyexpect.pyc
pydiffer.pyc
diff --git a/contrib/Makefile.am b/contrib/Makefile.am
index 158e43998..eec3300b9 100644
--- a/contrib/Makefile.am
+++ b/contrib/Makefile.am
@@ -5,17 +5,6 @@ tap32dir = $(pkgdatadir)/openvpn-tap32/tapw32/
tap64dir = $(pkgdatadir)/openvpn-tap32/tapw64/
-noinst_PROGRAMS = \
- timeout_watchdog
-
-if !MINGW
-timeout_watchdog_SOURCES = \
- timeout_watchdog.c
-else
-timeout_watchdog_SOURCES = \
- timeout_watchdog_w32.c
-endif
-
noinst_SCRIPTS = \
scripts/terminate.py \
scripts/pydiffer.py \
diff --git a/contrib/branding/logo/gnunet-logo-dark-text.svg b/contrib/branding/logo/gnunet-logo-dark-text.svg
new file mode 100644
index 000000000..5644e0ae7
--- /dev/null
+++ b/contrib/branding/logo/gnunet-logo-dark-text.svg
@@ -0,0 +1,1411 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg
+ xmlns:dc="http://purl.org/dc/elements/1.1/"
+ xmlns:cc="http://creativecommons.org/ns#"
+ xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+ xmlns:svg="http://www.w3.org/2000/svg"
+ xmlns="http://www.w3.org/2000/svg"
+ xmlns:xlink="http://www.w3.org/1999/xlink"
+ version="1.1"
+ id="svg2"
+ height="280"
+ width="320">
+ <title
+ id="title3310">logo for GNUnet</title>
+ <defs
+ id="defs4">
+ <linearGradient
+ id="gnunet">
+ <stop
+ style="stop-color:#ff0000;stop-opacity:0.58431375;"
+ offset="0"
+ id="stop9516" />
+ <stop
+ style="stop-color:#ffcc00;stop-opacity:1;"
+ offset="1"
+ id="stop9518" />
+ </linearGradient>
+ <linearGradient
+ id="linearGradient4094">
+ <stop
+ style="stop-color:#232323;stop-opacity:1;"
+ offset="0"
+ id="stop4096" />
+ <stop
+ style="stop-color:#4d4d4d;stop-opacity:1;"
+ offset="1"
+ id="stop4098" />
+ </linearGradient>
+ <linearGradient
+ id="linearGradient4014">
+ <stop
+ style="stop-color:#a0a0a0;stop-opacity:1;"
+ offset="0"
+ id="stop4016" />
+ <stop
+ style="stop-color:#ffffff;stop-opacity:1;"
+ offset="1"
+ id="stop4018" />
+ </linearGradient>
+ <linearGradient
+ id="linearGradient4678">
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1;"
+ offset="0"
+ id="stop4680" />
+ <stop
+ style="stop-color:#d3cdcd;stop-opacity:1;"
+ offset="1"
+ id="stop4682" />
+ </linearGradient>
+ <linearGradient
+ id="linearGradient4341">
+ <stop
+ id="stop4343"
+ offset="0"
+ style="stop-color:#333333;stop-opacity:1;" />
+ <stop
+ id="stop4345"
+ offset="1"
+ style="stop-color:#484848;stop-opacity:1;" />
+ </linearGradient>
+ <linearGradient
+ id="linearGradient4696-5">
+ <stop
+ id="stop4698-6"
+ offset="0"
+ style="stop-color:#ffb638;stop-opacity:1;" />
+ <stop
+ id="stop4700-2"
+ offset="1"
+ style="stop-color:#f0ae26;stop-opacity:1;" />
+ </linearGradient>
+ <linearGradient
+ id="linearGradient4702-3-6">
+ <stop
+ id="stop4704-1"
+ offset="0"
+ style="stop-color:#ff0000;stop-opacity:0.58431375;" />
+ <stop
+ id="stop4706-8"
+ offset="1"
+ style="stop-color:#ffcc00;stop-opacity:1;" />
+ </linearGradient>
+ <color-profile
+ name="Artifex-PS-CMYK-Profile"
+ xlink:href="/usr/share/color/icc/ghostscript/ps_cmyk.icc"
+ id="color-profile27" />
+ <linearGradient
+ y2="69.791016"
+ x2="177.04297"
+ y1="63.65625"
+ x1="142.96875"
+ gradientTransform="matrix(-0.88803314,0,0,0.88803314,595.57001,1106.9291)"
+ gradientUnits="userSpaceOnUse"
+ id="linearGradient3138"
+ xlink:href="#linearGradient4702-3-6" />
+ <linearGradient
+ y2="1043.709"
+ x2="80.655251"
+ y1="1025.709"
+ x1="108.08774"
+ gradientTransform="matrix(-0.49726789,0,0,0.49726789,555.31016,722.70088)"
+ gradientUnits="userSpaceOnUse"
+ id="linearGradient3141"
+ xlink:href="#linearGradient4696-5" />
+ <linearGradient
+ y2="922.07178"
+ x2="78.000107"
+ y1="1004.8033"
+ x1="113.5146"
+ gradientTransform="matrix(0.88803314,0,0,0.88803314,415.18739,350.00262)"
+ gradientUnits="userSpaceOnUse"
+ id="linearGradient3144"
+ xlink:href="#linearGradient4702-3-6" />
+ <linearGradient
+ y2="70.667412"
+ x2="176.60477"
+ y1="63.65625"
+ x1="142.96875"
+ gradientTransform="matrix(0.88803314,0,0,0.88803314,415.2161,1106.9294)"
+ gradientUnits="userSpaceOnUse"
+ id="linearGradient3148"
+ xlink:href="#linearGradient4702-3-6" />
+ <linearGradient
+ y2="70.667412"
+ x2="176.60477"
+ y1="63.65625"
+ x1="142.96875"
+ gradientTransform="matrix(0.88803314,0,0,0.88803314,415.2161,1106.9294)"
+ gradientUnits="userSpaceOnUse"
+ id="linearGradient3780"
+ xlink:href="#linearGradient4702-3-6" />
+ <linearGradient
+ y2="922.07178"
+ x2="78.000107"
+ y1="1004.8033"
+ x1="113.5146"
+ gradientTransform="matrix(0.88803314,0,0,0.88803314,415.18739,350.00262)"
+ gradientUnits="userSpaceOnUse"
+ id="linearGradient3782"
+ xlink:href="#linearGradient4702-3-6" />
+ <linearGradient
+ y2="1043.709"
+ x2="80.655251"
+ y1="1025.709"
+ x1="108.08774"
+ gradientTransform="matrix(-0.49726789,0,0,0.49726789,555.31016,722.70088)"
+ gradientUnits="userSpaceOnUse"
+ id="linearGradient3784"
+ xlink:href="#linearGradient4696-5" />
+ <linearGradient
+ y2="69.791016"
+ x2="177.04297"
+ y1="63.65625"
+ x1="142.96875"
+ gradientTransform="matrix(-0.88803314,0,0,0.88803314,595.57001,1106.9291)"
+ gradientUnits="userSpaceOnUse"
+ id="linearGradient3786"
+ xlink:href="#linearGradient4702-3-6" />
+ <filter
+ id="filter9204"
+ style="color-interpolation-filters:sRGB">
+ <feColorMatrix
+ id="feColorMatrix9194"
+ result="colormatrix"
+ values="1 0 0 0 0 0 1 0 0 0 0 0 1 0 0 -0.2125 -0.7154 -0.0721 1 0 "
+ in="SourceGraphic" />
+ <feComposite
+ k1="0"
+ id="feComposite9196"
+ result="composite"
+ k4="0"
+ k3="0"
+ k2="1"
+ operator="arithmetic"
+ in2="colormatrix"
+ in="SourceGraphic" />
+ <feGaussianBlur
+ id="feGaussianBlur9198"
+ result="blur1"
+ stdDeviation="5 0.01" />
+ <feGaussianBlur
+ id="feGaussianBlur9200"
+ result="blur2"
+ stdDeviation="0.01 5"
+ in="composite" />
+ <feBlend
+ id="feBlend9202"
+ result="blend"
+ mode="darken"
+ in2="blur1"
+ in="blur2" />
+ </filter>
+ <filter
+ id="filter9330"
+ style="color-interpolation-filters:sRGB">
+ <feGaussianBlur
+ id="feGaussianBlur9328"
+ result="blur"
+ stdDeviation="2 2" />
+ </filter>
+ </defs>
+ <metadata
+ id="metadata7">
+ <rdf:RDF>
+ <cc:Work
+ rdf:about="">
+ <dc:format>image/svg+xml</dc:format>
+ <dc:type
+ rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+ <dc:title>logo for GNUnet</dc:title>
+ <dc:creator>
+ <cc:Agent>
+ <dc:title>Luis Felipe López Acevedo, Amirouche Boubekki, carlo von lynX</dc:title>
+ </cc:Agent>
+ </dc:creator>
+ <dc:rights>
+ <cc:Agent>
+ <dc:title>GNUnet e.V.</dc:title>
+ </cc:Agent>
+ </dc:rights>
+ <cc:license
+ rdf:resource="http://creativecommons.org/licenses/by-sa/4.0/" />
+ <dc:description />
+ </cc:Work>
+ <cc:License
+ rdf:about="http://creativecommons.org/licenses/by-sa/4.0/">
+ <cc:permits
+ rdf:resource="http://creativecommons.org/ns#Reproduction" />
+ <cc:permits
+ rdf:resource="http://creativecommons.org/ns#Distribution" />
+ <cc:requires
+ rdf:resource="http://creativecommons.org/ns#Notice" />
+ <cc:requires
+ rdf:resource="http://creativecommons.org/ns#Attribution" />
+ <cc:permits
+ rdf:resource="http://creativecommons.org/ns#DerivativeWorks" />
+ <cc:requires
+ rdf:resource="http://creativecommons.org/ns#ShareAlike" />
+ </cc:License>
+ </rdf:RDF>
+ </metadata>
+ <g
+ id="g5346"
+ style="display:none"
+ transform="translate(-387.41463,-609.81931)">
+ <text
+ xml:space="preserve"
+ style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16.53852463px;line-height:125%;font-family:Ubuntu;-inkscape-font-specification:Ubuntu;letter-spacing:0px;word-spacing:0px;display:inline;opacity:1;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1.03365779px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+ x="453.95291"
+ y="869.96057"
+ id="text5344"><tspan
+ id="tspan5342"
+ x="453.95291"
+ y="869.96057"
+ style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:49.33333206px;font-family:'Ubuntu Bold';-inkscape-font-specification:'Ubuntu Bold, ';fill:#ffffff;stroke-width:1.03365779px"
+ dx="0 0 0">gnu net</tspan></text>
+ </g>
+ <g
+ transform="translate(-387.41463,-609.81931)"
+ style="display:none"
+ id="g950">
+ <text
+ id="text948"
+ y="869.21057"
+ x="467.77612"
+ style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16.53852463px;line-height:125%;font-family:Ubuntu;-inkscape-font-specification:Ubuntu;letter-spacing:0px;word-spacing:0px;display:inline;opacity:1;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1.03365779px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+ xml:space="preserve"><tspan
+ dx="0 -2.5 -3 0 -19.25 -2.5 -3"
+ style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:50.66666794px;font-family:'Anonymous Pro';-inkscape-font-specification:'Anonymous Pro Bold';fill:#ffffff;stroke-width:1.03365779px"
+ y="869.21057"
+ x="467.77612"
+ id="tspan946">gnu net</tspan></text>
+ </g>
+ <g
+ id="g941"
+ style="display:none"
+ transform="translate(0,-20)">
+ <ellipse
+ ry="17.690269"
+ rx="17.68549"
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#ee0000;stroke-width:1.68696308;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:0.97635139"
+ id="ellipse937"
+ cx="157.97346"
+ cy="180.65355" />
+ <ellipse
+ ry="17.690269"
+ rx="17.68549"
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#ee0000;stroke-width:1.68696308;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:0.97635139"
+ id="ellipse939"
+ cx="157.97346"
+ cy="111.16864" />
+ </g>
+ <g
+ transform="translate(-387.41463,-609.81931)"
+ style="display:none"
+ id="g935">
+ <g
+ aria-label="gnu net"
+ style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16.53852463px;line-height:125%;font-family:Ubuntu;-inkscape-font-specification:Ubuntu;letter-spacing:0px;word-spacing:0px;display:inline;opacity:1;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1.03365779px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;image-rendering:auto"
+ id="g933">
+ <path
+ d="m 423.90503,684.79003 h 22.14128 v 61.61056 q 0,11.55196 4.3855,16.04443 4.38546,4.49242 12.72857,4.49242 12.19374,0 20.00203,-9.94753 7.80828,-9.94753 7.80828,-27.48942 v -44.71046 h 22.14128 v 99.6893 h -22.14128 v -24.92231 q -3.31586,12.83553 -12.30071,20.10899 -8.98489,7.27346 -22.14132,7.27346 -15.29567,0 -23.95963,-9.94753 -8.664,-10.0545 -8.664,-30.59135 z"
+ style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:50.66666794px;font-family:'Anonymous Pro';-inkscape-font-specification:'Anonymous Pro Bold';fill:#ffffff;stroke-width:4.46906853px"
+ id="path925" />
+ <path
+ d="m 669.48029,784.47933 h -22.14128 v -61.50359 q 0,-11.65892 -4.3855,-16.15139 -4.38546,-4.49243 -12.72857,-4.49243 -12.30071,0 -20.10899,9.94753 -7.70132,9.94754 -7.70132,27.48947 v 44.71041 h -22.14128 v -99.6893 h 22.14128 v 25.02928 q 3.31586,-12.94249 12.30071,-20.10899 8.98489,-7.27346 22.14132,-7.27346 15.29567,0 23.95967,9.94753 8.66396,9.94753 8.66396,30.59135 z"
+ style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:50.66666794px;font-family:'Anonymous Pro';-inkscape-font-specification:'Anonymous Pro Bold';fill:#ffffff;stroke-width:4.46906853px"
+ id="path927" />
+ </g>
+ </g>
+ <g
+ id="g1296"
+ style="display:none"
+ transform="translate(0,-67.278107)">
+ <path
+ style="fill:none;stroke:#dddddd;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ d="m 62.698223,85.778107 -39.5,48.000003 v 0 l -1,2"
+ id="path1256" />
+ <path
+ style="fill:none;stroke:#dddddd;stroke-width:2.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ d="m 12.698223,104.77811 10,29 21,-10.5 v 0 0"
+ id="path1258" />
+ <path
+ style="display:inline;fill:none;fill-rule:evenodd;stroke:#dddddd;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ d="m 11.809253,105.24526 63.6227,34.91188 23.31802,-11.09978 -35.03955,28.74946 11.86161,-17.77468 -53.18435,-5.79678 40.95076,23.69646 25.32406,0.49689 24.193047,3.02495 v 48.02104 l 21.04995,-32.14943 -20.559,-15.87161 32.52749,48.02104 -8.06937,31.38386 -24.94907,-31.76198 24.94907,77.51429 22.25436,-36.69889 21.97354,37.07701 -43.59987,-0.37188 41.32877,-28.87448 22.05899,-21.17152 -19.90986,50.171 -3.71591,-29.60613 -8.57843,-31.7682 -9.69437,24.71516 54.37611,-52.19866 -24.96716,8.94671 -18.39175,19.15282 18.27579,-55.07718 25.20812,27.362 20.66591,-41.35238 -46.00204,14.12783 22.94304,-37.07431 23.05297,23.0777 31.8814,-26.48075 40.07874,-25.58708 -15.26372,39.20869 -24.69305,-13.74039 -55.05634,4.03119 79.62738,9.58108 -56.57441,12.73416"
+ id="path1260" />
+ <path
+ style="display:inline;fill:none;fill-rule:evenodd;stroke:#dddddd;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ d="m 98.868943,129.31358 37.045597,48.02106"
+ id="path1262" />
+ <path
+ style="display:inline;fill:none;fill-rule:evenodd;stroke:#dddddd;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ d="m 88.284483,158.4287 10.96248,-29.11512 12.474537,32.51819"
+ id="path1264" />
+ <path
+ style="display:inline;fill:none;fill-rule:evenodd;stroke:#dddddd;stroke-width:3;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ d="m 212.13974,133.78236 54.69043,-3.64603 -31.75647,27.04795"
+ id="path1266" />
+ <path
+ transform="translate(-387.41463,-542.5412)"
+ style="display:inline;opacity:1;fill:none;fill-opacity:1;stroke:#dddddd;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ d="m 399.11285,648.31931 50.5,-19.5 -14.05,28.1 0.925,-1.725 -5.875,11.75 -0.25,-0.75"
+ id="path1268" />
+ <path
+ transform="translate(-387.41463,-542.5412)"
+ style="display:inline;opacity:1;fill:#729fcf;fill-rule:evenodd;stroke:#dddddd;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ d="m 601.57854,741.42859 -2.26809,-64.28015"
+ id="path1270" />
+ <path
+ style="fill:none;stroke:#dddddd;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ d="m 189.57322,206.52811 -44,2.625 25.375,17.125 v 0"
+ id="path1272" />
+ <path
+ transform="translate(-387.41463,-542.5412)"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#dddddd;stroke-width:3;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ d="m 475.69911,700.21367 24.57107,51.42411"
+ id="path1274" />
+ <path
+ transform="translate(-387.41463,-542.5412)"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#dddddd;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ d="m 534.29164,751.63778 12.85257,40.08057"
+ id="path1276" />
+ <path
+ transform="translate(-387.41463,-542.5412)"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#dddddd;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ d="m 525.21925,783.02162 0.37803,45.75234"
+ id="path1278" />
+ <path
+ transform="translate(-387.41463,-542.5412)"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#dddddd;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ d="m 601.95657,742.56293 -12.09653,36.6775"
+ id="path1280" />
+ <path
+ transform="translate(-387.41463,-542.5412)"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#dddddd;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ d="m 475.69911,700.59178 46.98395,22.0278 10.85256,28.26194"
+ id="path1282" />
+ <path
+ transform="translate(-387.41463,-542.5412)"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#dddddd;stroke-width:1.58654225px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+ d="m 589.104,778.86231 -12.85255,-66.17074 v 36.6775 z"
+ id="path1284" />
+ <path
+ transform="translate(-387.41463,-542.5412)"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#dddddd;stroke-width:1.58654225px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+ d="m 557.35064,768.27501 31.75336,10.5873"
+ id="path1286" />
+ <path
+ transform="translate(-387.41463,-542.5412)"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#dddddd;stroke-width:1.58654225px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+ d="m 500.27018,704.37298 v 48.77728 l 24.57105,30.2495 23.81505,9.45293"
+ id="path1288" />
+ <path
+ transform="translate(-387.41463,-542.5412)"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#dddddd;stroke-width:3;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ d="m 524.46323,829.53019 44.98392,-0.37812"
+ id="path1290" />
+ <path
+ transform="translate(-387.41463,-542.5412)"
+ style="display:inline;opacity:1;fill:none;stroke:#dddddd;stroke-width:2.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ d="m 694.61285,647.31931 -40.285,-17.00922 -4.715,-1.99078 29,57.5 v -0.5 0 h 0.5 v 0"
+ id="path1292" />
+ <path
+ transform="translate(-387.41463,-542.5412)"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#dddddd;stroke-width:1.58654225px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+ d="m 409.92428,677.14844 54.05634,6.0499"
+ id="path1294" />
+ </g>
+ <g
+ transform="translate(0,-67.278107)"
+ style="display:none"
+ id="g1254">
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ cy="829.24042"
+ cx="568.98083"
+ id="ellipse1194"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1196"
+ cx="588.85413"
+ cy="778.67493" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ cy="740.67249"
+ cx="601.57867"
+ id="ellipse1198"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1200"
+ cx="525.79852"
+ cy="829.24042" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1202"
+ cx="557.82654"
+ cy="768.71582" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ cy="783.02173"
+ cx="525.21936"
+ id="ellipse1204"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1206"
+ cx="400.09586"
+ cy="647.34271" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1208"
+ cx="450.11285"
+ cy="628.31934" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1210"
+ cx="622.36951"
+ cy="699.45752" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1212"
+ cx="547.21771"
+ cy="792.29773" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1214"
+ cx="566.20697"
+ cy="800.12549" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ cy="751.63794"
+ cx="500.64822"
+ id="ellipse1216"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1218"
+ cx="533.33447"
+ cy="751.72632" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1220"
+ cx="450.75012"
+ cy="699.83545" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ cy="700.59174"
+ cx="476.07718"
+ id="ellipse1222"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1224"
+ cx="521.49146"
+ cy="719.65314" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1226"
+ cx="500.6362"
+ cy="703.87305" />
+ <ellipse
+ ry="4.1593032"
+ rx="4.1581793"
+ cy="134.28851"
+ cx="211.9584"
+ id="ellipse1228"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1230"
+ cx="576.62964"
+ cy="713.44794" />
+ <ellipse
+ ry="4.1593032"
+ rx="4.1581793"
+ cy="123.16669"
+ cx="43.166531"
+ id="ellipse1232"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1" />
+ <ellipse
+ ry="4.1593032"
+ rx="4.1581793"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1234"
+ cx="98.865997"
+ cy="129.43542" />
+ <ellipse
+ ry="4.1593032"
+ rx="4.1581793"
+ cy="130.05022"
+ cx="267.08618"
+ id="ellipse1236"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1238"
+ cx="679.07196"
+ cy="686.22339" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ cy="748.99109"
+ cx="577.00763"
+ id="ellipse1240"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1242"
+ cx="577.00763"
+ cy="748.99109" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ cy="748.99109"
+ cx="577.07013"
+ id="ellipse1244"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1" />
+ <ellipse
+ transform="translate(0,-3e-6)"
+ ry="4.1593032"
+ rx="4.1581793"
+ cy="133.85095"
+ cx="22.887779"
+ id="ellipse1246"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ cy="682.1922"
+ cx="462.47165"
+ id="ellipse1248"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ cy="647.3053"
+ cx="694.58264"
+ id="ellipse1250"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1" />
+ <ellipse
+ transform="translate(-387.41463,-542.5412)"
+ ry="4.1593032"
+ rx="4.1581793"
+ style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#eeeeee;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1252"
+ cx="649.61285"
+ cy="628.31934" />
+ </g>
+ <g
+ transform="translate(0,-67.278107)"
+ style="display:inline"
+ id="g1533">
+ <path
+ id="path1493"
+ d="m 62.698223,85.778107 -39.5,48.000003 v 0 l -1,2"
+ style="fill:none;stroke:#3399cc;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
+ <path
+ id="path1495"
+ d="m 12.698223,104.77811 10,29 21,-10.5 v 0 0"
+ style="fill:none;stroke:#3399cc;stroke-width:2.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
+ <path
+ id="path1497"
+ d="m 11.809253,105.24526 63.6227,34.91188 23.31802,-11.09978 -35.03955,28.74946 11.86161,-17.77468 -53.18435,-5.79678 40.95076,23.69646 25.32406,0.49689 24.193047,3.02495 v 48.02104 l 21.04995,-32.14943 -20.559,-15.87161 32.52749,48.02104 -8.06937,31.38386 -24.94907,-31.76198 24.94907,77.51429 22.25436,-36.69889 21.97354,37.07701 -43.59987,-0.37188 41.32877,-28.87448 22.05899,-21.17152 -19.90986,50.171 -3.71591,-29.60613 -8.57843,-31.7682 -9.69437,24.71516 54.37611,-52.19866 -24.96716,8.94671 -18.39175,19.15282 18.27579,-55.07718 25.20812,27.362 20.66591,-41.35238 -46.00204,14.12783 22.94304,-37.07431 23.05297,23.0777 31.8814,-26.48075 40.07874,-25.58708 -15.26372,39.20869 -24.69305,-13.74039 -55.05634,4.03119 79.62738,9.58108 -56.57441,12.73416"
+ style="display:inline;fill:none;fill-rule:evenodd;stroke:#3399cc;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
+ <path
+ id="path1499"
+ d="m 98.868943,129.31358 37.045597,48.02106"
+ style="display:inline;fill:none;fill-rule:evenodd;stroke:#3399cc;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
+ <path
+ id="path1501"
+ d="m 88.284483,158.4287 10.96248,-29.11512 12.474537,32.51819"
+ style="display:inline;fill:none;fill-rule:evenodd;stroke:#3399cc;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
+ <path
+ id="path1503"
+ d="m 212.13974,133.78236 54.69043,-3.64603 -31.75647,27.04795"
+ style="display:inline;fill:none;fill-rule:evenodd;stroke:#3399cc;stroke-width:3;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
+ <path
+ id="path1505"
+ d="m 399.11285,648.31931 50.5,-19.5 -14.05,28.1 0.925,-1.725 -5.875,11.75 -0.25,-0.75"
+ style="display:inline;opacity:1;fill:none;fill-opacity:1;stroke:#3399cc;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path1507"
+ d="m 601.57854,741.42859 -2.26809,-64.28015"
+ style="display:inline;opacity:1;fill:#729fcf;fill-rule:evenodd;stroke:#3399cc;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path1509"
+ d="m 189.57322,206.52811 -44,2.625 25.375,17.125 v 0"
+ style="fill:none;stroke:#3399cc;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
+ <path
+ id="path1511"
+ d="m 475.69911,700.21367 24.57107,51.42411"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#3399cc;stroke-width:3;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path1513"
+ d="m 534.29164,751.63778 12.85257,40.08057"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#3399cc;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path1515"
+ d="m 525.21925,783.02162 0.37803,45.75234"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#3399cc;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path1517"
+ d="m 601.95657,742.56293 -12.09653,36.6775"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#3399cc;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path1519"
+ d="m 475.69911,700.59178 46.98395,22.0278 10.85256,28.26194"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#3399cc;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path1521"
+ d="m 589.104,778.86231 -12.85255,-66.17074 v 36.6775 z"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#3399cc;stroke-width:1.58654225px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path1523"
+ d="m 557.35064,768.27501 31.75336,10.5873"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#3399cc;stroke-width:1.58654225px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path1525"
+ d="m 500.27018,704.37298 v 48.77728 l 24.57105,30.2495 23.81505,9.45293"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#3399cc;stroke-width:1.58654225px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path1527"
+ d="m 524.46323,829.53019 44.98392,-0.37812"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#3399cc;stroke-width:3;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path1529"
+ d="m 694.61285,647.31931 -40.285,-17.00922 -4.715,-1.99078 29,57.5 v -0.5 0 h 0.5 v 0"
+ style="display:inline;opacity:1;fill:none;stroke:#3399cc;stroke-width:2.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path1531"
+ d="m 409.92428,677.14844 54.05634,6.0499"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#3399cc;stroke-width:1.58654225px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+ transform="translate(-387.41463,-542.5412)" />
+ </g>
+ <g
+ id="g1491"
+ style="display:inline"
+ transform="translate(0,-67.278107)">
+ <ellipse
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1431"
+ cx="568.98083"
+ cy="829.24042"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="778.67493"
+ cx="588.85413"
+ id="ellipse1433"
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1435"
+ cx="601.57867"
+ cy="740.67249"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="829.24042"
+ cx="525.79852"
+ id="ellipse1437"
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="768.71582"
+ cx="557.82654"
+ id="ellipse1439"
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1441"
+ cx="525.21936"
+ cy="783.02173"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="647.34271"
+ cx="400.09586"
+ id="ellipse1443"
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="628.31934"
+ cx="450.11285"
+ id="ellipse1445"
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="699.45752"
+ cx="622.36951"
+ id="ellipse1447"
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="792.29773"
+ cx="547.21771"
+ id="ellipse1449"
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="800.12549"
+ cx="566.20697"
+ id="ellipse1451"
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1453"
+ cx="500.64822"
+ cy="751.63794"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="751.72632"
+ cx="533.33447"
+ id="ellipse1455"
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="699.83545"
+ cx="450.75012"
+ id="ellipse1457"
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1459"
+ cx="476.07718"
+ cy="700.59174"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="719.65314"
+ cx="521.49146"
+ id="ellipse1461"
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="703.87305"
+ cx="500.6362"
+ id="ellipse1463"
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1465"
+ cx="211.9584"
+ cy="134.28851"
+ rx="4.1581793"
+ ry="4.1593032" />
+ <ellipse
+ cy="713.44794"
+ cx="576.62964"
+ id="ellipse1467"
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1469"
+ cx="43.166531"
+ cy="123.16669"
+ rx="4.1581793"
+ ry="4.1593032" />
+ <ellipse
+ cy="129.43542"
+ cx="98.865997"
+ id="ellipse1471"
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1473"
+ cx="267.08618"
+ cy="130.05022"
+ rx="4.1581793"
+ ry="4.1593032" />
+ <ellipse
+ cy="686.22339"
+ cx="679.07196"
+ id="ellipse1475"
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1477"
+ cx="577.00763"
+ cy="748.99109"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="748.99109"
+ cx="577.00763"
+ id="ellipse1479"
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1481"
+ cx="577.07013"
+ cy="748.99109"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1483"
+ cx="22.887779"
+ cy="133.85095"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(0,-3e-6)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1485"
+ cx="462.47165"
+ cy="682.1922"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1487"
+ cx="694.58264"
+ cy="647.3053"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="628.31934"
+ cx="649.61285"
+ id="ellipse1489"
+ style="display:inline;opacity:1;fill:#419edb;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ </g>
+ <g
+ id="g1539"
+ style="display:inline"
+ transform="translate(0,-20)">
+ <ellipse
+ ry="4.1593032"
+ rx="4.1581793"
+ style="display:inline;opacity:1;fill:#3399cc;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1535"
+ cx="159.80099"
+ cy="276.32968" />
+ <ellipse
+ ry="4.1593032"
+ rx="4.1581793"
+ style="display:inline;opacity:1;fill:#3399cc;fill-opacity:1;stroke:#3399cc;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse1537"
+ cx="159.80099"
+ cy="259.99252" />
+ </g>
+ <g
+ transform="translate(0,-67.278107)"
+ style="display:none"
+ id="layer3">
+ <path
+ id="path5313"
+ d="m 62.698223,85.778107 -39.5,48.000003 v 0 l -1,2"
+ style="fill:none;stroke:#cc0000;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.99607843" />
+ <path
+ id="path5311"
+ d="m 12.698223,104.77811 10,29 21,-10.5 v 0 0"
+ style="fill:none;stroke:#cc0000;stroke-width:2.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.99607843" />
+ <path
+ id="path9316"
+ d="m 11.809253,105.24526 63.6227,34.91188 23.31802,-11.09978 -35.03955,28.74946 11.86161,-17.77468 -53.18435,-5.79678 40.95076,23.69646 25.32406,0.49689 24.193047,3.02495 v 48.02104 l 21.04995,-32.14943 -20.559,-15.87161 32.52749,48.02104 -8.06937,31.38386 -24.94907,-31.76198 24.94907,77.51429 22.25436,-36.69889 21.97354,37.07701 -43.59987,-0.37188 41.32877,-28.87448 22.05899,-21.17152 -19.90986,50.171 -3.71591,-29.60613 -8.57843,-31.7682 -9.69437,24.71516 54.37611,-52.19866 -24.96716,8.94671 -18.39175,19.15282 18.27579,-55.07718 25.20812,27.362 20.66591,-41.35238 -46.00204,14.12783 22.94304,-37.07431 23.05297,23.0777 31.8814,-26.48075 40.07874,-25.58708 -15.26372,39.20869 -24.69305,-13.74039 -55.05634,4.03119 79.62738,9.58108 -56.57441,12.73416"
+ style="display:inline;fill:none;fill-rule:evenodd;stroke:#cc0000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.99607843" />
+ <path
+ id="path9318"
+ d="m 98.868943,129.31358 37.045597,48.02106"
+ style="display:inline;fill:none;fill-rule:evenodd;stroke:#cc0000;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.99607843" />
+ <path
+ id="path12058"
+ d="m 88.284483,158.4287 10.96248,-29.11512 12.474537,32.51819"
+ style="display:inline;fill:none;fill-rule:evenodd;stroke:#cc0000;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.99607843" />
+ <path
+ id="path12250"
+ d="m 212.13974,133.78236 54.69043,-3.64603 -31.75647,27.04795"
+ style="display:inline;fill:none;fill-rule:evenodd;stroke:#cc0000;stroke-width:3;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.99607843" />
+ <path
+ id="path5161"
+ d="m 399.11285,648.31931 50.5,-19.5 -14.05,28.1 0.925,-1.725 -5.875,11.75 -0.25,-0.75"
+ style="display:inline;opacity:1;fill:none;fill-opacity:1;stroke:#cc0000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.99607843"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path12206"
+ d="m 601.57854,741.42859 -2.26809,-64.28015"
+ style="display:inline;opacity:1;fill:#729fcf;fill-rule:evenodd;stroke:#cc0000;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.99607843"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path5331"
+ d="m 189.57322,206.52811 -44,2.625 25.375,17.125 v 0"
+ style="fill:none;stroke:#cc0000;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.99607843" />
+ <path
+ id="path9320"
+ d="m 475.69911,700.21367 24.57107,51.42411"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#cc0000;stroke-width:3;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.99607843"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path9322"
+ d="m 534.29164,751.63778 12.85257,40.08057"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#cc0000;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.99607843"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path9324"
+ d="m 525.21925,783.02162 0.37803,45.75234"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#cc0000;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.99607843"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path9326"
+ d="m 601.95657,742.56293 -12.09653,36.6775"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#cc0000;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.99607843"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path12060"
+ d="m 475.69911,700.59178 46.98395,22.0278 10.85256,28.26194"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#cc0000;stroke-width:1.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.99607843"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path12208"
+ d="m 589.104,778.86231 -12.85255,-66.17074 v 36.6775 z"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#cc0000;stroke-width:1.58654225px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:0.99607843"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path12210"
+ d="m 557.35064,768.27501 31.75336,10.5873"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#cc0000;stroke-width:1.58654225px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:0.99607843"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path12212"
+ d="m 500.27018,704.37298 v 48.77728 l 24.57105,30.2495 23.81505,9.45293"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#cc0000;stroke-width:1.58654225px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:0.99607843"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path12216"
+ d="m 524.46323,829.53019 44.98392,-0.37812"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#cc0000;stroke-width:3;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.99607843"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path5163"
+ d="m 694.61285,647.31931 -40.285,-17.00922 -4.715,-1.99078 29,57.5 v -0.5 0 h 0.5 v 0"
+ style="display:inline;opacity:1;fill:none;stroke:#cc0000;stroke-width:2.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.99607843"
+ transform="translate(-387.41463,-542.5412)" />
+ <path
+ id="path12214"
+ d="m 409.92428,677.14844 54.05634,6.0499"
+ style="display:inline;opacity:1;fill:none;fill-rule:evenodd;stroke:#cc0000;stroke-width:1.58654225px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:0.99607843"
+ transform="translate(-387.41463,-542.5412)" />
+ </g>
+ <g
+ id="g325"
+ style="display:none"
+ transform="translate(0,-67.278107)">
+ <ellipse
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse12254"
+ cx="568.98083"
+ cy="829.24042"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="778.67493"
+ cx="588.85413"
+ id="ellipse12290"
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse12284"
+ cx="601.57867"
+ cy="740.67249"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="829.24042"
+ cx="525.79852"
+ id="ellipse12256"
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="768.71582"
+ cx="557.82654"
+ id="ellipse12306"
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse12280"
+ cx="525.21936"
+ cy="783.02173"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="647.34271"
+ cx="400.09586"
+ id="ellipse12258"
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="628.31934"
+ cx="450.11285"
+ id="ellipse12258-3"
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="699.45752"
+ cx="622.36951"
+ id="ellipse12294"
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="792.29773"
+ cx="547.21771"
+ id="ellipse12252"
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="800.12549"
+ cx="566.20697"
+ id="ellipse12282"
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse12276"
+ cx="500.64822"
+ cy="751.63794"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="751.72632"
+ cx="533.33447"
+ id="ellipse12278"
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="699.83545"
+ cx="450.75012"
+ id="ellipse12262"
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse12268"
+ cx="476.07718"
+ cy="700.59174"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="719.65314"
+ cx="521.49146"
+ id="ellipse12270"
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="703.87305"
+ cx="500.6362"
+ id="ellipse12274"
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse12292"
+ cx="211.9584"
+ cy="134.28851"
+ rx="4.1581793"
+ ry="4.1593032" />
+ <ellipse
+ cy="713.44794"
+ cx="576.62964"
+ id="ellipse12286"
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse12260"
+ cx="43.166531"
+ cy="123.16669"
+ rx="4.1581793"
+ ry="4.1593032" />
+ <ellipse
+ cy="129.43542"
+ cx="98.865997"
+ id="ellipse12266"
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse12296"
+ cx="267.08618"
+ cy="130.05022"
+ rx="4.1581793"
+ ry="4.1593032" />
+ <ellipse
+ cy="686.22339"
+ cx="679.07196"
+ id="ellipse12298"
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse12288"
+ cx="577.00763"
+ cy="748.99109"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="748.99109"
+ cx="577.00763"
+ id="ellipse12302"
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse12304"
+ cx="577.07013"
+ cy="748.99109"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse12264"
+ cx="22.887779"
+ cy="133.85095"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(0,-3e-6)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse12272"
+ cx="462.47165"
+ cy="682.1922"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="ellipse12300"
+ cx="694.58264"
+ cy="647.3053"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ <ellipse
+ cy="628.31934"
+ cx="649.61285"
+ id="ellipse12258-3-0"
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#cc0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ rx="4.1581793"
+ ry="4.1593032"
+ transform="translate(-387.41463,-542.5412)" />
+ </g>
+ <g
+ transform="translate(0,-20)"
+ style="display:none"
+ id="layer6">
+ <ellipse
+ cy="276.32968"
+ cx="159.80099"
+ id="ellipse12282-8-9-0"
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#ee0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:0.97635139"
+ rx="4.1581793"
+ ry="4.1593032" />
+ <ellipse
+ cy="259.99252"
+ cx="159.80099"
+ id="ellipse12282-8-9"
+ style="display:inline;opacity:1;fill:#ee0000;fill-opacity:1;stroke:#ee0000;stroke-width:0.39663559;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:0.97635139"
+ rx="4.1581793"
+ ry="4.1593032" />
+ </g>
+ <g
+ id="g975"
+ style="display:inline"
+ transform="translate(-387.41463,-609.81931)">
+ <g
+ id="text973"
+ style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16.53852463px;line-height:125%;font-family:Ubuntu;-inkscape-font-specification:Ubuntu;letter-spacing:0px;word-spacing:0px;display:inline;opacity:1;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1.03365779px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;image-rendering:auto"
+ aria-label="gnu net">
+ <path
+ id="path977"
+ style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:50.66666794px;font-family:'Anonymous Pro';-inkscape-font-specification:'Anonymous Pro Bold';fill:#292929;stroke-width:1.03365779px;fill-opacity:1"
+ d="m 489.62118,868.96318 q 0,2.375 -0.81641,4.23046 -0.81641,1.85547 -2.30078,3.14193 -1.45964,1.28646 -3.46354,1.95443 -1.97917,0.69271 -4.42839,0.69271 -6.01172,0 -10.26693,-3.63672 l 2.42448,-3.95834 q 3.53776,3.04297 7.84245,3.04297 2.64714,0 4.25521,-1.31119 1.63281,-1.28646 1.63281,-4.0573 v -2.47395 q -1.58333,1.36067 -3.04297,2.02864 -1.45963,0.64323 -3.38932,0.64323 -2.22656,0 -4.13151,-0.9401 -1.90495,-0.94011 -3.29037,-2.54818 -1.36067,-1.63281 -2.15234,-3.78516 -0.76693,-2.15234 -0.76693,-4.57682 0,-2.42448 0.76693,-4.57682 0.79167,-2.17709 2.15234,-3.76042 1.38542,-1.60807 3.29037,-2.52344 1.90495,-0.9401 4.13151,-0.9401 1.92969,0 3.4388,0.66797 1.50912,0.64323 2.99349,1.95442 v -2.07812 h 5.1211 z m -5.1211,-16.67448 q -0.91536,-1.01433 -2.375,-1.53386 -1.43489,-0.54427 -2.79557,-0.54427 -2.89453,0 -4.70052,2.02865 -1.78125,2.02864 -1.78125,5.17057 0,1.55859 0.47005,2.89453 0.49479,1.3112 1.33594,2.27604 0.86588,0.96485 2.05338,1.53386 1.21224,0.54427 2.6224,0.54427 1.36068,0 2.79557,-0.54427 1.45964,-0.56901 2.375,-1.58334 z" />
+ <path
+ id="path979"
+ style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:50.66666794px;font-family:'Anonymous Pro';-inkscape-font-specification:'Anonymous Pro Bold';fill:#292929;stroke-width:1.03365779px;fill-opacity:1"
+ d="m 514.82951,869.21057 h -5.12109 v -14.22526 q 0,-2.69661 -1.01433,-3.73568 -1.01432,-1.03906 -2.94401,-1.03906 -2.84505,0 -4.65104,2.30078 -1.78125,2.30078 -1.78125,6.35808 v 10.34114 h -5.12109 v -23.05729 h 5.12109 v 5.78906 q 0.76693,-2.99349 2.84505,-4.65104 2.07813,-1.68229 5.1211,-1.68229 3.53776,0 5.54166,2.30078 2.00391,2.30078 2.00391,7.07552 z" />
+ <path
+ id="path981"
+ style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:50.66666794px;font-family:'Anonymous Pro';-inkscape-font-specification:'Anonymous Pro Bold';fill:#292929;stroke-width:1.03365779px;fill-opacity:1"
+ d="m 518.90503,846.15328 h 5.12109 v 14.25 q 0,2.67187 1.01433,3.71094 1.01432,1.03906 2.94401,1.03906 2.82031,0 4.6263,-2.30078 1.80599,-2.30078 1.80599,-6.35807 v -10.34115 h 5.12109 v 23.05729 h -5.12109 v -5.76432 q -0.76693,2.96875 -2.84505,4.65104 -2.07813,1.68229 -5.1211,1.68229 -3.53776,0 -5.54166,-2.30078 -2.00391,-2.32552 -2.00391,-7.07552 z" />
+ <path
+ id="path983"
+ style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:50.66666794px;font-family:'Anonymous Pro';-inkscape-font-specification:'Anonymous Pro Bold';fill:#292929;stroke-width:1.03365779px;fill-opacity:1"
+ d="m 575.70451,869.21057 h -5.12109 v -14.22526 q 0,-2.69661 -1.01433,-3.73568 -1.01432,-1.03906 -2.94401,-1.03906 -2.84505,0 -4.65104,2.30078 -1.78125,2.30078 -1.78125,6.35808 v 10.34114 h -5.12109 v -23.05729 h 5.12109 v 5.78906 q 0.76693,-2.99349 2.84505,-4.65104 2.07813,-1.68229 5.1211,-1.68229 3.53776,0 5.54167,2.30078 2.0039,2.30078 2.0039,7.07552 z" />
+ <path
+ id="path985"
+ style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:50.66666794px;font-family:'Anonymous Pro';-inkscape-font-specification:'Anonymous Pro Bold';fill:#292929;stroke-width:1.03365779px;fill-opacity:1"
+ d="m 583.76832,859.63635 q 0.37109,2.375 2.2513,3.95834 1.90495,1.55859 5.09635,1.55859 2.4987,0 4.32943,-0.76693 1.85547,-0.79166 3.19141,-2.07812 l 2.62239,3.61198 q -2.22656,2.22656 -4.72526,3.04297 -2.47396,0.8164 -5.41797,0.8164 -2.67187,0 -4.97265,-0.89062 -2.30079,-0.89063 -3.98308,-2.47396 -1.68229,-1.60807 -2.64713,-3.8099 -0.94011,-2.20182 -0.94011,-4.89844 0,-2.62239 0.86589,-4.82421 0.89062,-2.22657 2.47396,-3.83464 1.60807,-1.63281 3.83463,-2.52344 2.22657,-0.91536 4.92318,-0.91536 2.79557,0 5.07161,0.96484 2.27605,0.94011 3.88412,2.7461 1.63281,1.80599 2.54818,4.42838 0.91536,2.59766 0.91536,5.88802 z m 13.53255,-4.5026 q -0.39584,-2.22656 -2.30078,-3.5625 -1.90495,-1.36068 -4.32943,-1.36068 -2.42448,0 -4.35417,1.36068 -1.92968,1.33594 -2.32552,3.5625 z" />
+ <path
+ id="path987"
+ style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:50.66666794px;font-family:'Anonymous Pro';-inkscape-font-specification:'Anonymous Pro Bold';fill:#292929;stroke-width:1.03365779px;fill-opacity:1"
+ d="m 627.08081,861.86291 q -0.39583,3.63672 -2.86979,5.78907 -2.44922,2.1276 -6.13542,2.1276 -2.02864,0 -3.71094,-0.66797 -1.68229,-0.66797 -2.86979,-1.85547 -1.1875,-1.1875 -1.85547,-2.84505 -0.64322,-1.68229 -0.64322,-3.66146 v -9.97005 h -5.22006 v -4.6263 h 5.22006 v -9.22787 h 5.12109 v 9.22787 h 9.67318 v 4.6263 h -9.67318 v 9.97005 q 0,2.22657 1.08854,3.31511 1.08854,1.08854 2.86979,1.08854 2.17709,0 3.24089,-1.26172 1.0638,-1.26172 1.26172,-3.04297 z" />
+ </g>
+ </g>
+</svg>
diff --git a/contrib/gnunet-arch-full.svg b/contrib/gnunet-arch-full.svg
new file mode 100644
index 000000000..766f2b855
--- /dev/null
+++ b/contrib/gnunet-arch-full.svg
@@ -0,0 +1,648 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN"
+ "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+<!-- Generated by graphviz version 2.38.0 (20140413.2041)
+ -->
+<!-- Title: dependencies Pages: 1 -->
+<svg width="1277pt" height="836pt"
+ viewBox="0.00 0.00 1276.81 836.00" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
+<g id="graph0" class="graph" transform="scale(1 1) rotate(0) translate(4 832)">
+<title>dependencies</title>
+<polygon fill="white" stroke="none" points="-4,4 -4,-832 1272.81,-832 1272.81,4 -4,4"/>
+<!-- voting -->
+<g id="node1" class="node"><title>voting</title>
+<polygon fill="none" stroke="black" points="120.944,-743.562 80,-756 39.0559,-743.562 39.0942,-723.438 120.906,-723.438 120.944,-743.562"/>
+<text text-anchor="middle" x="80" y="-734.3" font-family="Times,serif" font-size="14.00">voting</text>
+</g>
+<!-- consensus -->
+<g id="node2" class="node"><title>consensus</title>
+<ellipse fill="none" stroke="black" cx="112" cy="-594" rx="46.2923" ry="18"/>
+<text text-anchor="middle" x="112" y="-590.3" font-family="Times,serif" font-size="14.00">consensus</text>
+</g>
+<!-- voting&#45;&gt;consensus -->
+<g id="edge1" class="edge"><title>voting&#45;&gt;consensus</title>
+<path fill="none" stroke="black" d="M121.028,-728.482C145.315,-721.103 174.155,-707.724 189,-684 197.487,-670.436 196.445,-662.162 189,-648 180.933,-632.654 166.19,-620.887 151.748,-612.383"/>
+<polygon fill="black" stroke="black" points="153.308,-609.247 142.857,-607.508 149.942,-615.385 153.308,-609.247"/>
+</g>
+<!-- identity -->
+<g id="node3" class="node"><title>identity</title>
+<ellipse fill="none" stroke="black" cx="282" cy="-450" rx="37.8943" ry="18"/>
+<text text-anchor="middle" x="282" y="-446.3" font-family="Times,serif" font-size="14.00">identity</text>
+</g>
+<!-- voting&#45;&gt;identity -->
+<g id="edge2" class="edge"><title>voting&#45;&gt;identity</title>
+<path fill="none" stroke="black" d="M58.5145,-723.377C45.8789,-714.02 31.0387,-700.353 24,-684 5.02284,-639.911 -2.50901,-616.016 24,-576 46.6577,-541.798 71.8444,-557.396 109,-540 158.351,-516.894 214.207,-487.564 248.77,-469.032"/>
+<polygon fill="black" stroke="black" points="250.781,-471.924 257.931,-464.105 247.466,-465.759 250.781,-471.924"/>
+</g>
+<!-- cadet -->
+<g id="node4" class="node"><title>cadet</title>
+<ellipse fill="none" stroke="black" cx="538" cy="-450" rx="29.4969" ry="18"/>
+<text text-anchor="middle" x="538" y="-446.3" font-family="Times,serif" font-size="14.00">cadet</text>
+</g>
+<!-- voting&#45;&gt;cadet -->
+<g id="edge3" class="edge"><title>voting&#45;&gt;cadet</title>
+<path fill="none" stroke="black" d="M72.0051,-723.243C55.682,-693.149 22.8306,-620.604 57,-576 70.8829,-557.877 390.653,-484.265 500.977,-459.316"/>
+<polygon fill="black" stroke="black" points="501.999,-462.673 510.983,-457.057 500.458,-455.845 501.999,-462.673"/>
+</g>
+<!-- secretsharing -->
+<g id="node5" class="node"><title>secretsharing</title>
+<ellipse fill="none" stroke="black" cx="123" cy="-666" rx="57.3905" ry="18"/>
+<text text-anchor="middle" x="123" y="-662.3" font-family="Times,serif" font-size="14.00">secretsharing</text>
+</g>
+<!-- voting&#45;&gt;secretsharing -->
+<g id="edge4" class="edge"><title>voting&#45;&gt;secretsharing</title>
+<path fill="none" stroke="black" d="M88.4954,-723.17C93.8716,-714.418 100.986,-702.837 107.357,-692.466"/>
+<polygon fill="black" stroke="black" points="110.45,-694.117 112.702,-683.764 104.486,-690.453 110.45,-694.117"/>
+</g>
+<!-- consensus&#45;&gt;cadet -->
+<g id="edge72" class="edge"><title>consensus&#45;&gt;cadet</title>
+<path fill="none" stroke="black" d="M146.507,-581.905C153.275,-579.85 160.34,-577.79 167,-576 236.135,-557.417 256.193,-562.96 324,-540 360.547,-527.625 367.474,-519.056 403,-504 437.068,-489.562 476.509,-474.236 503.927,-463.798"/>
+<polygon fill="black" stroke="black" points="505.344,-467.004 513.453,-460.185 502.862,-460.459 505.344,-467.004"/>
+</g>
+<!-- set -->
+<g id="node24" class="node"><title>set</title>
+<ellipse fill="none" stroke="black" cx="517" cy="-522" rx="27" ry="18"/>
+<text text-anchor="middle" x="517" y="-518.3" font-family="Times,serif" font-size="14.00">set</text>
+</g>
+<!-- consensus&#45;&gt;set -->
+<g id="edge71" class="edge"><title>consensus&#45;&gt;set</title>
+<path fill="none" stroke="black" d="M145.818,-581.678C152.772,-579.596 160.083,-577.583 167,-576 182.24,-572.511 394.44,-541.075 480.815,-528.33"/>
+<polygon fill="black" stroke="black" points="481.561,-531.758 490.943,-526.837 480.539,-524.833 481.561,-531.758"/>
+</g>
+<!-- dht -->
+<g id="node7" class="node"><title>dht</title>
+<ellipse fill="none" stroke="black" cx="756" cy="-378" rx="27" ry="18"/>
+<text text-anchor="middle" x="756" y="-374.3" font-family="Times,serif" font-size="14.00">dht</text>
+</g>
+<!-- cadet&#45;&gt;dht -->
+<g id="edge51" class="edge"><title>cadet&#45;&gt;dht</title>
+<path fill="none" stroke="black" d="M563.434,-440.833C602.822,-428.186 678.592,-403.856 722.428,-389.78"/>
+<polygon fill="black" stroke="black" points="723.607,-393.078 732.058,-386.688 721.467,-386.413 723.607,-393.078"/>
+</g>
+<!-- core -->
+<g id="node8" class="node"><title>core</title>
+<ellipse fill="none" stroke="black" cx="555" cy="-234" rx="27" ry="18"/>
+<text text-anchor="middle" x="555" y="-230.3" font-family="Times,serif" font-size="14.00">core</text>
+</g>
+<!-- cadet&#45;&gt;core -->
+<g id="edge50" class="edge"><title>cadet&#45;&gt;core</title>
+<path fill="none" stroke="black" d="M539.362,-431.849C542.303,-394.832 549.266,-307.181 552.824,-262.386"/>
+<polygon fill="black" stroke="black" points="556.328,-262.478 553.631,-252.232 549.35,-261.924 556.328,-262.478"/>
+</g>
+<!-- block -->
+<g id="node11" class="node"><title>block</title>
+<polygon fill="none" stroke="black" points="429,-324 385.598,-306 429,-288 472.402,-306 429,-324"/>
+<text text-anchor="middle" x="429" y="-302.3" font-family="Times,serif" font-size="14.00">block</text>
+</g>
+<!-- cadet&#45;&gt;block -->
+<g id="edge52" class="edge"><title>cadet&#45;&gt;block</title>
+<path fill="none" stroke="blue" stroke-dasharray="1,5" d="M522.106,-434.467C511.33,-424.227 497.085,-409.913 486,-396 469.058,-374.736 452.633,-348.272 441.802,-329.75"/>
+<polygon fill="blue" stroke="blue" points="444.702,-327.773 436.674,-320.859 438.638,-331.27 444.702,-327.773"/>
+</g>
+<!-- secretsharing&#45;&gt;consensus -->
+<g id="edge5" class="edge"><title>secretsharing&#45;&gt;consensus</title>
+<path fill="none" stroke="black" d="M120.281,-647.697C119.069,-639.983 117.612,-630.712 116.261,-622.112"/>
+<polygon fill="black" stroke="black" points="119.698,-621.44 114.688,-612.104 112.783,-622.526 119.698,-621.44"/>
+</g>
+<!-- fs -->
+<g id="node6" class="node"><title>fs</title>
+<polygon fill="none" stroke="black" points="100,-527.562 73,-540 46,-527.562 46.0252,-507.438 99.9748,-507.438 100,-527.562"/>
+<text text-anchor="middle" x="73" y="-518.3" font-family="Times,serif" font-size="14.00">fs</text>
+</g>
+<!-- fs&#45;&gt;identity -->
+<g id="edge12" class="edge"><title>fs&#45;&gt;identity</title>
+<path fill="none" stroke="black" d="M100.21,-509.307C104.786,-507.46 109.507,-505.625 114,-504 164.764,-485.643 178.566,-484.387 230,-468 233.971,-466.735 238.108,-465.404 242.237,-464.067"/>
+<polygon fill="black" stroke="black" points="243.351,-467.386 251.778,-460.965 241.186,-460.729 243.351,-467.386"/>
+</g>
+<!-- fs&#45;&gt;cadet -->
+<g id="edge9" class="edge"><title>fs&#45;&gt;cadet</title>
+<path fill="none" stroke="black" d="M100.01,-516.934C178.772,-505.077 408.387,-470.512 499.803,-456.75"/>
+<polygon fill="black" stroke="black" points="500.372,-460.204 509.74,-455.254 499.33,-453.282 500.372,-460.204"/>
+</g>
+<!-- fs&#45;&gt;dht -->
+<g id="edge6" class="edge"><title>fs&#45;&gt;dht</title>
+<path fill="none" stroke="black" d="M100.081,-509.411C132.571,-495.433 183.726,-473.164 192,-468 213.144,-454.802 212.035,-441.688 235,-432 322.67,-395.017 615.27,-383.079 719.081,-379.955"/>
+<polygon fill="black" stroke="black" points="719.199,-383.453 729.093,-379.664 718.996,-376.456 719.199,-383.453"/>
+</g>
+<!-- fs&#45;&gt;core -->
+<g id="edge7" class="edge"><title>fs&#45;&gt;core</title>
+<path fill="none" stroke="black" d="M65.0877,-507.277C55.5997,-488.827 42.6595,-455.618 57,-432 93.0072,-372.699 269.007,-312.27 334,-288 397.135,-264.424 474.404,-248.714 518.841,-240.869"/>
+<polygon fill="black" stroke="black" points="519.614,-244.287 528.871,-239.134 518.42,-237.39 519.614,-244.287"/>
+</g>
+<!-- datastore -->
+<g id="node9" class="node"><title>datastore</title>
+<ellipse fill="none" stroke="black" cx="108" cy="-450" rx="42.4939" ry="18"/>
+<text text-anchor="middle" x="108" y="-446.3" font-family="Times,serif" font-size="14.00">datastore</text>
+</g>
+<!-- fs&#45;&gt;datastore -->
+<g id="edge8" class="edge"><title>fs&#45;&gt;datastore</title>
+<path fill="none" stroke="black" d="M79.9149,-507.17C84.2467,-498.507 89.9645,-487.071 95.1098,-476.78"/>
+<polygon fill="black" stroke="black" points="98.2763,-478.274 99.618,-467.764 92.0153,-475.143 98.2763,-478.274"/>
+</g>
+<!-- ats -->
+<g id="node10" class="node"><title>ats</title>
+<ellipse fill="none" stroke="black" cx="385" cy="-90" rx="27" ry="18"/>
+<text text-anchor="middle" x="385" y="-86.3" font-family="Times,serif" font-size="14.00">ats</text>
+</g>
+<!-- fs&#45;&gt;ats -->
+<g id="edge10" class="edge"><title>fs&#45;&gt;ats</title>
+<path fill="none" stroke="black" d="M60.2844,-507.296C39.3694,-483.267 0,-431.113 0,-379 0,-379 0,-379 0,-233 0,-159.097 252.872,-111.714 348.742,-96.4063"/>
+<polygon fill="black" stroke="black" points="349.504,-99.8296 358.84,-94.8203 348.418,-92.9144 349.504,-99.8296"/>
+</g>
+<!-- fs&#45;&gt;block -->
+<g id="edge11" class="edge"><title>fs&#45;&gt;block</title>
+<path fill="none" stroke="blue" stroke-dasharray="1,5" d="M99.0792,-507.426C116.81,-497.613 140.343,-483.417 159,-468 175.732,-454.174 174.815,-445.258 192,-432 259.224,-380.139 351.062,-338.689 398.245,-319.166"/>
+<polygon fill="blue" stroke="blue" points="399.679,-322.361 407.611,-315.337 397.03,-315.881 399.679,-322.361"/>
+</g>
+<!-- dht&#45;&gt;core -->
+<g id="edge42" class="edge"><title>dht&#45;&gt;core</title>
+<path fill="none" stroke="black" d="M780.722,-370.233C802.496,-362.816 832.877,-348.569 847,-324 854.974,-310.128 857.48,-300.09 847,-288 810.092,-245.421 650.341,-266.908 596,-252 592.628,-251.075 589.164,-249.944 585.745,-248.709"/>
+<polygon fill="black" stroke="black" points="586.936,-245.416 576.348,-245.037 584.388,-251.936 586.936,-245.416"/>
+</g>
+<!-- dht&#45;&gt;block -->
+<g id="edge44" class="edge"><title>dht&#45;&gt;block</title>
+<path fill="none" stroke="black" d="M730.132,-372.774C681.84,-364.697 574.817,-345.908 486,-324 478.104,-322.052 469.673,-319.694 461.782,-317.363"/>
+<polygon fill="black" stroke="black" points="462.742,-313.997 452.157,-314.456 460.718,-320.698 462.742,-313.997"/>
+</g>
+<!-- nse -->
+<g id="node27" class="node"><title>nse</title>
+<ellipse fill="none" stroke="black" cx="811" cy="-306" rx="27" ry="18"/>
+<text text-anchor="middle" x="811" y="-302.3" font-family="Times,serif" font-size="14.00">nse</text>
+</g>
+<!-- dht&#45;&gt;nse -->
+<g id="edge43" class="edge"><title>dht&#45;&gt;nse</title>
+<path fill="none" stroke="black" d="M767.934,-361.811C775.214,-352.546 784.663,-340.52 792.854,-330.094"/>
+<polygon fill="black" stroke="black" points="795.663,-332.185 799.089,-322.159 790.159,-327.86 795.663,-332.185"/>
+</g>
+<!-- datacache -->
+<g id="node28" class="node"><title>datacache</title>
+<polygon fill="none" stroke="black" points="702,-324 637.818,-306 702,-288 766.182,-306 702,-324"/>
+<text text-anchor="middle" x="702" y="-302.3" font-family="Times,serif" font-size="14.00">datacache</text>
+</g>
+<!-- dht&#45;&gt;datacache -->
+<g id="edge45" class="edge"><title>dht&#45;&gt;datacache</title>
+<path fill="none" stroke="black" d="M744.016,-361.465C736.66,-351.93 727.125,-339.57 718.998,-329.034"/>
+<polygon fill="black" stroke="black" points="721.73,-326.846 712.851,-321.066 716.187,-331.121 721.73,-326.846"/>
+</g>
+<!-- peerinfo -->
+<g id="node29" class="node"><title>peerinfo</title>
+<ellipse fill="none" stroke="black" cx="518" cy="-90" rx="40.0939" ry="18"/>
+<text text-anchor="middle" x="518" y="-86.3" font-family="Times,serif" font-size="14.00">peerinfo</text>
+</g>
+<!-- dht&#45;&gt;peerinfo -->
+<g id="edge46" class="edge"><title>dht&#45;&gt;peerinfo</title>
+<path fill="none" stroke="black" d="M728.828,-376.457C687.438,-374.282 608.033,-364.658 557,-324 495.436,-274.952 504.26,-168.494 512.535,-118.27"/>
+<polygon fill="black" stroke="black" points="516.027,-118.624 514.32,-108.168 509.133,-117.406 516.027,-118.624"/>
+</g>
+<!-- hello -->
+<g id="node30" class="node"><title>hello</title>
+<polygon fill="none" stroke="black" points="854,-36 813.614,-18 854,-3.55271e-15 894.386,-18 854,-36"/>
+<text text-anchor="middle" x="854" y="-14.3" font-family="Times,serif" font-size="14.00">hello</text>
+</g>
+<!-- dht&#45;&gt;hello -->
+<g id="edge47" class="edge"><title>dht&#45;&gt;hello</title>
+<path fill="none" stroke="black" d="M782.364,-373.864C833.24,-367.278 942.225,-350.399 968,-324 996.322,-294.992 988,-275.542 988,-235 988,-235 988,-235 988,-161 988,-99.7534 921.245,-54.2239 881.968,-32.736"/>
+<polygon fill="black" stroke="black" points="883.108,-29.3792 872.632,-27.796 879.834,-35.5665 883.108,-29.3792"/>
+</g>
+<!-- transport -->
+<g id="node33" class="node"><title>transport</title>
+<ellipse fill="none" stroke="black" cx="680" cy="-162" rx="42.4939" ry="18"/>
+<text text-anchor="middle" x="680" y="-158.3" font-family="Times,serif" font-size="14.00">transport</text>
+</g>
+<!-- core&#45;&gt;transport -->
+<g id="edge58" class="edge"><title>core&#45;&gt;transport</title>
+<path fill="none" stroke="black" d="M575.083,-221.753C594.251,-211.02 623.495,-194.643 646.244,-181.903"/>
+<polygon fill="black" stroke="black" points="648.219,-184.809 655.234,-176.869 644.799,-178.701 648.219,-184.809"/>
+</g>
+<!-- exit -->
+<g id="node12" class="node"><title>exit</title>
+<polygon fill="none" stroke="black" points="952,-540 898,-540 898,-504 952,-504 952,-540"/>
+<text text-anchor="middle" x="925" y="-518.3" font-family="Times,serif" font-size="14.00">exit</text>
+</g>
+<!-- exit&#45;&gt;cadet -->
+<g id="edge13" class="edge"><title>exit&#45;&gt;cadet</title>
+<path fill="none" stroke="black" d="M897.67,-514.323C883.742,-511.021 866.513,-507.093 851,-504 752.337,-484.331 635.236,-465.765 576.155,-456.729"/>
+<polygon fill="black" stroke="black" points="576.571,-453.252 566.158,-455.206 575.517,-460.172 576.571,-453.252"/>
+</g>
+<!-- tun -->
+<g id="node13" class="node"><title>tun</title>
+<polygon fill="none" stroke="black" points="929,-468 897.995,-450 929,-432 960.005,-450 929,-468"/>
+<text text-anchor="middle" x="929" y="-446.3" font-family="Times,serif" font-size="14.00">tun</text>
+</g>
+<!-- exit&#45;&gt;tun -->
+<g id="edge14" class="edge"><title>exit&#45;&gt;tun</title>
+<path fill="none" stroke="black" d="M925.989,-503.697C926.436,-495.868 926.975,-486.435 927.473,-477.728"/>
+<polygon fill="black" stroke="black" points="930.974,-477.806 928.05,-467.622 923.985,-477.406 930.974,-477.806"/>
+</g>
+<!-- dnsstub -->
+<g id="node14" class="node"><title>dnsstub</title>
+<polygon fill="none" stroke="black" points="1032,-468 978.877,-450 1032,-432 1085.12,-450 1032,-468"/>
+<text text-anchor="middle" x="1032" y="-446.3" font-family="Times,serif" font-size="14.00">dnsstub</text>
+</g>
+<!-- exit&#45;&gt;dnsstub -->
+<g id="edge15" class="edge"><title>exit&#45;&gt;dnsstub</title>
+<path fill="none" stroke="black" d="M951.175,-503.876C967.88,-492.948 989.443,-478.841 1006.1,-467.947"/>
+<polygon fill="black" stroke="black" points="1008.33,-470.67 1014.78,-462.266 1004.49,-464.812 1008.33,-470.67"/>
+</g>
+<!-- vpn -->
+<g id="node15" class="node"><title>vpn</title>
+<ellipse fill="none" stroke="black" cx="815" cy="-522" rx="27" ry="18"/>
+<text text-anchor="middle" x="815" y="-518.3" font-family="Times,serif" font-size="14.00">vpn</text>
+</g>
+<!-- vpn&#45;&gt;cadet -->
+<g id="edge16" class="edge"><title>vpn&#45;&gt;cadet</title>
+<path fill="none" stroke="black" d="M793.129,-511.116C787.017,-508.578 780.317,-506.003 774,-504 705.524,-482.293 623.185,-465.931 576.085,-457.463"/>
+<polygon fill="black" stroke="black" points="576.482,-453.979 566.025,-455.678 575.26,-460.871 576.482,-453.979"/>
+</g>
+<!-- vpn&#45;&gt;tun -->
+<g id="edge18" class="edge"><title>vpn&#45;&gt;tun</title>
+<path fill="none" stroke="black" d="M834.339,-509.125C854.149,-496.961 884.945,-478.051 905.995,-465.126"/>
+<polygon fill="black" stroke="black" points="907.942,-468.038 914.632,-459.822 904.279,-462.072 907.942,-468.038"/>
+</g>
+<!-- regex -->
+<g id="node16" class="node"><title>regex</title>
+<ellipse fill="none" stroke="black" cx="756" cy="-450" rx="30.5947" ry="18"/>
+<text text-anchor="middle" x="756" y="-446.3" font-family="Times,serif" font-size="14.00">regex</text>
+</g>
+<!-- vpn&#45;&gt;regex -->
+<g id="edge17" class="edge"><title>vpn&#45;&gt;regex</title>
+<path fill="none" stroke="black" d="M802.198,-505.811C794.496,-496.673 784.53,-484.849 775.827,-474.524"/>
+<polygon fill="black" stroke="black" points="778.307,-472.035 769.186,-466.644 772.954,-476.546 778.307,-472.035"/>
+</g>
+<!-- regex&#45;&gt;dht -->
+<g id="edge57" class="edge"><title>regex&#45;&gt;dht</title>
+<path fill="none" stroke="black" d="M756,-431.697C756,-423.983 756,-414.712 756,-406.112"/>
+<polygon fill="black" stroke="black" points="759.5,-406.104 756,-396.104 752.5,-406.104 759.5,-406.104"/>
+</g>
+<!-- regex&#45;&gt;block -->
+<g id="edge49" class="edge"><title>regex&#45;&gt;block</title>
+<path fill="none" stroke="blue" stroke-dasharray="1,5" d="M732.22,-438.673C673.767,-413.29 523.157,-347.888 458.838,-319.957"/>
+<polygon fill="blue" stroke="blue" points="459.85,-316.581 449.283,-315.808 457.061,-323.002 459.85,-316.581"/>
+</g>
+<!-- pt -->
+<g id="node17" class="node"><title>pt</title>
+<polygon fill="none" stroke="black" points="986,-599.562 959,-612 932,-599.562 932.025,-579.438 985.975,-579.438 986,-599.562"/>
+<text text-anchor="middle" x="959" y="-590.3" font-family="Times,serif" font-size="14.00">pt</text>
+</g>
+<!-- pt&#45;&gt;cadet -->
+<g id="edge19" class="edge"><title>pt&#45;&gt;cadet</title>
+<path fill="none" stroke="black" d="M931.717,-579.439C928.807,-578.197 925.864,-577.023 923,-576 860.875,-553.809 836.841,-571.725 779,-540 758.602,-528.812 761.339,-515.294 741,-504 688.34,-474.76 619.008,-461.18 576.516,-455.23"/>
+<polygon fill="black" stroke="black" points="576.951,-451.758 566.577,-453.91 576.029,-458.697 576.951,-451.758"/>
+</g>
+<!-- pt&#45;&gt;vpn -->
+<g id="edge20" class="edge"><title>pt&#45;&gt;vpn</title>
+<path fill="none" stroke="black" d="M931.915,-579.834C907.352,-567.894 871.179,-550.309 845.585,-537.868"/>
+<polygon fill="black" stroke="black" points="846.864,-534.598 836.34,-533.373 843.803,-540.893 846.864,-534.598"/>
+</g>
+<!-- dns -->
+<g id="node18" class="node"><title>dns</title>
+<ellipse fill="none" stroke="black" cx="997" cy="-522" rx="27" ry="18"/>
+<text text-anchor="middle" x="997" y="-518.3" font-family="Times,serif" font-size="14.00">dns</text>
+</g>
+<!-- pt&#45;&gt;dns -->
+<g id="edge21" class="edge"><title>pt&#45;&gt;dns</title>
+<path fill="none" stroke="black" d="M966.508,-579.17C971.277,-570.385 977.594,-558.748 983.241,-548.346"/>
+<polygon fill="black" stroke="black" points="986.48,-549.716 988.175,-539.257 980.328,-546.376 986.48,-549.716"/>
+</g>
+<!-- dnsparser -->
+<g id="node19" class="node"><title>dnsparser</title>
+<polygon fill="none" stroke="black" points="1143,-540 1080.49,-522 1143,-504 1205.51,-522 1143,-540"/>
+<text text-anchor="middle" x="1143" y="-518.3" font-family="Times,serif" font-size="14.00">dnsparser</text>
+</g>
+<!-- pt&#45;&gt;dnsparser -->
+<g id="edge22" class="edge"><title>pt&#45;&gt;dnsparser</title>
+<path fill="none" stroke="black" d="M986.15,-582.671C1018.5,-570.365 1072.61,-549.781 1108.05,-536.296"/>
+<polygon fill="black" stroke="black" points="1109.42,-539.521 1117.52,-532.694 1106.93,-532.979 1109.42,-539.521"/>
+</g>
+<!-- dns&#45;&gt;tun -->
+<g id="edge23" class="edge"><title>dns&#45;&gt;tun</title>
+<path fill="none" stroke="black" d="M982.91,-506.496C972.543,-495.824 958.362,-481.226 947.147,-469.681"/>
+<polygon fill="black" stroke="black" points="949.418,-466.995 939.94,-462.261 944.397,-471.873 949.418,-466.995"/>
+</g>
+<!-- dns&#45;&gt;dnsstub -->
+<g id="edge24" class="edge"><title>dns&#45;&gt;dnsstub</title>
+<path fill="none" stroke="black" d="M1005.12,-504.765C1009.59,-495.828 1015.21,-484.573 1020.16,-474.673"/>
+<polygon fill="black" stroke="black" points="1023.3,-476.227 1024.64,-465.717 1017.04,-473.096 1023.3,-476.227"/>
+</g>
+<!-- gnsrecord -->
+<g id="node25" class="node"><title>gnsrecord</title>
+<ellipse fill="none" stroke="black" cx="1192" cy="-450" rx="45.4919" ry="18"/>
+<text text-anchor="middle" x="1192" y="-446.3" font-family="Times,serif" font-size="14.00">gnsrecord</text>
+</g>
+<!-- dnsparser&#45;&gt;gnsrecord -->
+<g id="edge39" class="edge"><title>dnsparser&#45;&gt;gnsrecord</title>
+<path fill="none" stroke="blue" stroke-dasharray="1,5" d="M1152.92,-506.834C1159.12,-497.971 1167.29,-486.304 1174.55,-475.928"/>
+<polygon fill="blue" stroke="blue" points="1177.51,-477.805 1180.38,-467.606 1171.77,-473.791 1177.51,-477.805"/>
+</g>
+<!-- zonemaster -->
+<g id="node20" class="node"><title>zonemaster</title>
+<polygon fill="none" stroke="black" points="914.433,-599.562 851,-612 787.567,-599.562 787.626,-579.438 914.374,-579.438 914.433,-599.562"/>
+<text text-anchor="middle" x="851" y="-590.3" font-family="Times,serif" font-size="14.00">zonemaster</text>
+</g>
+<!-- zonemaster&#45;&gt;dht -->
+<g id="edge26" class="edge"><title>zonemaster&#45;&gt;dht</title>
+<path fill="none" stroke="black" d="M853.642,-579.298C856.499,-561.438 859.583,-529.479 851,-504 836.849,-461.994 802.343,-422.916 779.052,-399.996"/>
+<polygon fill="black" stroke="black" points="781.264,-397.267 771.628,-392.861 776.413,-402.314 781.264,-397.267"/>
+</g>
+<!-- namestore -->
+<g id="node21" class="node"><title>namestore</title>
+<ellipse fill="none" stroke="black" cx="685" cy="-522" rx="47.3916" ry="18"/>
+<text text-anchor="middle" x="685" y="-518.3" font-family="Times,serif" font-size="14.00">namestore</text>
+</g>
+<!-- zonemaster&#45;&gt;namestore -->
+<g id="edge25" class="edge"><title>zonemaster&#45;&gt;namestore</title>
+<path fill="none" stroke="black" d="M818.599,-579.337C791.812,-568.041 753.653,-551.95 724.971,-539.855"/>
+<polygon fill="black" stroke="black" points="726.212,-536.58 715.637,-535.919 723.492,-543.03 726.212,-536.58"/>
+</g>
+<!-- namestore&#45;&gt;identity -->
+<g id="edge37" class="edge"><title>namestore&#45;&gt;identity</title>
+<path fill="none" stroke="black" d="M642.634,-513.641C566.046,-500.338 405.247,-472.408 326.867,-458.793"/>
+<polygon fill="black" stroke="black" points="327.275,-455.312 316.823,-457.049 326.077,-462.208 327.275,-455.312"/>
+</g>
+<!-- namestore&#45;&gt;gnsrecord -->
+<g id="edge38" class="edge"><title>namestore&#45;&gt;gnsrecord</title>
+<path fill="none" stroke="black" d="M726.085,-512.971C742.503,-509.919 761.609,-506.564 779,-504 918.405,-483.451 954.522,-488.05 1094,-468 1109.42,-465.784 1126.13,-463.019 1141.32,-460.368"/>
+<polygon fill="black" stroke="black" points="1142.32,-463.746 1151.56,-458.558 1141.1,-456.853 1142.32,-463.746"/>
+</g>
+<!-- gns -->
+<g id="node22" class="node"><title>gns</title>
+<ellipse fill="none" stroke="black" cx="850" cy="-666" rx="27" ry="18"/>
+<text text-anchor="middle" x="850" y="-662.3" font-family="Times,serif" font-size="14.00">gns</text>
+</g>
+<!-- gns&#45;&gt;identity -->
+<g id="edge34" class="edge"><title>gns&#45;&gt;identity</title>
+<path fill="none" stroke="black" d="M823.048,-663.899C740.091,-660.169 489.801,-646.281 417,-612 395.952,-602.089 396.543,-591.28 379,-576 359.686,-559.178 350.742,-559.383 334,-540 317.464,-520.856 303.335,-495.717 293.996,-477.041"/>
+<polygon fill="black" stroke="black" points="297.085,-475.39 289.562,-467.93 290.791,-478.453 297.085,-475.39"/>
+</g>
+<!-- gns&#45;&gt;dht -->
+<g id="edge28" class="edge"><title>gns&#45;&gt;dht</title>
+<path fill="none" stroke="black" d="M870.511,-653.985C875.467,-651.699 880.829,-649.525 886,-648 1002.11,-613.746 1046.93,-664.524 1156,-612 1236.59,-573.194 1305.75,-498.559 1246,-432 1215.85,-398.416 902.601,-384.19 793.343,-380.225"/>
+<polygon fill="black" stroke="black" points="793.243,-376.719 783.125,-379.863 792.995,-383.715 793.243,-376.719"/>
+</g>
+<!-- gns&#45;&gt;block -->
+<g id="edge29" class="edge"><title>gns&#45;&gt;block</title>
+<path fill="none" stroke="blue" stroke-dasharray="1,5" d="M822.824,-664.872C770.707,-663.582 654.321,-655.598 569,-612 548.284,-601.414 548.925,-590.83 531,-576 509.902,-558.544 496.079,-562.857 481,-540 438.212,-475.142 430.206,-380.324 428.985,-334.208"/>
+<polygon fill="blue" stroke="blue" points="432.483,-334.033 428.808,-324.096 425.484,-334.156 432.483,-334.033"/>
+</g>
+<!-- gns&#45;&gt;dnsstub -->
+<g id="edge33" class="edge"><title>gns&#45;&gt;dnsstub</title>
+<path fill="none" stroke="black" d="M871.065,-654.325C875.905,-652.077 881.078,-649.834 886,-648 941.778,-627.217 973.486,-654.658 1015,-612 1049.82,-576.222 1044.5,-512.583 1037.99,-476.971"/>
+<polygon fill="black" stroke="black" points="1041.36,-476 1035.97,-466.88 1034.5,-477.373 1041.36,-476"/>
+</g>
+<!-- gns&#45;&gt;vpn -->
+<g id="edge31" class="edge"><title>gns&#45;&gt;vpn</title>
+<path fill="none" stroke="black" d="M827.858,-655.35C811.041,-646.688 789.135,-632.213 779,-612 768.086,-590.233 781.353,-564.325 794.756,-546.091"/>
+<polygon fill="black" stroke="black" points="797.832,-547.84 801.242,-537.808 792.321,-543.524 797.832,-547.84"/>
+</g>
+<!-- gns&#45;&gt;dns -->
+<g id="edge27" class="edge"><title>gns&#45;&gt;dns</title>
+<path fill="none" stroke="black" d="M871.13,-654.496C875.967,-652.239 881.122,-649.949 886,-648 933.377,-629.072 964.65,-653.009 995,-612 1008.03,-594.39 1007.25,-568.995 1003.95,-549.835"/>
+<polygon fill="black" stroke="black" points="1007.35,-549.022 1001.93,-539.921 1000.49,-550.418 1007.35,-549.022"/>
+</g>
+<!-- gns&#45;&gt;dnsparser -->
+<g id="edge32" class="edge"><title>gns&#45;&gt;dnsparser</title>
+<path fill="none" stroke="black" d="M870.586,-654.227C875.54,-651.931 880.881,-649.692 886,-648 963.461,-622.391 995.505,-653.066 1066,-612 1093.37,-596.054 1115.84,-566.774 1129.29,-546.163"/>
+<polygon fill="black" stroke="black" points="1132.29,-547.978 1134.66,-537.654 1126.37,-544.243 1132.29,-547.978"/>
+</g>
+<!-- revocation -->
+<g id="node23" class="node"><title>revocation</title>
+<ellipse fill="none" stroke="black" cx="474" cy="-594" rx="48.1917" ry="18"/>
+<text text-anchor="middle" x="474" y="-590.3" font-family="Times,serif" font-size="14.00">revocation</text>
+</g>
+<!-- gns&#45;&gt;revocation -->
+<g id="edge30" class="edge"><title>gns&#45;&gt;revocation</title>
+<path fill="none" stroke="black" d="M823.776,-661.482C769.658,-654.024 641.808,-635.374 536,-612 531.019,-610.9 525.841,-609.65 520.694,-608.34"/>
+<polygon fill="black" stroke="black" points="521.456,-604.922 510.895,-605.77 519.68,-611.693 521.456,-604.922"/>
+</g>
+<!-- gns&#45;&gt;gnsrecord -->
+<g id="edge41" class="edge"><title>gns&#45;&gt;gnsrecord</title>
+<path fill="none" stroke="black" d="M870.549,-654.113C875.504,-651.822 880.856,-649.613 886,-648 978.027,-619.137 1009.84,-646.249 1100,-612 1156.37,-590.587 1185.79,-592.754 1215,-540 1225.98,-520.174 1217.7,-494.957 1208.15,-476.431"/>
+<polygon fill="black" stroke="black" points="1211.2,-474.717 1203.29,-467.672 1205.08,-478.114 1211.2,-474.717"/>
+</g>
+<!-- revocation&#45;&gt;core -->
+<g id="edge35" class="edge"><title>revocation&#45;&gt;core</title>
+<path fill="none" stroke="black" d="M447.586,-578.755C410.639,-556.683 348,-510.49 348,-451 348,-451 348,-451 348,-377 348,-335.398 347.208,-317.038 377,-288 415.046,-250.916 477.859,-239.613 517.794,-236.267"/>
+<polygon fill="black" stroke="black" points="518.191,-239.747 527.918,-235.547 517.695,-232.765 518.191,-239.747"/>
+</g>
+<!-- revocation&#45;&gt;set -->
+<g id="edge36" class="edge"><title>revocation&#45;&gt;set</title>
+<path fill="none" stroke="black" d="M484.409,-576.055C489.683,-567.469 496.183,-556.888 501.987,-547.439"/>
+<polygon fill="black" stroke="black" points="505.024,-549.182 507.276,-538.829 499.06,-545.518 505.024,-549.182"/>
+</g>
+<!-- set&#45;&gt;cadet -->
+<g id="edge75" class="edge"><title>set&#45;&gt;cadet</title>
+<path fill="none" stroke="black" d="M522.084,-504.055C524.482,-496.059 527.401,-486.331 530.08,-477.4"/>
+<polygon fill="black" stroke="black" points="533.442,-478.373 532.963,-467.789 526.737,-476.362 533.442,-478.373"/>
+</g>
+<!-- conversation -->
+<g id="node26" class="node"><title>conversation</title>
+<polygon fill="none" stroke="black" points="1017.18,-743.562 948,-756 878.82,-743.562 878.884,-723.438 1017.12,-723.438 1017.18,-743.562"/>
+<text text-anchor="middle" x="948" y="-734.3" font-family="Times,serif" font-size="14.00">conversation</text>
+</g>
+<!-- conversation&#45;&gt;cadet -->
+<g id="edge53" class="edge"><title>conversation&#45;&gt;cadet</title>
+<path fill="none" stroke="black" d="M900.537,-723.335C873.864,-714.435 840.677,-701.257 814,-684 756.206,-646.615 759.329,-615.558 703,-576 673.069,-554.981 658.318,-561.866 629,-540 611.601,-527.024 611.36,-519.336 596,-504 585.077,-493.094 572.479,-481.475 561.82,-471.903"/>
+<polygon fill="black" stroke="black" points="563.901,-469.069 554.107,-465.028 559.243,-474.295 563.901,-469.069"/>
+</g>
+<!-- conversation&#45;&gt;gns -->
+<g id="edge54" class="edge"><title>conversation&#45;&gt;gns</title>
+<path fill="none" stroke="black" d="M928.638,-723.17C913.533,-712.381 892.408,-697.291 875.857,-685.469"/>
+<polygon fill="black" stroke="black" points="877.846,-682.589 867.674,-679.625 873.777,-688.285 877.846,-682.589"/>
+</g>
+<!-- conversation&#45;&gt;gnsrecord -->
+<g id="edge40" class="edge"><title>conversation&#45;&gt;gnsrecord</title>
+<path fill="none" stroke="blue" stroke-dasharray="1,5" d="M1017.21,-728.51C1076.25,-719.968 1155.24,-705.041 1179,-684 1241.33,-628.786 1256.97,-583.117 1231,-504 1227.58,-493.58 1221.24,-483.522 1214.65,-475.019"/>
+<polygon fill="blue" stroke="blue" points="1217.15,-472.551 1208.08,-467.08 1211.76,-477.015 1217.15,-472.551"/>
+</g>
+<!-- speaker -->
+<g id="node31" class="node"><title>speaker</title>
+<polygon fill="none" stroke="black" points="948,-684 894.877,-666 948,-648 1001.12,-666 948,-684"/>
+<text text-anchor="middle" x="948" y="-662.3" font-family="Times,serif" font-size="14.00">speaker</text>
+</g>
+<!-- conversation&#45;&gt;speaker -->
+<g id="edge55" class="edge"><title>conversation&#45;&gt;speaker</title>
+<path fill="none" stroke="black" d="M948,-723.17C948,-714.919 948,-704.153 948,-694.256"/>
+<polygon fill="black" stroke="black" points="951.5,-694.019 948,-684.019 944.5,-694.019 951.5,-694.019"/>
+</g>
+<!-- microphone -->
+<g id="node32" class="node"><title>microphone</title>
+<polygon fill="none" stroke="black" points="1095,-684 1019.76,-666 1095,-648 1170.24,-666 1095,-684"/>
+<text text-anchor="middle" x="1095" y="-662.3" font-family="Times,serif" font-size="14.00">microphone</text>
+</g>
+<!-- conversation&#45;&gt;microphone -->
+<g id="edge56" class="edge"><title>conversation&#45;&gt;microphone</title>
+<path fill="none" stroke="black" d="M976.692,-723.337C1001.14,-711.695 1036.29,-694.958 1061.92,-682.753"/>
+<polygon fill="black" stroke="black" points="1063.71,-685.777 1071.23,-678.318 1060.7,-679.457 1063.71,-685.777"/>
+</g>
+<!-- nse&#45;&gt;core -->
+<g id="edge48" class="edge"><title>nse&#45;&gt;core</title>
+<path fill="none" stroke="black" d="M790.412,-294.231C785.459,-291.935 780.118,-289.695 775,-288 697.966,-262.487 673.625,-275.652 596,-252 592.83,-251.034 589.569,-249.913 586.336,-248.716"/>
+<polygon fill="black" stroke="black" points="587.428,-245.385 576.841,-244.978 584.864,-251.899 587.428,-245.385"/>
+</g>
+<!-- peerinfo&#45;&gt;hello -->
+<g id="edge76" class="edge"><title>peerinfo&#45;&gt;hello</title>
+<path fill="none" stroke="black" d="M548.194,-77.9517C554.676,-75.8006 561.524,-73.6914 568,-72 654.752,-49.3407 758.747,-32.6176 814.333,-24.4966"/>
+<polygon fill="black" stroke="black" points="815.063,-27.9277 824.46,-23.0344 814.062,-20.9995 815.063,-27.9277"/>
+</g>
+<!-- transport&#45;&gt;ats -->
+<g id="edge66" class="edge"><title>transport&#45;&gt;ats</title>
+<path fill="none" stroke="black" d="M644.122,-152.487C587.168,-138.972 476.742,-112.769 420.21,-99.3548"/>
+<polygon fill="black" stroke="black" points="420.844,-95.9082 410.306,-97.0048 419.228,-102.719 420.844,-95.9082"/>
+</g>
+<!-- transport&#45;&gt;peerinfo -->
+<g id="edge68" class="edge"><title>transport&#45;&gt;peerinfo</title>
+<path fill="none" stroke="black" d="M651.411,-148.647C624.725,-137.116 584.738,-119.837 555.501,-107.204"/>
+<polygon fill="black" stroke="black" points="556.601,-103.867 546.033,-103.113 553.824,-110.292 556.601,-103.867"/>
+</g>
+<!-- transport&#45;&gt;hello -->
+<g id="edge67" class="edge"><title>transport&#45;&gt;hello</title>
+<path fill="none" stroke="black" d="M721.405,-157.922C756.719,-153.037 806.213,-140.439 835,-108 850.042,-91.0495 854.193,-65.1533 854.935,-45.6573"/>
+<polygon fill="black" stroke="black" points="858.435,-45.6195 855.044,-35.5822 851.436,-45.5437 858.435,-45.6195"/>
+</g>
+<!-- nat -->
+<g id="node36" class="node"><title>nat</title>
+<polygon fill="none" stroke="black" points="796,-108 765.835,-90 796,-72 826.165,-90 796,-108"/>
+<text text-anchor="middle" x="796" y="-86.3" font-family="Times,serif" font-size="14.00">nat</text>
+</g>
+<!-- transport&#45;&gt;nat -->
+<g id="edge69" class="edge"><title>transport&#45;&gt;nat</title>
+<path fill="none" stroke="black" d="M703.474,-146.834C723.706,-134.626 752.749,-117.1 772.878,-104.953"/>
+<polygon fill="black" stroke="black" points="774.946,-107.793 781.7,-99.6294 771.33,-101.799 774.946,-107.793"/>
+</g>
+<!-- fragmentation -->
+<g id="node37" class="node"><title>fragmentation</title>
+<polygon fill="none" stroke="black" points="662,-108 576.537,-90 662,-72 747.463,-90 662,-108"/>
+<text text-anchor="middle" x="662" y="-86.3" font-family="Times,serif" font-size="14.00">fragmentation</text>
+</g>
+<!-- transport&#45;&gt;fragmentation -->
+<g id="edge70" class="edge"><title>transport&#45;&gt;fragmentation</title>
+<path fill="none" stroke="black" d="M675.643,-144.055C673.556,-135.941 671.011,-126.044 668.687,-117.006"/>
+<polygon fill="black" stroke="black" points="672.073,-116.12 666.193,-107.307 665.294,-117.864 672.073,-116.12"/>
+</g>
+<!-- topology -->
+<g id="node34" class="node"><title>topology</title>
+<polygon fill="none" stroke="black" points="959.5,-324 894.5,-324 894.5,-288 959.5,-288 959.5,-324"/>
+<text text-anchor="middle" x="927" y="-302.3" font-family="Times,serif" font-size="14.00">topology</text>
+</g>
+<!-- topology&#45;&gt;core -->
+<g id="edge61" class="edge"><title>topology&#45;&gt;core</title>
+<path fill="none" stroke="black" d="M894.413,-292.17C889.63,-290.593 884.724,-289.139 880,-288 756.312,-258.18 718.97,-284.656 596,-252 592.621,-251.103 589.151,-249.989 585.73,-248.765"/>
+<polygon fill="black" stroke="black" points="586.918,-245.471 576.329,-245.106 584.379,-251.995 586.918,-245.471"/>
+</g>
+<!-- topology&#45;&gt;peerinfo -->
+<g id="edge59" class="edge"><title>topology&#45;&gt;peerinfo</title>
+<path fill="none" stroke="black" d="M894.233,-295.354C862.315,-285.612 812.655,-269.532 771,-252 705.781,-224.55 688.475,-218.336 629,-180 597.704,-159.827 564.778,-132.553 542.992,-113.534"/>
+<polygon fill="black" stroke="black" points="545.032,-110.666 535.215,-106.682 540.404,-115.919 545.032,-110.666"/>
+</g>
+<!-- topology&#45;&gt;hello -->
+<g id="edge62" class="edge"><title>topology&#45;&gt;hello</title>
+<path fill="none" stroke="black" d="M922.652,-287.966C910.314,-239.626 875.032,-101.398 860.438,-44.2243"/>
+<polygon fill="black" stroke="black" points="863.829,-43.3557 857.964,-34.532 857.046,-45.087 863.829,-43.3557"/>
+</g>
+<!-- topology&#45;&gt;transport -->
+<g id="edge60" class="edge"><title>topology&#45;&gt;transport</title>
+<path fill="none" stroke="black" d="M897.206,-287.871C850.798,-261.191 761.564,-209.891 713.17,-182.069"/>
+<polygon fill="black" stroke="black" points="714.758,-178.945 704.344,-176.995 711.269,-185.014 714.758,-178.945"/>
+</g>
+<!-- hostlist -->
+<g id="node35" class="node"><title>hostlist</title>
+<polygon fill="none" stroke="black" points="214,-324 158,-324 158,-288 214,-288 214,-324"/>
+<text text-anchor="middle" x="186" y="-302.3" font-family="Times,serif" font-size="14.00">hostlist</text>
+</g>
+<!-- hostlist&#45;&gt;core -->
+<g id="edge63" class="edge"><title>hostlist&#45;&gt;core</title>
+<path fill="none" stroke="black" d="M214.167,-292.599C218.733,-290.88 223.455,-289.271 228,-288 330.933,-259.219 456.746,-244.294 517.975,-238.275"/>
+<polygon fill="black" stroke="black" points="518.666,-241.725 528.286,-237.286 517.998,-234.757 518.666,-241.725"/>
+</g>
+<!-- hostlist&#45;&gt;peerinfo -->
+<g id="edge64" class="edge"><title>hostlist&#45;&gt;peerinfo</title>
+<path fill="none" stroke="black" d="M212.608,-287.849C273.449,-248.632 422.455,-152.586 487.166,-110.875"/>
+<polygon fill="black" stroke="black" points="489.21,-113.721 495.719,-105.362 485.418,-107.838 489.21,-113.721"/>
+</g>
+<!-- hostlist&#45;&gt;hello -->
+<g id="edge65" class="edge"><title>hostlist&#45;&gt;hello</title>
+<path fill="none" stroke="black" d="M192.198,-287.715C209.228,-243.039 261.382,-123.627 349,-72 425.521,-26.9118 694.449,-19.9666 805.486,-19.053"/>
+<polygon fill="black" stroke="black" points="805.751,-22.5513 815.727,-18.9823 805.703,-15.5515 805.751,-22.5513"/>
+</g>
+<!-- scalarproduct -->
+<g id="node38" class="node"><title>scalarproduct</title>
+<ellipse fill="none" stroke="black" cx="636" cy="-594" rx="57.6901" ry="18"/>
+<text text-anchor="middle" x="636" y="-590.3" font-family="Times,serif" font-size="14.00">scalarproduct</text>
+</g>
+<!-- scalarproduct&#45;&gt;cadet -->
+<g id="edge74" class="edge"><title>scalarproduct&#45;&gt;cadet</title>
+<path fill="none" stroke="black" d="M622.726,-576.035C614.79,-565.742 604.61,-552.266 596,-540 581.021,-518.662 564.9,-493.752 553.465,-475.721"/>
+<polygon fill="black" stroke="black" points="556.241,-473.562 547.943,-466.975 550.322,-477.299 556.241,-473.562"/>
+</g>
+<!-- scalarproduct&#45;&gt;set -->
+<g id="edge73" class="edge"><title>scalarproduct&#45;&gt;set</title>
+<path fill="none" stroke="black" d="M610.179,-577.811C591.059,-566.564 565.021,-551.248 545.33,-539.665"/>
+<polygon fill="black" stroke="black" points="546.899,-536.527 536.505,-534.473 543.349,-542.56 546.899,-536.527"/>
+</g>
+<!-- secushare -->
+<g id="node39" class="node"><title>secushare</title>
+<polygon fill="none" stroke="black" points="633.366,-815.562 578,-828 522.634,-815.562 522.686,-795.438 633.314,-795.438 633.366,-815.562"/>
+<text text-anchor="middle" x="578" y="-806.3" font-family="Times,serif" font-size="14.00">secushare</text>
+</g>
+<!-- social -->
+<g id="node42" class="node"><title>social</title>
+<ellipse fill="none" stroke="black" cx="578" cy="-738" rx="31.3957" ry="18"/>
+<text text-anchor="middle" x="578" y="-734.3" font-family="Times,serif" font-size="14.00">social</text>
+</g>
+<!-- secushare&#45;&gt;social -->
+<g id="edge80" class="edge"><title>secushare&#45;&gt;social</title>
+<path fill="none" stroke="black" d="M578,-795.17C578,-786.919 578,-776.153 578,-766.256"/>
+<polygon fill="black" stroke="black" points="581.5,-766.019 578,-756.019 574.5,-766.019 581.5,-766.019"/>
+</g>
+<!-- multicast -->
+<g id="node40" class="node"><title>multicast</title>
+<ellipse fill="none" stroke="black" cx="326" cy="-594" rx="43.5923" ry="18"/>
+<text text-anchor="middle" x="326" y="-590.3" font-family="Times,serif" font-size="14.00">multicast</text>
+</g>
+<!-- multicast&#45;&gt;cadet -->
+<g id="edge82" class="edge"><title>multicast&#45;&gt;cadet</title>
+<path fill="none" stroke="black" d="M347.889,-578.338C386.803,-552.273 467.927,-497.935 510.526,-469.402"/>
+<polygon fill="black" stroke="black" points="512.642,-472.198 519.003,-463.725 508.747,-466.382 512.642,-472.198"/>
+</g>
+<!-- psyc -->
+<g id="node41" class="node"><title>psyc</title>
+<ellipse fill="none" stroke="black" cx="326" cy="-666" rx="27" ry="18"/>
+<text text-anchor="middle" x="326" y="-662.3" font-family="Times,serif" font-size="14.00">psyc</text>
+</g>
+<!-- psyc&#45;&gt;multicast -->
+<g id="edge81" class="edge"><title>psyc&#45;&gt;multicast</title>
+<path fill="none" stroke="black" d="M326,-647.697C326,-639.983 326,-630.712 326,-622.112"/>
+<polygon fill="black" stroke="black" points="329.5,-622.104 326,-612.104 322.5,-622.104 329.5,-622.104"/>
+</g>
+<!-- psycstore -->
+<g id="node43" class="node"><title>psycstore</title>
+<ellipse fill="none" stroke="black" cx="220" cy="-594" rx="44.393" ry="18"/>
+<text text-anchor="middle" x="220" y="-590.3" font-family="Times,serif" font-size="14.00">psycstore</text>
+</g>
+<!-- psyc&#45;&gt;psycstore -->
+<g id="edge79" class="edge"><title>psyc&#45;&gt;psycstore</title>
+<path fill="none" stroke="black" d="M307.536,-652.807C291.938,-642.506 269.271,-627.537 250.911,-615.413"/>
+<polygon fill="black" stroke="black" points="252.567,-612.312 242.294,-609.722 248.71,-618.154 252.567,-612.312"/>
+</g>
+<!-- social&#45;&gt;gns -->
+<g id="edge78" class="edge"><title>social&#45;&gt;gns</title>
+<path fill="none" stroke="black" d="M605.831,-729.838C655.82,-716.973 760.68,-689.987 815.282,-675.935"/>
+<polygon fill="black" stroke="black" points="816.373,-679.268 825.185,-673.386 814.628,-672.489 816.373,-679.268"/>
+</g>
+<!-- social&#45;&gt;psyc -->
+<g id="edge77" class="edge"><title>social&#45;&gt;psyc</title>
+<path fill="none" stroke="black" d="M550.552,-729.376C504.247,-716.513 410.731,-690.537 360.222,-676.506"/>
+<polygon fill="black" stroke="black" points="360.996,-673.089 350.424,-673.784 359.122,-679.833 360.996,-673.089"/>
+</g>
+<!-- rps -->
+<g id="node44" class="node"><title>rps</title>
+<ellipse fill="none" stroke="black" cx="593" cy="-306" rx="27" ry="18"/>
+<text text-anchor="middle" x="593" y="-302.3" font-family="Times,serif" font-size="14.00">rps</text>
+</g>
+<!-- rps&#45;&gt;core -->
+<g id="edge83" class="edge"><title>rps&#45;&gt;core</title>
+<path fill="none" stroke="black" d="M584.187,-288.765C579.582,-280.283 573.845,-269.714 568.679,-260.197"/>
+<polygon fill="black" stroke="black" points="571.613,-258.266 563.766,-251.147 565.461,-261.606 571.613,-258.266"/>
+</g>
+</g>
+</svg>
diff --git a/contrib/packages/guix/notest-guix-env.scm b/contrib/packages/guix/notest-guix-env.scm
new file mode 100644
index 000000000..ffb0ec889
--- /dev/null
+++ b/contrib/packages/guix/notest-guix-env.scm
@@ -0,0 +1,145 @@
+;;; This file is part of GNUnet.
+;;; Copyright (C) 2016, 2017, 2018 GNUnet e.V.
+;;;
+;;; GNUnet is free software: you can redistribute it and/or modify it
+;;; under the terms of the GNU Affero General Public License as published
+;;; by the Free Software Foundation, either version 3 of the License,
+;;; or (at your option) any later version.
+;;;
+;;; GNUnet is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+;;; Affero General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU Affero General Public License
+;;; along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+(use-modules
+ (ice-9 popen)
+ (ice-9 match)
+ (ice-9 rdelim)
+ (guix packages)
+ (guix build-system gnu)
+ (guix gexp)
+ ((guix build utils) #:select (with-directory-excursion))
+ (guix git-download)
+ (guix utils) ; current-source-directory
+ (gnu packages)
+ (gnu packages aidc)
+ (gnu packages autotools)
+ (gnu packages backup)
+ (gnu packages base)
+ (gnu packages compression)
+ (gnu packages curl)
+ (gnu packages databases)
+ (gnu packages file)
+ (gnu packages gettext)
+ (gnu packages glib)
+ (gnu packages gnome)
+ (gnu packages gnunet)
+ (gnu packages gnupg)
+ (gnu packages gnuzilla)
+ (gnu packages groff)
+ (gnu packages gstreamer)
+ (gnu packages gtk)
+ (gnu packages guile)
+ (gnu packages image)
+ (gnu packages image-viewers)
+ (gnu packages libidn)
+ (gnu packages libunistring)
+ (gnu packages linux)
+ (gnu packages maths)
+ (gnu packages multiprecision)
+ (gnu packages perl)
+ (gnu packages pkg-config)
+ (gnu packages pulseaudio)
+ (gnu packages python)
+ (gnu packages tex)
+ (gnu packages texinfo)
+ (gnu packages tex)
+ (gnu packages tls)
+ (gnu packages upnp)
+ (gnu packages video)
+ (gnu packages web)
+ (gnu packages xiph)
+ ((guix licenses) #:prefix license:))
+
+(define %source-dir (current-source-directory))
+
+(define gnunet-dev-env
+ (let* ((revision "1")
+ (select? (delay (or (git-predicate
+ (current-source-directory))
+ source-file?))))
+ (package
+ (inherit gnunet)
+ (name "gnunet")
+ (version (string-append "git" revision))
+ (source
+ (local-file
+ (string-append (getcwd))
+ #:recursive? #t))
+ (inputs
+ `(("glpk" ,glpk)
+ ("gnurl" ,gnurl)
+ ("gstreamer" ,gstreamer)
+ ("gst-plugins-base" ,gst-plugins-base)
+ ("gnutls/dane" ,gnutls/dane)
+ ("libextractor" ,libextractor)
+ ("libgcrypt" ,libgcrypt)
+ ("libidn" ,libidn)
+ ("libmicrohttpd" ,libmicrohttpd)
+ ("libltdl" ,libltdl)
+ ("libunistring" ,libunistring)
+ ("openssl" ,openssl)
+ ("opus" ,opus)
+ ("pulseaudio" ,pulseaudio)
+ ("sqlite" ,sqlite)
+ ("postgresql" ,postgresql)
+ ("mysql" ,mariadb)
+ ("zlib" ,zlib)
+ ("perl" ,perl)
+ ("python-2" ,python-2) ; tests and gnunet-qr
+ ("python2-future" ,python2-future)
+ ("jansson" ,jansson)
+ ("nss" ,nss)
+ ("glib" ,glib "bin")
+ ("gmp" ,gmp)
+ ("bluez" ,bluez) ; for optional bluetooth feature
+ ("glib" ,glib)
+ ;; ("texlive" ,texlive) ;FIXME: minimize.
+ ("texlive-tiny" ,texlive-tiny) ;; Seems to be enough for _just_ info output.
+ ("miniupnpc" ,miniupnpc)
+ ("libogg" ,libogg)))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)
+ ("autoconf" ,autoconf)
+ ("automake" ,automake)
+ ("gnu-gettext" ,gnu-gettext)
+ ("which" ,which)
+ ("texinfo" ,texinfo-5) ; Debian stable: 5.2
+ ("libtool" ,libtool)))
+ (outputs '("out" "debug"))
+ (arguments
+ `(#:configure-flags
+ (list (string-append "--with-nssdir=" %output "/lib")
+ "--enable-experimental")
+ #:phases
+ ;; swap check and install phases and set paths to installed bin
+ (modify-phases %standard-phases
+ (add-after 'unpack 'patch-bin-sh
+ (lambda _
+ (for-each (lambda (f) (chmod f #o755))
+ (find-files "po" ""))
+ #t))
+ (add-after 'patch-bin-sh 'bootstrap
+ (lambda _
+ (invoke "sh" "bootstrap")))
+ ;;(add-before 'build 'chdir
+ ;; (lambda _
+ ;; (chdir "doc/documentation")))
+ (delete 'check)
+ ;; XXX: https://gnunet.org/bugs/view.php?id=4619
+ ))))))
+
+gnunet-dev-env
diff --git a/contrib/services/shepherd/ng0_wip/.gitignore b/contrib/services/shepherd/ng0_wip/.gitignore
deleted file mode 100644
index 9b974979a..000000000
--- a/contrib/services/shepherd/ng0_wip/.gitignore
+++ /dev/null
@@ -1 +0,0 @@
-!*.patch \ No newline at end of file
diff --git a/contrib/services/shepherd/ng0_wip/00001-gnu-services-Add-gnunet-service.patch b/contrib/services/shepherd/ng0_wip/00001-gnu-services-Add-gnunet-service.patch
deleted file mode 100644
index 609a0a5ef..000000000
--- a/contrib/services/shepherd/ng0_wip/00001-gnu-services-Add-gnunet-service.patch
+++ /dev/null
@@ -1,186 +0,0 @@
-From 60a4c0f7c60ef705db17561fd3e930bbe11730c9 Mon Sep 17 00:00:00 2001
-From: ng0 <ng0@we.make.ritual.n0.is>
-Date: Mon, 12 Sep 2016 12:26:52 +0000
-Subject: [PATCH] gnu: services: Add gnunet-service.
-
-* gnu/services/networking.scm (gnunet): New service.
-
-Signed-off-by: Nils Gillmann <ng0@n0.is>
----
- doc/guix.texi | 36 ++++++++++++++
- gnu/services/networking.scm | 93 ++++++++++++++++++++++++++++++++++++-
- 2 files changed, 128 insertions(+), 1 deletion(-)
-
-diff --git a/doc/guix.texi b/doc/guix.texi
-index d925b4eda..eb7b409d7 100644
---- a/doc/guix.texi
-+++ b/doc/guix.texi
-@@ -11016,6 +11016,42 @@ Package object of the Open vSwitch.
- @end table
- @end deftp
-
-+@cindex GNUnet
-+@cindex gnunet
-+@subsubheading GNUnet Service
-+
-+@deffn {Scheme Variable} gnunet-service-type
-+This is the type of the @uref{https://gnunet.org, GNUnet}
-+service, whose value should be an @code{gnunet-configuration} object
-+as in this example:
-+
-+@example
-+(service gnunet-service-type
-+ (gnunet-configuration
-+ (config-file (local-file "./gnunet.conf"))))
-+@end example
-+@end deffn
-+
-+@deftp {Data Type} gnunet-configuration
-+Data type representing the configuration of GNUnet.
-+
-+@table @asis
-+@item @code{package} (default: @var{gnunet})
-+Package object of the GNUnet service.
-+
-+@item @code{config-file} (default: @var{%default-gnunet-file})
-+File-like object of the GNUnet configuration file to use. For NAT is
-+assumes by default that you are behind a NAT (@var{BEHIND_NAT = YES})
-+and enables UPNP (@var{ENABLE_UPNP = YES}).
-+The hostlist is configured with the options @var{-b} (bootstrap using
-+configured hostlist servers) and @var{-e} (enable learning advertised hostlists).
-+Read the configuration files in @var{"~/.guix-profile/share/gnunet/config.d/"}
-+for more information. These files also set the defaults when you don't set
-+any explicit values to override them.
-+
-+@end table
-+@end deftp
-+
- @node X Window
- @subsubsection X Window
-
-diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm
-index b0c23aafc..0ff20e707 100644
---- a/gnu/services/networking.scm
-+++ b/gnu/services/networking.scm
-@@ -5,6 +5,7 @@
- ;;; Copyright © 2016 John Darrington <jmd@gnu.org>
- ;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
- ;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be>
-+;;; Copyright © 2017 ng0 <contact.ng0@cryptolab.net>
- ;;;
- ;;; This file is part of GNU Guix.
- ;;;
-@@ -29,6 +30,7 @@
- #:use-module (gnu system pam)
- #:use-module (gnu packages admin)
- #:use-module (gnu packages connman)
-+ #:use-module (gnu packages gnunet)
- #:use-module (gnu packages linux)
- #:use-module (gnu packages tor)
- #:use-module (gnu packages messaging)
-@@ -92,7 +94,12 @@
- wpa-supplicant-service-type
-
- openvswitch-service-type
-- openvswitch-configuration))
-+ openvswitch-configuration
-+
-+ gnunet-configuration
-+ gnunet-configuration?
-+ gnunet-service
-+ gnunet-service-type))
-
- ;;; Commentary:
- ;;;
-@@ -1125,4 +1132,88 @@ a network connection manager."))))
- switch designed to enable massive network automation through programmatic
- extension.")))
-
-+;;;
-+;;; GNUnet
-+;;;
-+
-+(define-record-type* <gnunet-configuration>
-+ gnunet-configuration make-gnunet-configuration
-+ gnunet-configuration?
-+ (package gnunet-configuration-package
-+ (default gnunet))
-+ (config-file gnunet-configuration-config-file
-+ (default %default-gnunet-config-file)))
-+
-+(define %default-gnunet-config-file
-+ (plain-file "gnunet.conf" "
-+[PATHS]
-+SERVICEHOME = /var/lib/gnunet
-+GNUNET_CONFIG_HOME = /var/lib/gnunet
-+
-+[arm]
-+SYSTEM_ONLY = YES
-+USER_ONLY = NO
-+
-+[nat]
-+BEHIND_NAT = YES
-+ENABLE_UPNP = YES
-+
-+[hostlist]
-+OPTIONS = -b -e
-+"))
-+
-+(define gnunet-shepherd-service
-+ (match-lambda
-+ (($ <gnunet-configuration> package config-file)
-+ (list (shepherd-service
-+ (provision '(gnunet))
-+ (requirement '(loopback))
-+ (documentation "Run the GNUnet service.")
-+ (start
-+ (let ((gnunet
-+ (file-append package "/lib/gnunet/libexec/gnunet-service-arm")))
-+ #~(make-forkexec-constructor
-+ (list #$gnunet "-c" #$config-file)
-+ #:log-file "/var/log/gnunet.log"
-+ #:pid-file "/var/run/gnunet.pid")))
-+ (stop
-+ #~(make-kill-destructor)))))))
-+
-+(define %gnunet-accounts
-+ (list (user-group
-+ (name "gnunetdns")
-+ (system? #t))
-+ (user-group
-+ (name "gnunet")
-+ (system? #t))
-+ (user-account
-+ (name "gnunet")
-+ (group "gnunet")
-+ (system? #t)
-+ (comment "GNUnet system user")
-+ (home-directory "/var/lib/gnunet")
-+ (shell #~(string-append #$shadow "/sbin/nologin")))))
-+
-+(define gnunet-activation
-+ (match-lambda
-+ (($ <gnunet-configuration> package config-file)
-+ (let ((gnunet
-+ (file-append package "/lib/gnunet/libexec/gnunet-service-arm")))
-+ #~(begin
-+ ;; Create the .config + .cache for gnunet user
-+ (mkdir-p "/var/lib/gnunet/.config/gnunet")
-+ (mkdir-p "/var/lib/gnunet/.cache/gnunet"))))))
-+
-+(define gnunet-service-type
-+ (service-type
-+ (name 'gnunet)
-+ (extensions (list (service-extension account-service-type
-+ (const %gnunet-accounts))
-+ (service-extension activation-service-type
-+ gnunet-activation)
-+ (service-extension profile-service-type
-+ (compose list gnunet-configuration-package))
-+ (service-extension shepherd-root-service-type
-+ gnunet-shepherd-service)))))
-+
- ;;; networking.scm ends here
---
-2.17.0
-
diff --git a/contrib/services/shepherd/ng0_wip/0001-gnu-services-Add-gnunet-service.patch b/contrib/services/shepherd/ng0_wip/0001-gnu-services-Add-gnunet-service.patch
deleted file mode 100644
index a494434e0..000000000
--- a/contrib/services/shepherd/ng0_wip/0001-gnu-services-Add-gnunet-service.patch
+++ /dev/null
@@ -1,225 +0,0 @@
-From 434b05bc1a11b4865c0bd634281acd91dfce972c Mon Sep 17 00:00:00 2001
-From: ng0 <ng0@we.make.ritual.n0.is>
-Date: Mon, 12 Sep 2016 12:26:52 +0000
-Subject: [PATCH] gnu: services: Add gnunet-service.
-
-Signed-off-by: Nils Gillmann <ng0@n0.is>
----
- doc/guix.texi | 36 ++++++++++
- gnu/services/networking.scm | 134 +++++++++++++++++++++++++++++++++++-
- 2 files changed, 169 insertions(+), 1 deletion(-)
-
-diff --git a/doc/guix.texi b/doc/guix.texi
-index 00bf24d3f..73589c88b 100644
---- a/doc/guix.texi
-+++ b/doc/guix.texi
-@@ -10138,6 +10138,42 @@ Package object of the Open vSwitch.
- @end table
- @end deftp
-
-+@cindex GNUnet
-+@cindex gnunet
-+@subsubheading GNUnet Service
-+
-+@deffn {Scheme Variable} gnunet-service-type
-+This is the type of the @uref{https://gnunet.org, GNUnet}
-+service, whose value should be an @code{gnunet-configuration} object
-+as in this example:
-+
-+@example
-+(service gnunet-service-type
-+ (gnunet-configuration
-+ (config-file (local-file "./gnunet.conf"))))
-+@end example
-+@end deffn
-+
-+@deftp {Data Type} gnunet-configuration
-+Data type representing the configuration of GNUnet.
-+
-+@table @asis
-+@item @code{package} (default: @var{gnunet})
-+Package object of the GNUnet service.
-+
-+@item @code{config-file} (default: @var{%default-gnunet-file})
-+File-like object of the GNUnet configuration file to use. For NAT is
-+assumes by default that you are behind a NAT (@var{BEHIND_NAT = YES})
-+and enables UPNP (@var{ENABLE_UPNP = YES}).
-+The hostlist is configured with the options @var{-b} (bootstrap using
-+configured hostlist servers) and @var{-e} (enable learning advertised hostlists).
-+Read the configuration files in @var{"~/.guix-profile/share/gnunet/config.d/"}
-+for more information. These files also set the defaults when you don't set
-+any explicit values to override them.
-+
-+@end table
-+@end deftp
-+
- @node X Window
- @subsubsection X Window
-
-diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm
-index 99a3d493c..fe682b267 100644
---- a/gnu/services/networking.scm
-+++ b/gnu/services/networking.scm
-@@ -5,6 +5,7 @@
- ;;; Copyright © 2016 John Darrington <jmd@gnu.org>
- ;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
- ;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be>
-+;;; Copyright © 2017 ng0 <ng0@no-reply.pragmatique.xyt>
- ;;;
- ;;; This file is part of GNU Guix.
- ;;;
-@@ -29,6 +30,7 @@
- #:use-module (gnu system pam)
- #:use-module (gnu packages admin)
- #:use-module (gnu packages connman)
-+ #:use-module (gnu packages gnunet)
- #:use-module (gnu packages linux)
- #:use-module (gnu packages tor)
- #:use-module (gnu packages messaging)
-@@ -92,7 +94,12 @@
- wpa-supplicant-service-type
-
- openvswitch-service-type
-- openvswitch-configuration))
-+ openvswitch-configuration
-+
-+ gnunet-configuration
-+ gnunet-configuration?
-+ gnunet-service-type
-+ %default-gnunet-config-file))
-
- ;;; Commentary:
- ;;;
-@@ -1069,4 +1076,129 @@ dns=" dns "
- (service-extension shepherd-root-service-type
- openvswitch-shepherd-service)))))
-
-+;;;
-+;;; GNUnet
-+;;;
-+
-+;; steps:
-+;; 0. The service works!!!
-+;; 1. We want a completely adjustable config.
-+;; 2. We want to extend this service with functions like
-+;; vpn, comparable to tor-service
-+;; Because of (1) we can't have a default. We can have
-+;; default values which can be adjusted. A config is
-+;; generated from these.
-+
-+(define-record-type* <gnunet-configuration>
-+ gnunet-configuration make-gnunet-configuration
-+ gnunet-configuration?
-+ (gnunet gnunet-configuration-package
-+ (default gnunet))
-+ (config-file gnunet-configuration-config-file
-+ (default (plain-file "empty" ""))))
-+
-+(define %default-gnunet-config-file
-+ (plain-file "gnunet.conf" "
-+[PATHS]
-+SERVICEHOME = /var/lib/gnunet
-+GNUNET_CONFIG_HOME = /var/lib/gnunet
-+
-+[arm]
-+SYSTEM_ONLY = NO
-+USER_ONLY = NO
-+
-+[nat]
-+BEHIND_NAT = YES
-+ENABLE_UPNP = YES
-+
-+[hostlist]
-+OPTIONS = -b -e
-+"))
-+
-+(define gnunet-shepherd-service
-+ (match-lambda
-+ (($ <gnunet-configuration> package config-file)
-+ (list (shepherd-service
-+ (provision '(gnunet))
-+ (requirement '(user-processes loopback networking))
-+ (documentation "Run the GNUnet service.")
-+ (start
-+ (let ((gnunet
-+ (file-append package "/lib/gnunet/libexec/gnunet-service-arm")))
-+ #~(make-forkexec-constructor
-+ (list #$gnunet "-c" #$config-file "-d")
-+ #:pid-file "/var/run/gnunet/arm-service.pid"
-+ #:user "gnunet"
-+ #:group "gnunet"
-+ ;;#:log-file "/var/lib/gnunet/gnunet.log")))
-+ #:log-file "/var/log/gnunet.log")))
-+ (stop #~(make-kill-destructor)))))))
-+
-+(define %gnunet-accounts
-+ (list (user-group (name "gnunetdns") (system? #t))
-+ (user-group (name "gnunet") (system? #t))
-+ (user-account
-+ (name "gnunet")
-+ (group "gnunet")
-+ (system? #t)
-+ (comment "GNUnet system user")
-+ (home-directory "/var/empty")
-+ (shell (file-append shadow "/sbin/nologin")))))
-+
-+;; ${GNUNET_HOME}/.local/share/gnunet/gnunet.conf -> chmod 600
-+;; mkdir -p ${GNUNET_HOME}/.cache/gnunet
-+
-+(define gnunet-activation
-+ (match-lambda
-+ (($ <gnunet-configuration> package config-file)
-+ (let ((gnunet
-+ (file-append package "/lib/gnunet/libexec/gnunet-service-arm")))
-+ #~(begin
-+ (use-modules (guix build utils))
-+ (define %user (getpw "gnunet"))
-+ (mkdir-p "/var/lib/gnunet/")
-+ (chown "/var/lib/gnunet" (passwd:uid %user) (passwd:gid %user))
-+ ;;(chmod "/var/lib/gnunet/" #o755)
-+ (mkdir-p "/var/lib/gnunet/.local/share/gnunet")
-+ (mkdir-p "/var/lib/gnunet/.cache/gnunet")
-+ (mkdir-p "/var/lib/gnunet/hostlist")
-+ (mkdir-p "/var/lib/gnunet/.config/gnunet")
-+ (chown "/var/lib/gnunet/.local/share/gnunet" (passwd:uid %user) (passwd:gid %user))
-+ (chown "/var/lib/gnunet/.cache/gnunet" (passwd:uid %user) (passwd:gid %user))
-+ (chown "/var/lib/gnunet/hostlist" (passwd:uid %user) (passwd:gid %user))
-+ ;;(chown "/var/lib/gnunet/gnunet.conf" (passwd:uid %user) (passwd:gid %user))
-+ (chown "/var/lib/gnunet/.config/gnunet" (passwd:uid %user) (passwd:gid %user)))))))
-+ ;;(chmod "/var/lib/gnunet/.config/gnunet" #o755)
-+ ;;(chmod "/var/lib/gnunet/.cache/gnunet" #o755)
-+ ;;(chmod "/var/lib/gnunet/.local/share/gnunet" #o755))))))
-+
-+;; SUID_ROOT_HELPERS="exit nat-server nat-client transport-bluetooth transport-wlan vpn"
-+;; set chmod u+s for those above.
-+;; chmodown_execbin ${libexec}/gnunet-helper-dns 4750 root:gnunetdns
-+;; chmodown_execbin ${libexec}/gnunet-service-dns 2750 gnunet:gnunetdns
-+(define gnunet-setuid-programs
-+ (match-lambda
-+ (($ <gnunet-configuration> package)
-+ (list (file-append package "/lib/gnunet/libexec/gnunet-helper-exit")
-+ (file-append package "/lib/gnunet/libexec/gnunet-helper-nat-server")
-+ (file-append package "/lib/gnunet/libexec/gnunet-helper-nat-client")
-+ (file-append package "/lib/gnunet/libexec/gnunet-helper-transport-bluetooth")
-+ (file-append package "/lib/gnunet/libexec/gnunet-helper-transport-wlan")
-+ (file-append package "/lib/gnunet/libexec/gnunet-helper-vpn")))))
-+
-+(define gnunet-service-type
-+ (service-type
-+ (name 'gnunet)
-+ (extensions (list (service-extension account-service-type
-+ (const %gnunet-accounts))
-+ (service-extension activation-service-type
-+ gnunet-activation)
-+ (service-extension profile-service-type
-+ (compose list gnunet-configuration-package))
-+ (service-extension setuid-program-service-type
-+ gnunet-setuid-programs)
-+ (service-extension shepherd-root-service-type
-+ gnunet-shepherd-service)))))
-+;;; --- here starts the rewrite.
-+
- ;;; networking.scm ends here
---
-2.17.0
-
diff --git a/contrib/services/shepherd/ng0_wip/001-gnu-services-Add-gnunet-service.patch b/contrib/services/shepherd/ng0_wip/001-gnu-services-Add-gnunet-service.patch
deleted file mode 100644
index 0017ec8cf..000000000
--- a/contrib/services/shepherd/ng0_wip/001-gnu-services-Add-gnunet-service.patch
+++ /dev/null
@@ -1,204 +0,0 @@
-From 91241bacb6533745535ff28d20f087ecd571e7be Mon Sep 17 00:00:00 2001
-From: ng0 <ng0@we.make.ritual.n0.is>
-Date: Mon, 12 Sep 2016 12:26:52 +0000
-Subject: [PATCH] gnu: services: Add gnunet-service.
-
----
- doc/guix.texi | 36 ++++++++++++++
- gnu/services/networking.scm | 114 +++++++++++++++++++++++++++++++++++++++++++-
- 2 files changed, 149 insertions(+), 1 deletion(-)
-
-diff --git a/doc/guix.texi b/doc/guix.texi
-index 99bde4aca..6c683393e 100644
---- a/doc/guix.texi
-+++ b/doc/guix.texi
-@@ -8903,6 +8903,42 @@ Boolean values @var{ipv4?} and @var{ipv6?} determine whether to use IPv4/IPv6
- sockets.
- @end deffn
-
-+@cindex GNUnet
-+@cindex gnunet
-+@subsubheading GNUnet Service
-+
-+@deffn {Scheme Variable} gnunet-service-type
-+This is the type of the @uref{https://gnunet.org, GNUnet}
-+service, whose value should be an @code{gnunet-configuration} object
-+as in this example:
-+
-+@example
-+(service gnunet-service-type
-+ (gnunet-configuration
-+ (config-file (local-file "./gnunet.conf"))))
-+@end example
-+@end deffn
-+
-+@deftp {Data Type} gnunet-configuration
-+Data type representing the configuration of GNUnet.
-+
-+@table @asis
-+@item @code{package} (default: @var{gnunet})
-+Package object of the GNUnet service.
-+
-+@item @code{config-file} (default: @var{%default-gnunet-file})
-+File-like object of the GNUnet configuration file to use. For NAT is
-+assumes by default that you are behind a NAT (@var{BEHIND_NAT = YES})
-+and enables UPNP (@var{ENABLE_UPNP = YES}).
-+The hostlist is configured with the options @var{-b} (bootstrap using
-+configured hostlist servers) and @var{-e} (enable learning advertised hostlists).
-+Read the configuration files in @var{"~/.guix-profile/share/gnunet/config.d/"}
-+for more information. These files also set the defaults when you don't set
-+any explicit values to override them.
-+
-+@end table
-+@end deftp
-+
-
- @node X Window
- @subsubsection X Window
-diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm
-index d672ecf68..ff3615ea2 100644
---- a/gnu/services/networking.scm
-+++ b/gnu/services/networking.scm
-@@ -3,6 +3,7 @@
- ;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
- ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
- ;;; Copyright © 2016 John Darrington <jmd@gnu.org>
-+;;; Copyright © 2016 ng0 <ng0@libertad.pw>
- ;;;
- ;;; This file is part of GNU Guix.
- ;;;
-@@ -27,6 +28,7 @@
- #:use-module (gnu system pam)
- #:use-module (gnu packages admin)
- #:use-module (gnu packages connman)
-+ #:use-module (gnu packages gnunet)
- #:use-module (gnu packages linux)
- #:use-module (gnu packages tor)
- #:use-module (gnu packages messaging)
-@@ -66,7 +68,12 @@
- wicd-service
- network-manager-service
- connman-service
-- wpa-supplicant-service-type))
-+ wpa-supplicant-service-type
-+
-+ gnunet-configuration
-+ gnunet-configuration?
-+ gnunet-service-type
-+ %default-gnunet-config-file))
-
- ;;; Commentary:
- ;;;
-@@ -781,4 +788,109 @@ configure networking."
- (service-extension dbus-root-service-type list)
- (service-extension profile-service-type list)))))
-
-+
-+;;; GNUnet
-+;;;
-+;;;
-+
-+(define-record-type* <gnunet-configuration>
-+ gnunet-configuration make-gnunet-configuration
-+ gnunet-configuration?
-+ (package gnunet-configuration-package
-+ (default gnunet))
-+ (config-file gnunet-configuration-config-file
-+ (default %default-gnunet-config-file)))
-+
-+(define %default-gnunet-config-file
-+ (plain-file "gnunet.conf" "
-+[PATHS]
-+SERVICEHOME = /var/lib/gnunet
-+GNUNET_CONFIG_HOME = /var/lib/gnunet
-+
-+[arm]
-+SYSTEM_ONLY = YES
-+USER_ONLY = NO
-+
-+[nat]
-+BEHIND_NAT = YES
-+ENABLE_UPNP = YES
-+
-+[hostlist]
-+OPTIONS = -b -e
-+"))
-+
-+(define gnunet-shepherd-service
-+ (match-lambda
-+ (($ <gnunet-configuration> package config-file)
-+ (list (shepherd-service
-+ (provision '(gnunet))
-+ (requirement '(user-processes loopback))
-+ (documentation "Run the GNUnet service.")
-+ (start
-+ (let ((gnunet
-+ (file-append package "/lib/gnunet/libexec/gnunet-service-arm")))
-+ #~(make-forkexec-constructor
-+ (list #$gnunet "-c" #$config-file)
-+ #:pid-file "/var/run/gnunet.pid")))
-+ (stop
-+ #~(make-kill-destructor
-+ (list #$gnunet "-e"))))))))
-+
-+(define %gnunet-accounts
-+ (list (user-group
-+ (name "gnunetdns")
-+ (system? #t))
-+ (user-group
-+ (name "gnunet")
-+ (system? #t))
-+ (user-account
-+ (name "gnunet")
-+ (group "gnunet")
-+ (system? #t)
-+ (comment "GNUnet system user")
-+ (home-directory "/var/empty")
-+ (shell #~(string-append #$shadow "/sbin/nologin")))))
-+
-+(define gnunet-activation
-+ (match-lambda
-+ (($ <gnunet-configuration> package config-file)
-+ (let ((gnunet
-+ (file-append package "/lib/gnunet/libexec/gnunet-service-arm")))
-+ #~(begin
-+ (use-modules (guix build utils))
-+ (define %user (getpw "gnunet"))
-+ (mkdir-p "/var/lib/gnunet/")
-+ (chown "/var/lib/gnunet" (passwd:uid %user) (passwd:gid %user))
-+ (chmod "/var/lib/gnunet/" #o600)
-+ (mkdir-p "/var/lib/gnunet/.local/share/gnunet")
-+ (mkdir-p "/var/lib/gnunet/.cache/gnunet")
-+ (mkdir-p "/var/lib/gnunet/.config/gnunet")
-+ (chmod "/var/lib/gnunet/.config/gnunet" #o600)
-+ (chmod "/var/lib/gnunet/.cache/gnunet" #o600)
-+ (chmod "/var/lib/gnunet/.local/share/gnunet" #o600))))))
-+
-+(define gnunet-setuid-programs
-+ (match-lambda
-+ (($ <gnunet-configuration> package)
-+ (list (file-append package "/lib/gnunet/libexec/gnunet-helper-exit")
-+ (file-append package "/lib/gnunet/libexec/gnunet-helper-nat-server")
-+ (file-append package "/lib/gnunet/libexec/gnunet-helper-nat-client")
-+ (file-append package "/lib/gnunet/libexec/gnunet-helper-transport-bluetooth")
-+ (file-append package "/lib/gnunet/libexec/gnunet-helper-transport-wlan")
-+ (file-append package "/lib/gnunet/libexec/gnunet-helper-vpn")))))
-+
-+(define gnunet-service-type
-+ (service-type
-+ (name 'gnunet)
-+ (extensions (list (service-extension account-service-type
-+ (const %gnunet-accounts))
-+ (service-extension activation-service-type
-+ gnunet-activation)
-+ (service-extension profile-service-type
-+ (compose list gnunet-configuration-package))
-+ (service-extension setuid-program-service-type
-+ gnunet-setuid-programs)
-+ (service-extension shepherd-root-service-type
-+ gnunet-shepherd-service)))))
-+
- ;;; networking.scm ends here
---
-2.11.0
-
diff --git a/contrib/services/shepherd/ng0_wip/README b/contrib/services/shepherd/ng0_wip/README
deleted file mode 100644
index c36c10959..000000000
--- a/contrib/services/shepherd/ng0_wip/README
+++ /dev/null
@@ -1,11 +0,0 @@
-short notes:
-
-* you are not expected to be able to run this as-is.
-* you must keep it GPL3 licensed and NOT license it to GNUnet e.V.,
- for changes add your line to the header.
-* does not apply to a guix checkout, you have to search and replace
- the imported modules. in my development of plant, infotropique
- services is equivalent to gnu services (same for packages) and plant
- XYZ is guix XYZ.
-* Understanding is optional.
-* Patches come as context reading material. \ No newline at end of file
diff --git a/contrib/services/shepherd/ng0_wip/gnunet.scm b/contrib/services/shepherd/ng0_wip/gnunet.scm
deleted file mode 100644
index 80b807e74..000000000
--- a/contrib/services/shepherd/ng0_wip/gnunet.scm
+++ /dev/null
@@ -1,173 +0,0 @@
-;;; plant ---
-;;; Copyright (C) 2016, 2017, 2018 Nils Gillmann <gillmann@infotropique.org>
-;;;
-;;; This file is part of plant.
-;;;
-;;; plant is free software; you can redistribute it and/or modify it
-;;; under the terms of the GNU General Public License as published by
-;;; the Free Software Foundation; either version 3 of the License, or (at
-;;; your option) any later version.
-;;;
-;;; plant is distributed in the hope that it will be useful, but
-;;; WITHOUT ANY WARRANTY; without even the implied warranty of
-;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-;;; GNU General Public License for more details.
-;;;
-;;; You should have received a copy of thye GNU General Public License
-;;; along with plant. If not, see <http://www.gnu.org/licenses/>.
-
-(define-module (infotropique services networking)
- #:use-module (infotropique services)
- #:use-module (infotropique services shepherd)
- #:use-module (infotropique services dbus)
- #:use-module (infotropique system shadow)
- #:use-module (infotropique system pam)
- #:use-module (infotropique packages admin)
- #:use-module (infotropique packages connman)
- #:use-module (infotropique packages linux)
- #:use-module (infotropique packages tor)
- #:use-module (infotropique packages messaging)
- #:use-module (infotropique packages networking)
- #:use-module (infotropique packages ntp)
- #:use-module (infotropique packages wicd)
- #:use-module (infotropique packages gnome)
- #:use-module (infotropique packages gnunet)
- #:use-module (plant gexp)
- #:use-module (plant records)
- #:use-module (plant modules)
- #:use-module (srfi srfi-1)
- #:use-module (srfi srfi-9)
- #:use-module (srfi srfi-26)
- #:use-module (ice-9 match)
- #:export (gnunet-configuration
- gnunet-configuration?
- gnunet-service
- gnunet-service-type))
-
-;;;
-;;; Commentary:
-;;; gnunet (GNUnet) related services, mainly gnunet itself.
-;;;
-
-;; GENTOO OpenRC:
-DONE: depends on "net".
-DONE: PIDFILE=/run/gnunet/arm-service.pid
-SUID_ROOT_HELPERS=exit, nat-server, nat-client, transport-bluetooth, transport-wlan, vpn
-
-/var/lib/gnunet/.local/share/gnunet/gnunet.conf must be chmod 600 and chown gnunet:gnunet
-/var/lib/gnunet/.cache/gnunet must exist.
-/usr/lib/gnunet/libexec/gnunet-helper-SUID_ROOT_HELPERS must be s+u (--> suid)
-
-/usr/lib/gnunet/libexec/gnunet-helper-dns must be: chown root:gnunetdns and chmod 4750
-/usr/lib/gnunet/libexec/gnunet-service-dns must be: chown gnunet:gnunetdns and chmod 2750
-
-directory with PID file must then be chowned by gnunet:gnunet
-
-user gnunet startet dann /usr/lib/gnunet/libexec/gnunet-service-arm -d
-
-stop process hat:
-start-stop-daemon --stop --signal QUIT --pidfile ${PIDFILE}
-sleep 1
-killall -u gnunet
-sleep 1
-rm -rf /tmp/gnunet-gnunet-runtime >/dev/null 2>&1
-rm -rf /tmp/gnunet-system-runtime >/dev/null 2>&1
-
-/etc/nsswitch.conf kriegt den eintrag:
-hosts: files gns [NOTFOUND=return] dns
-
-und die dateien die in der source rumliegen bzgl nss müssen noch kopiert werden
-UND nss muss sie finden.
-
-
-
-(define-record-type* <gnunet-configuration>
- gnunet-configuration make-gnunet-configuration
- gnunet-configuration?
- (package gnunet-configuration-package
- (default gnunet))
- (config-file gnunet-configuration-config-file
- (default %default-gnunet-config-file)))
-
-;; TODO: [PATHS] DEFAULTCONFIG = ?
-(define %default-gnunet-config-file
- (plain-file "gnunet.conf" "
-[PATHS]
-SERVICEHOME = /var/lib/gnunet
-GNUNET_CONFIG_HOME = /var/lib/gnunet
-
-[arm]
-SYSTEM_ONLY = YES
-USER_ONLY = NO
-
-[nat]
-BEHIND_NAT = YES
-ENABLE_UPNP = NO
-USE_LOCALADDR = NO
-DISABLEV6 = YES
-
-[hostlist]
-OPTIONS = -b -e
-"))
-
-(define gnunet-shepherd-service
- (match-lambda
- (($ <gnunet-configuration> package config-file)
- (list (shepherd-service
- (provision '(gnunet))
- ;; do we require networking? arm will try to reconnect until a connection
- ;; exists (again), but we might also set up vpn and not succeed at service
- ;; boot time as well as the general certificate issue we have especially on
- ;; Guix-on-GuixSD systems.
- (requirement '(loopback))
- (documentation "Run the GNUnet service.")
- (start
- (let ((gnunet
- (file-append package "/lib/gnunet/libexec/gnunet-service-arm")))
- #~(make-forkexec-constructor
- (list #$gnunet "-c" #$config-file)
- #:log-file "/var/log/gnunet.log"
- #:pid-file "/var/run/gnunet/arm-service.pid")))
- (stop
- #~(make-kill-destructor)))))))
-
-(define %gnunet-accounts
- (list (user-group
- (name "gnunetdns")
- (system? #t))
- (user-group
- (name "gnunet")
- (system? #t))
- (user-account
- (name "gnunet")
- (group "gnunet")
- (system? #t)
- (comment "GNUnet system user")
- (home-directory "/var/lib/gnunet")
- (shell #~(string-append #$shadow "/sbin/nologin")))))
-
-;; TODO: setuids.
-;; TODO: certificate issues -- gnunet should honor CURL_CA_BUNDLE!
-(define gnunet-activation
- (match-lambda
- (($ <gnunet-configuration> package config-file)
- (let ((gnunet
- (file-append package "/lib/gnunet/libexec/gnunet-service-arm")))
- #~(begin
- ;; Create the .config + .cache for gnunet user
- (mkdir-p "/var/lib/gnunet/.config/gnunet")
- (mkdir-p "/var/lib/gnunet/.cache/gnunet"))))))
-
-(define gnunet-service-type
- (service-type
- (name 'gnunet)
- (extensions (list (service-extension account-service-type
- (const %gnunet-accounts))
- (service-extension activation-service-type
- gnunet-activation)
- (service-extension profile-service-type
- (compose list gnunet-configuration-package))
- (service-extension shepherd-root-service-type
- gnunet-shepherd-service)))))
-
-;;; gnunet.scm ends here
diff --git a/contrib/services/shepherd/ng0_wip/janneke-os-modified.scm b/contrib/services/shepherd/ng0_wip/janneke-os-modified.scm
deleted file mode 100644
index d75d14598..000000000
--- a/contrib/services/shepherd/ng0_wip/janneke-os-modified.scm
+++ /dev/null
@@ -1,62 +0,0 @@
-(use-modules (gnu))
-(use-service-modules
-;; admin
- base
- mcron
- networking
- ssh)
-
-(use-package-modules
- admin
- ssh
- version-control
- gnunet)
-
-(define %user (getenv "USER"))
-
-(define os
- (operating-system
- (host-name "os")
- (timezone "Europe/Amsterdam")
- (locale "en_US.UTF-8")
-
- (bootloader
- (grub-configuration
- (device "/dev/sda")))
-
- (file-systems
- (cons* (file-system (mount-point "/")
- (device "/dev/sda1")
- (type "ext4"))
- %base-file-systems))
-
- (groups
- (cons* (user-group (name %user))
- %base-groups))
-
- (users
- (cons* (user-account (name %user)
- (group %user)
- (password (crypt "" "xx"))
- (uid 1000)
- (supplementary-groups '("wheel" "gnunet"))
- (home-directory (string-append "/home/" %user)))
- %base-user-accounts))
-
- (packages
- (cons*
- git
- openssh
- gnunet
- %base-packages))
-
- (services
- (cons*
- (dhcp-client-service)
- (lsh-service #:port-number 2222
- #:allow-empty-passwords? #t
- #:root-login? #t)
- (gnunet-service)
- %base-services
- ))))
-os
diff --git a/doc/documentation/Makefile.am b/doc/documentation/Makefile.am
index 0ee81304e..b6c666c4d 100644
--- a/doc/documentation/Makefile.am
+++ b/doc/documentation/Makefile.am
@@ -144,6 +144,7 @@ DISTCLEANFILES = \
chapters/terminology.cps \
chapters/vocabulary.cps \
fdl-1.3.cps \
+ agpl-3.0.cps \
gpl-3.0.cps
# if HAVE_EXTENDED_DOCUMENTATION_BUILDING
@@ -166,8 +167,8 @@ lego_stack.png: images/lego_stack.svg
# echo "@set EDITION $(PACKAGE_VERSION)" >> $@
# echo "@set VERSION $(PACKAGE_VERSION)" >> $@
-# Workaround for makeinfo error. Whcih in turn introduces more
-# date-related 'warnings'. Well.
+# Workaround for makeinfo error. Which in turn introduces more
+# date-related 'warnings' for GNUism. Well.
version2.texi:
echo "@set UPDATED $(date +'%d %B %Y')" > $@
echo "@set UPDATED-MONTH $(date +'%B %Y')" >> $@
diff --git a/doc/documentation/agpl-3.0.texi b/doc/documentation/agpl-3.0.texi
new file mode 100644
index 000000000..eabb0c6df
--- /dev/null
+++ b/doc/documentation/agpl-3.0.texi
@@ -0,0 +1,698 @@
+@c The GNU Affero General Public License.
+@center Version 3, 19 November 2007
+
+@c This file is intended to be included within another document,
+@c hence no sectioning command or @node.
+
+@display
+Copyright @copyright{} 2007 Free Software Foundation, Inc. @url{https://fsf.org/}
+
+Everyone is permitted to copy and distribute verbatim copies of this
+license document, but changing it is not allowed.
+@end display
+
+@heading Preamble
+
+The GNU Affero General Public License is a free, copyleft license
+for software and other kinds of works, specifically designed to ensure
+cooperation with the community in the case of network server software.
+
+The licenses for most software and other practical works are
+designed to take away your freedom to share and change the works. By
+contrast, our General Public Licenses are intended to guarantee your
+freedom to share and change all versions of a program--to make sure it
+remains free software for all its users.
+
+When we speak of free software, we are referring to freedom, not
+price. Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+them if you wish), that you receive source code or can get it if you
+want it, that you can change the software or use pieces of it in new
+free programs, and that you know you can do these things.
+
+Developers that use our General Public Licenses protect your rights
+with two steps: (1) assert copyright on the software, and (2) offer
+you this License which gives you legal permission to copy, distribute
+and/or modify the software.
+
+A secondary benefit of defending all users' freedom is that
+improvements made in alternate versions of the program, if they
+receive widespread use, become available for other developers to
+incorporate. Many developers of free software are heartened and
+encouraged by the resulting cooperation. However, in the case of
+software used on network servers, this result may fail to come about.
+The GNU General Public License permits making a modified version and
+letting the public access it on a server without ever releasing its
+source code to the public.
+
+The GNU Affero General Public License is designed specifically to
+ensure that, in such cases, the modified source code becomes available
+to the community. It requires the operator of a network server to
+provide the source code of the modified version running there to the
+users of that server. Therefore, public use of a modified version, on
+a publicly accessible server, gives the public access to the source
+code of the modified version.
+
+An older license, called the Affero General Public License and
+published by Affero, was designed to accomplish similar goals. This is
+a different license, not a version of the Affero GPL, but Affero has
+released a new version of the Affero GPL which permits relicensing under
+this license.
+
+The precise terms and conditions for copying, distribution and
+modification follow.
+
+@heading TERMS AND CONDITIONS
+
+@enumerate 0
+@item Definitions.
+
+``This License'' refers to version 3 of the GNU Affero General Public License.
+
+``Copyright'' also means copyright-like laws that apply to other kinds
+of works, such as semiconductor masks.
+
+``The Program'' refers to any copyrightable work licensed under this
+License. Each licensee is addressed as ``you''. ``Licensees'' and
+``recipients'' may be individuals or organizations.
+
+To ``modify'' a work means to copy from or adapt all or part of the work
+in a fashion requiring copyright permission, other than the making of
+an exact copy. The resulting work is called a ``modified version'' of
+the earlier work or a work ``based on'' the earlier work.
+
+A ``covered work'' means either the unmodified Program or a work based
+on the Program.
+
+To ``propagate'' a work means to do anything with it that, without
+permission, would make you directly or secondarily liable for
+infringement under applicable copyright law, except executing it on a
+computer or modifying a private copy. Propagation includes copying,
+distribution (with or without modification), making available to the
+public, and in some countries other activities as well.
+
+To ``convey'' a work means any kind of propagation that enables other
+parties to make or receive copies. Mere interaction with a user
+through a computer network, with no transfer of a copy, is not
+conveying.
+
+An interactive user interface displays ``Appropriate Legal Notices'' to
+the extent that it includes a convenient and prominently visible
+feature that (1) displays an appropriate copyright notice, and (2)
+tells the user that there is no warranty for the work (except to the
+extent that warranties are provided), that licensees may convey the
+work under this License, and how to view a copy of this License. If
+the interface presents a list of user commands or options, such as a
+menu, a prominent item in the list meets this criterion.
+
+@item Source Code.
+
+The ``source code'' for a work means the preferred form of the work for
+making modifications to it. ``Object code'' means any non-source form
+of a work.
+
+A ``Standard Interface'' means an interface that either is an official
+standard defined by a recognized standards body, or, in the case of
+interfaces specified for a particular programming language, one that
+is widely used among developers working in that language.
+
+The ``System Libraries'' of an executable work include anything, other
+than the work as a whole, that (a) is included in the normal form of
+packaging a Major Component, but which is not part of that Major
+Component, and (b) serves only to enable use of the work with that
+Major Component, or to implement a Standard Interface for which an
+implementation is available to the public in source code form. A
+``Major Component'', in this context, means a major essential component
+(kernel, window system, and so on) of the specific operating system
+(if any) on which the executable work runs, or a compiler used to
+produce the work, or an object code interpreter used to run it.
+
+The ``Corresponding Source'' for a work in object code form means all
+the source code needed to generate, install, and (for an executable
+work) run the object code and to modify the work, including scripts to
+control those activities. However, it does not include the work's
+System Libraries, or general-purpose tools or generally available free
+programs which are used unmodified in performing those activities but
+which are not part of the work. For example, Corresponding Source
+includes interface definition files associated with source files for
+the work, and the source code for shared libraries and dynamically
+linked subprograms that the work is specifically designed to require,
+such as by intimate data communication or control flow between those
+subprograms and other parts of the work.
+
+The Corresponding Source need not include anything that users can
+regenerate automatically from other parts of the Corresponding Source.
+
+The Corresponding Source for a work in source code form is that same
+work.
+
+@item Basic Permissions.
+
+All rights granted under this License are granted for the term of
+copyright on the Program, and are irrevocable provided the stated
+conditions are met. This License explicitly affirms your unlimited
+permission to run the unmodified Program. The output from running a
+covered work is covered by this License only if the output, given its
+content, constitutes a covered work. This License acknowledges your
+rights of fair use or other equivalent, as provided by copyright law.
+
+You may make, run and propagate covered works that you do not convey,
+without conditions so long as your license otherwise remains in force.
+You may convey covered works to others for the sole purpose of having
+them make modifications exclusively for you, or provide you with
+facilities for running those works, provided that you comply with the
+terms of this License in conveying all material for which you do not
+control copyright. Those thus making or running the covered works for
+you must do so exclusively on your behalf, under your direction and
+control, on terms that prohibit them from making any copies of your
+copyrighted material outside their relationship with you.
+
+Conveying under any other circumstances is permitted solely under the
+conditions stated below. Sublicensing is not allowed; section 10
+makes it unnecessary.
+
+@item Protecting Users' Legal Rights From Anti-Circumvention Law.
+
+No covered work shall be deemed part of an effective technological
+measure under any applicable law fulfilling obligations under article
+11 of the WIPO copyright treaty adopted on 20 December 1996, or
+similar laws prohibiting or restricting circumvention of such
+measures.
+
+When you convey a covered work, you waive any legal power to forbid
+circumvention of technological measures to the extent such
+circumvention is effected by exercising rights under this License with
+respect to the covered work, and you disclaim any intention to limit
+operation or modification of the work as a means of enforcing, against
+the work's users, your or third parties' legal rights to forbid
+circumvention of technological measures.
+
+@item Conveying Verbatim Copies.
+
+You may convey verbatim copies of the Program's source code as you
+receive it, in any medium, provided that you conspicuously and
+appropriately publish on each copy an appropriate copyright notice;
+keep intact all notices stating that this License and any
+non-permissive terms added in accord with section 7 apply to the code;
+keep intact all notices of the absence of any warranty; and give all
+recipients a copy of this License along with the Program.
+
+You may charge any price or no price for each copy that you convey,
+and you may offer support or warranty protection for a fee.
+
+@item Conveying Modified Source Versions.
+
+You may convey a work based on the Program, or the modifications to
+produce it from the Program, in the form of source code under the
+terms of section 4, provided that you also meet all of these
+conditions:
+
+@enumerate a
+@item
+The work must carry prominent notices stating that you modified it,
+and giving a relevant date.
+
+@item
+The work must carry prominent notices stating that it is released
+under this License and any conditions added under section 7. This
+requirement modifies the requirement in section 4 to ``keep intact all
+notices''.
+
+@item
+You must license the entire work, as a whole, under this License to
+anyone who comes into possession of a copy. This License will
+therefore apply, along with any applicable section 7 additional terms,
+to the whole of the work, and all its parts, regardless of how they
+are packaged. This License gives no permission to license the work in
+any other way, but it does not invalidate such permission if you have
+separately received it.
+
+@item
+If the work has interactive user interfaces, each must display
+Appropriate Legal Notices; however, if the Program has interactive
+interfaces that do not display Appropriate Legal Notices, your work
+need not make them do so.
+@end enumerate
+
+A compilation of a covered work with other separate and independent
+works, which are not by their nature extensions of the covered work,
+and which are not combined with it such as to form a larger program,
+in or on a volume of a storage or distribution medium, is called an
+``aggregate'' if the compilation and its resulting copyright are not
+used to limit the access or legal rights of the compilation's users
+beyond what the individual works permit. Inclusion of a covered work
+in an aggregate does not cause this License to apply to the other
+parts of the aggregate.
+
+@item Conveying Non-Source Forms.
+
+You may convey a covered work in object code form under the terms of
+sections 4 and 5, provided that you also convey the machine-readable
+Corresponding Source under the terms of this License, in one of these
+ways:
+
+@enumerate a
+@item
+Convey the object code in, or embodied in, a physical product
+(including a physical distribution medium), accompanied by the
+Corresponding Source fixed on a durable physical medium customarily
+used for software interchange.
+
+@item
+Convey the object code in, or embodied in, a physical product
+(including a physical distribution medium), accompanied by a written
+offer, valid for at least three years and valid for as long as you
+offer spare parts or customer support for that product model, to give
+anyone who possesses the object code either (1) a copy of the
+Corresponding Source for all the software in the product that is
+covered by this License, on a durable physical medium customarily used
+for software interchange, for a price no more than your reasonable
+cost of physically performing this conveying of source, or (2) access
+to copy the Corresponding Source from a network server at no charge.
+
+@item
+Convey individual copies of the object code with a copy of the written
+offer to provide the Corresponding Source. This alternative is
+allowed only occasionally and noncommercially, and only if you
+received the object code with such an offer, in accord with subsection
+6b.
+
+@item
+Convey the object code by offering access from a designated place
+(gratis or for a charge), and offer equivalent access to the
+Corresponding Source in the same way through the same place at no
+further charge. You need not require recipients to copy the
+Corresponding Source along with the object code. If the place to copy
+the object code is a network server, the Corresponding Source may be
+on a different server (operated by you or a third party) that supports
+equivalent copying facilities, provided you maintain clear directions
+next to the object code saying where to find the Corresponding Source.
+Regardless of what server hosts the Corresponding Source, you remain
+obligated to ensure that it is available for as long as needed to
+satisfy these requirements.
+
+@item
+Convey the object code using peer-to-peer transmission, provided you
+inform other peers where the object code and Corresponding Source of
+the work are being offered to the general public at no charge under
+subsection 6d.
+
+@end enumerate
+
+A separable portion of the object code, whose source code is excluded
+from the Corresponding Source as a System Library, need not be
+included in conveying the object code work.
+
+A ``User Product'' is either (1) a ``consumer product'', which means any
+tangible personal property which is normally used for personal,
+family, or household purposes, or (2) anything designed or sold for
+incorporation into a dwelling. In determining whether a product is a
+consumer product, doubtful cases shall be resolved in favor of
+coverage. For a particular product received by a particular user,
+``normally used'' refers to a typical or common use of that class of
+product, regardless of the status of the particular user or of the way
+in which the particular user actually uses, or expects or is expected
+to use, the product. A product is a consumer product regardless of
+whether the product has substantial commercial, industrial or
+non-consumer uses, unless such uses represent the only significant
+mode of use of the product.
+
+``Installation Information'' for a User Product means any methods,
+procedures, authorization keys, or other information required to
+install and execute modified versions of a covered work in that User
+Product from a modified version of its Corresponding Source. The
+information must suffice to ensure that the continued functioning of
+the modified object code is in no case prevented or interfered with
+solely because modification has been made.
+
+If you convey an object code work under this section in, or with, or
+specifically for use in, a User Product, and the conveying occurs as
+part of a transaction in which the right of possession and use of the
+User Product is transferred to the recipient in perpetuity or for a
+fixed term (regardless of how the transaction is characterized), the
+Corresponding Source conveyed under this section must be accompanied
+by the Installation Information. But this requirement does not apply
+if neither you nor any third party retains the ability to install
+modified object code on the User Product (for example, the work has
+been installed in ROM).
+
+The requirement to provide Installation Information does not include a
+requirement to continue to provide support service, warranty, or
+updates for a work that has been modified or installed by the
+recipient, or for the User Product in which it has been modified or
+installed. Access to a network may be denied when the modification
+itself materially and adversely affects the operation of the network
+or violates the rules and protocols for communication across the
+network.
+
+Corresponding Source conveyed, and Installation Information provided,
+in accord with this section must be in a format that is publicly
+documented (and with an implementation available to the public in
+source code form), and must require no special password or key for
+unpacking, reading or copying.
+
+@item Additional Terms.
+
+``Additional permissions'' are terms that supplement the terms of this
+License by making exceptions from one or more of its conditions.
+Additional permissions that are applicable to the entire Program shall
+be treated as though they were included in this License, to the extent
+that they are valid under applicable law. If additional permissions
+apply only to part of the Program, that part may be used separately
+under those permissions, but the entire Program remains governed by
+this License without regard to the additional permissions.
+
+When you convey a copy of a covered work, you may at your option
+remove any additional permissions from that copy, or from any part of
+it. (Additional permissions may be written to require their own
+removal in certain cases when you modify the work.) You may place
+additional permissions on material, added by you to a covered work,
+for which you have or can give appropriate copyright permission.
+
+Notwithstanding any other provision of this License, for material you
+add to a covered work, you may (if authorized by the copyright holders
+of that material) supplement the terms of this License with terms:
+
+@enumerate a
+@item
+Disclaiming warranty or limiting liability differently from the terms
+of sections 15 and 16 of this License; or
+
+@item
+Requiring preservation of specified reasonable legal notices or author
+attributions in that material or in the Appropriate Legal Notices
+displayed by works containing it; or
+
+@item
+Prohibiting misrepresentation of the origin of that material, or
+requiring that modified versions of such material be marked in
+reasonable ways as different from the original version; or
+
+@item
+Limiting the use for publicity purposes of names of licensors or
+authors of the material; or
+
+@item
+Declining to grant rights under trademark law for use of some trade
+names, trademarks, or service marks; or
+
+@item
+Requiring indemnification of licensors and authors of that material by
+anyone who conveys the material (or modified versions of it) with
+contractual assumptions of liability to the recipient, for any
+liability that these contractual assumptions directly impose on those
+licensors and authors.
+@end enumerate
+
+All other non-permissive additional terms are considered ``further
+restrictions'' within the meaning of section 10. If the Program as you
+received it, or any part of it, contains a notice stating that it is
+governed by this License along with a term that is a further
+restriction, you may remove that term. If a license document contains
+a further restriction but permits relicensing or conveying under this
+License, you may add to a covered work material governed by the terms
+of that license document, provided that the further restriction does
+not survive such relicensing or conveying.
+
+If you add terms to a covered work in accord with this section, you
+must place, in the relevant source files, a statement of the
+additional terms that apply to those files, or a notice indicating
+where to find the applicable terms.
+
+Additional terms, permissive or non-permissive, may be stated in the
+form of a separately written license, or stated as exceptions; the
+above requirements apply either way.
+
+@item Termination.
+
+You may not propagate or modify a covered work except as expressly
+provided under this License. Any attempt otherwise to propagate or
+modify it is void, and will automatically terminate your rights under
+this License (including any patent licenses granted under the third
+paragraph of section 11).
+
+However, if you cease all violation of this License, then your license
+from a particular copyright holder is reinstated (a) provisionally,
+unless and until the copyright holder explicitly and finally
+terminates your license, and (b) permanently, if the copyright holder
+fails to notify you of the violation by some reasonable means prior to
+60 days after the cessation.
+
+Moreover, your license from a particular copyright holder is
+reinstated permanently if the copyright holder notifies you of the
+violation by some reasonable means, this is the first time you have
+received notice of violation of this License (for any work) from that
+copyright holder, and you cure the violation prior to 30 days after
+your receipt of the notice.
+
+Termination of your rights under this section does not terminate the
+licenses of parties who have received copies or rights from you under
+this License. If your rights have been terminated and not permanently
+reinstated, you do not qualify to receive new licenses for the same
+material under section 10.
+
+@item Acceptance Not Required for Having Copies.
+
+You are not required to accept this License in order to receive or run
+a copy of the Program. Ancillary propagation of a covered work
+occurring solely as a consequence of using peer-to-peer transmission
+to receive a copy likewise does not require acceptance. However,
+nothing other than this License grants you permission to propagate or
+modify any covered work. These actions infringe copyright if you do
+not accept this License. Therefore, by modifying or propagating a
+covered work, you indicate your acceptance of this License to do so.
+
+@item Automatic Licensing of Downstream Recipients.
+
+Each time you convey a covered work, the recipient automatically
+receives a license from the original licensors, to run, modify and
+propagate that work, subject to this License. You are not responsible
+for enforcing compliance by third parties with this License.
+
+An ``entity transaction'' is a transaction transferring control of an
+organization, or substantially all assets of one, or subdividing an
+organization, or merging organizations. If propagation of a covered
+work results from an entity transaction, each party to that
+transaction who receives a copy of the work also receives whatever
+licenses to the work the party's predecessor in interest had or could
+give under the previous paragraph, plus a right to possession of the
+Corresponding Source of the work from the predecessor in interest, if
+the predecessor has it or can get it with reasonable efforts.
+
+You may not impose any further restrictions on the exercise of the
+rights granted or affirmed under this License. For example, you may
+not impose a license fee, royalty, or other charge for exercise of
+rights granted under this License, and you may not initiate litigation
+(including a cross-claim or counterclaim in a lawsuit) alleging that
+any patent claim is infringed by making, using, selling, offering for
+sale, or importing the Program or any portion of it.
+
+@item Patents.
+
+A ``contributor'' is a copyright holder who authorizes use under this
+License of the Program or a work on which the Program is based. The
+work thus licensed is called the contributor's ``contributor version''.
+
+A contributor's ``essential patent claims'' are all patent claims owned
+or controlled by the contributor, whether already acquired or
+hereafter acquired, that would be infringed by some manner, permitted
+by this License, of making, using, or selling its contributor version,
+but do not include claims that would be infringed only as a
+consequence of further modification of the contributor version. For
+purposes of this definition, ``control'' includes the right to grant
+patent sublicenses in a manner consistent with the requirements of
+this License.
+
+Each contributor grants you a non-exclusive, worldwide, royalty-free
+patent license under the contributor's essential patent claims, to
+make, use, sell, offer for sale, import and otherwise run, modify and
+propagate the contents of its contributor version.
+
+In the following three paragraphs, a ``patent license'' is any express
+agreement or commitment, however denominated, not to enforce a patent
+(such as an express permission to practice a patent or covenant not to
+sue for patent infringement). To ``grant'' such a patent license to a
+party means to make such an agreement or commitment not to enforce a
+patent against the party.
+
+If you convey a covered work, knowingly relying on a patent license,
+and the Corresponding Source of the work is not available for anyone
+to copy, free of charge and under the terms of this License, through a
+publicly available network server or other readily accessible means,
+then you must either (1) cause the Corresponding Source to be so
+available, or (2) arrange to deprive yourself of the benefit of the
+patent license for this particular work, or (3) arrange, in a manner
+consistent with the requirements of this License, to extend the patent
+license to downstream recipients. ``Knowingly relying'' means you have
+actual knowledge that, but for the patent license, your conveying the
+covered work in a country, or your recipient's use of the covered work
+in a country, would infringe one or more identifiable patents in that
+country that you have reason to believe are valid.
+
+If, pursuant to or in connection with a single transaction or
+arrangement, you convey, or propagate by procuring conveyance of, a
+covered work, and grant a patent license to some of the parties
+receiving the covered work authorizing them to use, propagate, modify
+or convey a specific copy of the covered work, then the patent license
+you grant is automatically extended to all recipients of the covered
+work and works based on it.
+
+A patent license is ``discriminatory'' if it does not include within the
+scope of its coverage, prohibits the exercise of, or is conditioned on
+the non-exercise of one or more of the rights that are specifically
+granted under this License. You may not convey a covered work if you
+are a party to an arrangement with a third party that is in the
+business of distributing software, under which you make payment to the
+third party based on the extent of your activity of conveying the
+work, and under which the third party grants, to any of the parties
+who would receive the covered work from you, a discriminatory patent
+license (a) in connection with copies of the covered work conveyed by
+you (or copies made from those copies), or (b) primarily for and in
+connection with specific products or compilations that contain the
+covered work, unless you entered into that arrangement, or that patent
+license was granted, prior to 28 March 2007.
+
+Nothing in this License shall be construed as excluding or limiting
+any implied license or other defenses to infringement that may
+otherwise be available to you under applicable patent law.
+
+@item No Surrender of Others' Freedom.
+
+If conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot convey
+a covered work so as to satisfy simultaneously your obligations under
+this License and any other pertinent obligations, then as a
+consequence you may not convey it at all. For example, if you agree
+to terms that obligate you to collect a royalty for further conveying
+from those to whom you convey the Program, the only way you could
+satisfy both those terms and this License would be to refrain entirely
+from conveying the Program.
+
+@item Remote Network Interaction; Use with the GNU General Public License.
+
+Notwithstanding any other provision of this License, if you modify the
+Program, your modified version must prominently offer all users interacting
+with it remotely through a computer network (if your version supports such
+interaction) an opportunity to receive the Corresponding Source of your
+version by providing access to the Corresponding Source from a network
+server at no charge, through some standard or customary means of
+facilitating copying of software. This Corresponding Source shall include
+the Corresponding Source for any work covered by version 3 of the GNU
+General Public License that is incorporated pursuant to the following
+paragraph.
+
+Notwithstanding any other provision of this License, you have permission to
+link or combine any covered work with a work licensed under version 3 of
+the GNU General Public License into a single combined work, and to convey
+the resulting work. The terms of this License will continue to apply to
+the part which is the covered work, but the work with which it is combined
+will remain governed by version 3 of the GNU General Public License.
+
+@item Revised Versions of this License.
+
+The Free Software Foundation may publish revised and/or new versions
+of the GNU Affero General Public License from time to time. Such new
+versions will be similar in spirit to the present version, but may
+differ in detail to address new problems or concerns.
+
+Each version is given a distinguishing version number. If the Program
+specifies that a certain numbered version of the GNU Affero General Public
+License ``or any later version'' applies to it, you have the option of
+following the terms and conditions either of that numbered version or
+of any later version published by the Free Software Foundation. If
+the Program does not specify a version number of the GNU Affero General
+Public License, you may choose any version ever published by the Free
+Software Foundation.
+
+If the Program specifies that a proxy can decide which future versions
+of the GNU Affero General Public License can be used, that proxy's public
+statement of acceptance of a version permanently authorizes you to
+choose that version for the Program.
+
+Later license versions may give you additional or different
+permissions. However, no additional obligations are imposed on any
+author or copyright holder as a result of your choosing to follow a
+later version.
+
+@item Disclaimer of Warranty.
+
+THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
+APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
+HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM ``AS IS'' WITHOUT
+WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND
+PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE
+DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR
+CORRECTION.
+
+@item Limitation of Liability.
+
+IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR
+CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES
+ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT
+NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR
+LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM
+TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER
+PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+@item Interpretation of Sections 15 and 16.
+
+If the disclaimer of warranty and limitation of liability provided
+above cannot be given local legal effect according to their terms,
+reviewing courts shall apply local law that most closely approximates
+an absolute waiver of all civil liability in connection with the
+Program, unless a warranty or assumption of liability accompanies a
+copy of the Program in return for a fee.
+
+@end enumerate
+
+@heading END OF TERMS AND CONDITIONS
+
+@heading How to Apply These Terms to Your New Programs
+
+If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these
+terms.
+
+To do so, attach the following notices to the program. It is safest
+to attach them to the start of each source file to most effectively
+state the exclusion of warranty; and each file should have at least
+the ``copyright'' line and a pointer to where the full notice is found.
+
+@smallexample
+@var{one line to give the program's name and a brief idea of what it does.}
+Copyright (C) @var{year} @var{name of author}
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU Affero General Public License as published by
+the Free Software Foundation, either version 3 of the License, or (at
+your option) any later version.
+
+This program is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+Affero General Public License for more details.
+
+You should have received a copy of the GNU Affero General Public License
+along with this program. If not, see @url{https://www.gnu.org/licenses/}.
+@end smallexample
+
+Also add information on how to contact you by electronic and paper mail.
+
+If your software can interact with users remotely through a computer
+network, you should also make sure that it provides a way for users to
+get its source. For example, if your program is a web application, its
+interface could display a ``Source'' link that leads users to an archive
+of the code. There are many ways you could offer source, and different
+solutions will be better for different programs; see section 13 for the
+specific requirements.
+
+You should also get your employer (if you work as a programmer) or school,
+if any, to sign a ``copyright disclaimer'' for the program, if necessary.
+For more information on this, and how to apply and follow the GNU AGPL, see
+@url{https://www.gnu.org/licenses/}.
diff --git a/doc/documentation/chapters/contributing.texi b/doc/documentation/chapters/contributing.texi
index 745acca77..a92df45c3 100644
--- a/doc/documentation/chapters/contributing.texi
+++ b/doc/documentation/chapters/contributing.texi
@@ -6,17 +6,20 @@
* Licenses of contributions::
* Copyright Assignment::
* Contributing to the Reference Manual::
+* Contributing testcases::
@end menu
@node Contributing to GNUnet
@section Contributing to GNUnet
+@cindex licenses
+@cindex licenses of contributions
@node Licenses of contributions
@section Licenses of contributions
GNUnet is a @uref{https://www.gnu.org/, GNU} package.
All code contributions must thus be put under the
-@uref{https://www.gnu.org/copyleft/gpl.html, GNU Public License (GPL)}.
+@uref{https://www.gnu.org/licenses/agpl.html, GNU Affero Public License (AGPL)}.
All documentation should be put under FSF approved licenses
(see @uref{https://www.gnu.org/copyleft/fdl.html, fdl}).
@@ -40,7 +43,7 @@ rights, and in particular is allowed to dual-license the code. You
retain non-exclusive rights to your contributions, so you can also
share your contributions freely with other projects.
-GNUnet e.V. will publish all accepted contributions under the GPLv3
+GNUnet e.V. will publish all accepted contributions under the AGPLv3
or any later version. The association may decide to publish
contributions under additional licenses (dual-licensing).
@@ -88,3 +91,21 @@ In a 200+ pages handbook it's better to have footnotes accessible
without having to skip over to the end.
@end itemize
+
+@node Contributing testcases
+@section Contributing testcases
+
+In the core of gnunet, we restrict new testcases to a small subset
+of languages, in order of preference:
+@enumerate
+@item C
+@item Bash (preferable portable without too much specifics to Bash)
+@item Python (@geq{}3.6)
+@end enumerate
+
+We welcome efforts to remove our existing python-2.7 scripts to
+replace them either with Bash or, at your choice, python-3.6+.
+
+If you contribute new python based testcases, we advise you to
+not repeat our past misfortunes and write the tests in a standard
+test framework like for example pytest.
diff --git a/doc/documentation/chapters/developer.texi b/doc/documentation/chapters/developer.texi
index 1f74a8163..e82e32b59 100644
--- a/doc/documentation/chapters/developer.texi
+++ b/doc/documentation/chapters/developer.texi
@@ -214,9 +214,7 @@ Installation and update tool
Template for starting 'external' GNUnet projects
@item @command{gnunet-java}
Java APIs for writing GNUnet services and applications
-@c ** FIXME: Point to new website repository once we have it:
-@c ** @item svn/gnunet-www/ Code and media helping drive the GNUnet
-@c website
+@item @command{gnunet-java-ext}
@item @command{eclectic}
Code to run GNUnet nodes on testbeds for research, development,
testing and evaluation
@@ -227,6 +225,8 @@ Qt-based GNUnet GUI (is it deprecated?)
cocoa-based GNUnet GUI (is it deprecated?)
@item @command{gnunet-guile}
Guile bindings for GNUnet
+@item @command{gnunet-python}
+Python bindings for GNUnet
@end table
@@ -246,6 +246,13 @@ Tool for automated debugging of distributed systems
Library for accessing satellite connection quality reports
@item @command{libgnurl}
gnURL (feature-restricted variant of cURL/libcurl)
+@item @command{www}
+work in progress of the new gnunet.org website (Jinja2 framework based to
+replace our current Drupal website)
+@item @command{bibliography}
+Our collected bibliography, papers, references, and so forth
+@item @command{gnunet-videos-}
+Videos about and around gnunet activities
@end table
Finally, there are various external projects (see links for a list of
diff --git a/doc/documentation/chapters/installation.texi b/doc/documentation/chapters/installation.texi
index f5e38fd3d..559a97f96 100644
--- a/doc/documentation/chapters/installation.texi
+++ b/doc/documentation/chapters/installation.texi
@@ -1,22 +1,40 @@
@node Installing GNUnet
@chapter Installing GNUnet
-This guide is intended for those who want to install Gnunet from source. For instructions on how to install GNUnet as a binary package please refer to the official documentation of your operating system or package manager.
+This guide is intended for those who want to install Gnunet from
+source. For instructions on how to install GNUnet as a binary package
+please refer to the official documentation of your operating system or
+package manager.
-@node Getting the Source Code
+@menu
+* Installing dependencies::
+* Getting the Source Code::
+* Create @code{gnunet} user and group::
+* Preparing and Compiling the Source Code::
+* Installation::
+* MOVED FROM USER Checking the Installation::
+* MOVED FROM USER The graphical configuration interface::
+* MOVED FROM USER Config Leftovers::
+@end menu
+
+@c -----------------------------------------------------------------------
+@node Installing dependencies
@section Installing dependencies
-GNUnet needs few libraries and applications for being able to run and another few optional ones for using certain features. Preferably they should be installed with a package manager. Just in case we include a link to the project websites.
+GNUnet needs few libraries and applications for being able to run and
+another few optional ones for using certain features. Preferably they
+should be installed with a package manager. Just in case we include a
+link to the project websites.
The mandatory libraries and applications are
@itemize @bullet
@item libtool
-@item autoconf >= version 2.59
-@item automake >= version 1.11.1
+@item autoconf @geq{}2.59
+@item automake @geq{}1.11.1
@item pkg-config
-@item libgcrypt >= version 1.6
+@item libgcrypt @geq{}1.6
@item libextractor
@item libidn
-@item libmicrohttpd >= version 0.9.52
+@item libmicrohttpd @geq{}0.9.52
@item libnss
@item libunistring
@item gettext
@@ -43,30 +61,43 @@ These are the dependencies only required for certain features
@item libpulse (for running the GNUnet conversation telephony application)
@item libogg (for running the GNUnet conversation telephony application)
@item bluez (for bluetooth support)
-@item libpbc (for attribute-based encryption and the identity provider subsystem)
-@item libgabe (for attribute-based encryption and the identity provider subsystem)
+@item libpbc
+(for attribute-based encryption and the identity provider subsystem)
+@item libgabe
+(for attribute-based encryption and the identity provider subsystem)
@end itemize
-
+@c -----------------------------------------------------------------------
+@node Getting the Source Code
@section Getting the Source Code
-You can either download the source code using git (you obviously need git installed) or as an archive.
+You can either download the source code using git (you obviously need
+git installed) or as an archive.
Using git type
@example
git clone https://gnunet.org/git/gnunet.git
@end example
-The archive can be found at @uref{https://gnunet.org/downloads}. Extract it using a graphical archive tool or @code{tar}:
+The archive can be found at
+@uref{https://gnunet.org/downloads}. Extract it using a graphical
+archive tool or @code{tar}:
@example
tar xzvf gnunet-0.11.0pre66.tar.gz
@end example
-In the next chapter we will assume that the source code is available in the home directory at @code{~/gnunet}.
+In the next chapter we will assume that the source code is available
+in the home directory at @code{~/gnunet}.
+@c -----------------------------------------------------------------------
+@node Create @code{gnunet} user and group
@section Create @code{gnunet} user and group
-The GNUnet services should be run as a dedicated user called @code{gnunet}. For using them a user should be in the same group as this system user.
+The GNUnet services should be run as a dedicated user called
+@code{gnunet}. For using them a user should be in the same group as
+this system user.
-Create user @code{gnunet} who is member of the group @code{gnunet} and specify a home directory where the GNUnet services will store persistant data such as information about peers.
+Create user @code{gnunet} who is member of the group @code{gnunet} and
+specify a home directory where the GNUnet services will store
+persistant data such as information about peers.
@example
$ sudo useradd --system --groups gnunet --home-dir /var/lib/gnunet
@end example
@@ -76,8 +107,13 @@ Now add your own user to the @code{gnunet} group.
$ sudo adduser alice gnunet
@end example
+@c -----------------------------------------------------------------------
+@node Preparing and Compiling the Source Code
@section Preparing and Compiling the Source Code
-For preparing the source code for compilation a bootstrap script and @code{configure} has to be run from the source code directory. When running @code{configure} the following options can be specified to customize the compilation and installation process:
+For preparing the source code for compilation a bootstrap script and
+@code{configure} has to be run from the source code directory. When
+running @code{configure} the following options can be specified to
+customize the compilation and installation process:
@itemize @bullet
@item @code{--disable-documentation} - don't build the configuration documents
@@ -91,27 +127,39 @@ For preparing the source code for compilation a bootstrap script and @code{confi
@item @code{--with-sudo=[PATH]} - path to the sudo binary (no need to run @code{make install} as root if specified)
@end itemize
-The following example configures the installation prefix @code{/usr/lib} and disables building the documentation
+The following example configures the installation prefix
+@code{/usr/lib} and disables building the documentation
@example
$ cd ~/gnunet
$ ./bootstrap
$ configure --prefix=/usr/lib --disable-configuration
@end example
-After running the bootstrap script and @code{configure} successfully the source code can be compiled with make. Here @code{-j5} specifies that 5 threads should be used.
+After running the bootstrap script and @code{configure} successfully
+the source code can be compiled with make. Here @code{-j5} specifies
+that 5 threads should be used.
@example
$ make -j5
@end example
-
+@c -----------------------------------------------------------------------
+@node Installation
@section Installation
-The compiled binaries can be installed using @code{make install}. It needs to be run as root (or with sudo) because some binaries need the @code{suid} bit set. Without that some GNUnet subsystems (such as VPN) will not work.
+The compiled binaries can be installed using @code{make install}. It
+needs to be run as root (or with sudo) because some binaries need the
+@code{suid} bit set. Without that some GNUnet subsystems (such as VPN)
+will not work.
@example
$ sudo make install
@end example
-One important library is the GNS plugin for NSS (the name services switch) which allows using GNS (the GNU name system) in the normal DNS resolution process. Unfortunately NSS expects it in a specific location (probably @code{/lib}) which may differ from the installation prefix (see @code{--prefix} option in the previous section). This is why the pugin has to be installed manually.
+One important library is the GNS plugin for NSS (the name services
+switch) which allows using GNS (the GNU name system) in the normal DNS
+resolution process. Unfortunately NSS expects it in a specific
+location (probably @code{/lib}) which may differ from the installation
+prefix (see @code{--prefix} option in the previous section). This is
+why the pugin has to be installed manually.
Find the directory where nss plugins are installed on your system, e.g.
@@ -129,24 +177,30 @@ Copy the GNS NSS plugin to that directory:
cp ~/gnunet/src/gns/nss/libnss_gns.so.2 /lib
@end example
-Now, to activate the plugin, you need to edit your @code{/etc/nsswitch.conf} where you should find a line like this:
+Now, to activate the plugin, you need to edit your
+@code{/etc/nsswitch.conf} where you should find a line like this:
@example
hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
@end example
-The exact details may differ a bit, which is fine. Add the text @code{"gns [NOTFOUND=return]"} after @code{"files"}.
+The exact details may differ a bit, which is fine. Add the text
+@code{"gns [NOTFOUND=return]"} after @code{"files"}.
@example
hosts: files gns [NOTFOUND=return] mdns4_minimal [NOTFOUND=return] dns mdns4
@end example
-Optionally, if GNS shall be used with a browser, execute the GNS CA-setup script. It will isetup the GNS Certificate Authority with the user's browser.
+Optionally, if GNS shall be used with a browser, execute the GNS
+CA-setup script. It will isetup the GNS Certificate Authority with the
+user's browser.
@example
$ gnunet-gns-proxy-setup-ca
@end example
-Finally install a configuration file in @code{~/.gnunet/gnunet.conf}. Below you find an example config which allows you to start GNUnet.
+Finally install a configuration file in
+@code{~/.gnunet/gnunet.conf}. Below you find an example config which
+allows you to start GNUnet.
@example
[arm]
@@ -170,7 +224,8 @@ This section describes a quick, casual way to check if your GNUnet
installation works. However, if it does not, we do not cover
steps for recovery --- for this, please study the instructions
provided in the developer handbook as well as the system-specific
-instruction in the source code repository@footnote{The system specific instructions are not provided as part of this handbook!}.
+instruction in the source code repository@footnote{The system specific
+instructions are not provided as part of this handbook!}.
@menu
@@ -203,21 +258,25 @@ Currently these interfaces cover:
@subsection Statistics
@c %**end of header
-First, you should launch GNUnet gtk@footnote{Obviously you should also start gnunet, via gnunet-arm or the system provided method}.
+First, you should launch GNUnet gtk@footnote{Obviously you should also
+start gnunet, via gnunet-arm or the system provided method}.
You can do this from the command-line by typing
@example
gnunet-statistics-gtk
@end example
-If your peer@footnote{The term ``peer'' is a common word used in federated and distributed networks to describe a participating device which is connected to the network. Thus, your Personal Computer or whatever it is you are looking at the Gtk+ interface describes a ``Peer'' or a ``Node''.}
-is running correctly, you should see a bunch of lines,
-all of which should be ``significantly'' above zero (at least if your
-peer has been running for more than a few seconds). The lines indicate
-how many other peers your peer is connected to (via different
-mechanisms) and how large the entire overlay network is currently
-estimated to be. The X-axis represents time (in seconds since the
-start of @command{gnunet-gtk}).
+If your peer@footnote{The term ``peer'' is a common word used in
+federated and distributed networks to describe a participating device
+which is connected to the network. Thus, your Personal Computer or
+whatever it is you are looking at the Gtk+ interface describes a
+``Peer'' or a ``Node''.} is running correctly, you should see a bunch
+of lines, all of which should be ``significantly'' above zero (at
+least if your peer has been running for more than a few seconds). The
+lines indicate how many other peers your peer is connected to (via
+different mechanisms) and how large the entire overlay network is
+currently estimated to be. The X-axis represents time (in seconds
+since the start of @command{gnunet-gtk}).
You can click on "Traffic" to see information about the amount of
bandwidth your peer has consumed, and on "Storage" to check the amount
diff --git a/doc/documentation/chapters/preface.texi b/doc/documentation/chapters/preface.texi
index 00e6290f0..29cf924a2 100644
--- a/doc/documentation/chapters/preface.texi
+++ b/doc/documentation/chapters/preface.texi
@@ -12,9 +12,9 @@ all kinds of basic applications for the foundation of a new Internet.
@menu
* About this book::
+* Contributing to this book::
* Introduction::
* Project governance::
-* General Terminology::
* Typography::
@end menu
@@ -37,6 +37,26 @@ The first chapter (``Preface'') as well as the the second
chapter (``Philosophy'') give an introduction to GNUnet as a project,
what GNUnet tries to achieve.
+@node Contributing to this book
+@section Contributing to this book
+
+The GNUnet Reference Manual is a collective work produced by various
+people throughout the years. The version you are reading is derived
+from many individual efforts hosted on our website. This was a failed
+experiment, and with the conversion to Texinfo we hope to address this
+in the longterm. Texinfo is the documentation language of the GNU project.
+While it can be intimidating at first and look scary or complicated,
+it is just another way to express text format instructions. We encourage
+you to take this opportunity and learn about Texinfo, learn about GNUnet,
+and one word at a time we will arrive at a book which explains GNUnet in
+the least complicated way to you. Even when you don't want or can't learn
+Texinfo, you can contribute. Send us an Email or join our IRC chat room
+on freenode and talk with us about the documentation (the prefered way
+to reach out is the mailinglist, since you can communicate with us
+without waiting on someone in the chatroom). One way or another you
+can help shape the understanding of GNUnet without the ability to read
+and understand its sourcecode.
+
@node Introduction
@section Introduction
@@ -66,25 +86,31 @@ immediately. A few months after the first release we contacted the
GNU project, happily agreed to their governance model and became an
official GNU package.
-Within the first year, we created GNU libextractor, a helper library
+Within the first year, we created
+@uref{https://gnu.org/s/libextractor, GNU libextractor}, a helper library
for meta data extraction which has been used by a few other projects
as well. 2003 saw the emergence of pluggable transports, the ability
for GNUnet to use different mechanisms for communication, starting
with TCP, UDP and SMTP (support for the latter was later dropped due
to a lack of maintenance). In 2005, the project first started to
evolve beyond the original file-sharing application with a first
-simple P2P chat. In 2007, we created GNU libmicrohttpd
+simple P2P chat. In 2007, we created
+@uref{https://gnu.org/s/libmicrohttpd, GNU libmicrohttpd}
to support a pluggable transport based on HTTP. In 2009, the
architecture was radically modularized into the multi-process system
-that exists today. Coincidentally, the first version of the ARM
+that exists today. Coincidentally, the first version of the ARM@footnote{ARM: Automatic Restart Manager}
service was implemented a day before systemd was announced. From 2009
to 2014 work progressed rapidly thanks to a significant research grant
from the Deutsche Forschungsgesellschaft. This resulted in particular
in the creation of the R5N DHT, CADET, ATS and the GNU Name System.
-In 2010, GNUnet was selected as the basis for the SecuShare online
-social network, resutling in a significant growth of the core team.
-In 2013, we launched GNU Taler to address the challenge of convenient
-and privacy-preserving online payments. In 2015, the pEp project
+In 2010, GNUnet was selected as the basis for the
+@uref{https://secushare.org, secushare} online
+social network, resulting in a significant growth of the core team.
+In 2013, we launched @uref{https://taler.net, GNU Taler} to address
+the challenge of convenient
+and privacy-preserving online payments. In 2015, the
+@c TODO: Maybe even markup for the E if it renders in most outputs.
+@uref{https://pep.foundation/, pEp}@footnote{pretty easy privacy} project
announced that they will use GNUnet as the technology for their
meta-data protection layer, ultimately resulting in GNUnet e.V.
entering into a formal long-term collaboration with the pEp
@@ -99,9 +125,9 @@ computing has been the core driver of the GNU project. With GNUnet we
are focusing on informational self-determination for collaborative
computing and communication over networks.
-The Internet is shaped as much by code and protocols as by its
-associated political processes (IETF, ICANN, IEEE, etc.), and its
-flaws are similarly not limited to the protocol design. Thus,
+The Internet is shaped as much by code and protocols as it is by its
+associated political processes (IETF, ICANN, IEEE, etc.).
+Similarly its flaws are not limited to the protocol design. Thus,
technical excellence by itself will not suffice to create a better
network. We also need to build a community that is wise, humble and
has a sense of humor to achieve our goal to create a technical
@@ -116,23 +142,22 @@ follows the governance model of a benevolent dictator. This means
that ultimately, the GNU project appoints the GNU maintainer and can
overrule decisions made by the GNUnet maintainer. Similarly, the
GNUnet maintainer can overrule any decisions made by individual
+@c TODO: Should we mention if this is just about GNUnet? Other projects
+@c TODO: in GNU seem to have rare issues (GCC, the 2018 documentation
+@c TODO: discussion.
developers. Still, in practice neither has happened in the last 20
years, and we hope to keep it that way.
+@c TODO: Actually we are a Swiss association, or just a German association
+@c TODO: with Swiss bylaws/Satzung?
+@c TODO: Rewrite one of the 'GNUnet eV may also' sentences.
The GNUnet project is supported by GNUnet e.V., a German association
-where any developer can become a member. GNUnet e.V. servers as a
+where any developer can become a member. GNUnet e.V. serves as a
legal entity to hold the copyrights to GNUnet. GNUnet e.V. may also
choose to pay for project resources, and can collect donations.
GNUnet e.V. may also choose to adjust the license of the
-software (with the constraint that it has to remain free software).
-
-
-@node General Terminology
-@section General Terminology
+software (with the constraint that it has to remain free software)@footnote{For example in 2018 we switched from GPL3 to AGPL3. In practice these changes do not happen very often.}
-In the following manual we may use words that can not be found in the
-Appendix. Since we want to keep the manual selfcontained, we will
-explain words here.
@node Typography
@section Typography
@@ -142,3 +167,5 @@ command should/can be issued as root, or if "normal" user privileges are
sufficient. We use a @code{#} for root's shell prompt, a
@code{%} for users' shell prompt, assuming they use the C-shell or tcsh
and a @code{$} for bourne shell and derivatives.
+@c TODO: Really? Why the different prompts? Do we already have c-shell
+@c TODO: examples?
diff --git a/doc/documentation/chapters/user.texi b/doc/documentation/chapters/user.texi
index fe47abb86..50b795197 100644
--- a/doc/documentation/chapters/user.texi
+++ b/doc/documentation/chapters/user.texi
@@ -26,6 +26,7 @@ always welcome.
* First steps - Using the GNUnet VPN::
* File-sharing::
* The GNU Name System::
+* re@:claim Identity Provider::
* Using the Virtual Public Network::
@end menu
@@ -43,6 +44,7 @@ To stop GNUnet:
@example
$ gnunet-arm -e
@end example
+
@node First steps - Using the GNU Name System
@section First steps - Using the GNU Name System
@c %**end of header
@@ -246,7 +248,7 @@ more an experimental feature and not really our primary goal at this
time. Still, it is a possible use-case and we welcome help with testing
and development.
-
+@pindex gnunet-bcd
@node Creating a Business Card
@subsection Creating a Business Card
@c FIXME: Which parts of texlive are needed? Some systems offer a modular
@@ -257,7 +259,9 @@ Note that this requires having @command{LaTeX} installed on your system.
If you are using a Debian GNU/Linux based operating system, the
following command should install the required components.
Keep in mind that this @b{requires 3GB} of downloaded data and possibly
-@b{even more} when unpacked.
+@b{even more}@footnote{Author's note:
+@command{guix size `guix build texlive`} in summer 2018 returns a DAG
+size of 5032.4 MiB} when unpacked.
@b{We welcome any help in identifying the required components of the
TexLive Distribution. This way we could just state the required components
without pulling in the full distribution of TexLive.}
@@ -312,12 +316,14 @@ you might need a trip to the store together.
Before we get started, we need to tell @code{gnunet-qr} which zone
it should import new records into. For this, run:
+@pindex gnunet-identity
@example
$ gnunet-identity -s namestore -e NAME
@end example
where NAME is the name of the zone you want to import records
into. In our running example, this would be ``gnu''.
+@pindex gnunet-qr
Henceforth, for every business card you collect, simply run:
@example
$ gnunet-qr
@@ -335,6 +341,7 @@ GNUnet network at this time, you should thus be able to
resolve your friends names. Suppose your friend's nickname
is "Bob". Then, type
+@pindex gnunet-gns
@example
$ gnunet-gns -u test.bob.gnu
@end example
@@ -381,6 +388,7 @@ a revocation certificate corresponding to your ego. This certificate,
when published on the P2P network, flags your private key as invalid,
and all further resolutions or other checks involving the key will fail.
+@pindex gnunet-revocation
A revocation certificate is thus a useful tool when things go out of
control, but at the same time it should be stored securely.
Generation of the revocation certificate for a zone can be done through
@@ -433,6 +441,7 @@ private conversation with your friend. Finally, help us
with the next GNUnet release for even more applications
using this new public key infrastructure.
+@pindex gnunet-conservation-gtk
@node First steps - Using GNUnet Conversation
@section First steps - Using GNUnet Conversation
@c %**end of header
@@ -485,6 +494,7 @@ that will show up when you call somebody else, as well as the
GNS zone that will be used to resolve names of users that you
are calling. Run
+@pindex gnunet-conversation
@example
gnunet-conversation -e zone-name
@end example
@@ -564,7 +574,7 @@ Either of you can end the call using @command{/cancel}. You can exit
@menu
* VPN Preliminaries::
-* Exit configuration::
+* GNUnet-Exit configuration::
* GNS configuration::
* Accessing the service::
* Using a Browser::
@@ -595,6 +605,9 @@ The exact details may differ a bit, which is fine. Add the text
hosts: files gns [NOTFOUND=return] mdns4_minimal [NOTFOUND=return] dns mdns4
@end example
+@c TODO: outdated section, we no longer install this as part of the
+@c TODO: standard installation procedure and should point out the manual
+@c TODO: steps required to make it useful.
@noindent
You might want to make sure that @code{/lib/libnss_gns.so.2} exists on
your system, it should have been created during the installation.
@@ -608,8 +621,8 @@ $ cd src/gns/nss; sudo make install
@noindent
to install the NSS plugins in the proper location.
-@node Exit configuration
-@subsection Exit configuration
+@node GNUnet-Exit configuration
+@subsection GNUnet-Exit configuration
@c %**end of header
Stop your peer (as user @code{gnunet}, run @command{gnunet-arm -e}) and
@@ -696,9 +709,10 @@ the searcher/downloader specify "no anonymity", non-anonymous
file-sharing is used. If either user specifies some desired degree
of anonymity, anonymous file-sharing will be used.
-After a short introduction, we will first look at the various concepts in
-GNUnet's file-sharing implementation. Then, we will discuss specifics as to how
-they impact users that publish, search or download files.
+After a short introduction, we will first look at the various concepts
+in GNUnet's file-sharing implementation. Then, we will discuss
+specifics as to how they impact users that publish, search or download
+files.
@menu
@@ -706,7 +720,6 @@ they impact users that publish, search or download files.
* fs-Downloading::
* fs-Publishing::
* fs-Concepts::
-* fs-Directories::
* Namespace Management::
* File-Sharing URIs::
* GTK User Interface::
@@ -724,10 +737,11 @@ $ gnunet-search [-t TIMEOUT] KEYWORD
@end example
@noindent
-The -t option specifies that the query should timeout after
-approximately TIMEOUT seconds. A value of zero is interpreted
-as @emph{no timeout}, which is also the default. In this case,
-gnunet-search will never terminate (unless you press CTRL-C).
+The @command{-t} option specifies that the query should timeout after
+approximately TIMEOUT seconds. A value of zero (``0'') is interpreted
+as @emph{no timeout}, which is the default. In this case,
+@command{gnunet-search} will never terminate (unless you press
+@command{CTRL-C}).
If multiple words are passed as keywords, they will all be
considered optional. Prefix keywords with a "+" to make them mandatory.
@@ -750,10 +764,11 @@ as the first will match files shared under the keywords
"Das" or "Kapital" whereas the second will match files
shared under the keyword "Das Kapital".
-Search results are printed by gnunet-search like this:
+Search results are printed by @command{gnunet-search} like this:
@c it will be better the avoid the ellipsis altogether because I don't
@c understand the explanation below that
+@c ng0: who is ``I'' and what was the complete sentence?
@example
#15:
gnunet-download -o "COPYING" gnunet://fs/chk/PGK8M...3EK130.75446
@@ -762,10 +777,11 @@ gnunet-download -o "COPYING" gnunet://fs/chk/PGK8M...3EK130.75446
@noindent
The whole line is the command you would have to enter to download
-the file. The argument passed to @code{-o} is the suggested
+the file. The first argument passed to @code{-o} is the suggested
filename (you may change it to whatever you like).
-It is followed by the key for decrypting the file, the query for searching the
-file, a checksum (in hexadecimal) finally the size of the file in bytes.
+It is followed by the key for decrypting the file, the query for
+searching the file, a checksum (in hexadecimal) finally the size of
+the file in bytes.
@node fs-Downloading
@subsection Downloading
@@ -802,9 +818,9 @@ already present.
GNUnet's file-encoding mechanism will ensure file integrity, even if the
existing file was not downloaded from GNUnet in the first place.
-You may want to use the @command{-V} switch to turn on verbose reporting. In
-this case, @command{gnunet-download} will print the current number of bytes
-downloaded whenever new data was received.
+You may want to use the @command{-V} switch to turn on verbose
+reporting. In this case, @command{gnunet-download} will print the
+current number of bytes downloaded whenever new data was received.
@node fs-Publishing
@subsection Publishing
@@ -834,7 +850,7 @@ $ gnunet-publish -m "description:GNU License" -k gpl -k test -m "mimetype:text/p
The option @code{-k} is used to specify keywords for the file that
should be inserted. You can supply any number of keywords,
and each of the keywords will be sufficient to locate and
-retrieve the file. Please note that you must use the @code{-k} option
+retrieve the file. Please note that you must use the @code{-k} option
more than once -- one for each expression you use as a keyword for
the filename.
@@ -845,10 +861,14 @@ list by running @command{extract -L}. Use quotes around the entire
meta-data argument if the value contains spaces. The meta-data
is displayed to other users when they select which files to
download. The meta-data and the keywords are optional and
-maybe inferred using @code{GNU libextractor}.
+may be inferred using @code{GNU libextractor}.
+
+@command{gnunet-publish} has a few additional options to handle
+namespaces and directories. Refer to the man-page for details:
-gnunet-publish has a few additional options to handle namespaces and
-directories. See the man-page for details.
+@example
+man gnunet-publish
+@end example
@node Indexing vs. Inserting
@subsubsection Indexing vs Inserting
@@ -890,18 +910,17 @@ able to crack the encryption (e.g. by guessing the keyword.
@subsection Concepts
@c %**end of header
-Sharing files in GNUnet is not quite as simple as in traditional
-file sharing systems. For example, it is not sufficient to just
-place files into a specific directory to share them. In addition
-to anonymous routing GNUnet attempts to give users a better experience
-in searching for content. GNUnet uses cryptography to safely break
-content into smaller pieces that can be obtained from different
-sources without allowing participants to corrupt files. GNUnet
-makes it difficult for an adversary to send back bogus search
-results. GNUnet enables content providers to group related content
-and to establish a reputation. Furthermore, GNUnet allows updates
-to certain content to be made available. This section is supposed
-to introduce users to the concepts that are used to achieve these goals.
+For better results with filesharing it is useful to understand the
+following concepts.
+In addition to anonymous routing GNUnet attempts to give users a better
+experience in searching for content. GNUnet uses cryptography to safely
+break content into smaller pieces that can be obtained from different
+sources without allowing participants to corrupt files. GNUnet makes it
+difficult for an adversary to send back bogus search results. GNUnet
+enables content providers to group related content and to establish a
+reputation. Furthermore, GNUnet allows updates to certain content to be
+made available. This section is supposed to introduce users to the
+concepts that are used to achieve these goals.
@menu
@@ -921,10 +940,10 @@ to introduce users to the concepts that are used to achieve these goals.
@c %**end of header
A file in GNUnet is just a sequence of bytes. Any file-format is allowed
-and the maximum file size is theoretically 264 bytes, except that it
-would take an impractical amount of time to share such a file.
-GNUnet itself never interprets the contents of shared files, except
-when using GNU libextractor to obtain keywords.
+and the maximum file size is theoretically @math{2^64 - 1} bytes, except
+that it would take an impractical amount of time to share such a file.
+GNUnet itself never interprets the contents of shared files, except when
+using GNU libextractor to obtain keywords.
@node Keywords
@subsubsection Keywords
@@ -954,10 +973,26 @@ it cannot be changed since it is treated just like an ordinary file
by the network. Small files (of a few kilobytes) can be inlined in
the directory, so that a separate download becomes unnecessary.
+Directories are shared just like ordinary files. If you download a
+directory with @command{gnunet-download}, you can use
+@command{gnunet-directory} to list its contents. The canonical
+extension for GNUnet directories when stored as files in your
+local file-system is ".gnd". The contents of a directory are URIs and
+meta data.
+The URIs contain all the information required by
+@command{gnunet-download} to retrieve the file. The meta data
+typically includes the mime-type, description, a filename and
+other meta information, and possibly even the full original file
+(if it was small).
+
@node Pseudonyms
@subsubsection Pseudonyms
@c %**end of header
+@b{Please note that the text in this subsection is outdated and needs}
+@b{to be rewritten for version 0.10!}
+@b{This especially concerns the terminology of Pseudonym/Ego/Identity.}
+
Pseudonyms in GNUnet are essentially public-private (RSA) key pairs
that allow a GNUnet user to maintain an identity (which may or may not
be detached from their real-life identity). GNUnet's pseudonyms are not
@@ -973,6 +1008,10 @@ to copy around).
@subsubsection Namespaces
@c %**end of header
+@b{Please note that the text in this subsection is outdated and needs}
+@b{to be rewritten for version 0.10!}
+@b{This especially concerns the terminology of Pseudonym/Ego/Identity.}
+
A namespace is a set of files that were signed by the same pseudonym.
Files (or directories) that have been signed and placed into a namespace
can be updated. Updates are identified as authentic if the same secret
@@ -984,11 +1023,15 @@ same entity (which does not have to be the same person).
@subsubsection Advertisements
@c %**end of header
+@b{Please note that the text in this subsection is outdated and needs}
+@b{to be rewritten for version 0.10!}
+@b{This especially concerns the terminology of Pseudonym/Ego/Identity.}
+
Advertisements are used to notify other users about the existence of a
namespace. Advertisements are propagated using the normal keyword search.
When an advertisement is received (in response to a search), the namespace
is added to the list of namespaces available in the namespace-search
-dialogs of gnunet-fs-gtk and printed by gnunet-pseudonym. Whenever a
+dialogs of gnunet-fs-gtk and printed by @code{gnunet-identity}. Whenever a
namespace is created, an appropriate advertisement can be generated.
The default keyword for the advertising of namespaces is "namespace".
@@ -996,7 +1039,7 @@ Note that GNUnet differentiates between your pseudonyms (the identities
that you control) and namespaces. If you create a pseudonym, you will
not automatically see the respective namespace. You first have to create
an advertisement for the namespace and find it using keyword
-search --- even for your own namespaces. The @command{gnunet-pseudonym}
+search --- even for your own namespaces. The @command{gnunet-identity}
tool is currently responsible for both managing pseudonyms and namespaces.
This will likely change in the future to reduce the potential for
confusion.
@@ -1044,22 +1087,6 @@ level by one. If all blocks reach replication level zero, the
selection is simply random.
-@node fs-Directories
-@subsection Directories
-@c %**end of header
-
-Directories are shared just like ordinary files. If you download a
-directory with @command{gnunet-download}, you can use
-@command{gnunet-directory} to list its contents. The canonical
-extension for GNUnet directories when stored as files in your
-local file-system is ".gnd". The contents of a directory are URIs and
-meta data.
-The URIs contain all the information required by
-@command{gnunet-download} to retrieve the file. The meta data
-typically includes the mime-type, description, a filename and
-other meta information, and possibly even the full original file
-(if it was small).
-
@node Namespace Management
@subsection Namespace Management
@c %**end of header
@@ -1067,8 +1094,8 @@ other meta information, and possibly even the full original file
@b{Please note that the text in this subsection is outdated and needs}
@b{to be rewritten for version 0.10!}
-The gnunet-pseudonym tool can be used to create pseudonyms and
-to advertise namespaces. By default, gnunet-pseudonym simply
+The @code{gnunet-identity} tool can be used to create pseudonyms and
+to advertise namespaces. By default, @code{gnunet-identity -D} simply
lists all locally available pseudonyms.
@@ -1084,6 +1111,10 @@ lists all locally available pseudonyms.
@subsubsection Creating Pseudonyms
@c %**end of header
+@b{Please note that the text in this subsection is outdated and needs}
+@b{to be rewritten for version 0.10!}
+@b{This especially concerns the terminology of Pseudonym/Ego/Identity.}
+
With the @command{-C NICK} option it can also be used to
create a new pseudonym. A pseudonym is the virtual identity
of the entity in control of a namespace. Anyone can create
@@ -1095,6 +1126,10 @@ used.
@subsubsection Deleting Pseudonyms
@c %**end of header
+@b{Please note that the text in this subsection is outdated and needs}
+@b{to be rewritten for version 0.10!}
+@b{This especially concerns the terminology of Pseudonym/Ego/Identity.}
+
With the @command{-D NICK} option pseudonyms can be deleted.
Once the pseudonym has been deleted it is impossible to add
content to the corresponding namespace. Deleting the
@@ -1105,6 +1140,10 @@ unavailable.
@subsubsection Advertising namespaces
@c %**end of header
+@b{Please note that the text in this subsection is outdated and needs}
+@b{to be rewritten for version 0.10!}
+@b{This especially concerns the terminology of Pseudonym/Ego/Identity.}
+
Each namespace is associated with meta-data that describes
the namespace. This meta-data is provided by the user at
the time that the namespace is advertised. Advertisements
@@ -1121,6 +1160,10 @@ the quality of the content found in it.
@subsubsection Namespace names
@c %**end of header
+@b{Please note that the text in this subsection is outdated and needs}
+@b{to be rewritten for version 0.10!}
+@b{This especially concerns the terminology of Pseudonym/Ego/Identity.}
+
While the namespace is uniquely identified by its ID, another way
to refer to the namespace is to use the NICKNAME.
The NICKNAME can be freely chosen by the creator of the namespace and
@@ -1132,6 +1175,10 @@ to the NICKNAME to get a unique identifier.
@subsubsection Namespace root
@c %**end of header
+@b{Please note that the text in this subsection is outdated and needs}
+@b{to be rewritten for version 0.10!}
+@b{This especially concerns the terminology of Pseudonym/Ego/Identity.}
+
An item of particular interest in the namespace advertisement is
the ROOT. The ROOT is the identifier of a designated entry in the
namespace. The idea is that the ROOT can be used to advertise an
@@ -1219,6 +1266,10 @@ Furthermore they must not contain '++'.
@subsubsection Namespace content (sks)
@c %**end of header
+@b{Please note that the text in this subsection is outdated and needs}
+@b{to be rewritten for version 0.10!}
+@b{This especially concerns the terminology of Pseudonym/Ego/Identity.}
+
Namespaces are sets of files that have been approved by some (usually
pseudonymous) user --- typically by that user publishing all of the
files together. A file can be in many namespaces. A file is in a
@@ -1419,8 +1470,8 @@ $ gnunet-identity -C "myzone"
Henceforth, on your system you control the TLD ``myzone''.
-All of your zones can be listed using the @command{gnunet-identity}
-command line tool as well:
+All of your zones can be listed (displayed) using the
+@command{gnunet-identity} command line tool as well:
@example
$ gnunet-identity -d
@@ -1528,11 +1579,11 @@ record you want to access).
@subsection Using Public Keys as Top Level Domains
-GNS also assumes responsibility for any name that uses in a well-formed
-public key for the TLD. Names ending this way are then resolved by querying
-the respective zone. Such public key TLDs are expected to be used under rare
-circumstances where globally unique names are required, and for
-integration with legacy systems.
+GNS also assumes responsibility for any name that uses in a
+well-formed public key for the TLD. Names ending this way are then
+resolved by querying the respective zone. Such public key TLDs are
+expected to be used under rare circumstances where globally unique
+names are required, and for integration with legacy systems.
@node Resource Records in GNS
@subsection Resource Records in GNS
@@ -1569,18 +1620,31 @@ GNS currently supports the following record types:
* CNAME::
* GNS2DNS::
* SOA SRV PTR and MX::
+* PLACE::
+* PHONE::
+* ID ATTR::
+* ID TOKEN::
+* ID TOKEN METADATA::
+* CREDENTIAL::
+* POLICY::
+* ATTRIBUTE::
+* ABE KEY::
+* ABE MASTER::
+* RECLAIM OIDC CLIENT::
+* RECLAIM OIDC REDIRECT::
@end menu
@node NICK
@subsubsection NICK
-A NICK record is used to give a zone a name. With a NICK record, you can
-essentially specify how you would like to be called. GNS expects this
-record under the empty label ``@@'' in the zone's database (NAMESTORE); however,
-it will then automatically be copied into each record set, so that
-clients never need to do a separate lookup to discover the NICK record.
-Also, users do not usually have to worry about setting the NICK record:
-it is automatically set to the local name of the TLD.
+A NICK record is used to give a zone a name. With a NICK record, you
+can essentially specify how you would like to be called. GNS expects
+this record under the empty label ``@@'' in the zone's database
+(NAMESTORE); however, it will then automatically be copied into each
+record set, so that clients never need to do a separate lookup to
+discover the NICK record. Also, users do not usually have to worry
+about setting the NICK record: it is automatically set to the local
+name of the TLD.
@b{Example}@
@@ -1739,6 +1803,66 @@ should use the ZKEY zone as the destination hostname and
GNS-enabled mail servers should be configured to accept
e-mails to the ZKEY-zones of all local users.
+@node PLACE
+@subsubsection PLACE
+
+Record type for a social place.
+
+@node PHONE
+@subsubsection PHONE
+
+Record type for a phone (of CONVERSATION).
+
+@node ID ATTR
+@subsubsection ID ATTR
+
+Record type for identity attributes (of IDENTITY).
+
+@node ID TOKEN
+@subsubsection ID TOKEN
+
+Record type for an identity token (of IDENTITY-TOKEN).
+
+@node ID TOKEN METADATA
+@subsubsection ID TOKEN METADATA
+
+Record type for the private metadata of an identity token (of IDENTITY-TOKEN).
+
+@node CREDENTIAL
+@subsubsection CREDENTIAL
+
+Record type for credential.
+
+@node POLICY
+@subsubsection POLICY
+
+Record type for policies.
+
+@node ATTRIBUTE
+@subsubsection ATTRIBUTE
+
+Record type for reverse lookups.
+
+@node ABE KEY
+@subsubsection ABE KEY
+
+Record type for ABE records.
+
+@node ABE MASTER
+@subsubsection ABE MASTER
+
+Record type for ABE master keys.
+
+@node RECLAIM OIDC CLIENT
+@subsubsection RECLAIM OIDC CLIENT
+
+Record type for reclaim OIDC clients.
+
+@node RECLAIM OIDC REDIRECT
+@subsubsection RECLAIM OIDC REDIRECT
+
+Record type for reclaim OIDC redirect URIs.
+
@node Synchronizing with legacy DNS
@subsection Synchronizing with legacy DNS
@@ -1769,6 +1893,98 @@ is thus advisable to disable the namecache by setting the
option ``DISABLE'' to ``YES'' in section ``[namecache]''.
+@node re@:claim Identity Provider
+@section re@:claim Identity Provider
+
+The re:claim Identity Provider (IdP) is a decentralized IdP service.
+It allows its users to manage and authorize third parties to access their identity attributes such as email or shipping addresses.
+
+It basically mimics the concepts of centralized IdPs, such as those offered by Google or Facebook.
+Like other IdPs, re:claim features an (optional) OpenID-Connect 1.0-compliant protocol layer that can be used for websites to integrate re:claim as an Identity Provider with little effort.
+
+@menu
+* Managing Attributes::
+* Sharing Attributes with Third Parties::
+* Revoking Authorizations of Third Parties::
+* Using the OpenID-Connect IdP::
+@end menu
+
+@node Managing Attributes
+@subsection Managing Attributes
+
+Before adding attributes to an identity, you must first create an ego:
+
+@example
+$ gnunet-identity -C "username"
+@end example
+
+Henceforth, you can manage a new user profile of the user ``username''.
+
+To add an email address to your user profile, simply use the @command{gnunet-reclaim} command line tool::
+
+@example
+$ gnunet-reclaim -e "username" -a "email" -V "username@@example.gnunet"
+@end example
+
+All of your attributes can be listed using the @command{gnunet-reclaim}
+command line tool as well:
+
+@example
+$ gnunet-reclaim -e "username" -D
+@end example
+
+Currently, and by default, attribute values are interpreted as plain text.
+In the future there might be more value types such as X.509 certificate credentials.
+
+@node Sharing Attributes with Third Parties
+@subsection Sharing Attributes with Third Parties
+
+If you want to allow a third party such as a website or friend to access to your attributes (or a subset thereof) execute:
+
+@example
+$ gnunet-reclaim -e "username" -r "PKEY" -i "attribute1,attribute2,..."
+@end example
+
+Where "PKEY" is the public key of the third party and "attribute1,attribute2,..." is a comma-separated list of attribute names, such as "email", that you want to share.
+
+The command will return a "ticket" string.
+You must give this "ticket" to the requesting third party.
+
+The third party can then retrieve your shared identity attributes using:
+
+@example
+$ gnunet-reclaim -e "friend" -C "ticket"
+@end example
+
+This will retrieve and list the shared identity attributes.
+The above command will also work if the user "username" is currently offline since the attributes are retrieved from GNS.
+Further, the "ticket" can be re-used later to retrieve up-to-date attributes in case "username" has changed the value(s). For instance, becasue his email address changed.
+
+To list all given authorizations (tickets) you can execute:
+@example
+$ gnunet-reclaim -e "friend" -T (TODO there is only a REST API for this ATM)
+@end example
+
+
+@node Revoking Authorizations of Third Parties
+@subsection Revoking Authorizations of Third Parties
+
+If you want to revoke the access of a third party to your attributes you can execute:
+
+@example
+$ gnunet-idp -e "username" -R "ticket"
+@end example
+
+This will prevent the third party from accessing the attribute in the future.
+Please note that if the third party has previously accessed the attribute, there is not way in which the system could have prevented the thiry party from storing the data.
+As such, only access to updated data in the future can be revoked.
+This behaviour is _exactly the same_ as with other IdPs.
+
+@node Using the OpenID-Connect IdP
+@subsection Using the OpenID-Connect IdP
+
+TODO: Document setup and REST endpoints
+
@node Using the Virtual Public Network
@section Using the Virtual Public Network
diff --git a/doc/documentation/gnunet.texi b/doc/documentation/gnunet.texi
index 2ef5a2b59..50630d4fe 100644
--- a/doc/documentation/gnunet.texi
+++ b/doc/documentation/gnunet.texi
@@ -90,7 +90,8 @@ This document is the Reference Manual for GNUnet version @value{VERSION}.
* GNUnet Contributors Handbook:: Contributing to GNUnet
* GNUnet Developer Handbook:: Developing GNUnet
* GNU Free Documentation License:: The license of this manual
-* GNU General Public License:: The license of this manual
+* GNU General Public License::
+* GNU Affero General Public License::
* Concept Index:: Concepts
* Programming Index:: Data types, functions, and variables
@@ -100,8 +101,8 @@ This document is the Reference Manual for GNUnet version @value{VERSION}.
Preface
* About this book
+* Contributing to this book
* Introduction
-* General Terminology::
* Typography::
Philosophy
@@ -124,6 +125,14 @@ Key Concepts
* Revocation::
Installing GNUnet
+* Installing dependencies::
+* Getting the Source Code::
+* Create @code{gnunet} user and group::
+* Preparing and Compiling the Source Code::
+* Installation::
+* MOVED FROM USER Checking the Installation::
+* MOVED FROM USER The graphical configuration interface::
+* MOVED FROM USER Config Leftovers::
Using GNUnet
@@ -141,6 +150,7 @@ GNUnet Contributors Handbook
* Licenses of contributions::
* Copyright Assignment::
* Contributing to the Reference Manual::
+* Contributing testcases::
GNUnet Developer Handbook
@@ -227,6 +237,12 @@ GNUnet Developer Handbook
@include gpl-3.0.texi
@c *********************************************************************
+@node GNU Affero General Public License
+@appendix GNU Affero General Public License
+@cindex license, GNU Affero General Public License
+@include agpl-3.0.texi
+
+@c *********************************************************************
@node Concept Index
@unnumbered Concept Index
@printindex cp
@@ -235,6 +251,7 @@ GNUnet Developer Handbook
@unnumbered Programming Index
@syncodeindex tp fn
@syncodeindex vr fn
+@syncodeindex pg fn
@printindex fn
@bye
diff --git a/doc/man/Makefile.am b/doc/man/Makefile.am
index a6a116dca..37f881d60 100644
--- a/doc/man/Makefile.am
+++ b/doc/man/Makefile.am
@@ -37,6 +37,7 @@ man_MANS = \
gnunet-statistics.1 \
gnunet-testbed-profiler.1 \
gnunet-testing-run-service.1 \
+ gnunet-timeout.1 \
gnunet-transport.1 \
gnunet-transport-certificate-creation.1 \
gnunet-unindex.1 \
diff --git a/doc/man/gnunet-gns.1 b/doc/man/gnunet-gns.1
index 9466dae03..9e4482653 100644
--- a/doc/man/gnunet-gns.1
+++ b/doc/man/gnunet-gns.1
@@ -46,7 +46,7 @@ Print GNUnet version number.
.SH RETURN VALUE
gnunet\-gns will return 0 on success, 1 on internal failures, 2 on
-launch failures, 3 if the given name is not configured to use GNS.
+launch failures, 4 if the given name is not configured to use GNS.
.SH BUGS
diff --git a/doc/man/gnunet-timeout.1 b/doc/man/gnunet-timeout.1
new file mode 100644
index 000000000..e413254f4
--- /dev/null
+++ b/doc/man/gnunet-timeout.1
@@ -0,0 +1,20 @@
+.TH GNUNET\-TIMOUET 1 "Jun 5, 2018" "GNUnet"
+
+.SH NAME
+gnunet\-timeout \- run process with timeout
+
+.SH SYNOPSIS
+.B gnunet\-timeout
+.RI TIMEOUT PROGRAM ARGS
+.br
+
+.SH DESCRIPTION
+\fBgnunet\-timeout\fP can be used to run another process with a
+timeout. Provided as the standard "timout" utility may not be
+available on all platforms.
+
+.SH BUGS
+Report bugs by using Mantis <https://gnunet.org/bugs/> or by sending electronic mail to <gnunet\-developers@gnu.org>
+
+.SH SEE
+timeout(1)
diff --git a/docker/README.md b/docker/README.md
new file mode 100644
index 000000000..ce05012fc
--- /dev/null
+++ b/docker/README.md
@@ -0,0 +1,138 @@
+# gnunet-docker
+A Dockerfile (and maybe later docker-compose.yml) for getting a running GNUnet docker container.
+
+> This README and parts of the Dockerfile were adapted from https://github.com/compiaffe/gnunet-docker
+
+
+## Build it
+This will take quite a while and will consume a bit of data.
+
+First you need to go to the root of this repo.
+
+```bash
+cd ..
+```
+
+Now you can build the image.
+
+```bash
+docker build -t gnunet .
+```
+
+## Start it from the newly created gnunet image
+Start a container from `gnunet` image, which can access /dev/net/tun, has access to the host network. We are going to name it `gnunet1`.
+
+Note the `--rm` that will delete the container as soon as you stop it and `-ti` gives you an interactive terminal.
+
+#### Linux Users
+```bash
+docker run \
+ --rm \
+ -ti \
+ --privileged \
+ --name gnunet1 \
+ --net=host \
+ -v /dev/net/tun:/dev/net/tun \
+ gnunet
+```
+
+#### Mac Users
+```bash
+docker run \
+ --rm \
+ -it \
+ --privileged \
+ --name gnunet1 \
+ -e LOCAL_PORT_RANGE='40001 40200' \
+ -e GNUNET_PORT=2086 \
+ -p 2086:2086 \
+ -p 2086:2086/udp \
+ -p40001-40200:40001-40200 \
+ -p40001-40200:40001-40200/udp \
+ gnunet
+```
+
+This terminal will keep on printing to screen at the moment. So go on in a new terminal please.
+
+Don't worry about warnings too much...
+
+## Check if you are connected
+Open a new terminal and connect to the container we just started:
+
+```bash
+docker exec -it gnunet1 gnunet-peerinfo -i
+```
+
+If you get a list of peers, all is good.
+
+## Multiple containers on the same host
+### Running
+#### Run Container 1
+```bash
+export GPORT=2086 LPORT='40001-40200' GNAME=gnunet1
+docker run \
+ --rm \
+ -it \
+ --privileged \
+ -e GNUNET_PORT=$GPORT \
+ -e LOCAL_PORT_RANGE="${LPORT/-/ }" \
+ -p $GPORT:$GPORT \
+ -p $GPORT:$GPORT/udp \
+ -p$LPORT:$LPORT \
+ -p$LPORT:$LPORT/udp \
+ --name $GNAME \
+ gnunet
+```
+
+#### Run Container 2
+```bash
+export GPORT=2087 LPORT='40201-40400' GNAME=gnunet2
+docker run \
+ --rm \
+ -it \
+ --privileged \
+ -e GNUNET_PORT=$GPORT \
+ -e LOCAL_PORT_RANGE="${LPORT/-/ }" \
+ -p $GPORT:$GPORT \
+ -p $GPORT:$GPORT/udp \
+ -p$LPORT:$LPORT \
+ -p$LPORT:$LPORT/udp \
+ --name $GNAME \
+ gnunet
+```
+
+### Testing cadet example
+#### Container 1
+```bash
+$ docker exec -it gnunet1 bash
+$ gnunet-peerinfo -s
+I am peer `VWPN1NZA6YMM866EJ5J2NY47XG692MQ6H6WASVECF0M18A9SCMZ0'.
+$ gnunet-cadet -o asdasd
+```
+
+#### Container 2
+```bash
+$ docker exec -it gnunet2 bash
+$ gnunet-cadet VWPN1NZA6YMM866EJ5J2NY47XG692MQ6H6WASVECF0M18A9SCMZ0 asdasd
+```
+
+### Testing file sharing example
+#### Container 1
+```bash
+$ docker exec -it gnunet1 bash
+$ echo 'test' > test.txt
+$ gnunet-publish test.txt
+Publishing `/test.txt' done.
+URI is `gnunet://fs/chk/1RZ7A8TAQHMF8DWAGTSZ9CSA365T60C4BC6DDS810VM78D2Q0366CRX8DGFA29EWBT9BW5Y9HYD0Z1EAKNFNJQDJ04QQSGTQ352W28R.7MYB03GYXT17Z93ZRZRVV64AH9KPWFSVDEZGVE84YHD63XZFJ36B86M48KHTZVF87SZ05HBVB44PCXE8CVWAH72VN1SKYPRK1QN2C98.5'.
+```
+
+#### Container 2
+```bash
+$ docker exec -it gnunet2 bash
+$ gnunet-download -o out.file "gnunet://fs/chk/1RZ7A8TAQHMF8DWAGTSZ9CSA365T60C4BC6DDS810VM78D2Q0366CRX8DGFA29EWBT9BW5Y9HYD0Z1EAKNFNJQDJ04QQSGTQ352W28R.7MYB03GYXT17Z93ZRZRVV64AH9KPWFSVDEZGVE84YHD63XZFJ36B86M48KHTZVF87SZ05HBVB44PCXE8CVWAH72VN1SKYPRK1QN2C98.5"
+100% [============================================================]
+Downloading `out.file' done (0 b/s).
+$ cat out.file
+test
+```
+
diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh
new file mode 100644
index 000000000..7f98ef68b
--- /dev/null
+++ b/docker/docker-entrypoint.sh
@@ -0,0 +1,15 @@
+#!/bin/bash -e
+
+echo "${LOCAL_PORT_RANGE:-49152 65535}" > /proc/sys/net/ipv4/ip_local_port_range
+sed -i 's/$GNUNET_PORT/'${GNUNET_PORT:-2086}'/g' /etc/gnunet.conf
+
+if [[ $# -eq 0 ]]; then
+ exec gnunet-arm \
+ --config=/etc/gnunet.conf \
+ --start \
+ --monitor
+elif [[ -z $1 ]] || [[ ${1:0:1} == '-' ]]; then
+ exec gnunet-arm "$@"
+else
+ exec "$@"
+fi
diff --git a/docker/gnunet.conf b/docker/gnunet.conf
new file mode 100644
index 000000000..c8299ef46
--- /dev/null
+++ b/docker/gnunet.conf
@@ -0,0 +1,21 @@
+[arm]
+SYSTEM_ONLY = NO
+USER_ONLY = NO
+
+[fs]
+FORCESTART = NO
+
+[nat]
+ENABLE_UPNP = NO
+BEHIND_NAT = YES
+
+[transport-tcp]
+PORT = $GNUNET_PORT
+ADVERTISED_PORT = $GNUNET_PORT
+
+[transport-udp]
+PORT = $GNUNET_PORT
+BROADCAST = YES
+
+[cadet]
+TESTING_IGNORE_KEYS = ACCEPT_FROM;
diff --git a/po/POTFILES.in b/po/POTFILES.in
index 38fa52508..86235f860 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -4,13 +4,21 @@ src/arm/arm_monitor_api.c
src/arm/gnunet-arm.c
src/arm/gnunet-service-arm.c
src/arm/mockup-service.c
+src/ats-tests/ats-testing-experiment.c
+src/ats-tests/ats-testing-log.c
+src/ats-tests/ats-testing-preferences.c
+src/ats-tests/ats-testing-traffic.c
+src/ats-tests/ats-testing.c
+src/ats-tests/gnunet-ats-sim.c
+src/ats-tests/gnunet-solver-eval.c
+src/ats-tool/gnunet-ats.c
src/ats/ats_api_connectivity.c
src/ats/ats_api_performance.c
src/ats/ats_api_scanner.c
src/ats/ats_api_scheduling.c
src/ats/gnunet-ats-solver-eval.c
-src/ats/gnunet-service-ats_addresses.c
src/ats/gnunet-service-ats.c
+src/ats/gnunet-service-ats_addresses.c
src/ats/gnunet-service-ats_connectivity.c
src/ats/gnunet-service-ats_normalization.c
src/ats/gnunet-service-ats_performance.c
@@ -21,14 +29,6 @@ src/ats/gnunet-service-ats_scheduling.c
src/ats/plugin_ats_mlp.c
src/ats/plugin_ats_proportional.c
src/ats/plugin_ats_ril.c
-src/ats-tests/ats-testing.c
-src/ats-tests/ats-testing-experiment.c
-src/ats-tests/ats-testing-log.c
-src/ats-tests/ats-testing-preferences.c
-src/ats-tests/ats-testing-traffic.c
-src/ats-tests/gnunet-ats-sim.c
-src/ats-tests/gnunet-solver-eval.c
-src/ats-tool/gnunet-ats.c
src/auction/gnunet-auction-create.c
src/auction/gnunet-auction-info.c
src/auction/gnunet-auction-join.c
@@ -40,8 +40,8 @@ src/block/plugin_block_test.c
src/cadet/cadet_api.c
src/cadet/cadet_test_lib.c
src/cadet/desirability_table.c
-src/cadet/gnunet-cadet.c
src/cadet/gnunet-cadet-profiler.c
+src/cadet/gnunet-cadet.c
src/cadet/gnunet-service-cadet.c
src/cadet/gnunet-service-cadet_channel.c
src/cadet/gnunet-service-cadet_connection.c
@@ -57,15 +57,15 @@ src/consensus/gnunet-service-consensus.c
src/consensus/plugin_block_consensus.c
src/conversation/conversation_api.c
src/conversation/conversation_api_call.c
-src/conversation/gnunet-conversation.c
src/conversation/gnunet-conversation-test.c
-src/conversation/gnunet_gst.c
-src/conversation/gnunet_gst_test.c
-src/conversation/gnunet-helper-audio-playback.c
+src/conversation/gnunet-conversation.c
src/conversation/gnunet-helper-audio-playback-gst.c
-src/conversation/gnunet-helper-audio-record.c
+src/conversation/gnunet-helper-audio-playback.c
src/conversation/gnunet-helper-audio-record-gst.c
+src/conversation/gnunet-helper-audio-record.c
src/conversation/gnunet-service-conversation.c
+src/conversation/gnunet_gst.c
+src/conversation/gnunet_gst_test.c
src/conversation/microphone.c
src/conversation/plugin_gnsrecord_conversation.c
src/conversation/speaker.c
@@ -102,7 +102,6 @@ src/dht/dht_api.c
src/dht/dht_test_lib.c
src/dht/gnunet-dht-get.c
src/dht/gnunet-dht-monitor.c
-src/dht/gnunet_dht_profiler.c
src/dht/gnunet-dht-put.c
src/dht/gnunet-service-dht.c
src/dht/gnunet-service-dht_clients.c
@@ -111,6 +110,7 @@ src/dht/gnunet-service-dht_hello.c
src/dht/gnunet-service-dht_neighbours.c
src/dht/gnunet-service-dht_nse.c
src/dht/gnunet-service-dht_routing.c
+src/dht/gnunet_dht_profiler.c
src/dht/plugin_block_dht.c
src/dns/dns_api.c
src/dns/gnunet-dns-monitor.c
@@ -124,8 +124,8 @@ src/dv/gnunet-dv.c
src/dv/gnunet-service-dv.c
src/dv/plugin_transport_dv.c
src/exit/gnunet-daemon-exit.c
-src/exit/gnunet-helper-exit.c
src/exit/gnunet-helper-exit-windows.c
+src/exit/gnunet-helper-exit.c
src/fragmentation/defragmentation.c
src/fragmentation/fragmentation.c
src/fs/fs_api.c
@@ -150,8 +150,8 @@ src/fs/gnunet-auto-share.c
src/fs/gnunet-daemon-fsprofiler.c
src/fs/gnunet-directory.c
src/fs/gnunet-download.c
-src/fs/gnunet-fs.c
src/fs/gnunet-fs-profiler.c
+src/fs/gnunet-fs.c
src/fs/gnunet-helper-fs-publish.c
src/fs/gnunet-publish.c
src/fs/gnunet-search.c
@@ -171,10 +171,10 @@ src/gns/gns_tld_api.c
src/gns/gnunet-bcd.c
src/gns/gnunet-dns2gns.c
src/gns/gnunet-gns-benchmark.c
-src/gns/gnunet-gns.c
src/gns/gnunet-gns-helper-service-w32.c
src/gns/gnunet-gns-import.c
src/gns/gnunet-gns-proxy.c
+src/gns/gnunet-gns.c
src/gns/gnunet-service-gns.c
src/gns/gnunet-service-gns_interceptor.c
src/gns/gnunet-service-gns_resolver.c
@@ -183,45 +183,35 @@ src/gns/nss/nss_gns_query.c
src/gns/plugin_block_gns.c
src/gns/plugin_gnsrecord_gns.c
src/gns/plugin_rest_gns.c
+src/gns/w32nsp-install.c
+src/gns/w32nsp-resolve.c
+src/gns/w32nsp-uninstall.c
+src/gns/w32nsp.c
src/gnsrecord/gnsrecord.c
src/gnsrecord/gnsrecord_crypto.c
src/gnsrecord/gnsrecord_misc.c
src/gnsrecord/gnsrecord_serialization.c
src/gnsrecord/plugin_gnsrecord_dns.c
-src/gns/w32nsp.c
-src/gns/w32nsp-install.c
-src/gns/w32nsp-resolve.c
-src/gns/w32nsp-uninstall.c
src/hello/address.c
src/hello/gnunet-hello.c
src/hello/hello.c
src/hostlist/gnunet-daemon-hostlist.c
src/hostlist/gnunet-daemon-hostlist_client.c
src/hostlist/gnunet-daemon-hostlist_server.c
-src/identity-attribute/identity_attribute.c
-src/identity-attribute/plugin_identity_attribute_gnuid.c
src/identity/gnunet-identity.c
src/identity/gnunet-service-identity.c
src/identity/identity_api.c
src/identity/identity_api_lookup.c
src/identity/plugin_rest_identity.c
-src/identity-provider/gnunet-idp.c
-src/identity-provider/gnunet-service-identity-provider.c
-src/identity-provider/identity_provider_api.c
-src/identity-provider/jwt.c
-src/identity-provider/plugin_gnsrecord_identity_provider.c
-src/identity-provider/plugin_identity_provider_sqlite.c
-src/identity-provider/plugin_rest_identity_provider.c
-src/identity-provider/plugin_rest_openid_connect.c
+src/json/json.c
+src/json/json_generator.c
+src/json/json_helper.c
+src/json/json_mhd.c
src/jsonapi/jsonapi.c
src/jsonapi/jsonapi_document.c
src/jsonapi/jsonapi_error.c
src/jsonapi/jsonapi_relationship.c
src/jsonapi/jsonapi_resource.c
-src/json/json.c
-src/json/json_generator.c
-src/json/json_helper.c
-src/json/json_mhd.c
src/multicast/gnunet-multicast.c
src/multicast/gnunet-service-multicast.c
src/multicast/multicast_api.c
@@ -235,8 +225,8 @@ src/namecache/namecache_api.c
src/namecache/plugin_namecache_flat.c
src/namecache/plugin_namecache_postgres.c
src/namecache/plugin_namecache_sqlite.c
-src/namestore/gnunet-namestore.c
src/namestore/gnunet-namestore-fcfsd.c
+src/namestore/gnunet-namestore.c
src/namestore/gnunet-service-namestore.c
src/namestore/gnunet-zoneimport.c
src/namestore/namestore_api.c
@@ -252,10 +242,10 @@ src/nat-auto/gnunet-service-nat-auto.c
src/nat-auto/gnunet-service-nat-auto_legacy.c
src/nat-auto/nat_auto_api.c
src/nat-auto/nat_auto_api_test.c
-src/nat/gnunet-helper-nat-client.c
src/nat/gnunet-helper-nat-client-windows.c
-src/nat/gnunet-helper-nat-server.c
+src/nat/gnunet-helper-nat-client.c
src/nat/gnunet-helper-nat-server-windows.c
+src/nat/gnunet-helper-nat-server.c
src/nat/gnunet-nat.c
src/nat/gnunet-service-nat.c
src/nat/gnunet-service-nat_externalip.c
@@ -264,15 +254,15 @@ src/nat/gnunet-service-nat_mini.c
src/nat/gnunet-service-nat_stun.c
src/nat/nat_api.c
src/nat/nat_api_stun.c
-src/nse/gnunet-nse.c
src/nse/gnunet-nse-profiler.c
+src/nse/gnunet-nse.c
src/nse/gnunet-service-nse.c
src/nse/nse_api.c
+src/peerinfo-tool/gnunet-peerinfo.c
+src/peerinfo-tool/gnunet-peerinfo_plugins.c
src/peerinfo/gnunet-service-peerinfo.c
src/peerinfo/peerinfo_api.c
src/peerinfo/peerinfo_api_notify.c
-src/peerinfo-tool/gnunet-peerinfo.c
-src/peerinfo-tool/gnunet-peerinfo_plugins.c
src/peerstore/gnunet-peerstore.c
src/peerstore/gnunet-service-peerstore.c
src/peerstore/peerstore_api.c
@@ -297,6 +287,16 @@ src/psycutil/psyc_env.c
src/psycutil/psyc_message.c
src/psycutil/psyc_slicer.c
src/pt/gnunet-daemon-pt.c
+src/reclaim-attribute/plugin_reclaim_attribute_gnuid.c
+src/reclaim-attribute/reclaim_attribute.c
+src/reclaim/gnunet-reclaim.c
+src/reclaim/gnunet-service-reclaim.c
+src/reclaim/jwt.c
+src/reclaim/plugin_gnsrecord_reclaim.c
+src/reclaim/plugin_reclaim_sqlite.c
+src/reclaim/plugin_rest_openid_connect.c
+src/reclaim/plugin_rest_reclaim.c
+src/reclaim/reclaim_api.c
src/regex/gnunet-daemon-regexprofiler.c
src/regex/gnunet-regex-profiler.c
src/regex/gnunet-regex-simulation-profiler.c
@@ -317,20 +317,20 @@ src/revocation/gnunet-revocation.c
src/revocation/gnunet-service-revocation.c
src/revocation/plugin_block_revocation.c
src/revocation/revocation_api.c
-src/rps/gnunet-rps.c
src/rps/gnunet-rps-profiler.c
+src/rps/gnunet-rps.c
src/rps/gnunet-service-rps.c
src/rps/gnunet-service-rps_custommap.c
src/rps/gnunet-service-rps_sampler.c
src/rps/gnunet-service-rps_sampler_elem.c
src/rps/gnunet-service-rps_view.c
-src/rps/rps_api.c
src/rps/rps-test_util.c
+src/rps/rps_api.c
src/scalarproduct/gnunet-scalarproduct.c
-src/scalarproduct/gnunet-service-scalarproduct_alice.c
-src/scalarproduct/gnunet-service-scalarproduct_bob.c
src/scalarproduct/gnunet-service-scalarproduct-ecc_alice.c
src/scalarproduct/gnunet-service-scalarproduct-ecc_bob.c
+src/scalarproduct/gnunet-service-scalarproduct_alice.c
+src/scalarproduct/gnunet-service-scalarproduct_bob.c
src/scalarproduct/scalarproduct_api.c
src/secretsharing/gnunet-secretsharing-profiler.c
src/secretsharing/gnunet-service-secretsharing.c
@@ -359,15 +359,16 @@ src/statistics/gnunet-statistics.c
src/statistics/statistics_api.c
src/template/gnunet-service-template.c
src/template/gnunet-template.c
+src/testbed-logger/gnunet-service-testbed-logger.c
+src/testbed-logger/testbed_logger_api.c
src/testbed/generate-underlay-topology.c
src/testbed/gnunet-daemon-latency-logger.c
src/testbed/gnunet-daemon-testbed-blacklist.c
src/testbed/gnunet-daemon-testbed-underlay.c
src/testbed/gnunet-helper-testbed.c
-src/testbed/gnunet_mpi_test.c
src/testbed/gnunet-service-test-barriers.c
-src/testbed/gnunet-service-testbed_barriers.c
src/testbed/gnunet-service-testbed.c
+src/testbed/gnunet-service-testbed_barriers.c
src/testbed/gnunet-service-testbed_cache.c
src/testbed/gnunet-service-testbed_connectionpool.c
src/testbed/gnunet-service-testbed_cpustatus.c
@@ -375,20 +376,19 @@ src/testbed/gnunet-service-testbed_links.c
src/testbed/gnunet-service-testbed_meminfo.c
src/testbed/gnunet-service-testbed_oc.c
src/testbed/gnunet-service-testbed_peers.c
-src/testbed/gnunet_testbed_mpi_spawn.c
src/testbed/gnunet-testbed-profiler.c
-src/testbed-logger/gnunet-service-testbed-logger.c
-src/testbed-logger/testbed_logger_api.c
-src/testbed/testbed_api_barriers.c
+src/testbed/gnunet_mpi_test.c
+src/testbed/gnunet_testbed_mpi_spawn.c
src/testbed/testbed_api.c
+src/testbed/testbed_api_barriers.c
src/testbed/testbed_api_hosts.c
src/testbed/testbed_api_operations.c
src/testbed/testbed_api_peers.c
src/testbed/testbed_api_sd.c
src/testbed/testbed_api_services.c
src/testbed/testbed_api_statistics.c
-src/testbed/testbed_api_testbed.c
src/testbed/testbed_api_test.c
+src/testbed/testbed_api_testbed.c
src/testbed/testbed_api_topology.c
src/testbed/testbed_api_underlay.c
src/testing/gnunet-testing.c
@@ -397,28 +397,28 @@ src/testing/testing.c
src/topology/friends.c
src/topology/gnunet-daemon-topology.c
src/transport/gnunet-helper-transport-bluetooth.c
-src/transport/gnunet-helper-transport-wlan.c
src/transport/gnunet-helper-transport-wlan-dummy.c
-src/transport/gnunet-service-transport_ats.c
+src/transport/gnunet-helper-transport-wlan.c
src/transport/gnunet-service-transport.c
+src/transport/gnunet-service-transport_ats.c
src/transport/gnunet-service-transport_hello.c
src/transport/gnunet-service-transport_manipulation.c
src/transport/gnunet-service-transport_neighbours.c
src/transport/gnunet-service-transport_plugins.c
src/transport/gnunet-service-transport_validation.c
-src/transport/gnunet-transport.c
src/transport/gnunet-transport-certificate-creation.c
src/transport/gnunet-transport-profiler.c
src/transport/gnunet-transport-wlan-receiver.c
src/transport/gnunet-transport-wlan-sender.c
+src/transport/gnunet-transport.c
src/transport/plugin_transport_http_client.c
src/transport/plugin_transport_http_common.c
src/transport/plugin_transport_http_server.c
src/transport/plugin_transport_smtp.c
src/transport/plugin_transport_tcp.c
src/transport/plugin_transport_template.c
-src/transport/plugin_transport_udp_broadcasting.c
src/transport/plugin_transport_udp.c
+src/transport/plugin_transport_udp_broadcasting.c
src/transport/plugin_transport_unix.c
src/transport/plugin_transport_wlan.c
src/transport/plugin_transport_xt.c
@@ -427,6 +427,11 @@ src/transport/tcp_connection_legacy.c
src/transport/tcp_server_legacy.c
src/transport/tcp_server_mst_legacy.c
src/transport/tcp_service_legacy.c
+src/transport/transport-testing-filenames.c
+src/transport/transport-testing-loggers.c
+src/transport/transport-testing-main.c
+src/transport/transport-testing-send.c
+src/transport/transport-testing.c
src/transport/transport_api_address_to_string.c
src/transport/transport_api_blacklist.c
src/transport/transport_api_core.c
@@ -435,11 +440,6 @@ src/transport/transport_api_manipulation.c
src/transport/transport_api_monitor_peers.c
src/transport/transport_api_monitor_plugins.c
src/transport/transport_api_offer_hello.c
-src/transport/transport-testing.c
-src/transport/transport-testing-filenames.c
-src/transport/transport-testing-loggers.c
-src/transport/transport-testing-main.c
-src/transport/transport-testing-send.c
src/util/bandwidth.c
src/util/bio.c
src/util/client.c
@@ -451,8 +451,8 @@ src/util/configuration_loader.c
src/util/container_bloomfilter.c
src/util/container_heap.c
src/util/container_meta_data.c
-src/util/container_multihashmap32.c
src/util/container_multihashmap.c
+src/util/container_multihashmap32.c
src/util/container_multipeermap.c
src/util/container_multishortmap.c
src/util/crypto_abe.c
@@ -474,13 +474,15 @@ src/util/dnsparser.c
src/util/dnsstub.c
src/util/getopt.c
src/util/getopt_helpers.c
-src/util/gnunet-config.c
src/util/gnunet-config-diff.c
+src/util/gnunet-config.c
src/util/gnunet-ecc.c
src/util/gnunet-helper-w32-console.c
src/util/gnunet-resolver.c
src/util/gnunet-scrypt.c
src/util/gnunet-service-resolver.c
+src/util/gnunet-timeout-w32.c
+src/util/gnunet-timeout.c
src/util/gnunet-uri.c
src/util/helper.c
src/util/load.c
@@ -508,13 +510,13 @@ src/util/tun.c
src/util/w32cat.c
src/util/win.c
src/util/winproc.c
-src/vpn/gnunet-helper-vpn.c
src/vpn/gnunet-helper-vpn-windows.c
+src/vpn/gnunet-helper-vpn.c
src/vpn/gnunet-service-vpn.c
src/vpn/gnunet-vpn.c
src/vpn/vpn_api.c
-src/zonemaster/gnunet-service-zonemaster.c
src/zonemaster/gnunet-service-zonemaster-monitor.c
+src/zonemaster/gnunet-service-zonemaster.c
src/fs/fs_api.h
src/include/gnunet_common.h
src/include/gnunet_mq_lib.h
diff --git a/src/Makefile.am b/src/Makefile.am
index 00f30adc3..4ded81891 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -19,11 +19,13 @@ if HAVE_EXPERIMENTAL
social
# dv (FTBFS)
if HAVE_ABE
+if HAVE_JSON
EXP_DIR += \
abe \
credential \
- identity-attribute \
- identity-provider
+ reclaim-attribute \
+ reclaim
+endif
endif
if HAVE_JSON
EXP_DIR += \
diff --git a/src/arm/test_exponential_backoff.c b/src/arm/test_exponential_backoff.c
index 4a7d51bc7..f15bca2db 100644
--- a/src/arm/test_exponential_backoff.c
+++ b/src/arm/test_exponential_backoff.c
@@ -343,7 +343,10 @@ init ()
cfg = GNUNET_CONFIGURATION_create ();
if (GNUNET_OK != GNUNET_CONFIGURATION_parse (cfg,
"test_arm_api_data.conf"))
+ {
+ GNUNET_CONFIGURATION_destroy (cfg);
return GNUNET_SYSERR;
+ }
if (NULL == getcwd (pwd, PATH_MAX))
return GNUNET_SYSERR;
GNUNET_assert (0 < GNUNET_asprintf (&binary,
diff --git a/src/cadet/cadet.conf.in b/src/cadet/cadet.conf.in
index 2f4c6a6db..d1ddcb96f 100644
--- a/src/cadet/cadet.conf.in
+++ b/src/cadet/cadet.conf.in
@@ -8,7 +8,7 @@ BINARY = gnunet-service-cadet
ACCEPT_FROM = 127.0.0.1;
ACCEPT_FROM6 = ::1;
UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-cadet.sock
-UNIX_MATCH_UID = YES
+UNIX_MATCH_UID = NO
UNIX_MATCH_GID = YES
diff --git a/src/cadet/cadet_api.c b/src/cadet/cadet_api.c
index 980b9abbf..e2ca461a5 100644
--- a/src/cadet/cadet_api.c
+++ b/src/cadet/cadet_api.c
@@ -841,6 +841,7 @@ handle_mq_error (void *cls,
h);
GNUNET_MQ_destroy (h->mq);
h->mq = NULL;
+ GNUNET_assert (NULL == h->reconnect_task);
h->reconnect_task = GNUNET_SCHEDULER_add_delayed (h->reconnect_time,
&reconnect_cbk,
h);
@@ -1253,18 +1254,21 @@ GNUNET_CADET_disconnect (struct GNUNET_CADET_Handle *handle)
void
GNUNET_CADET_close_port (struct GNUNET_CADET_Port *p)
{
- struct GNUNET_CADET_PortMessage *msg;
- struct GNUNET_MQ_Envelope *env;
-
GNUNET_assert (GNUNET_YES ==
GNUNET_CONTAINER_multihashmap_remove (p->cadet->ports,
&p->id,
p));
- env = GNUNET_MQ_msg (msg,
- GNUNET_MESSAGE_TYPE_CADET_LOCAL_PORT_CLOSE);
- msg->port = p->id;
- GNUNET_MQ_send (p->cadet->mq,
- env);
+ if (NULL != p->cadet->mq)
+ {
+ struct GNUNET_CADET_PortMessage *msg;
+ struct GNUNET_MQ_Envelope *env;
+
+ env = GNUNET_MQ_msg (msg,
+ GNUNET_MESSAGE_TYPE_CADET_LOCAL_PORT_CLOSE);
+ msg->port = p->id;
+ GNUNET_MQ_send (p->cadet->mq,
+ env);
+ }
GNUNET_free_non_null (p->handlers);
GNUNET_free (p);
}
diff --git a/src/cadet/gnunet-cadet.c b/src/cadet/gnunet-cadet.c
index d629df9b2..13b04b885 100644
--- a/src/cadet/gnunet-cadet.c
+++ b/src/cadet/gnunet-cadet.c
@@ -231,7 +231,7 @@ shutdown_task (void *cls)
}
}
-void *
+void
mq_cb(void *cls)
{
listen_stdio ();
diff --git a/src/core/test_core_api_reliability.c b/src/core/test_core_api_reliability.c
index 4cc5b4bcd..c7c71f1f1 100644
--- a/src/core/test_core_api_reliability.c
+++ b/src/core/test_core_api_reliability.c
@@ -11,7 +11,7 @@
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Affero General Public License for more details.
-
+
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -143,6 +143,8 @@ do_shutdown (void *cls)
unsigned long long delta;
delta = GNUNET_TIME_absolute_get_duration (start_time).rel_value_us;
+ if (0 == delta)
+ delta = 1;
FPRINTF (stderr,
"\nThroughput was %llu kb/s\n",
total_bytes * 1000000LL / 1024 / delta);
diff --git a/src/core/test_core_quota_compliance.c b/src/core/test_core_quota_compliance.c
index a15105556..caff045f0 100644
--- a/src/core/test_core_quota_compliance.c
+++ b/src/core/test_core_quota_compliance.c
@@ -11,7 +11,7 @@
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Affero General Public License for more details.
-
+
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -227,7 +227,8 @@ measurement_stop (void *cls)
running = GNUNET_NO;
delta = GNUNET_TIME_absolute_get_duration (start_time).rel_value_us;
-
+ if (0 == delta)
+ delta = 1;
throughput_out = total_bytes_sent * 1000000LL / delta; /* convert to bytes/s */
throughput_in = total_bytes_recv * 1000000LL / delta; /* convert to bytes/s */
diff --git a/src/datacache/plugin_datacache_sqlite.c b/src/datacache/plugin_datacache_sqlite.c
index 4684e514c..dc4236a8b 100644
--- a/src/datacache/plugin_datacache_sqlite.c
+++ b/src/datacache/plugin_datacache_sqlite.c
@@ -11,7 +11,7 @@
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Affero General Public License for more details.
-
+
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -749,7 +749,8 @@ libgnunet_plugin_datacache_sqlite_init (void *cls)
" value BLOB NOT NULL,"
" path BLOB DEFAULT '')");
SQLITE3_EXEC (dbh, "CREATE INDEX idx_hashidx ON ds091 (key,type,expire)");
- SQLITE3_EXEC (dbh, "CREATE INDEX idx_expire ON ds091 (prox,expire)");
+ SQLITE3_EXEC (dbh, "CREATE INDEX idx_prox_expire ON ds091 (prox,expire)");
+ SQLITE3_EXEC (dbh, "CREATE INDEX idx_expire_only ON ds091 (expire)");
plugin = GNUNET_new (struct Plugin);
plugin->env = env;
plugin->dbh = dbh;
diff --git a/src/gns/gns_api.c b/src/gns/gns_api.c
index 0ec9209da..3b658da92 100644
--- a/src/gns/gns_api.c
+++ b/src/gns/gns_api.c
@@ -11,7 +11,7 @@
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Affero General Public License for more details.
-
+
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -232,7 +232,6 @@ reconnect (struct GNUNET_GNS_Handle *handle)
handle),
GNUNET_MQ_handler_end ()
};
- struct GNUNET_GNS_LookupRequest *lh;
GNUNET_assert (NULL == handle->mq);
LOG (GNUNET_ERROR_TYPE_DEBUG,
@@ -244,7 +243,9 @@ reconnect (struct GNUNET_GNS_Handle *handle)
handle);
if (NULL == handle->mq)
return;
- for (lh = handle->lookup_head; NULL != lh; lh = lh->next)
+ for (struct GNUNET_GNS_LookupRequest *lh = handle->lookup_head;
+ NULL != lh;
+ lh = lh->next)
GNUNET_MQ_send_copy (handle->mq,
lh->env);
}
diff --git a/src/gns/gnunet-dns2gns.c b/src/gns/gnunet-dns2gns.c
index e6e53d405..8d39e8c53 100644
--- a/src/gns/gnunet-dns2gns.c
+++ b/src/gns/gnunet-dns2gns.c
@@ -269,6 +269,7 @@ dns_result_processor (void *cls,
}
request->packet = GNUNET_DNSPARSER_parse ((char*)dns,
r);
+ GNUNET_DNSSTUB_resolve_cancel (request->dns_lookup);
send_response (request);
}
diff --git a/src/gns/gnunet-gns.c b/src/gns/gnunet-gns.c
index 149c8a7bb..463348ed3 100644
--- a/src/gns/gnunet-gns.c
+++ b/src/gns/gnunet-gns.c
@@ -11,7 +11,7 @@
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Affero General Public License for more details.
-
+
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -65,8 +65,9 @@ static struct GNUNET_GNS_LookupWithTldRequest *lr;
/**
* Global return value.
* 0 on success (default),
- * 1 on internal failures, 2 on launch failure,
- * 3 if the name is not a GNS-supported TLD,
+ * 1 on internal failures
+ * 2 on launch failure,
+ * 4 if the name is not a GNS-supported TLD,
*/
static int global_ret;
@@ -114,7 +115,7 @@ process_lookup_result (void *cls,
lr = NULL;
if (GNUNET_NO == was_gns)
{
- global_ret = 3;
+ global_ret = 4; /* not for GNS */
GNUNET_SCHEDULER_shutdown ();
return;
}
@@ -183,7 +184,6 @@ run (void *cls,
global_ret = 2;
return;
}
-
GNUNET_SCHEDULER_add_shutdown (&do_shutdown,
NULL);
diff --git a/src/gns/nss/nss_gns.c b/src/gns/nss/nss_gns.c
index 9c9233d35..58aab47fd 100644
--- a/src/gns/nss/nss_gns.c
+++ b/src/gns/nss/nss_gns.c
@@ -54,121 +54,126 @@
* @return a nss_status code
*/
enum nss_status
-_nss_gns_gethostbyname2_r(
- const char *name,
- int af,
- struct hostent * result,
- char *buffer,
- size_t buflen,
- int *errnop,
- int *h_errnop) {
-
- struct userdata u;
- enum nss_status status = NSS_STATUS_UNAVAIL;
- int i;
- size_t address_length, l, idx, astart;
-
- if (af == AF_UNSPEC)
+_nss_gns_gethostbyname2_r(const char *name,
+ int af,
+ struct hostent *result,
+ char *buffer,
+ size_t buflen,
+ int *errnop,
+ int *h_errnop)
+{
+ struct userdata u;
+ enum nss_status status = NSS_STATUS_UNAVAIL;
+ int i;
+ size_t address_length;
+ size_t l;
+ size_t idx;
+ size_t astart;
+
+ if (af == AF_UNSPEC)
#ifdef NSS_IPV6_ONLY
- af = AF_INET6;
+ af = AF_INET6;
#else
- af = AF_INET;
+ af = AF_INET;
#endif
#ifdef NSS_IPV4_ONLY
- if (af != AF_INET)
+ if (af != AF_INET)
#elif NSS_IPV6_ONLY
- if (af != AF_INET6)
+ if (af != AF_INET6)
#else
- if (af != AF_INET && af != AF_INET6)
+ if ( (af != AF_INET) &&
+ (af != AF_INET6) )
#endif
- {
- *errnop = EINVAL;
- *h_errnop = NO_RECOVERY;
-
- goto finish;
- }
-
- address_length = af == AF_INET ? sizeof(ipv4_address_t) : sizeof(ipv6_address_t);
- if (buflen <
- sizeof(char*)+ /* alias names */
- strlen(name)+1) { /* official name */
-
- *errnop = ERANGE;
- *h_errnop = NO_RECOVERY;
- status = NSS_STATUS_TRYAGAIN;
-
- goto finish;
- }
-
- u.count = 0;
- u.data_len = 0;
-
- i = gns_resolve_name(af, name, &u);
- if (-3 == i)
- {
- status = NSS_STATUS_NOTFOUND;
- goto finish;
- }
- if (-2 == i)
- {
- status = NSS_STATUS_UNAVAIL;
- goto finish;
- }
- if ( (-1 == i) ||
- (u.count == 0) )
- {
- *errnop = ETIMEDOUT;
- *h_errnop = HOST_NOT_FOUND;
- status = NSS_STATUS_NOTFOUND;
- goto finish;
- }
-
-
- /* Alias names */
- *((char**) buffer) = NULL;
- result->h_aliases = (char**) buffer;
- idx = sizeof(char*);
-
- /* Official name */
- strcpy(buffer+idx, name);
- result->h_name = buffer+idx;
- idx += strlen(name)+1;
-
- ALIGN(idx);
-
- result->h_addrtype = af;
- result->h_length = address_length;
-
- /* Check if there's enough space for the addresses */
- if (buflen < idx+u.data_len+sizeof(char*)*(u.count+1)) {
- *errnop = ERANGE;
- *h_errnop = NO_RECOVERY;
- status = NSS_STATUS_TRYAGAIN;
- goto finish;
- }
+ {
+ *errnop = EINVAL;
+ *h_errnop = NO_RECOVERY;
+
+ goto finish;
+ }
+ address_length = (af == AF_INET) ? sizeof(ipv4_address_t) : sizeof(ipv6_address_t);
+ if (buflen <
+ sizeof(char*)+ /* alias names */
+ strlen(name)+1)
+ { /* official name */
+ *errnop = ERANGE;
+ *h_errnop = NO_RECOVERY;
+ status = NSS_STATUS_TRYAGAIN;
+
+ goto finish;
+ }
+ u.count = 0;
+ u.data_len = 0;
+ i = gns_resolve_name (af,
+ name,
+ &u);
+ if (-3 == i)
+ {
+ status = NSS_STATUS_NOTFOUND;
+ goto finish;
+ }
+ if (-2 == i)
+ {
+ status = NSS_STATUS_UNAVAIL;
+ goto finish;
+ }
+ if ( (-1 == i) ||
+ (u.count == 0) )
+ {
+ *errnop = ETIMEDOUT;
+ *h_errnop = HOST_NOT_FOUND;
+ status = NSS_STATUS_NOTFOUND;
+ goto finish;
+ }
+ /* Alias names */
+ *((char**) buffer) = NULL;
+ result->h_aliases = (char**) buffer;
+ idx = sizeof(char*);
+
+ /* Official name */
+ strcpy (buffer+idx,
+ name);
+ result->h_name = buffer+idx;
+ idx += strlen (name)+1;
+
+ ALIGN(idx);
+
+ result->h_addrtype = af;
+ result->h_length = address_length;
+
+ /* Check if there's enough space for the addresses */
+ if (buflen < idx+u.data_len+sizeof(char*)*(u.count+1))
+ {
+ *errnop = ERANGE;
+ *h_errnop = NO_RECOVERY;
+ status = NSS_STATUS_TRYAGAIN;
+ goto finish;
+ }
/* Addresses */
- astart = idx;
- l = u.count*address_length;
- if (0 != l)
- memcpy(buffer+astart, &u.data, l);
- /* address_length is a multiple of 32bits, so idx is still aligned
- * correctly */
- idx += l;
-
- /* Address array address_length is always a multiple of 32bits */
- for (i = 0; i < u.count; i++)
- ((char**) (buffer+idx))[i] = buffer+astart+address_length*i;
- ((char**) (buffer+idx))[i] = NULL;
- result->h_addr_list = (char**) (buffer+idx);
-
- status = NSS_STATUS_SUCCESS;
+ astart = idx;
+ l = u.count*address_length;
+ if (0 != l)
+ memcpy (buffer+astart,
+ &u.data,
+ l);
+ /* address_length is a multiple of 32bits, so idx is still aligned
+ * correctly */
+ idx += l;
+
+ /* Address array address_length is always a multiple of 32bits */
+ for (i = 0; i < u.count; i++)
+ ((char**) (buffer+idx))[i] = buffer+astart+address_length*i;
+ ((char**) (buffer+idx))[i] = NULL;
+ result->h_addr_list = (char**) (buffer+idx);
+
+ status = NSS_STATUS_SUCCESS;
finish:
- return status;
+ return status;
}
+
/**
* The gethostbyname hook executed by nsswitch
*
@@ -176,29 +181,28 @@ finish:
* @param result the result hostent
* @param buffer the result buffer
* @param buflen length of the buffer
- * @param errnop idk
+ * @param errnop[out] the low-level error code to return to the application
* @param h_errnop idk
* @return a nss_status code
*/
enum nss_status
-_nss_gns_gethostbyname_r (
- const char *name,
- struct hostent *result,
- char *buffer,
- size_t buflen,
- int *errnop,
- int *h_errnop) {
-
- return _nss_gns_gethostbyname2_r(
- name,
- AF_UNSPEC,
- result,
- buffer,
- buflen,
- errnop,
- h_errnop);
+_nss_gns_gethostbyname_r (const char *name,
+ struct hostent *result,
+ char *buffer,
+ size_t buflen,
+ int *errnop,
+ int *h_errnop)
+{
+ return _nss_gns_gethostbyname2_r (name,
+ AF_UNSPEC,
+ result,
+ buffer,
+ buflen,
+ errnop,
+ h_errnop);
}
+
/**
* The gethostbyaddr hook executed by nsswitch
* We can't do this so we always return NSS_STATUS_UNAVAIL
@@ -209,23 +213,22 @@ _nss_gns_gethostbyname_r (
* @param result the result hostent
* @param buffer the result buffer
* @param buflen length of the buffer
- * @param errnop idk
+ * @param errnop[out] the low-level error code to return to the application
* @param h_errnop idk
* @return NSS_STATUS_UNAVAIL
*/
enum nss_status
-_nss_gns_gethostbyaddr_r(
- const void* addr,
- int len,
- int af,
- struct hostent *result,
- char *buffer,
- size_t buflen,
- int *errnop,
- int *h_errnop) {
-
- *errnop = EINVAL;
- *h_errnop = NO_RECOVERY;
- //NOTE we allow to leak this into DNS so no NOTFOUND
- return NSS_STATUS_UNAVAIL;
+_nss_gns_gethostbyaddr_r (const void* addr,
+ int len,
+ int af,
+ struct hostent *result,
+ char *buffer,
+ size_t buflen,
+ int *errnop,
+ int *h_errnop)
+{
+ *errnop = EINVAL;
+ *h_errnop = NO_RECOVERY;
+ //NOTE we allow to leak this into DNS so no NOTFOUND
+ return NSS_STATUS_UNAVAIL;
}
diff --git a/src/gns/nss/nss_gns_query.c b/src/gns/nss/nss_gns_query.c
index 094e25ed5..867ead624 100644
--- a/src/gns/nss/nss_gns_query.c
+++ b/src/gns/nss/nss_gns_query.c
@@ -11,7 +11,7 @@
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Affero General Public License for more details.
-
+
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -48,14 +48,16 @@ gns_resolve_name (int af,
{
if (-1 == asprintf (&cmd,
"%s -t AAAA -u %s\n",
- "gnunet-gns -r", name))
+ "gnunet-gns -r",
+ name))
return -1;
}
else
{
if (-1 == asprintf (&cmd,
"%s %s\n",
- "gnunet-gns -r -u", name))
+ "gnunet-gns -r -u",
+ name))
return -1;
}
if (NULL == (p = popen (cmd, "r")))
@@ -63,7 +65,9 @@ gns_resolve_name (int af,
free (cmd);
return -1;
}
- while (NULL != fgets (line, sizeof(line), p))
+ while (NULL != fgets (line,
+ sizeof(line),
+ p))
{
if (u->count >= MAX_ENTRIES)
break;
@@ -72,7 +76,9 @@ gns_resolve_name (int af,
line[strlen(line)-1] = '\0';
if (AF_INET == af)
{
- if (inet_pton(af, line, &(u->data.ipv4[u->count])))
+ if (inet_pton(af,
+ line,
+ &u->data.ipv4[u->count]))
{
u->count++;
u->data_len += sizeof(ipv4_address_t);
@@ -86,7 +92,9 @@ gns_resolve_name (int af,
}
else if (AF_INET6 == af)
{
- if (inet_pton(af, line, &(u->data.ipv6[u->count])))
+ if (inet_pton(af,
+ line,
+ &u->data.ipv6[u->count]))
{
u->count++;
u->data_len += sizeof(ipv6_address_t);
@@ -105,7 +113,10 @@ gns_resolve_name (int af,
if (4 == ret)
return -2; /* not for GNS */
if (3 == ret)
- return -3; /* timeout */
+ return -3; /* timeout -> not found */
+ if ( (2 == ret) || (1 == ret) )
+ return -2; /* launch failure -> service unavailable */
return 0;
}
+
/* end of nss_gns_query.c */
diff --git a/src/gns/nss/nss_gns_query.h b/src/gns/nss/nss_gns_query.h
index bb04f9004..48cab4b22 100644
--- a/src/gns/nss/nss_gns_query.h
+++ b/src/gns/nss/nss_gns_query.h
@@ -11,7 +11,7 @@
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Affero General Public License for more details.
-
+
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -26,25 +26,30 @@
/* Maximum number of entries to return */
#define MAX_ENTRIES 16
-typedef struct {
- uint32_t address;
+typedef struct
+{
+ uint32_t address;
} ipv4_address_t;
-typedef struct {
- uint8_t address[16];
+
+typedef struct
+{
+ uint8_t address[16];
} ipv6_address_t;
-struct userdata {
+struct userdata
+{
int count;
int data_len; /* only valid when doing reverse lookup */
union {
- ipv4_address_t ipv4[MAX_ENTRIES];
- ipv6_address_t ipv6[MAX_ENTRIES];
- char *name[MAX_ENTRIES];
+ ipv4_address_t ipv4[MAX_ENTRIES];
+ ipv6_address_t ipv6[MAX_ENTRIES];
+ char *name[MAX_ENTRIES];
} data;
};
+
/**
* Wrapper function that uses gnunet-gns cli tool to resolve
* an IPv4/6 address.
@@ -54,8 +59,9 @@ struct userdata {
* @param u the userdata (result struct)
* @return -1 on error else 0
*/
-int gns_resolve_name(int af,
- const char *name,
- struct userdata *userdata);
+int
+gns_resolve_name(int af,
+ const char *name,
+ struct userdata *userdata);
#endif
diff --git a/src/gns/plugin_rest_gns.c b/src/gns/plugin_rest_gns.c
index 2b729db54..e76a5d116 100644
--- a/src/gns/plugin_rest_gns.c
+++ b/src/gns/plugin_rest_gns.c
@@ -281,6 +281,15 @@ gnsrecord_to_json (const struct GNUNET_GNSRECORD_Data *rd)
return record_obj;
}
+
+static void
+do_cleanup (void *cls)
+{
+ struct LookupHandle *handle = cls;
+ cleanup_handle (handle);
+}
+
+
/**
* Function called with the result of a GNS lookup.
*
@@ -325,7 +334,7 @@ process_lookup_result (void *cls, uint32_t rd_count,
resp = GNUNET_REST_create_response (result);
handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
GNUNET_free (result);
- cleanup_handle (handle);
+ GNUNET_SCHEDULER_add_now (&do_cleanup, handle);
}
diff --git a/src/gnsrecord/plugin_gnsrecord_dns.c b/src/gnsrecord/plugin_gnsrecord_dns.c
index 188afcae7..254ae15ea 100644
--- a/src/gnsrecord/plugin_gnsrecord_dns.c
+++ b/src/gnsrecord/plugin_gnsrecord_dns.c
@@ -11,7 +11,7 @@
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Affero General Public License for more details.
-
+
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -463,7 +463,7 @@ dns_string_to_value (void *cls,
}
cert_size = GNUNET_STRINGS_base64_decode (certp,
strlen (certp),
- &cert_data);
+ (void **) &cert_data);
GNUNET_free (sdup);
cert.cert_type = type;
cert.cert_tag = key;
diff --git a/src/identity-provider/identity-token.conf b/src/identity-provider/identity-token.conf
deleted file mode 100644
index f29f6cdf3..000000000
--- a/src/identity-provider/identity-token.conf
+++ /dev/null
@@ -1,2 +0,0 @@
-[identity-token]
-BINARY=gnunet-service-identity-token
diff --git a/src/identity-provider/jwt.c b/src/identity-provider/jwt.c
deleted file mode 100644
index 1a984f7b5..000000000
--- a/src/identity-provider/jwt.c
+++ /dev/null
@@ -1,189 +0,0 @@
-/*
- This file is part of GNUnet
- Copyright (C) 2010-2015 GNUnet e.V.
-
- GNUnet is free software: you can redistribute it and/or modify it
- under the terms of the GNU Affero General Public License as published
- by the Free Software Foundation, either version 3 of the License,
- or (at your option) any later version.
-
- GNUnet is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Affero General Public License for more details.
-
- You should have received a copy of the GNU Affero General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
-
-/**
- * @file identity-provider/jwt.c
- * @brief helper library for JSON-Web-Tokens
- * @author Martin Schanzenbach
- */
-#include "platform.h"
-#include "gnunet_util_lib.h"
-#include "gnunet_signatures.h"
-#include "gnunet_identity_attribute_lib.h"
-#include <jansson.h>
-
-
-#define JWT_ALG "alg"
-
-/*TODO is this the correct way to define new algs? */
-#define JWT_ALG_VALUE "urn:org:gnunet:jwt:alg:ecdsa:ed25519"
-
-#define JWT_TYP "typ"
-
-#define JWT_TYP_VALUE "jwt"
-
-//TODO change server address
-#define SERVER_ADDRESS "https://localhost"
-
-static char*
-create_jwt_header(void)
-{
- json_t *root;
- char *json_str;
-
- root = json_object ();
- json_object_set_new (root, JWT_ALG, json_string (JWT_ALG_VALUE));
- json_object_set_new (root, JWT_TYP, json_string (JWT_TYP_VALUE));
-
- json_str = json_dumps (root, JSON_INDENT(1));
- json_decref (root);
- return json_str;
-}
-
-/**
- * Create a JWT from attributes
- *
- * @param aud_key the public of the subject
- * @param attrs the attribute list
- * @param priv_key the key used to sign the JWT
- * @return a new base64-encoded JWT string.
- */
-char*
-jwt_create_from_list (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
- const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs,
- const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key)
-{
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *le;
- struct GNUNET_CRYPTO_EcdsaPublicKey sub_key;
- struct GNUNET_CRYPTO_EcdsaSignature signature;
- struct GNUNET_CRYPTO_EccSignaturePurpose *purpose;
- char* audience;
- char* subject;
- char* header;
- char* padding;
- char* body_str;
- char* result;
- char* header_base64;
- char* body_base64;
- char* signature_target;
- char* signature_base64;
- char* attr_val_str;
- json_t* body;
-
- //exp REQUIRED time expired from config
- //iat REQUIRED time now
- //auth_time only if max_age
- //nonce only if nonce
- // OPTIONAL acr,amr,azp
- GNUNET_CRYPTO_ecdsa_key_get_public (priv_key, &sub_key);
- /* TODO maybe we should use a local identity here */
- subject = GNUNET_STRINGS_data_to_string_alloc (&sub_key,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
- audience = GNUNET_STRINGS_data_to_string_alloc (aud_key,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
- header = create_jwt_header ();
- body = json_object ();
- /* TODO who is the issuer? local IdP or subject ? See self-issued tokens? */
- //iss REQUIRED case sensitive server uri with https
- json_object_set_new (body,
- "iss", json_string (SERVER_ADDRESS));
- //sub REQUIRED public key identity, not exceed 255 ASCII length
- json_object_set_new (body,
- "sub", json_string (subject));
- /* TODO what should be in here exactly? */
- //aud REQUIRED public key client_id must be there
- json_object_set_new (body,
- "aud", json_string (audience));
- for (le = attrs->list_head; NULL != le; le = le->next)
- {
- /**
- * TODO here we should have a function that
- * calls the Attribute plugins to create a
- * json representation for its value
- */
- attr_val_str = GNUNET_IDENTITY_ATTRIBUTE_value_to_string (le->claim->type,
- le->claim->data,
- le->claim->data_size);
- json_object_set_new (body,
- le->claim->name,
- json_string (attr_val_str));
- GNUNET_free (attr_val_str);
- }
- body_str = json_dumps (body, JSON_INDENT(0));
- json_decref (body);
-
- GNUNET_STRINGS_base64_encode (header,
- strlen (header),
- &header_base64);
- //Remove GNUNET padding of base64
- padding = strtok(header_base64, "=");
- while (NULL != padding)
- padding = strtok(NULL, "=");
-
- GNUNET_STRINGS_base64_encode (body_str,
- strlen (body_str),
- &body_base64);
-
- //Remove GNUNET padding of base64
- padding = strtok(body_base64, "=");
- while (NULL != padding)
- padding = strtok(NULL, "=");
-
- GNUNET_free (subject);
- GNUNET_free (audience);
-
- /**
- * TODO
- * Creating the JWT signature. This might not be
- * standards compliant, check.
- */
- GNUNET_asprintf (&signature_target, "%s,%s", header_base64, body_base64);
-
- purpose =
- GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
- strlen (signature_target));
- purpose->size =
- htonl (strlen (signature_target) + sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose));
- purpose->purpose = htonl(GNUNET_SIGNATURE_PURPOSE_GNUID_TOKEN);
- GNUNET_memcpy (&purpose[1], signature_target, strlen (signature_target));
- if (GNUNET_OK != GNUNET_CRYPTO_ecdsa_sign (priv_key,
- purpose,
- (struct GNUNET_CRYPTO_EcdsaSignature *)&signature))
- {
- GNUNET_free (signature_target);
- GNUNET_free (body_str);
- GNUNET_free (body_base64);
- GNUNET_free (header_base64);
- GNUNET_free (purpose);
- return NULL;
- }
- GNUNET_STRINGS_base64_encode ((const char*)&signature,
- sizeof (struct GNUNET_CRYPTO_EcdsaSignature),
- &signature_base64);
- GNUNET_asprintf (&result, "%s.%s.%s",
- header_base64, body_base64, signature_base64);
-
- GNUNET_free (signature_target);
- GNUNET_free (header);
- GNUNET_free (body_str);
- GNUNET_free (signature_base64);
- GNUNET_free (body_base64);
- GNUNET_free (header_base64);
- GNUNET_free (purpose);
- return result;
-}
diff --git a/src/identity-provider/jwt.h b/src/identity-provider/jwt.h
deleted file mode 100644
index 072958973..000000000
--- a/src/identity-provider/jwt.h
+++ /dev/null
@@ -1,9 +0,0 @@
-#ifndef JWT_H
-#define JWT_H
-
-char*
-jwt_create_from_list (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
- const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs,
- const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key);
-
-#endif
diff --git a/src/identity-provider/test_idp.conf b/src/identity-provider/test_idp.conf
deleted file mode 100644
index 3e4df561a..000000000
--- a/src/identity-provider/test_idp.conf
+++ /dev/null
@@ -1,33 +0,0 @@
-@INLINE@ test_idp_defaults.conf
-
-[PATHS]
-GNUNET_TEST_HOME = $GNUNET_TMP/test-gnunet-idp-peer-1/
-
-[dht]
-START_ON_DEMAND = YES
-
-[rest]
-START_ON_DEMAND = YES
-PREFIX = valgrind --leak-check=full --track-origins=yes --log-file=$GNUNET_TMP/restlog
-
-[transport]
-PLUGINS =
-
-[identity-provider]
-START_ON_DEMAND = YES
-#PREFIX = valgrind --leak-check=full --show-leak-kinds=all --track-origins=yes --log-file=$GNUNET_TMP/idplog
-
-[gns]
-#PREFIX = valgrind --leak-check=full --track-origins=yes
-START_ON_DEMAND = YES
-AUTO_IMPORT_PKEY = YES
-MAX_PARALLEL_BACKGROUND_QUERIES = 10
-DEFAULT_LOOKUP_TIMEOUT = 15 s
-RECORD_PUT_INTERVAL = 1 h
-ZONE_PUBLISH_TIME_WINDOW = 1 h
-DNS_ROOT=PD67SGHF3E0447TU9HADIVU9OM7V4QHTOG0EBU69TFRI2LG63DR0
-
-[identity-rest-plugin]
-address = http://localhost:8000/#/login
-psw = mysupersecretpassword
-expiration_time = 3600
diff --git a/src/identity-provider/test_idp.sh b/src/identity-provider/test_idp.sh
deleted file mode 100755
index 598d1008c..000000000
--- a/src/identity-provider/test_idp.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/bin/bash
-#trap "gnunet-arm -e -c test_idp_lookup.conf" SIGINT
-
-LOCATION=$(which gnunet-config)
-if [ -z $LOCATION ]
-then
- LOCATION="gnunet-config"
-fi
-$LOCATION --version 1> /dev/null
-if test $? != 0
-then
- echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
- exit 77
-fi
-
-rm -rf `gnunet-config -c test_idp.conf -s PATHS -o GNUNET_HOME -f`
-
-# (1) PKEY1.user -> PKEY2.resu.user
-# (2) PKEY2.resu -> PKEY3
-# (3) PKEY3.user -> PKEY4
-
-
-which timeout &> /dev/null && DO_TIMEOUT="timeout 30"
-
-TEST_ATTR="test"
-gnunet-arm -s -c test_idp.conf
-gnunet-identity -C testego -c test_idp.conf
-valgrind gnunet-idp -e testego -a email -V john@doe.gnu -c test_idp.conf
-gnunet-idp -e testego -a name -V John -c test_idp.conf
-gnunet-idp -e testego -D -c test_idp.conf
-gnunet-arm -e -c test_idp.conf
diff --git a/src/identity-provider/test_idp_attribute.sh b/src/identity-provider/test_idp_attribute.sh
deleted file mode 100755
index 7f0f06dac..000000000
--- a/src/identity-provider/test_idp_attribute.sh
+++ /dev/null
@@ -1,40 +0,0 @@
-#!/bin/bash
-trap "gnunet-arm -e -c test_idp.conf" SIGINT
-
-LOCATION=$(which gnunet-config)
-if [ -z $LOCATION ]
-then
- LOCATION="gnunet-config"
-fi
-$LOCATION --version 1> /dev/null
-if test $? != 0
-then
- echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
- exit 77
-fi
-
-rm -rf `gnunet-config -c test_idp.conf -s PATHS -o GNUNET_HOME -f`
-
-# (1) PKEY1.user -> PKEY2.resu.user
-# (2) PKEY2.resu -> PKEY3
-# (3) PKEY3.user -> PKEY4
-
-
-which timeout &> /dev/null && DO_TIMEOUT="timeout 30"
-
-TEST_ATTR="test"
-gnunet-arm -s -c test_idp.conf
-#gnunet-arm -i rest -c test_idp.conf
-gnunet-identity -C testego -c test_idp.conf
-gnunet-identity -C rpego -c test_idp.conf
-TEST_KEY=$(gnunet-identity -d -c test_idp.conf | grep testego | awk '{print $3}')
-gnunet-idp -e testego -a email -V john@doe.gnu -c test_idp.conf
-gnunet-idp -e testego -a name -V John -c test_idp.conf > /dev/null 2>&1
-if test $? != 0
-then
- echo "Failed."
- exit 1
-fi
-
-#curl localhost:7776/idp/attributes/testego
-gnunet-arm -e -c test_idp.conf
diff --git a/src/identity-provider/test_idp_consume.sh b/src/identity-provider/test_idp_consume.sh
deleted file mode 100755
index 11f6865a4..000000000
--- a/src/identity-provider/test_idp_consume.sh
+++ /dev/null
@@ -1,43 +0,0 @@
-#!/bin/bash
-trap "gnunet-arm -e -c test_idp.conf" SIGINT
-
-LOCATION=$(which gnunet-config)
-if [ -z $LOCATION ]
-then
- LOCATION="gnunet-config"
-fi
-$LOCATION --version 1> /dev/null
-if test $? != 0
-then
- echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
- exit 77
-fi
-
-rm -rf `gnunet-config -c test_idp.conf -s PATHS -o GNUNET_HOME -f`
-
-# (1) PKEY1.user -> PKEY2.resu.user
-# (2) PKEY2.resu -> PKEY3
-# (3) PKEY3.user -> PKEY4
-
-
-which timeout &> /dev/null && DO_TIMEOUT="timeout 30"
-
-TEST_ATTR="test"
-gnunet-arm -s -c test_idp.conf
-#gnunet-arm -i rest -c test_idp.conf
-gnunet-identity -C testego -c test_idp.conf
-gnunet-identity -C rpego -c test_idp.conf
-SUBJECT_KEY=$(gnunet-identity -d -c test_idp.conf | grep rpego | awk '{print $3}')
-TEST_KEY=$(gnunet-identity -d -c test_idp.conf | grep testego | awk '{print $3}')
-gnunet-idp -e testego -a email -V john@doe.gnu -c test_idp.conf
-gnunet-idp -e testego -a name -V John -c test_idp.conf
-TICKET=$(gnunet-idp -e testego -i "email,name" -r $SUBJECT_KEY -c test_idp.conf | awk '{print $1}')
-gnunet-idp -e rpego -C $TICKET -c test_idp.conf > /dev/null 2>&1
-
-if test $? != 0
-then
- "Failed."
- exit 1
-fi
-#curl http://localhost:7776/idp/tickets/testego
-gnunet-arm -e -c test_idp.conf
diff --git a/src/identity-provider/test_idp_issue.sh b/src/identity-provider/test_idp_issue.sh
deleted file mode 100755
index 90487ee73..000000000
--- a/src/identity-provider/test_idp_issue.sh
+++ /dev/null
@@ -1,42 +0,0 @@
-#!/bin/bash
-trap "gnunet-arm -e -c test_idp.conf" SIGINT
-
-LOCATION=$(which gnunet-config)
-if [ -z $LOCATION ]
-then
- LOCATION="gnunet-config"
-fi
-$LOCATION --version 1> /dev/null
-if test $? != 0
-then
- echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
- exit 77
-fi
-
-rm -rf `gnunet-config -c test_idp.conf -s PATHS -o GNUNET_HOME -f`
-
-# (1) PKEY1.user -> PKEY2.resu.user
-# (2) PKEY2.resu -> PKEY3
-# (3) PKEY3.user -> PKEY4
-
-
-which timeout &> /dev/null && DO_TIMEOUT="timeout 30"
-
-TEST_ATTR="test"
-gnunet-arm -s -c test_idp.conf
-#gnunet-arm -i rest -c test_idp.conf
-gnunet-identity -C testego -c test_idp.conf
-gnunet-identity -C rpego -c test_idp.conf
-SUBJECT_KEY=$(gnunet-identity -d -c test_idp.conf | grep rpego | awk '{print $3}')
-TEST_KEY=$(gnunet-identity -d -c test_idp.conf | grep testego | awk '{print $3}')
-gnunet-idp -e testego -a email -V john@doe.gnu -c test_idp.conf > /dev/null 2>&1
-gnunet-idp -e testego -a name -V John -c test_idp.conf > /dev/null 2>&1
-#gnunet-idp -e testego -D -c test_idp.conf
-gnunet-idp -e testego -i "email,name" -r $SUBJECT_KEY -c test_idp.conf > /dev/null 2>&1
-if test $? != 0
-then
- echo "Failed."
- exit 1
-fi
-#curl http://localhost:7776/idp/attributes/testego
-gnunet-arm -e -c test_idp.conf
diff --git a/src/identity-provider/test_idp_revoke.sh b/src/identity-provider/test_idp_revoke.sh
deleted file mode 100755
index 7a3f5d030..000000000
--- a/src/identity-provider/test_idp_revoke.sh
+++ /dev/null
@@ -1,65 +0,0 @@
-#!/bin/bash
-trap "gnunet-arm -e -c test_idp.conf" SIGINT
-
-LOCATION=$(which gnunet-config)
-if [ -z $LOCATION ]
-then
- LOCATION="gnunet-config"
-fi
-$LOCATION --version 1> /dev/null
-if test $? != 0
-then
- echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
- exit 77
-fi
-
-rm -rf `gnunet-config -c test_idp.conf -s PATHS -o GNUNET_HOME -f`
-
-# (1) PKEY1.user -> PKEY2.resu.user
-# (2) PKEY2.resu -> PKEY3
-# (3) PKEY3.user -> PKEY4
-
-
-which timeout &> /dev/null && DO_TIMEOUT="timeout 30"
-
-TEST_ATTR="test"
-gnunet-arm -s -c test_idp.conf 2&>1 > /dev/null
-gnunet-identity -C alice -c test_idp.conf
-gnunet-identity -C bob -c test_idp.conf
-gnunet-identity -C eve -c test_idp.conf
-ALICE_KEY=$(gnunet-identity -d -c test_idp.conf | grep alice | awk '{print $3}')
-BOB_KEY=$(gnunet-identity -d -c test_idp.conf | grep bob | awk '{print $3}')
-EVE_KEY=$(gnunet-identity -d -c test_idp.conf | grep eve | awk '{print $3}')
-
-gnunet-idp -e alice -E 15s -a email -V john@doe.gnu -c test_idp.conf
-gnunet-idp -e alice -E 15s -a name -V John -c test_idp.conf
-TICKET_BOB=$(gnunet-idp -e alice -i "email,name" -r $BOB_KEY -c test_idp.conf | awk '{print $1}')
-#gnunet-idp -e bob -C $TICKET_BOB -c test_idp.conf
-TICKET_EVE=$(gnunet-idp -e alice -i "email" -r $EVE_KEY -c test_idp.conf | awk '{print $1}')
-
-#echo "Consuming $TICKET"
-#gnunet-idp -e eve -C $TICKET_EVE -c test_idp.conf
-gnunet-idp -e alice -R $TICKET_EVE -c test_idp.conf
-
-#sleep 6
-
-gnunet-idp -e eve -C $TICKET_EVE -c test_idp.conf 2&>1 >/dev/null
-if test $? == 0
-then
- echo "Eve can still resolve attributes..."
- gnunet-arm -e -c test_idp.conf
- exit 1
-fi
-
-gnunet-arm -e -c test_idp.conf
-gnunet-arm -s -c test_idp.conf 2&>1 > /dev/null
-
-gnunet-idp -e bob -C $TICKET_BOB -c test_idp.conf 2&>1 >/dev/null
-if test $? != 0
-then
- echo "Bob cannot resolve attributes..."
- gnunet-arm -e -c test_idp.conf
- exit 1
-fi
-
-gnunet-arm -e -c test_idp.conf
diff --git a/src/identity/gnunet-service-identity.c b/src/identity/gnunet-service-identity.c
index 6b8e21806..266f5ccc3 100644
--- a/src/identity/gnunet-service-identity.c
+++ b/src/identity/gnunet-service-identity.c
@@ -371,11 +371,12 @@ handle_get_default_message (void *cls,
struct GNUNET_MQ_Envelope *env;
struct GNUNET_SERVICE_Client *client = cls;
struct Ego *ego;
- const char *name;
+ char *name;
char *identifier;
- name = (const char *) &gdm[1];
+ name = GNUNET_strdup ((const char *) &gdm[1]);
+ GNUNET_STRINGS_utf8_tolower ((const char *) &gdm[1], name);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Received GET_DEFAULT for service `%s' from client\n",
name);
@@ -387,6 +388,7 @@ handle_get_default_message (void *cls,
{
send_result_code (client, 1, gettext_noop ("no default known"));
GNUNET_SERVICE_client_continue (client);
+ GNUNET_free (name);
return;
}
for (ego = ego_head; NULL != ego; ego = ego->next)
@@ -399,6 +401,7 @@ handle_get_default_message (void *cls,
GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq (client), env);
GNUNET_SERVICE_client_continue (client);
GNUNET_free (identifier);
+ GNUNET_free (name);
return;
}
}
@@ -406,6 +409,7 @@ handle_get_default_message (void *cls,
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Failed to find ego `%s'\n",
name);
+ GNUNET_free (name);
send_result_code (client, 1,
gettext_noop ("default configured, but ego unknown (internal error)"));
GNUNET_SERVICE_client_continue (client);
@@ -477,9 +481,11 @@ handle_set_default_message (void *cls,
{
struct Ego *ego;
struct GNUNET_SERVICE_Client *client = cls;
- const char *str;
+ char *str;
+
+ str = GNUNET_strdup ((const char *) &sdm[1]);
+ GNUNET_STRINGS_utf8_tolower ((const char *) &sdm[1], str);
- str = (const char *) &sdm[1];
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Received SET_DEFAULT for service `%s' from client\n",
str);
@@ -500,10 +506,12 @@ handle_set_default_message (void *cls,
subsystem_cfg_file);
send_result_code (client, 0, NULL);
GNUNET_SERVICE_client_continue (client);
+ GNUNET_free (str);
return;
}
}
send_result_code (client, 1, _("Unknown ego specified for service (internal error)"));
+ GNUNET_free (str);
GNUNET_SERVICE_client_continue (client);
}
@@ -585,12 +593,13 @@ handle_create_message (void *cls,
{
struct GNUNET_SERVICE_Client *client = cls;
struct Ego *ego;
- const char *str;
+ char *str;
char *fn;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Received CREATE message from client\n");
- str = (const char *) &crm[1];
+ str = GNUNET_strdup ((const char *) &crm[1]);
+ GNUNET_STRINGS_utf8_tolower ((const char *) &crm[1], str);
for (ego = ego_head; NULL != ego; ego = ego->next)
{
if (0 == strcmp (ego->identifier,
@@ -598,6 +607,7 @@ handle_create_message (void *cls,
{
send_result_code (client, 1, gettext_noop ("identifier already in use for another ego"));
GNUNET_SERVICE_client_continue (client);
+ GNUNET_free (str);
return;
}
}
@@ -620,6 +630,7 @@ handle_create_message (void *cls,
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
"write", fn);
GNUNET_free (fn);
+ GNUNET_free (str);
notify_listeners (ego);
GNUNET_SERVICE_client_continue (client);
}
@@ -726,18 +737,22 @@ handle_rename_message (void *cls,
{
uint16_t old_name_len;
struct Ego *ego;
- const char *old_name;
- const char *new_name;
+ char *old_name;
+ char *new_name;
struct RenameContext rename_ctx;
struct GNUNET_SERVICE_Client *client = cls;
char *fn_old;
char *fn_new;
+ const char *old_name_tmp;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Received RENAME message from client\n");
old_name_len = ntohs (rm->old_name_len);
- old_name = (const char *) &rm[1];
- new_name = &old_name[old_name_len];
+ old_name_tmp = (const char *) &rm[1];
+ old_name = GNUNET_strdup (old_name_tmp);
+ GNUNET_STRINGS_utf8_tolower (old_name_tmp, old_name);
+ new_name = GNUNET_strdup (&old_name_tmp[old_name_len]);
+ GNUNET_STRINGS_utf8_tolower (&old_name_tmp[old_name_len], old_name);
/* check if new name is already in use */
for (ego = ego_head; NULL != ego; ego = ego->next)
@@ -747,6 +762,8 @@ handle_rename_message (void *cls,
{
send_result_code (client, 1, gettext_noop ("target name already exists"));
GNUNET_SERVICE_client_continue (client);
+ GNUNET_free (old_name);
+ GNUNET_free (new_name);
return;
}
}
@@ -776,6 +793,8 @@ handle_rename_message (void *cls,
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "rename", fn_old);
GNUNET_free (fn_old);
GNUNET_free (fn_new);
+ GNUNET_free (old_name);
+ GNUNET_free (new_name);
notify_listeners (ego);
send_result_code (client, 0, NULL);
GNUNET_SERVICE_client_continue (client);
@@ -785,6 +804,8 @@ handle_rename_message (void *cls,
/* failed to locate old name */
send_result_code (client, 1, gettext_noop ("no matching ego found"));
+ GNUNET_free (old_name);
+ GNUNET_free (new_name);
GNUNET_SERVICE_client_continue (client);
}
@@ -868,13 +889,15 @@ handle_delete_message (void *cls,
const struct DeleteMessage *dm)
{
struct Ego *ego;
- const char *name;
+ char *name;
char *fn;
struct GNUNET_SERVICE_Client *client = cls;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Received DELETE message from client\n");
- name = (const char *) &dm[1];
+ name = GNUNET_strdup ((const char *) &dm[1]);
+ GNUNET_STRINGS_utf8_tolower ((const char *) &dm[1], name);
+
for (ego = ego_head; NULL != ego; ego = ego->next)
{
if (0 == strcmp (ego->identifier,
@@ -901,6 +924,7 @@ handle_delete_message (void *cls,
notify_listeners (ego);
GNUNET_free (ego->pk);
GNUNET_free (ego);
+ GNUNET_free (name);
send_result_code (client, 0, NULL);
GNUNET_SERVICE_client_continue (client);
return;
@@ -908,6 +932,7 @@ handle_delete_message (void *cls,
}
send_result_code (client, 1, gettext_noop ("no matching ego found"));
+ GNUNET_free (name);
GNUNET_SERVICE_client_continue (client);
}
diff --git a/src/identity/identity_api_lookup.c b/src/identity/identity_api_lookup.c
index 593a5dbb0..25aec8ede 100644
--- a/src/identity/identity_api_lookup.c
+++ b/src/identity/identity_api_lookup.c
@@ -11,7 +11,7 @@
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Affero General Public License for more details.
-
+
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -131,6 +131,12 @@ GNUNET_IDENTITY_ego_lookup (const struct GNUNET_CONFIGURATION_Handle *cfg,
el->identity = GNUNET_IDENTITY_connect (cfg,
&identity_cb,
el);
+ if (NULL == el->identity)
+ {
+ GNUNET_free (el->name);
+ GNUNET_free (el);
+ return NULL;
+ }
return el;
}
diff --git a/src/identity/plugin_rest_identity.c b/src/identity/plugin_rest_identity.c
index 52685c52e..355d75fd9 100644
--- a/src/identity/plugin_rest_identity.c
+++ b/src/identity/plugin_rest_identity.c
@@ -436,13 +436,6 @@ ego_info_response (struct GNUNET_REST_RequestHandle *con,
json_decref (name_str);
GNUNET_JSONAPI_document_resource_add (json_document, json_resource);
}
- if (0 == GNUNET_JSONAPI_document_resource_count (json_document))
- {
- GNUNET_JSONAPI_document_delete (json_document);
- handle->emsg = GNUNET_strdup ("No identities found!");
- GNUNET_SCHEDULER_add_now (&do_error, handle);
- return;
- }
GNUNET_JSONAPI_document_serialize (json_document, &result_str);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Result %s\n", result_str);
resp = GNUNET_REST_create_response (result_str);
diff --git a/src/include/Makefile.am b/src/include/Makefile.am
index 08e9dd156..41b2b1382 100644
--- a/src/include/Makefile.am
+++ b/src/include/Makefile.am
@@ -66,7 +66,7 @@ gnunetinclude_HEADERS = \
gnunet_hello_lib.h \
gnunet_helper_lib.h \
gnunet_identity_service.h \
- gnunet_identity_provider_service.h \
+ gnunet_reclaim_service.h \
gnunet_json_lib.h \
gnunet_jsonapi_lib.h \
gnunet_jsonapi_util.h \
diff --git a/src/include/gnunet_abe_lib.h b/src/include/gnunet_abe_lib.h
index d380c9b03..554d4488b 100644
--- a/src/include/gnunet_abe_lib.h
+++ b/src/include/gnunet_abe_lib.h
@@ -87,7 +87,7 @@ GNUNET_ABE_cpabe_create_key (struct GNUNET_ABE_AbeMasterKey *key,
* Delete a CP-ABE key.
*
* @param key the key to delete
- * @param delete_pub GNUNE_YES if the public key should also be freed (bug in gabe)
+ * @param delete_pub GNUNET_YES if the public key should also be freed (bug in gabe)
* @return fresh private key; free using #GNUNET_free
*/
void
diff --git a/src/include/gnunet_common.h b/src/include/gnunet_common.h
index b4bf5b0aa..1b982cc15 100644
--- a/src/include/gnunet_common.h
+++ b/src/include/gnunet_common.h
@@ -1074,7 +1074,7 @@ GNUNET_ntoh_double (double d);
* @param tsize the target size for the resulting vector, use 0 to
* free the vector (then, arr will be NULL afterwards).
*/
-#define GNUNET_array_grow(arr,size,tsize) GNUNET_xgrow_((void**)&arr, sizeof(arr[0]), &size, tsize, __FILE__, __LINE__)
+#define GNUNET_array_grow(arr,size,tsize) GNUNET_xgrow_((void**)&(arr), sizeof((arr)[0]), &size, tsize, __FILE__, __LINE__)
/**
* @ingroup memory
@@ -1089,7 +1089,7 @@ GNUNET_ntoh_double (double d);
* array size
* @param element the element that will be appended to the array
*/
-#define GNUNET_array_append(arr,size,element) do { GNUNET_array_grow(arr,size,size+1); arr[size-1] = element; } while(0)
+#define GNUNET_array_append(arr,size,element) do { GNUNET_array_grow(arr,size,size+1); (arr)[size-1] = element; } while(0)
/**
* @ingroup memory
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h
index 0bffef212..8a591fa09 100644
--- a/src/include/gnunet_crypto_lib.h
+++ b/src/include/gnunet_crypto_lib.h
@@ -206,14 +206,15 @@ struct GNUNET_CRYPTO_EcdsaSignature
/**
- * Public ECC key (always for Curve25519) encoded in a format suitable
- * for network transmission and EdDSA signatures.
+ * Public ECC key (always for curve Ed25519) encoded in a format
+ * suitable for network transmission and EdDSA signatures.
*/
struct GNUNET_CRYPTO_EddsaPublicKey
{
/**
- * Q consists of an x- and a y-value, each mod p (256 bits), given
- * here in affine coordinates and Ed25519 standard compact format.
+ * Point Q consists of a y-value mod p (256 bits); the x-value is
+ * always positive. The point is stored in Ed25519 standard
+ * compact format.
*/
unsigned char q_y[256 / 8];
@@ -725,6 +726,23 @@ GNUNET_CRYPTO_hash_context_abort (struct GNUNET_HashContext *hc);
/**
+ * Calculate HMAC of a message (RFC 2104)
+ * TODO: Shouldn' this be the standard hmac function and
+ * the above be renamed?
+ *
+ * @param key secret key
+ * @param key_len secret key length
+ * @param plaintext input plaintext
+ * @param plaintext_len length of @a plaintext
+ * @param hmac where to store the hmac
+ */
+void
+GNUNET_CRYPTO_hmac_raw (const void *key, size_t key_len,
+ const void *plaintext, size_t plaintext_len,
+ struct GNUNET_HashCode *hmac);
+
+
+/**
* @ingroup hash
* Calculate HMAC of a message (RFC 2104)
*
diff --git a/src/include/gnunet_dnsparser_lib.h b/src/include/gnunet_dnsparser_lib.h
index ba1392510..0fc6ac19c 100644
--- a/src/include/gnunet_dnsparser_lib.h
+++ b/src/include/gnunet_dnsparser_lib.h
@@ -82,6 +82,7 @@
#define GNUNET_DNSPARSER_TYPE_OPENPGPKEY 61
#define GNUNET_DNSPARSER_TYPE_TKEY 249
#define GNUNET_DNSPARSER_TYPE_TSIG 250
+#define GNUNET_DNSPARSER_TYPE_ALL 255
#define GNUNET_DNSPARSER_TYPE_URI 256
#define GNUNET_DNSPARSER_TYPE_TA 32768
@@ -840,6 +841,58 @@ GNUNET_DNSPARSER_parse_srv (const char *udp_payload,
size_t udp_payload_length,
size_t *off);
+/* ***************** low-level duplication API ******************** */
+
+/**
+ * Duplicate (deep-copy) the given DNS record
+ *
+ * @param r the record
+ * @return the newly allocated record
+ */
+struct GNUNET_DNSPARSER_Record *
+GNUNET_DNSPARSER_duplicate_record (const struct GNUNET_DNSPARSER_Record *r);
+
+
+/**
+ * Duplicate (deep-copy) the given DNS record
+ *
+ * @param r the record
+ * @return the newly allocated record
+ */
+struct GNUNET_DNSPARSER_SoaRecord *
+GNUNET_DNSPARSER_duplicate_soa_record (const struct GNUNET_DNSPARSER_SoaRecord *r);
+
+
+/**
+ * Duplicate (deep-copy) the given DNS record
+ *
+ * @param r the record
+ * @return the newly allocated record
+ */
+struct GNUNET_DNSPARSER_CertRecord *
+GNUNET_DNSPARSER_duplicate_cert_record (const struct GNUNET_DNSPARSER_CertRecord *r);
+
+
+/**
+ * Duplicate (deep-copy) the given DNS record
+ *
+ * @param r the record
+ * @return the newly allocated record
+ */
+struct GNUNET_DNSPARSER_MxRecord *
+GNUNET_DNSPARSER_duplicate_mx_record (const struct GNUNET_DNSPARSER_MxRecord *r);
+
+
+/**
+ * Duplicate (deep-copy) the given DNS record
+ *
+ * @param r the record
+ * @return the newly allocated record
+ */
+struct GNUNET_DNSPARSER_SrvRecord *
+GNUNET_DNSPARSER_duplicate_srv_record (const struct GNUNET_DNSPARSER_SrvRecord *r);
+
+
/* ***************** low-level deallocation API ******************** */
/**
diff --git a/src/include/gnunet_gnsrecord_lib.h b/src/include/gnunet_gnsrecord_lib.h
index 20846238b..693cc6cdb 100644
--- a/src/include/gnunet_gnsrecord_lib.h
+++ b/src/include/gnunet_gnsrecord_lib.h
@@ -132,6 +132,16 @@ extern "C"
#define GNUNET_GNSRECORD_TYPE_ABE_MASTER 65551
/**
+ * Record type for reclaim OIDC clients
+ */
+#define GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_CLIENT 65552
+
+/**
+ * Record type for reclaim OIDC redirect URIs
+ */
+#define GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_REDIRECT 65553
+
+/**
* Flags that can be set for a record.
*/
enum GNUNET_GNSRECORD_Flags
diff --git a/src/include/gnunet_protocols.h b/src/include/gnunet_protocols.h
index 36aa424b4..4400db7e1 100644
--- a/src/include/gnunet_protocols.h
+++ b/src/include/gnunet_protocols.h
@@ -2656,35 +2656,35 @@ extern "C"
*
* IDENTITY PROVIDER MESSAGE TYPES
*/
-#define GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_STORE 961
+#define GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_STORE 961
-#define GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_STORE_RESPONSE 962
+#define GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_STORE_RESPONSE 962
-#define GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_ITERATION_START 963
+#define GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_ITERATION_START 963
-#define GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_ITERATION_STOP 964
+#define GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_ITERATION_STOP 964
-#define GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_ITERATION_NEXT 965
+#define GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_ITERATION_NEXT 965
-#define GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_RESULT 966
+#define GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_RESULT 966
-#define GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ISSUE_TICKET 967
+#define GNUNET_MESSAGE_TYPE_RECLAIM_ISSUE_TICKET 967
-#define GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_RESULT 968
+#define GNUNET_MESSAGE_TYPE_RECLAIM_TICKET_RESULT 968
-#define GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_REVOKE_TICKET 969
+#define GNUNET_MESSAGE_TYPE_RECLAIM_REVOKE_TICKET 969
-#define GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_REVOKE_TICKET_RESULT 970
+#define GNUNET_MESSAGE_TYPE_RECLAIM_REVOKE_TICKET_RESULT 970
-#define GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_CONSUME_TICKET 971
+#define GNUNET_MESSAGE_TYPE_RECLAIM_CONSUME_TICKET 971
-#define GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_CONSUME_TICKET_RESULT 972
+#define GNUNET_MESSAGE_TYPE_RECLAIM_CONSUME_TICKET_RESULT 972
-#define GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_START 973
+#define GNUNET_MESSAGE_TYPE_RECLAIM_TICKET_ITERATION_START 973
-#define GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_STOP 974
+#define GNUNET_MESSAGE_TYPE_RECLAIM_TICKET_ITERATION_STOP 974
-#define GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_NEXT 975
+#define GNUNET_MESSAGE_TYPE_RECLAIM_TICKET_ITERATION_NEXT 975
/**************************************************
*
diff --git a/src/include/gnunet_identity_attribute_lib.h b/src/include/gnunet_reclaim_attribute_lib.h
index eb01f7ac2..df5356d76 100644
--- a/src/include/gnunet_identity_attribute_lib.h
+++ b/src/include/gnunet_reclaim_attribute_lib.h
@@ -25,8 +25,8 @@
* @defgroup identity-provider Identity Provider service
* @{
*/
-#ifndef GNUNET_IDENTITY_ATTRIBUTE_LIB_H
-#define GNUNET_IDENTITY_ATTRIBUTE_LIB_H
+#ifndef GNUNET_RECLAIM_ATTRIBUTE_LIB_H
+#define GNUNET_RECLAIM_ATTRIBUTE_LIB_H
#ifdef __cplusplus
extern "C"
@@ -42,19 +42,19 @@ extern "C"
/**
* No value attribute.
*/
-#define GNUNET_IDENTITY_ATTRIBUTE_TYPE_NONE 0
+#define GNUNET_RECLAIM_ATTRIBUTE_TYPE_NONE 0
/**
* String attribute.
*/
-#define GNUNET_IDENTITY_ATTRIBUTE_TYPE_STRING 1
+#define GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING 1
/**
* An attribute.
*/
-struct GNUNET_IDENTITY_ATTRIBUTE_Claim
+struct GNUNET_RECLAIM_ATTRIBUTE_Claim
{
/**
* The name of the attribute. Note "name" must never be individually
@@ -86,35 +86,35 @@ struct GNUNET_IDENTITY_ATTRIBUTE_Claim
};
-struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList
+struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList
{
/**
* List head
*/
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *list_head;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *list_head;
/**
* List tail
*/
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *list_tail;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *list_tail;
};
-struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry
+struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry
{
/**
* DLL
*/
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *prev;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *prev;
/**
* DLL
*/
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *next;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *next;
/**
* The attribute claim
*/
- struct GNUNET_IDENTITY_ATTRIBUTE_Claim *claim;
+ struct GNUNET_RECLAIM_ATTRIBUTE_Claim *claim;
};
/**
@@ -126,8 +126,8 @@ struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry
* @param data_size the attribute value size
* @return the new attribute
*/
-struct GNUNET_IDENTITY_ATTRIBUTE_Claim *
-GNUNET_IDENTITY_ATTRIBUTE_claim_new (const char* attr_name,
+struct GNUNET_RECLAIM_ATTRIBUTE_Claim *
+GNUNET_RECLAIM_ATTRIBUTE_claim_new (const char* attr_name,
uint32_t type,
const void* data,
size_t data_size);
@@ -141,13 +141,13 @@ GNUNET_IDENTITY_ATTRIBUTE_claim_new (const char* attr_name,
* @return the required buffer size
*/
size_t
-GNUNET_IDENTITY_ATTRIBUTE_list_serialize_get_size (const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs);
+GNUNET_RECLAIM_ATTRIBUTE_list_serialize_get_size (const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs);
void
-GNUNET_IDENTITY_ATTRIBUTE_list_destroy (struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs);
+GNUNET_RECLAIM_ATTRIBUTE_list_destroy (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs);
void
-GNUNET_IDENTITY_ATTRIBUTE_list_add (struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs,
+GNUNET_RECLAIM_ATTRIBUTE_list_add (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs,
const char* attr_name,
uint32_t type,
const void* data,
@@ -162,7 +162,7 @@ GNUNET_IDENTITY_ATTRIBUTE_list_add (struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *
* @return length of serialized data
*/
size_t
-GNUNET_IDENTITY_ATTRIBUTE_list_serialize (const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs,
+GNUNET_RECLAIM_ATTRIBUTE_list_serialize (const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs,
char *result);
/**
@@ -173,8 +173,8 @@ GNUNET_IDENTITY_ATTRIBUTE_list_serialize (const struct GNUNET_IDENTITY_ATTRIBUTE
*
* @return a GNUNET_IDENTITY_PROVIDER_AttributeList, must be free'd by caller
*/
-struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *
-GNUNET_IDENTITY_ATTRIBUTE_list_deserialize (const char* data,
+struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *
+GNUNET_RECLAIM_ATTRIBUTE_list_deserialize (const char* data,
size_t data_size);
@@ -186,7 +186,7 @@ GNUNET_IDENTITY_ATTRIBUTE_list_deserialize (const char* data,
* @return the required buffer size
*/
size_t
-GNUNET_IDENTITY_ATTRIBUTE_serialize_get_size (const struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attr);
+GNUNET_RECLAIM_ATTRIBUTE_serialize_get_size (const struct GNUNET_RECLAIM_ATTRIBUTE_Claim *attr);
@@ -199,7 +199,7 @@ GNUNET_IDENTITY_ATTRIBUTE_serialize_get_size (const struct GNUNET_IDENTITY_ATTRI
* @return length of serialized data
*/
size_t
-GNUNET_IDENTITY_ATTRIBUTE_serialize (const struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attr,
+GNUNET_RECLAIM_ATTRIBUTE_serialize (const struct GNUNET_RECLAIM_ATTRIBUTE_Claim *attr,
char *result);
/**
@@ -210,12 +210,12 @@ GNUNET_IDENTITY_ATTRIBUTE_serialize (const struct GNUNET_IDENTITY_ATTRIBUTE_Clai
*
* @return a GNUNET_IDENTITY_PROVIDER_Attribute, must be free'd by caller
*/
-struct GNUNET_IDENTITY_ATTRIBUTE_Claim *
-GNUNET_IDENTITY_ATTRIBUTE_deserialize (const char* data,
+struct GNUNET_RECLAIM_ATTRIBUTE_Claim *
+GNUNET_RECLAIM_ATTRIBUTE_deserialize (const char* data,
size_t data_size);
-struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList*
-GNUNET_IDENTITY_ATTRIBUTE_list_dup (const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs);
+struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList*
+GNUNET_RECLAIM_ATTRIBUTE_list_dup (const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs);
/**
* Convert a type name to the corresponding number
@@ -224,7 +224,7 @@ GNUNET_IDENTITY_ATTRIBUTE_list_dup (const struct GNUNET_IDENTITY_ATTRIBUTE_Claim
* @return corresponding number, UINT32_MAX on error
*/
uint32_t
-GNUNET_IDENTITY_ATTRIBUTE_typename_to_number (const char *typename);
+GNUNET_RECLAIM_ATTRIBUTE_typename_to_number (const char *typename);
/**
* Convert human-readable version of a 'claim' of an attribute to the binary
@@ -237,7 +237,7 @@ GNUNET_IDENTITY_ATTRIBUTE_typename_to_number (const char *typename);
* @return #GNUNET_OK on success
*/
int
-GNUNET_IDENTITY_ATTRIBUTE_string_to_value (uint32_t type,
+GNUNET_RECLAIM_ATTRIBUTE_string_to_value (uint32_t type,
const char *s,
void **data,
size_t *data_size);
@@ -251,7 +251,7 @@ GNUNET_IDENTITY_ATTRIBUTE_string_to_value (uint32_t type,
* @return NULL on error, otherwise human-readable representation of the claim
*/
char *
-GNUNET_IDENTITY_ATTRIBUTE_value_to_string (uint32_t type,
+GNUNET_RECLAIM_ATTRIBUTE_value_to_string (uint32_t type,
const void* data,
size_t data_size);
@@ -262,7 +262,7 @@ GNUNET_IDENTITY_ATTRIBUTE_value_to_string (uint32_t type,
* @return corresponding typestring, NULL on error
*/
const char*
-GNUNET_IDENTITY_ATTRIBUTE_number_to_typename (uint32_t type);
+GNUNET_RECLAIM_ATTRIBUTE_number_to_typename (uint32_t type);
#if 0 /* keep Emacsens' auto-indent happy */
@@ -273,9 +273,9 @@ GNUNET_IDENTITY_ATTRIBUTE_number_to_typename (uint32_t type);
#endif
-/* ifndef GNUNET_IDENTITY_ATTRIBUTE_LIB_H */
+/* ifndef GNUNET_RECLAIM_ATTRIBUTE_LIB_H */
#endif
/** @} */ /* end of group identity */
-/* end of gnunet_identity_attribute_lib.h */
+/* end of gnunet_reclaim_attribute_lib.h */
diff --git a/src/include/gnunet_identity_attribute_plugin.h b/src/include/gnunet_reclaim_attribute_plugin.h
index 7c399c616..cf0bb141a 100644
--- a/src/include/gnunet_identity_attribute_plugin.h
+++ b/src/include/gnunet_reclaim_attribute_plugin.h
@@ -26,11 +26,11 @@
* Plugin API for the idp database backend
* @{
*/
-#ifndef GNUNET_IDENTITY_ATTRIBUTE_PLUGIN_H
-#define GNUNET_IDENTITY_ATTRIBUTE_PLUGIN_H
+#ifndef GNUNET_RECLAIM_ATTRIBUTE_PLUGIN_H
+#define GNUNET_RECLAIM_ATTRIBUTE_PLUGIN_H
#include "gnunet_util_lib.h"
-#include "gnunet_identity_attribute_lib.h"
+#include "gnunet_reclaim_attribute_lib.h"
#ifdef __cplusplus
extern "C"
@@ -51,7 +51,7 @@ extern "C"
* @param data_size number of bytes in @a data
* @return NULL on error, otherwise human-readable representation of the value
*/
-typedef char * (*GNUNET_IDENTITY_ATTRIBUTE_ValueToStringFunction) (void *cls,
+typedef char * (*GNUNET_RECLAIM_ATTRIBUTE_ValueToStringFunction) (void *cls,
uint32_t type,
const void *data,
size_t data_size);
@@ -69,7 +69,7 @@ typedef char * (*GNUNET_IDENTITY_ATTRIBUTE_ValueToStringFunction) (void *cls,
* @param data_size set to number of bytes in @a data
* @return #GNUNET_OK on success
*/
-typedef int (*GNUNET_IDENTITY_ATTRIBUTE_StringToValueFunction) (void *cls,
+typedef int (*GNUNET_RECLAIM_ATTRIBUTE_StringToValueFunction) (void *cls,
uint32_t type,
const char *s,
void **data,
@@ -84,7 +84,7 @@ typedef int (*GNUNET_IDENTITY_ATTRIBUTE_StringToValueFunction) (void *cls,
* @param typename name to convert
* @return corresponding number, UINT32_MAX on error
*/
-typedef uint32_t (*GNUNET_IDENTITY_ATTRIBUTE_TypenameToNumberFunction) (void *cls,
+typedef uint32_t (*GNUNET_RECLAIM_ATTRIBUTE_TypenameToNumberFunction) (void *cls,
const char *typename);
@@ -96,7 +96,7 @@ typedef uint32_t (*GNUNET_IDENTITY_ATTRIBUTE_TypenameToNumberFunction) (void *cl
* @param type number of a type to convert
* @return corresponding typestring, NULL on error
*/
-typedef const char * (*GNUNET_IDENTITY_ATTRIBUTE_NumberToTypenameFunction) (void *cls,
+typedef const char * (*GNUNET_RECLAIM_ATTRIBUTE_NumberToTypenameFunction) (void *cls,
uint32_t type);
@@ -104,7 +104,7 @@ typedef const char * (*GNUNET_IDENTITY_ATTRIBUTE_NumberToTypenameFunction) (void
* Each plugin is required to return a pointer to a struct of this
* type as the return value from its entry point.
*/
-struct GNUNET_IDENTITY_ATTRIBUTE_PluginFunctions
+struct GNUNET_RECLAIM_ATTRIBUTE_PluginFunctions
{
/**
@@ -115,22 +115,22 @@ struct GNUNET_IDENTITY_ATTRIBUTE_PluginFunctions
/**
* Conversion to string.
*/
- GNUNET_IDENTITY_ATTRIBUTE_ValueToStringFunction value_to_string;
+ GNUNET_RECLAIM_ATTRIBUTE_ValueToStringFunction value_to_string;
/**
* Conversion to binary.
*/
- GNUNET_IDENTITY_ATTRIBUTE_StringToValueFunction string_to_value;
+ GNUNET_RECLAIM_ATTRIBUTE_StringToValueFunction string_to_value;
/**
* Typename to number.
*/
- GNUNET_IDENTITY_ATTRIBUTE_TypenameToNumberFunction typename_to_number;
+ GNUNET_RECLAIM_ATTRIBUTE_TypenameToNumberFunction typename_to_number;
/**
* Number to typename.
*/
- GNUNET_IDENTITY_ATTRIBUTE_NumberToTypenameFunction number_to_typename;
+ GNUNET_RECLAIM_ATTRIBUTE_NumberToTypenameFunction number_to_typename;
};
diff --git a/src/include/gnunet_identity_provider_plugin.h b/src/include/gnunet_reclaim_plugin.h
index 2330066dd..c400af64c 100644
--- a/src/include/gnunet_identity_provider_plugin.h
+++ b/src/include/gnunet_reclaim_plugin.h
@@ -22,15 +22,15 @@
* @file
* Plugin API for the idp database backend
*
- * @defgroup identity-provider-plugin IdP service plugin API
+ * @defgroup reclaim-plugin IdP service plugin API
* Plugin API for the idp database backend
* @{
*/
-#ifndef GNUNET_IDENTITY_PROVIDER_PLUGIN_H
-#define GNUNET_IDENTITY_PROVIDER_PLUGIN_H
+#ifndef GNUNET_RECLAIM_PLUGIN_H
+#define GNUNET_RECLAIM_PLUGIN_H
#include "gnunet_util_lib.h"
-#include "gnunet_identity_provider_service.h"
+#include "gnunet_reclaim_service.h"
#ifdef __cplusplus
extern "C"
@@ -47,15 +47,15 @@ extern "C"
* @param cls closure
* @param ticket the ticket
*/
-typedef void (*GNUNET_IDENTITY_PROVIDER_TicketIterator) (void *cls,
- const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket,
- const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs);
+typedef void (*GNUNET_RECLAIM_TicketIterator) (void *cls,
+ const struct GNUNET_RECLAIM_Ticket *ticket,
+ const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs);
/**
* @brief struct returned by the initialization function of the plugin
*/
-struct GNUNET_IDENTITY_PROVIDER_PluginFunctions
+struct GNUNET_RECLAIM_PluginFunctions
{
/**
@@ -71,8 +71,8 @@ struct GNUNET_IDENTITY_PROVIDER_PluginFunctions
* @return #GNUNET_OK on success, else #GNUNET_SYSERR
*/
int (*store_ticket) (void *cls,
- const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket,
- const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs);
+ const struct GNUNET_RECLAIM_Ticket *ticket,
+ const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs);
/**
* Delete a ticket from the database.
@@ -82,7 +82,7 @@ struct GNUNET_IDENTITY_PROVIDER_PluginFunctions
* @return #GNUNET_OK on success, else #GNUNET_SYSERR
*/
int (*delete_ticket) (void *cls,
- const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket);
+ const struct GNUNET_RECLAIM_Ticket *ticket);
@@ -101,11 +101,11 @@ struct GNUNET_IDENTITY_PROVIDER_PluginFunctions
const struct GNUNET_CRYPTO_EcdsaPublicKey *identity,
int audience,
uint64_t offset,
- GNUNET_IDENTITY_PROVIDER_TicketIterator iter, void *iter_cls);
+ GNUNET_RECLAIM_TicketIterator iter, void *iter_cls);
int (*get_ticket_attributes) (void* cls,
- const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket,
- GNUNET_IDENTITY_PROVIDER_TicketIterator iter,
+ const struct GNUNET_RECLAIM_Ticket *ticket,
+ GNUNET_RECLAIM_TicketIterator iter,
void *iter_cls);
};
diff --git a/src/include/gnunet_identity_provider_service.h b/src/include/gnunet_reclaim_service.h
index 0c72556e8..7e668cd62 100644
--- a/src/include/gnunet_identity_provider_service.h
+++ b/src/include/gnunet_reclaim_service.h
@@ -22,11 +22,11 @@
* @file
* Identity provider service; implements identity provider for GNUnet
*
- * @defgroup identity-provider Identity Provider service
+ * @defgroup reclaim Identity Provider service
* @{
*/
-#ifndef GNUNET_IDENTITY_PROVIDER_SERVICE_H
-#define GNUNET_IDENTITY_PROVIDER_SERVICE_H
+#ifndef GNUNET_RECLAIM_SERVICE_H
+#define GNUNET_RECLAIM_SERVICE_H
#ifdef __cplusplus
extern "C"
@@ -37,27 +37,27 @@ extern "C"
#endif
#include "gnunet_util_lib.h"
-#include "gnunet_identity_attribute_lib.h"
+#include "gnunet_reclaim_attribute_lib.h"
/**
* Version number of GNUnet Identity Provider API.
*/
-#define GNUNET_IDENTITY_PROVIDER_VERSION 0x00000000
+#define GNUNET_RECLAIM_VERSION 0x00000000
/**
* Handle to access the identity service.
*/
-struct GNUNET_IDENTITY_PROVIDER_Handle;
+struct GNUNET_RECLAIM_Handle;
/**
* Handle for a token.
*/
-struct GNUNET_IDENTITY_PROVIDER_Token;
+struct GNUNET_RECLAIM_Token;
/**
* The ticket
*/
-struct GNUNET_IDENTITY_PROVIDER_Ticket
+struct GNUNET_RECLAIM_Ticket
{
/**
* The ticket issuer
@@ -78,7 +78,7 @@ struct GNUNET_IDENTITY_PROVIDER_Ticket
/**
* Handle for an operation with the identity provider service.
*/
-struct GNUNET_IDENTITY_PROVIDER_Operation;
+struct GNUNET_RECLAIM_Operation;
/**
@@ -87,8 +87,8 @@ struct GNUNET_IDENTITY_PROVIDER_Operation;
* @param cfg Configuration to contact the identity provider service.
* @return handle to communicate with identity provider service
*/
-struct GNUNET_IDENTITY_PROVIDER_Handle *
-GNUNET_IDENTITY_PROVIDER_connect (const struct GNUNET_CONFIGURATION_Handle *cfg);
+struct GNUNET_RECLAIM_Handle *
+GNUNET_RECLAIM_connect (const struct GNUNET_CONFIGURATION_Handle *cfg);
/**
* Continuation called to notify client about result of the
@@ -101,7 +101,7 @@ GNUNET_IDENTITY_PROVIDER_connect (const struct GNUNET_CONFIGURATION_Handle *cfg)
* @param emsg NULL on success, otherwise an error message
*/
typedef void
-(*GNUNET_IDENTITY_PROVIDER_ContinuationWithStatus) (void *cls,
+(*GNUNET_RECLAIM_ContinuationWithStatus) (void *cls,
int32_t success,
const char *emsg);
@@ -118,12 +118,12 @@ typedef void
* @param cont_cls closure for @a cont
* @return handle to abort the request
*/
-struct GNUNET_IDENTITY_PROVIDER_Operation *
-GNUNET_IDENTITY_PROVIDER_attribute_store (struct GNUNET_IDENTITY_PROVIDER_Handle *h,
+struct GNUNET_RECLAIM_Operation *
+GNUNET_RECLAIM_attribute_store (struct GNUNET_RECLAIM_Handle *h,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *pkey,
- const struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attr,
+ const struct GNUNET_RECLAIM_ATTRIBUTE_Claim *attr,
const struct GNUNET_TIME_Relative *exp_interval,
- GNUNET_IDENTITY_PROVIDER_ContinuationWithStatus cont,
+ GNUNET_RECLAIM_ContinuationWithStatus cont,
void *cont_cls);
@@ -135,19 +135,19 @@ GNUNET_IDENTITY_PROVIDER_attribute_store (struct GNUNET_IDENTITY_PROVIDER_Handle
* @param attr the attribute
*/
typedef void
-(*GNUNET_IDENTITY_PROVIDER_AttributeResult) (void *cls,
+(*GNUNET_RECLAIM_AttributeResult) (void *cls,
const struct GNUNET_CRYPTO_EcdsaPublicKey *identity,
- const struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attr);
+ const struct GNUNET_RECLAIM_ATTRIBUTE_Claim *attr);
/**
* List all attributes for a local identity.
- * This MUST lock the `struct GNUNET_IDENTITY_PROVIDER_Handle`
- * for any other calls than #GNUNET_IDENTITY_PROVIDER_get_attributes_next() and
- * #GNUNET_IDENTITY_PROVIDER_get_attributes_stop. @a proc will be called once
+ * This MUST lock the `struct GNUNET_RECLAIM_Handle`
+ * for any other calls than #GNUNET_RECLAIM_get_attributes_next() and
+ * #GNUNET_RECLAIM_get_attributes_stop. @a proc will be called once
* immediately, and then again after
- * #GNUNET_IDENTITY_PROVIDER_get_attributes_next() is invoked.
+ * #GNUNET_RECLAIM_get_attributes_next() is invoked.
*
* On error (disconnect), @a error_cb will be invoked.
* On normal completion, @a finish_cb proc will be
@@ -166,36 +166,36 @@ typedef void
* @param finish_cb_cls closure for @a finish_cb
* @return an iterator handle to use for iteration
*/
-struct GNUNET_IDENTITY_PROVIDER_AttributeIterator *
-GNUNET_IDENTITY_PROVIDER_get_attributes_start (struct GNUNET_IDENTITY_PROVIDER_Handle *h,
+struct GNUNET_RECLAIM_AttributeIterator *
+GNUNET_RECLAIM_get_attributes_start (struct GNUNET_RECLAIM_Handle *h,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity,
GNUNET_SCHEDULER_TaskCallback error_cb,
void *error_cb_cls,
- GNUNET_IDENTITY_PROVIDER_AttributeResult proc,
+ GNUNET_RECLAIM_AttributeResult proc,
void *proc_cls,
GNUNET_SCHEDULER_TaskCallback finish_cb,
void *finish_cb_cls);
/**
- * Calls the record processor specified in #GNUNET_IDENTITY_PROVIDER_get_attributes_start
+ * Calls the record processor specified in #GNUNET_RECLAIM_get_attributes_start
* for the next record.
*
* @param it the iterator
*/
void
-GNUNET_IDENTITY_PROVIDER_get_attributes_next (struct GNUNET_IDENTITY_PROVIDER_AttributeIterator *it);
+GNUNET_RECLAIM_get_attributes_next (struct GNUNET_RECLAIM_AttributeIterator *it);
/**
* Stops iteration and releases the idp handle for further calls. Must
* be called on any iteration that has not yet completed prior to calling
- * #GNUNET_IDENTITY_PROVIDER_disconnect.
+ * #GNUNET_RECLAIM_disconnect.
*
* @param it the iterator
*/
void
-GNUNET_IDENTITY_PROVIDER_get_attributes_stop (struct GNUNET_IDENTITY_PROVIDER_AttributeIterator *it);
+GNUNET_RECLAIM_get_attributes_stop (struct GNUNET_RECLAIM_AttributeIterator *it);
/**
@@ -207,12 +207,12 @@ GNUNET_IDENTITY_PROVIDER_get_attributes_stop (struct GNUNET_IDENTITY_PROVIDER_At
* @param ticket the ticket
*/
typedef void
-(*GNUNET_IDENTITY_PROVIDER_TicketCallback)(void *cls,
- const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket);
+(*GNUNET_RECLAIM_TicketCallback)(void *cls,
+ const struct GNUNET_RECLAIM_Ticket *ticket);
/**
* Issues a ticket to another identity. The identity may use
- * GNUNET_IDENTITY_PROVIDER_ticket_consume to consume the ticket
+ * GNUNET_RECLAIM_ticket_consume to consume the ticket
* and retrieve the attributes specified in the AttributeList.
*
* @param h the identity provider to use
@@ -223,12 +223,12 @@ typedef void
* @param cb_cls the callback closure
* @return handle to abort the operation
*/
-struct GNUNET_IDENTITY_PROVIDER_Operation *
-GNUNET_IDENTITY_PROVIDER_ticket_issue (struct GNUNET_IDENTITY_PROVIDER_Handle *h,
+struct GNUNET_RECLAIM_Operation *
+GNUNET_RECLAIM_ticket_issue (struct GNUNET_RECLAIM_Handle *h,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *iss,
const struct GNUNET_CRYPTO_EcdsaPublicKey *rp,
- const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs,
- GNUNET_IDENTITY_PROVIDER_TicketCallback cb,
+ const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs,
+ GNUNET_RECLAIM_TicketCallback cb,
void *cb_cls);
/**
@@ -242,11 +242,11 @@ GNUNET_IDENTITY_PROVIDER_ticket_issue (struct GNUNET_IDENTITY_PROVIDER_Handle *h
* @param cb_cls the callback closure
* @return handle to abort the operation
*/
-struct GNUNET_IDENTITY_PROVIDER_Operation *
-GNUNET_IDENTITY_PROVIDER_ticket_revoke (struct GNUNET_IDENTITY_PROVIDER_Handle *h,
+struct GNUNET_RECLAIM_Operation *
+GNUNET_RECLAIM_ticket_revoke (struct GNUNET_RECLAIM_Handle *h,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity,
- const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket,
- GNUNET_IDENTITY_PROVIDER_ContinuationWithStatus cb,
+ const struct GNUNET_RECLAIM_Ticket *ticket,
+ GNUNET_RECLAIM_ContinuationWithStatus cb,
void *cb_cls);
@@ -262,11 +262,11 @@ GNUNET_IDENTITY_PROVIDER_ticket_revoke (struct GNUNET_IDENTITY_PROVIDER_Handle *
* @param cb_cls the callback closure
* @return handle to abort the operation
*/
-struct GNUNET_IDENTITY_PROVIDER_Operation *
-GNUNET_IDENTITY_PROVIDER_ticket_consume (struct GNUNET_IDENTITY_PROVIDER_Handle *h,
+struct GNUNET_RECLAIM_Operation *
+GNUNET_RECLAIM_ticket_consume (struct GNUNET_RECLAIM_Handle *h,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity,
- const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket,
- GNUNET_IDENTITY_PROVIDER_AttributeResult cb,
+ const struct GNUNET_RECLAIM_Ticket *ticket,
+ GNUNET_RECLAIM_AttributeResult cb,
void *cb_cls);
/**
@@ -286,12 +286,12 @@ GNUNET_IDENTITY_PROVIDER_ticket_consume (struct GNUNET_IDENTITY_PROVIDER_Handle
* @param finish_cb_cls closure for @a finish_cb
* @return an iterator handle to use for iteration
*/
-struct GNUNET_IDENTITY_PROVIDER_TicketIterator *
-GNUNET_IDENTITY_PROVIDER_ticket_iteration_start (struct GNUNET_IDENTITY_PROVIDER_Handle *h,
+struct GNUNET_RECLAIM_TicketIterator *
+GNUNET_RECLAIM_ticket_iteration_start (struct GNUNET_RECLAIM_Handle *h,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity,
GNUNET_SCHEDULER_TaskCallback error_cb,
void *error_cb_cls,
- GNUNET_IDENTITY_PROVIDER_TicketCallback proc,
+ GNUNET_RECLAIM_TicketCallback proc,
void *proc_cls,
GNUNET_SCHEDULER_TaskCallback finish_cb,
void *finish_cb_cls);
@@ -313,34 +313,34 @@ GNUNET_IDENTITY_PROVIDER_ticket_iteration_start (struct GNUNET_IDENTITY_PROVIDER
* @param finish_cb_cls closure for @a finish_cb
* @return an iterator handle to use for iteration
*/
-struct GNUNET_IDENTITY_PROVIDER_TicketIterator *
-GNUNET_IDENTITY_PROVIDER_ticket_iteration_start_rp (struct GNUNET_IDENTITY_PROVIDER_Handle *h,
+struct GNUNET_RECLAIM_TicketIterator *
+GNUNET_RECLAIM_ticket_iteration_start_rp (struct GNUNET_RECLAIM_Handle *h,
const struct GNUNET_CRYPTO_EcdsaPublicKey *identity,
GNUNET_SCHEDULER_TaskCallback error_cb,
void *error_cb_cls,
- GNUNET_IDENTITY_PROVIDER_TicketCallback proc,
+ GNUNET_RECLAIM_TicketCallback proc,
void *proc_cls,
GNUNET_SCHEDULER_TaskCallback finish_cb,
void *finish_cb_cls);
/**
- * Calls the record processor specified in #GNUNET_IDENTITY_PROVIDER_ticket_iteration_start
+ * Calls the record processor specified in #GNUNET_RECLAIM_ticket_iteration_start
* for the next record.
*
* @param it the iterator
*/
void
-GNUNET_IDENTITY_PROVIDER_ticket_iteration_next (struct GNUNET_IDENTITY_PROVIDER_TicketIterator *it);
+GNUNET_RECLAIM_ticket_iteration_next (struct GNUNET_RECLAIM_TicketIterator *it);
/**
* Stops iteration and releases the idp handle for further calls. Must
* be called on any iteration that has not yet completed prior to calling
- * #GNUNET_IDENTITY_PROVIDER_disconnect.
+ * #GNUNET_RECLAIM_disconnect.
*
* @param it the iterator
*/
void
-GNUNET_IDENTITY_PROVIDER_ticket_iteration_stop (struct GNUNET_IDENTITY_PROVIDER_TicketIterator *it);
+GNUNET_RECLAIM_ticket_iteration_stop (struct GNUNET_RECLAIM_TicketIterator *it);
/**
* Disconnect from identity provider service.
@@ -348,7 +348,7 @@ GNUNET_IDENTITY_PROVIDER_ticket_iteration_stop (struct GNUNET_IDENTITY_PROVIDER_
* @param h identity provider service to disconnect
*/
void
-GNUNET_IDENTITY_PROVIDER_disconnect (struct GNUNET_IDENTITY_PROVIDER_Handle *h);
+GNUNET_RECLAIM_disconnect (struct GNUNET_RECLAIM_Handle *h);
/**
@@ -360,7 +360,7 @@ GNUNET_IDENTITY_PROVIDER_disconnect (struct GNUNET_IDENTITY_PROVIDER_Handle *h);
* @param op operation to cancel
*/
void
-GNUNET_IDENTITY_PROVIDER_cancel (struct GNUNET_IDENTITY_PROVIDER_Operation *op);
+GNUNET_RECLAIM_cancel (struct GNUNET_RECLAIM_Operation *op);
#if 0 /* keep Emacsens' auto-indent happy */
{
@@ -370,9 +370,9 @@ GNUNET_IDENTITY_PROVIDER_cancel (struct GNUNET_IDENTITY_PROVIDER_Operation *op);
#endif
-/* ifndef GNUNET_IDENTITY_PROVIDER_SERVICE_H */
+/* ifndef GNUNET_RECLAIM_SERVICE_H */
#endif
/** @} */ /* end of group identity */
-/* end of gnunet_identity_provider_service.h */
+/* end of gnunet_reclaim_service.h */
diff --git a/src/include/gnunet_signatures.h b/src/include/gnunet_signatures.h
index d7accaf2c..829f8be7e 100644
--- a/src/include/gnunet_signatures.h
+++ b/src/include/gnunet_signatures.h
@@ -151,12 +151,12 @@ extern "C"
/**
* Signature for the first round of distributed key generation.
*/
-#define GNUNET_SIGNATURE_PURPOSE_SECRETSHARING_DKG1 22
+#define GNUNET_SIGNATURE_PURPOSE_SECRETSHARING_DKG1 21
/**
* Signature for the second round of distributed key generation.
*/
-#define GNUNET_SIGNATURE_PURPOSE_SECRETSHARING_DKG2 23
+#define GNUNET_SIGNATURE_PURPOSE_SECRETSHARING_DKG2 22
/**
* Signature for cooperatice decryption.
@@ -181,7 +181,7 @@ extern "C"
/**
* Signature for a GNUid Ticket
*/
-#define GNUNET_SIGNATURE_PURPOSE_GNUID_TICKET 27
+#define GNUNET_SIGNATURE_PURPOSE_RECLAIM_CODE_SIGN 27
/**
* Signature for a GNUnet credential
diff --git a/src/include/gnunet_strings_lib.h b/src/include/gnunet_strings_lib.h
index 1fdab93b2..c1d76ef71 100644
--- a/src/include/gnunet_strings_lib.h
+++ b/src/include/gnunet_strings_lib.h
@@ -11,7 +11,7 @@
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Affero General Public License for more details.
-
+
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -339,7 +339,9 @@ GNUNET_STRINGS_string_to_data (const char *enc,
* @return the size of the output
*/
size_t
-GNUNET_STRINGS_base64_encode (const char *data, size_t len, char **output);
+GNUNET_STRINGS_base64_encode (const void *in,
+ size_t len,
+ char **output);
/**
@@ -354,7 +356,7 @@ GNUNET_STRINGS_base64_encode (const char *data, size_t len, char **output);
size_t
GNUNET_STRINGS_base64_decode (const char *data,
size_t len,
- char **output);
+ void **output);
/**
diff --git a/src/multicast/gnunet-service-multicast.c b/src/multicast/gnunet-service-multicast.c
index 20d29b906..f8441cc2b 100644
--- a/src/multicast/gnunet-service-multicast.c
+++ b/src/multicast/gnunet-service-multicast.c
@@ -1449,17 +1449,15 @@ check_client_member_join (void *cls,
struct GNUNET_PeerIdentity *relays = (struct GNUNET_PeerIdentity *) &msg[1];
uint32_t relay_count = ntohl (msg->relay_count);
- if (0 == relay_count)
+ if (0 != relay_count)
{
- GNUNET_break (0);
- return GNUNET_SYSERR;
- }
- if (UINT32_MAX / relay_count < sizeof (*relays)){
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- "relay_count (%lu) * sizeof (*relays) (%lu) exceeds UINT32_MAX!\n",
- (unsigned long)relay_count,
- sizeof (*relays));
- return GNUNET_SYSERR;
+ if (UINT32_MAX / relay_count < sizeof (*relays)){
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "relay_count (%lu) * sizeof (*relays) (%lu) exceeds UINT32_MAX!\n",
+ (unsigned long)relay_count,
+ sizeof (*relays));
+ return GNUNET_SYSERR;
+ }
}
uint32_t relay_size = relay_count * sizeof (*relays);
struct GNUNET_MessageHeader *join_msg = NULL;
diff --git a/src/multicast/test_multicast_multipeer.c b/src/multicast/test_multicast_multipeer.c
index 3a7c6d961..7766ff875 100644
--- a/src/multicast/test_multicast_multipeer.c
+++ b/src/multicast/test_multicast_multipeer.c
@@ -160,6 +160,7 @@ notify (void *cls,
*data_size = sizeof (struct pingpong_msg);
GNUNET_memcpy(data, pp_msg, *data_size);
+ GNUNET_free (pp_msg);
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Peer #%u sents ping to origin\n", mc_peer->peer);
@@ -328,6 +329,7 @@ origin_notify (void *cls,
pp_msg->msg = PONG;
*data_size = sizeof (struct pingpong_msg);
GNUNET_memcpy(data, pp_msg, *data_size);
+ GNUNET_free (pp_msg);
GNUNET_log (GNUNET_ERROR_TYPE_INFO, "origin sends pong\n");
diff --git a/src/namestore/gnunet-zoneimport.c b/src/namestore/gnunet-zoneimport.c
index 6c89cdb05..ddc8b483a 100644
--- a/src/namestore/gnunet-zoneimport.c
+++ b/src/namestore/gnunet-zoneimport.c
@@ -11,7 +11,7 @@
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Affero General Public License for more details.
-
+
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -456,6 +456,7 @@ build_dns_query (struct Request *req,
char *rawp;
struct GNUNET_DNSPARSER_Packet p;
struct GNUNET_DNSPARSER_Query q;
+ int ret;
q.name = (char *) req->hostname;
q.type = GNUNET_DNSPARSER_TYPE_NS;
@@ -467,12 +468,14 @@ build_dns_query (struct Request *req,
p.num_queries = 1;
p.queries = &q;
p.id = req->id;
- if (GNUNET_OK !=
- GNUNET_DNSPARSER_pack (&p,
- UINT16_MAX,
- &rawp,
- raw_size))
+ ret = GNUNET_DNSPARSER_pack (&p,
+ UINT16_MAX,
+ &rawp,
+ raw_size);
+ if (GNUNET_OK != ret)
{
+ if (GNUNET_NO == ret)
+ GNUNET_free (rawp);
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Failed to pack query for hostname `%s'\n",
req->hostname);
diff --git a/src/namestore/plugin_namestore_flat.c b/src/namestore/plugin_namestore_flat.c
index 33c48b244..e16fe91b7 100644
--- a/src/namestore/plugin_namestore_flat.c
+++ b/src/namestore/plugin_namestore_flat.c
@@ -55,7 +55,7 @@ struct FlatFileEntry
/**
* Entry zone
*/
- struct GNUNET_CRYPTO_EcdsaPrivateKey *private_key;
+ struct GNUNET_CRYPTO_EcdsaPrivateKey private_key;
/**
* Record cound
@@ -93,7 +93,6 @@ static int
database_setup (struct Plugin *plugin)
{
char *afsdir;
- char *key;
char *record_data;
char *zone_private_key;
char *record_data_b64;
@@ -104,7 +103,6 @@ database_setup (struct Plugin *plugin)
char *record_count;
size_t record_data_size;
uint64_t size;
- size_t key_len;
struct GNUNET_HashCode hkey;
struct GNUNET_DISK_FileHandle *fh;
struct FlatFileEntry *entry;
@@ -232,7 +230,7 @@ database_setup (struct Plugin *plugin)
record_data_size
= GNUNET_STRINGS_base64_decode (record_data_b64,
strlen (record_data_b64),
- &record_data);
+ (void **) &record_data);
entry->record_data =
GNUNET_new_array (entry->record_count,
struct GNUNET_GNSRECORD_Data);
@@ -251,21 +249,34 @@ database_setup (struct Plugin *plugin)
break;
}
GNUNET_free (record_data);
- GNUNET_STRINGS_base64_decode (zone_private_key,
- strlen (zone_private_key),
- (char**)&entry->private_key);
- key_len = strlen (label) + sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey);
- key = GNUNET_malloc (strlen (label) + sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey));
- GNUNET_memcpy (key,
- label,
- strlen (label));
- GNUNET_memcpy (key+strlen(label),
- entry->private_key,
- sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey));
- GNUNET_CRYPTO_hash (key,
- key_len,
- &hkey);
- GNUNET_free (key);
+
+ {
+ struct GNUNET_CRYPTO_EcdsaPrivateKey *private_key;
+
+ GNUNET_STRINGS_base64_decode (zone_private_key,
+ strlen (zone_private_key),
+ (void**)&private_key);
+ entry->private_key = *private_key;
+ GNUNET_free (private_key);
+ }
+
+ {
+ char *key;
+ size_t key_len;
+
+ key_len = strlen (label) + sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey);
+ key = GNUNET_malloc (strlen (label) + sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey));
+ GNUNET_memcpy (key,
+ label,
+ strlen (label));
+ GNUNET_memcpy (key+strlen(label),
+ &entry->private_key,
+ sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey));
+ GNUNET_CRYPTO_hash (key,
+ key_len,
+ &hkey);
+ GNUNET_free (key);
+ }
if (GNUNET_OK !=
GNUNET_CONTAINER_multihashmap_put (plugin->hm,
&hkey,
@@ -302,7 +313,7 @@ store_and_free_entries (void *cls,
ssize_t data_size;
(void) key;
- GNUNET_STRINGS_base64_encode ((char*)entry->private_key,
+ GNUNET_STRINGS_base64_encode (&entry->private_key,
sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey),
&zone_private_key);
data_size = GNUNET_GNSRECORD_records_get_size (entry->record_count,
@@ -353,7 +364,6 @@ store_and_free_entries (void *cls,
strlen (line));
GNUNET_free (line);
- GNUNET_free (entry->private_key);
GNUNET_free (entry->label);
GNUNET_free (entry->record_data);
GNUNET_free (entry);
@@ -441,11 +451,10 @@ namestore_flat_store_records (void *cls,
return GNUNET_OK;
}
entry = GNUNET_new (struct FlatFileEntry);
- entry->private_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPrivateKey);
GNUNET_asprintf (&entry->label,
label,
strlen (label));
- GNUNET_memcpy (entry->private_key,
+ GNUNET_memcpy (&entry->private_key,
zone_key,
sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey));
entry->rvalue = rvalue;
@@ -519,7 +528,7 @@ namestore_flat_lookup_records (void *cls,
if (NULL != iter)
iter (iter_cls,
0,
- entry->private_key,
+ &entry->private_key,
entry->label,
entry->record_count,
entry->record_data);
@@ -586,7 +595,7 @@ iterate_zones (void *cls,
if (0 == ic->limit)
return GNUNET_NO;
if ( (NULL != ic->zone) &&
- (0 != memcmp (entry->private_key,
+ (0 != memcmp (&entry->private_key,
ic->zone,
sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey))) )
return GNUNET_YES;
@@ -598,7 +607,7 @@ iterate_zones (void *cls,
}
ic->iter (ic->iter_cls,
ic->pos,
- entry->private_key,
+ &entry->private_key,
entry->label,
entry->record_count,
entry->record_data);
@@ -668,7 +677,7 @@ zone_to_name (void *cls,
struct FlatFileEntry *entry = value;
(void) key;
- if (0 != memcmp (entry->private_key,
+ if (0 != memcmp (&entry->private_key,
ztn->zone,
sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)))
return GNUNET_YES;
@@ -683,7 +692,7 @@ zone_to_name (void *cls,
{
ztn->iter (ztn->iter_cls,
0,
- entry->private_key,
+ &entry->private_key,
entry->label,
entry->record_count,
entry->record_data);
diff --git a/src/psyc/Makefile.am b/src/psyc/Makefile.am
index 26db608f3..d5c797f52 100644
--- a/src/psyc/Makefile.am
+++ b/src/psyc/Makefile.am
@@ -48,8 +48,8 @@ gnunet_service_psyc_CFLAGS = $(AM_CFLAGS)
if HAVE_TESTING
-check_PROGRAMS = \
- test_psyc2
+#check_PROGRAMS = \
+# test_psyc2
# test_psyc
endif
diff --git a/src/identity-attribute/Makefile.am b/src/reclaim-attribute/Makefile.am
index 2c73a443e..7db2925b1 100644
--- a/src/identity-attribute/Makefile.am
+++ b/src/reclaim-attribute/Makefile.am
@@ -17,28 +17,28 @@ if USE_COVERAGE
endif
lib_LTLIBRARIES = \
- libgnunetidentityattribute.la
+ libgnunetreclaimattribute.la
-libgnunetidentityattribute_la_SOURCES = \
- identity_attribute.c
-libgnunetidentityattribute_la_LIBADD = \
+libgnunetreclaimattribute_la_SOURCES = \
+ reclaim_attribute.c
+libgnunetreclaimattribute_la_LIBADD = \
$(top_builddir)/src/util/libgnunetutil.la \
$(GN_LIBINTL)
-libgnunetidentityattribute_la_LDFLAGS = \
+libgnunetreclaimattribute_la_LDFLAGS = \
$(GN_LIB_LDFLAGS) $(WINFLAGS) \
-version-info 0:0:0
plugin_LTLIBRARIES = \
- libgnunet_plugin_identity_attribute_gnuid.la
+ libgnunet_plugin_reclaim_attribute_gnuid.la
-libgnunet_plugin_identity_attribute_gnuid_la_SOURCES = \
- plugin_identity_attribute_gnuid.c
-libgnunet_plugin_identity_attribute_gnuid_la_LIBADD = \
+libgnunet_plugin_reclaim_attribute_gnuid_la_SOURCES = \
+ plugin_reclaim_attribute_gnuid.c
+libgnunet_plugin_reclaim_attribute_gnuid_la_LIBADD = \
$(top_builddir)/src/util/libgnunetutil.la \
$(LTLIBINTL)
-libgnunet_plugin_identity_attribute_gnuid_la_LDFLAGS = \
+libgnunet_plugin_reclaim_attribute_gnuid_la_LDFLAGS = \
$(GN_PLUGIN_LDFLAGS)
diff --git a/src/identity-attribute/plugin_identity_attribute_gnuid.c b/src/reclaim-attribute/plugin_reclaim_attribute_gnuid.c
index c09b167f5..48afc0732 100644
--- a/src/identity-attribute/plugin_identity_attribute_gnuid.c
+++ b/src/reclaim-attribute/plugin_reclaim_attribute_gnuid.c
@@ -17,7 +17,7 @@
*/
/**
- * @file identity-attribute/plugin_identity_attribute_gnuid.c
+ * @file reclaim-attribute/plugin_reclaim_attribute_gnuid.c
* @brief identity attribute plugin to provide the API for fundamental
* attribute types.
*
@@ -25,7 +25,7 @@
*/
#include "platform.h"
#include "gnunet_util_lib.h"
-#include "gnunet_identity_attribute_plugin.h"
+#include "gnunet_reclaim_attribute_plugin.h"
#include <inttypes.h>
@@ -47,7 +47,7 @@ gnuid_value_to_string (void *cls,
switch (type)
{
- case GNUNET_IDENTITY_ATTRIBUTE_TYPE_STRING:
+ case GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING:
return GNUNET_strndup (data, data_size);
default:
return NULL;
@@ -78,7 +78,7 @@ gnuid_string_to_value (void *cls,
switch (type)
{
- case GNUNET_IDENTITY_ATTRIBUTE_TYPE_STRING:
+ case GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING:
*data = GNUNET_strdup (s);
*data_size = strlen (s);
return GNUNET_OK;
@@ -96,7 +96,7 @@ static struct {
const char *name;
uint32_t number;
} gnuid_name_map[] = {
- { "STRING", GNUNET_IDENTITY_ATTRIBUTE_TYPE_STRING },
+ { "STRING", GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING },
{ NULL, UINT32_MAX }
};
@@ -151,11 +151,11 @@ gnuid_number_to_typename (void *cls,
* @return the exported block API
*/
void *
-libgnunet_plugin_identity_attribute_gnuid_init (void *cls)
+libgnunet_plugin_reclaim_attribute_gnuid_init (void *cls)
{
- struct GNUNET_IDENTITY_ATTRIBUTE_PluginFunctions *api;
+ struct GNUNET_RECLAIM_ATTRIBUTE_PluginFunctions *api;
- api = GNUNET_new (struct GNUNET_IDENTITY_ATTRIBUTE_PluginFunctions);
+ api = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_PluginFunctions);
api->value_to_string = &gnuid_value_to_string;
api->string_to_value = &gnuid_string_to_value;
api->typename_to_number = &gnuid_typename_to_number;
@@ -171,12 +171,12 @@ libgnunet_plugin_identity_attribute_gnuid_init (void *cls)
* @return NULL
*/
void *
-libgnunet_plugin_identity_attribute_gnuid_done (void *cls)
+libgnunet_plugin_reclaim_attribute_gnuid_done (void *cls)
{
- struct GNUNET_IDENTITY_ATTRIBUTE_PluginFunctions *api = cls;
+ struct GNUNET_RECLAIM_ATTRIBUTE_PluginFunctions *api = cls;
GNUNET_free (api);
return NULL;
}
-/* end of plugin_identity_attribute_type_gnuid.c */
+/* end of plugin_reclaim_attribute_type_gnuid.c */
diff --git a/src/identity-attribute/identity_attribute.c b/src/reclaim-attribute/reclaim_attribute.c
index 7d47c46a7..1ffa9618f 100644
--- a/src/identity-attribute/identity_attribute.c
+++ b/src/reclaim-attribute/reclaim_attribute.c
@@ -17,14 +17,14 @@
*/
/**
- * @file identity-attribute/identity_attribute.c
+ * @file reclaim-attribute/reclaim_attribute.c
* @brief helper library to manage identity attributes
* @author Martin Schanzenbach
*/
#include "platform.h"
#include "gnunet_util_lib.h"
-#include "identity_attribute.h"
-#include "gnunet_identity_attribute_plugin.h"
+#include "reclaim_attribute.h"
+#include "gnunet_reclaim_attribute_plugin.h"
/**
* Handle for a plugin
@@ -39,7 +39,7 @@ struct Plugin
/**
* Plugin API
*/
- struct GNUNET_IDENTITY_ATTRIBUTE_PluginFunctions *api;
+ struct GNUNET_RECLAIM_ATTRIBUTE_PluginFunctions *api;
};
/**
@@ -65,7 +65,7 @@ add_plugin (void* cls,
const char *library_name,
void *lib_ret)
{
- struct GNUNET_IDENTITY_ATTRIBUTE_PluginFunctions *api = lib_ret;
+ struct GNUNET_RECLAIM_ATTRIBUTE_PluginFunctions *api = lib_ret;
struct Plugin *plugin;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
@@ -86,7 +86,7 @@ init()
if (GNUNET_YES == initialized)
return;
initialized = GNUNET_YES;
- GNUNET_PLUGIN_load_all ("libgnunet_plugin_identity_attribute_", NULL,
+ GNUNET_PLUGIN_load_all ("libgnunet_plugin_reclaim_attribute_", NULL,
&add_plugin, NULL);
}
@@ -97,7 +97,7 @@ init()
* @return corresponding number, UINT32_MAX on error
*/
uint32_t
-GNUNET_IDENTITY_ATTRIBUTE_typename_to_number (const char *typename)
+GNUNET_RECLAIM_ATTRIBUTE_typename_to_number (const char *typename)
{
unsigned int i;
struct Plugin *plugin;
@@ -121,7 +121,7 @@ GNUNET_IDENTITY_ATTRIBUTE_typename_to_number (const char *typename)
* @return corresponding typestring, NULL on error
*/
const char*
-GNUNET_IDENTITY_ATTRIBUTE_number_to_typename (uint32_t type)
+GNUNET_RECLAIM_ATTRIBUTE_number_to_typename (uint32_t type)
{
unsigned int i;
struct Plugin *plugin;
@@ -149,7 +149,7 @@ GNUNET_IDENTITY_ATTRIBUTE_number_to_typename (uint32_t type)
* @return #GNUNET_OK on success
*/
int
-GNUNET_IDENTITY_ATTRIBUTE_string_to_value (uint32_t type,
+GNUNET_RECLAIM_ATTRIBUTE_string_to_value (uint32_t type,
const char *s,
void **data,
size_t *data_size)
@@ -180,7 +180,7 @@ GNUNET_IDENTITY_ATTRIBUTE_string_to_value (uint32_t type,
* @return NULL on error, otherwise human-readable representation of the claim
*/
char *
-GNUNET_IDENTITY_ATTRIBUTE_value_to_string (uint32_t type,
+GNUNET_RECLAIM_ATTRIBUTE_value_to_string (uint32_t type,
const void* data,
size_t data_size)
{
@@ -210,31 +210,35 @@ GNUNET_IDENTITY_ATTRIBUTE_value_to_string (uint32_t type,
* @param data_size the attribute value size
* @return the new attribute
*/
-struct GNUNET_IDENTITY_ATTRIBUTE_Claim *
-GNUNET_IDENTITY_ATTRIBUTE_claim_new (const char* attr_name,
+struct GNUNET_RECLAIM_ATTRIBUTE_Claim *
+GNUNET_RECLAIM_ATTRIBUTE_claim_new (const char* attr_name,
uint32_t type,
const void* data,
size_t data_size)
{
- struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attr;
+ struct GNUNET_RECLAIM_ATTRIBUTE_Claim *attr;
char *write_ptr;
+ char *attr_name_tmp = GNUNET_strdup (attr_name);
- attr = GNUNET_malloc (sizeof (struct GNUNET_IDENTITY_ATTRIBUTE_Claim) +
- strlen (attr_name) + 1 +
+ GNUNET_STRINGS_utf8_tolower (attr_name, attr_name_tmp);
+
+ attr = GNUNET_malloc (sizeof (struct GNUNET_RECLAIM_ATTRIBUTE_Claim) +
+ strlen (attr_name_tmp) + 1 +
data_size);
attr->type = type;
attr->data_size = data_size;
attr->version = 0;
write_ptr = (char*)&attr[1];
GNUNET_memcpy (write_ptr,
- attr_name,
- strlen (attr_name) + 1);
+ attr_name_tmp,
+ strlen (attr_name_tmp) + 1);
attr->name = write_ptr;
write_ptr += strlen (attr->name) + 1;
GNUNET_memcpy (write_ptr,
data,
data_size);
attr->data = write_ptr;
+ GNUNET_free (attr_name_tmp);
return attr;
}
@@ -249,15 +253,15 @@ GNUNET_IDENTITY_ATTRIBUTE_claim_new (const char* attr_name,
* @return
*/
void
-GNUNET_IDENTITY_ATTRIBUTE_list_add (struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *claim_list,
+GNUNET_RECLAIM_ATTRIBUTE_list_add (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *claim_list,
const char* attr_name,
uint32_t type,
const void* data,
size_t data_size)
{
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *le;
- le = GNUNET_new (struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry);
- le->claim = GNUNET_IDENTITY_ATTRIBUTE_claim_new (attr_name,
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le;
+ le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
+ le->claim = GNUNET_RECLAIM_ATTRIBUTE_claim_new (attr_name,
type,
data,
data_size);
@@ -267,20 +271,20 @@ GNUNET_IDENTITY_ATTRIBUTE_list_add (struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *
}
size_t
-GNUNET_IDENTITY_ATTRIBUTE_list_serialize_get_size (const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs)
+GNUNET_RECLAIM_ATTRIBUTE_list_serialize_get_size (const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs)
{
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *le;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le;
size_t len = 0;
for (le = attrs->list_head; NULL != le; le = le->next)
- len += GNUNET_IDENTITY_ATTRIBUTE_serialize_get_size (le->claim);
+ len += GNUNET_RECLAIM_ATTRIBUTE_serialize_get_size (le->claim);
return len;
}
size_t
-GNUNET_IDENTITY_ATTRIBUTE_list_serialize (const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs,
+GNUNET_RECLAIM_ATTRIBUTE_list_serialize (const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs,
char *result)
{
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *le;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le;
size_t len;
size_t total_len;
char* write_ptr;
@@ -289,7 +293,7 @@ GNUNET_IDENTITY_ATTRIBUTE_list_serialize (const struct GNUNET_IDENTITY_ATTRIBUTE
total_len = 0;
for (le = attrs->list_head; NULL != le; le = le->next)
{
- len = GNUNET_IDENTITY_ATTRIBUTE_serialize (le->claim,
+ len = GNUNET_RECLAIM_ATTRIBUTE_serialize (le->claim,
write_ptr);
total_len += len;
write_ptr += len;
@@ -297,49 +301,49 @@ GNUNET_IDENTITY_ATTRIBUTE_list_serialize (const struct GNUNET_IDENTITY_ATTRIBUTE
return total_len;
}
-struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *
-GNUNET_IDENTITY_ATTRIBUTE_list_deserialize (const char* data,
+struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *
+GNUNET_RECLAIM_ATTRIBUTE_list_deserialize (const char* data,
size_t data_size)
{
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs;
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *le;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le;
size_t attr_len;
const char* read_ptr;
if (data_size < sizeof (struct Attribute))
return NULL;
- attrs = GNUNET_new (struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList);
+ attrs = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList);
read_ptr = data;
while (((data + data_size) - read_ptr) >= sizeof (struct Attribute))
{
- le = GNUNET_new (struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry);
- le->claim = GNUNET_IDENTITY_ATTRIBUTE_deserialize (read_ptr,
+ le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
+ le->claim = GNUNET_RECLAIM_ATTRIBUTE_deserialize (read_ptr,
data_size - (read_ptr - data));
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Deserialized attribute %s\n", le->claim->name);
GNUNET_CONTAINER_DLL_insert (attrs->list_head,
attrs->list_tail,
le);
- attr_len = GNUNET_IDENTITY_ATTRIBUTE_serialize_get_size (le->claim);
+ attr_len = GNUNET_RECLAIM_ATTRIBUTE_serialize_get_size (le->claim);
read_ptr += attr_len;
}
return attrs;
}
-struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList*
-GNUNET_IDENTITY_ATTRIBUTE_list_dup (const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs)
+struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList*
+GNUNET_RECLAIM_ATTRIBUTE_list_dup (const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs)
{
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *le;
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *result_le;
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *result;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *result_le;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *result;
- result = GNUNET_new (struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList);
+ result = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList);
for (le = attrs->list_head; NULL != le; le = le->next)
{
- result_le = GNUNET_new (struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry);
- result_le->claim = GNUNET_IDENTITY_ATTRIBUTE_claim_new (le->claim->name,
+ result_le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
+ result_le->claim = GNUNET_RECLAIM_ATTRIBUTE_claim_new (le->claim->name,
le->claim->type,
le->claim->data,
le->claim->data_size);
@@ -352,10 +356,10 @@ GNUNET_IDENTITY_ATTRIBUTE_list_dup (const struct GNUNET_IDENTITY_ATTRIBUTE_Claim
void
-GNUNET_IDENTITY_ATTRIBUTE_list_destroy (struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs)
+GNUNET_RECLAIM_ATTRIBUTE_list_destroy (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs)
{
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *le;
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *tmp_le;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *tmp_le;
for (le = attrs->list_head; NULL != le;)
{
@@ -369,7 +373,7 @@ GNUNET_IDENTITY_ATTRIBUTE_list_destroy (struct GNUNET_IDENTITY_ATTRIBUTE_ClaimLi
}
size_t
-GNUNET_IDENTITY_ATTRIBUTE_serialize_get_size (const struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attr)
+GNUNET_RECLAIM_ATTRIBUTE_serialize_get_size (const struct GNUNET_RECLAIM_ATTRIBUTE_Claim *attr)
{
return sizeof (struct Attribute)
+ strlen (attr->name)
@@ -377,7 +381,7 @@ GNUNET_IDENTITY_ATTRIBUTE_serialize_get_size (const struct GNUNET_IDENTITY_ATTRI
}
size_t
-GNUNET_IDENTITY_ATTRIBUTE_serialize (const struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attr,
+GNUNET_RECLAIM_ATTRIBUTE_serialize (const struct GNUNET_RECLAIM_ATTRIBUTE_Claim *attr,
char *result)
{
size_t data_len_ser;
@@ -403,11 +407,11 @@ GNUNET_IDENTITY_ATTRIBUTE_serialize (const struct GNUNET_IDENTITY_ATTRIBUTE_Clai
return sizeof (struct Attribute) + strlen (attr->name) + attr->data_size;
}
-struct GNUNET_IDENTITY_ATTRIBUTE_Claim *
-GNUNET_IDENTITY_ATTRIBUTE_deserialize (const char* data,
+struct GNUNET_RECLAIM_ATTRIBUTE_Claim *
+GNUNET_RECLAIM_ATTRIBUTE_deserialize (const char* data,
size_t data_size)
{
- struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attr;
+ struct GNUNET_RECLAIM_ATTRIBUTE_Claim *attr;
struct Attribute *attr_ser;
size_t data_len;
size_t name_len;
@@ -419,7 +423,7 @@ GNUNET_IDENTITY_ATTRIBUTE_deserialize (const char* data,
attr_ser = (struct Attribute*)data;
data_len = ntohs (attr_ser->data_size);
name_len = ntohs (attr_ser->name_len);
- attr = GNUNET_malloc (sizeof (struct GNUNET_IDENTITY_ATTRIBUTE_Claim)
+ attr = GNUNET_malloc (sizeof (struct GNUNET_RECLAIM_ATTRIBUTE_Claim)
+ data_len + name_len + 1);
attr->type = ntohs (attr_ser->attribute_type);
attr->version = ntohl (attr_ser->attribute_version);
@@ -441,4 +445,4 @@ GNUNET_IDENTITY_ATTRIBUTE_deserialize (const char* data,
}
-/* end of identity_attribute.c */
+/* end of reclaim_attribute.c */
diff --git a/src/identity-attribute/identity_attribute.h b/src/reclaim-attribute/reclaim_attribute.h
index 2346dcde1..746d32980 100644
--- a/src/identity-attribute/identity_attribute.h
+++ b/src/reclaim-attribute/reclaim_attribute.h
@@ -17,14 +17,14 @@
*/
/**
* @author Martin Schanzenbach
- * @file identity-attribute/identity_attribute.h
- * @brief GNUnet Identity attributes
+ * @file reclaim-attribute/reclaim_attribute.h
+ * @brief GNUnet reclaim identity attributes
*
*/
-#ifndef IDENTITY_ATTRIBUTE_H
-#define IDENTITY_ATTRIBUTE_H
+#ifndef RECLAIM_ATTRIBUTE_H
+#define RECLAIM_ATTRIBUTE_H
-#include "gnunet_identity_provider_service.h"
+#include "gnunet_reclaim_service.h"
struct Attribute
{
diff --git a/src/identity-provider/.gitignore b/src/reclaim/.gitignore
index ef77fccdc..ef77fccdc 100644
--- a/src/identity-provider/.gitignore
+++ b/src/reclaim/.gitignore
diff --git a/src/identity-provider/Makefile.am b/src/reclaim/Makefile.am
index 2eb699542..2ee43d21a 100644
--- a/src/identity-provider/Makefile.am
+++ b/src/reclaim/Makefile.am
@@ -13,12 +13,12 @@ if USE_COVERAGE
endif
if HAVE_SQLITE
-SQLITE_PLUGIN = libgnunet_plugin_identity_provider_sqlite.la
+SQLITE_PLUGIN = libgnunet_plugin_reclaim_sqlite.la
endif
EXTRA_DIST = \
- test_idp_defaults.conf \
- test_idp.conf \
+ test_reclaim_defaults.conf \
+ test_reclaim.conf \
$(check_SCRIPTS)
pkgcfgdir= $(pkgdatadir)/config.d/
@@ -26,46 +26,46 @@ pkgcfgdir= $(pkgdatadir)/config.d/
libexecdir= $(pkglibdir)/libexec/
pkgcfg_DATA = \
- identity-provider.conf
+ reclaim.conf
lib_LTLIBRARIES = \
- libgnunetidentityprovider.la
+ libgnunetreclaim.la
plugin_LTLIBRARIES = \
- libgnunet_plugin_rest_identity_provider.la \
+ libgnunet_plugin_rest_reclaim.la \
libgnunet_plugin_rest_openid_connect.la \
- libgnunet_plugin_gnsrecord_identity_provider.la \
+ libgnunet_plugin_gnsrecord_reclaim.la \
$(SQLITE_PLUGIN)
bin_PROGRAMS = \
- gnunet-idp
+ gnunet-reclaim
libexec_PROGRAMS = \
- gnunet-service-identity-provider
+ gnunet-service-reclaim
-libgnunet_plugin_gnsrecord_identity_provider_la_SOURCES = \
- plugin_gnsrecord_identity_provider.c
-libgnunet_plugin_gnsrecord_identity_provider_la_LIBADD = \
+libgnunet_plugin_gnsrecord_reclaim_la_SOURCES = \
+ plugin_gnsrecord_reclaim.c
+libgnunet_plugin_gnsrecord_reclaim_la_LIBADD = \
$(top_builddir)/src/util/libgnunetutil.la \
$(LTLIBINTL)
-libgnunet_plugin_gnsrecord_identity_provider_la_LDFLAGS = \
+libgnunet_plugin_gnsrecord_reclaim_la_LDFLAGS = \
$(GN_PLUGIN_LDFLAGS)
-libgnunet_plugin_identity_provider_sqlite_la_SOURCES = \
- plugin_identity_provider_sqlite.c
-libgnunet_plugin_identity_provider_sqlite_la_LIBADD = \
- libgnunetidentityprovider.la \
+libgnunet_plugin_reclaim_sqlite_la_SOURCES = \
+ plugin_reclaim_sqlite.c
+libgnunet_plugin_reclaim_sqlite_la_LIBADD = \
+ libgnunetreclaim.la \
$(top_builddir)/src/sq/libgnunetsq.la \
$(top_builddir)/src/statistics/libgnunetstatistics.la \
$(top_builddir)/src/util/libgnunetutil.la $(XLIBS) -lsqlite3 \
$(LTLIBINTL)
-libgnunet_plugin_identity_provider_sqlite_la_LDFLAGS = \
+libgnunet_plugin_reclaim_sqlite_la_LDFLAGS = \
$(GN_PLUGIN_LDFLAGS)
-gnunet_service_identity_provider_SOURCES = \
- gnunet-service-identity-provider.c
-gnunet_service_identity_provider_LDADD = \
+gnunet_service_reclaim_SOURCES = \
+ gnunet-service-reclaim.c
+gnunet_service_reclaim_LDADD = \
$(top_builddir)/src/gnsrecord/libgnunetgnsrecord.la \
$(top_builddir)/src/util/libgnunetutil.la \
$(top_builddir)/src/namestore/libgnunetnamestore.la \
@@ -73,66 +73,67 @@ gnunet_service_identity_provider_LDADD = \
$(top_builddir)/src/statistics/libgnunetstatistics.la \
$(top_builddir)/src/abe/libgnunetabe.la \
$(top_builddir)/src/credential/libgnunetcredential.la \
- $(top_builddir)/src/identity-attribute/libgnunetidentityattribute.la \
- libgnunetidentityprovider.la \
+ $(top_builddir)/src/reclaim-attribute/libgnunetreclaimattribute.la \
+ libgnunetreclaim.la \
$(top_builddir)/src/gns/libgnunetgns.la \
$(GN_LIBINTL)
-libgnunetidentityprovider_la_SOURCES = \
- identity_provider_api.c \
- identity_provider.h
-libgnunetidentityprovider_la_LIBADD = \
+libgnunetreclaim_la_SOURCES = \
+ reclaim_api.c \
+ reclaim.h
+libgnunetreclaim_la_LIBADD = \
$(top_builddir)/src/util/libgnunetutil.la \
$(GN_LIBINTL) $(XLIB)
-libgnunetidentityprovider_la_LDFLAGS = \
+libgnunetreclaim_la_LDFLAGS = \
$(GN_LIB_LDFLAGS) $(WINFLAGS) \
-version-info 0:0:0
-libgnunet_plugin_rest_identity_provider_la_SOURCES = \
- plugin_rest_identity_provider.c \
- jwt.c
-libgnunet_plugin_rest_identity_provider_la_LIBADD = \
+libgnunet_plugin_rest_reclaim_la_SOURCES = \
+ plugin_rest_reclaim.c
+libgnunet_plugin_rest_reclaim_la_LIBADD = \
$(top_builddir)/src/identity/libgnunetidentity.la \
- libgnunetidentityprovider.la \
+ libgnunetreclaim.la \
$(top_builddir)/src/rest/libgnunetrest.la \
$(top_builddir)/src/jsonapi/libgnunetjsonapi.la \
- $(top_builddir)/src/identity-attribute/libgnunetidentityattribute.la \
+ $(top_builddir)/src/reclaim-attribute/libgnunetreclaimattribute.la \
$(top_builddir)/src/namestore/libgnunetnamestore.la \
$(top_builddir)/src/util/libgnunetutil.la $(XLIBS) \
$(LTLIBINTL) -ljansson -lmicrohttpd
-libgnunet_plugin_rest_identity_provider_la_LDFLAGS = \
+libgnunet_plugin_rest_reclaim_la_LDFLAGS = \
$(GN_PLUGIN_LDFLAGS)
libgnunet_plugin_rest_openid_connect_la_SOURCES = \
plugin_rest_openid_connect.c \
- jwt.c
+ oidc_helper.c
libgnunet_plugin_rest_openid_connect_la_LIBADD = \
$(top_builddir)/src/identity/libgnunetidentity.la \
- libgnunetidentityprovider.la \
+ libgnunetreclaim.la \
$(top_builddir)/src/rest/libgnunetrest.la \
$(top_builddir)/src/jsonapi/libgnunetjsonapi.la \
- $(top_builddir)/src/identity-attribute/libgnunetidentityattribute.la \
+ $(top_builddir)/src/reclaim-attribute/libgnunetreclaimattribute.la \
$(top_builddir)/src/namestore/libgnunetnamestore.la \
+ $(top_builddir)/src/gns/libgnunetgns.la \
+ $(top_builddir)/src/gnsrecord/libgnunetgnsrecord.la \
$(top_builddir)/src/util/libgnunetutil.la $(XLIBS) \
$(LTLIBINTL) -ljansson -lmicrohttpd
libgnunet_plugin_rest_openid_connect_la_LDFLAGS = \
$(GN_PLUGIN_LDFLAGS)
-gnunet_idp_SOURCES = \
- gnunet-idp.c
-gnunet_idp_LDADD = \
+gnunet_reclaim_SOURCES = \
+ gnunet-reclaim.c
+gnunet_reclaim_LDADD = \
$(top_builddir)/src/util/libgnunetutil.la \
$(top_builddir)/src/namestore/libgnunetnamestore.la \
- libgnunetidentityprovider.la \
+ libgnunetreclaim.la \
$(top_builddir)/src/identity/libgnunetidentity.la \
- $(top_builddir)/src/identity-attribute/libgnunetidentityattribute.la \
+ $(top_builddir)/src/reclaim-attribute/libgnunetreclaimattribute.la \
$(GN_LIBINTL)
check_SCRIPTS = \
- test_idp_attribute.sh \
- test_idp_issue.sh \
- test_idp_consume.sh \
- test_idp_revoke.sh
+ test_reclaim_attribute.sh \
+ test_reclaim_issue.sh \
+ test_reclaim_consume.sh \
+ test_reclaim_revoke.sh
if ENABLE_TEST_RUN
AM_TESTS_ENVIRONMENT=export GNUNET_PREFIX=$${GNUNET_PREFIX:-@libdir@};export PATH=$${GNUNET_PREFIX:-@prefix@}/bin:$$PATH;unset XDG_DATA_HOME;unset XDG_CONFIG_HOME;
diff --git a/src/identity-provider/gnunet-idp.c b/src/reclaim/gnunet-reclaim.c
index 79e4f8d27..677e9f49f 100644
--- a/src/identity-provider/gnunet-idp.c
+++ b/src/reclaim/gnunet-reclaim.c
@@ -17,7 +17,7 @@
*/
/**
* @author Martin Schanzenbach
- * @file src/identity-provider/gnunet-idp.c
+ * @file src/reclaim/gnunet-reclaim.c
* @brief Identity Provider utility
*
*/
@@ -25,7 +25,7 @@
#include "platform.h"
#include "gnunet_util_lib.h"
#include "gnunet_namestore_service.h"
-#include "gnunet_identity_provider_service.h"
+#include "gnunet_reclaim_service.h"
#include "gnunet_identity_service.h"
#include "gnunet_signatures.h"
@@ -85,19 +85,19 @@ static char* ego_name;
static struct GNUNET_IDENTITY_Handle *identity_handle;
/**
- * IdP handle
+ * reclaim handle
*/
-static struct GNUNET_IDENTITY_PROVIDER_Handle *idp_handle;
+static struct GNUNET_RECLAIM_Handle *reclaim_handle;
/**
- * IdP operation
+ * reclaim operation
*/
-static struct GNUNET_IDENTITY_PROVIDER_Operation *idp_op;
+static struct GNUNET_RECLAIM_Operation *reclaim_op;
/**
* Attribute iterator
*/
-static struct GNUNET_IDENTITY_PROVIDER_AttributeIterator *attr_iterator;
+static struct GNUNET_RECLAIM_AttributeIterator *attr_iterator;
/**
* Master ABE key
@@ -117,12 +117,12 @@ static struct GNUNET_CRYPTO_EcdsaPublicKey rp_key;
/**
* Ticket to consume
*/
-static struct GNUNET_IDENTITY_PROVIDER_Ticket ticket;
+static struct GNUNET_RECLAIM_Ticket ticket;
/**
* Attribute list
*/
-static struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attr_list;
+static struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attr_list;
/**
* Attribute expiration interval
@@ -134,17 +134,28 @@ static struct GNUNET_TIME_Relative exp_interval;
*/
static struct GNUNET_SCHEDULER_Task *timeout;
+/**
+ * Cleanup task
+ */
+static struct GNUNET_SCHEDULER_Task *cleanup_task;
+
+/**
+ * Claim to store
+ */
+struct GNUNET_RECLAIM_ATTRIBUTE_Claim *claim;
+
static void
do_cleanup(void *cls)
{
+ cleanup_task = NULL;
if (NULL != timeout)
GNUNET_SCHEDULER_cancel (timeout);
- if (NULL != idp_op)
- GNUNET_IDENTITY_PROVIDER_cancel (idp_op);
+ if (NULL != reclaim_op)
+ GNUNET_RECLAIM_cancel (reclaim_op);
if (NULL != attr_iterator)
- GNUNET_IDENTITY_PROVIDER_get_attributes_stop (attr_iterator);
- if (NULL != idp_handle)
- GNUNET_IDENTITY_PROVIDER_disconnect (idp_handle);
+ GNUNET_RECLAIM_get_attributes_stop (attr_iterator);
+ if (NULL != reclaim_handle)
+ GNUNET_RECLAIM_disconnect (reclaim_handle);
if (NULL != identity_handle)
GNUNET_IDENTITY_disconnect (identity_handle);
if (NULL != abe_key)
@@ -155,18 +166,18 @@ do_cleanup(void *cls)
static void
ticket_issue_cb (void* cls,
- const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket)
+ const struct GNUNET_RECLAIM_Ticket *ticket)
{
char* ticket_str;
- idp_op = NULL;
+ reclaim_op = NULL;
if (NULL != ticket) {
ticket_str = GNUNET_STRINGS_data_to_string_alloc (ticket,
- sizeof (struct GNUNET_IDENTITY_PROVIDER_Ticket));
+ sizeof (struct GNUNET_RECLAIM_Ticket));
printf("%s\n",
ticket_str);
GNUNET_free (ticket_str);
}
- GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
+ cleanup_task = GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
}
static void
@@ -174,24 +185,26 @@ store_attr_cont (void *cls,
int32_t success,
const char*emsg)
{
- idp_op = NULL;
+ reclaim_op = NULL;
if (GNUNET_SYSERR == success) {
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- "%s\n", emsg);
+ fprintf (stderr,
+ "%s\n", emsg);
}
- GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
+ cleanup_task = GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
}
static void
process_attrs (void *cls,
const struct GNUNET_CRYPTO_EcdsaPublicKey *identity,
- const struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attr)
+ const struct GNUNET_RECLAIM_ATTRIBUTE_Claim *attr)
{
char *value_str;
+ const char* attr_type;
+
if (NULL == identity)
{
- idp_op = NULL;
- GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
+ reclaim_op = NULL;
+ cleanup_task = GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
return;
}
if (NULL == attr)
@@ -199,11 +212,12 @@ process_attrs (void *cls,
ret = 1;
return;
}
- value_str = GNUNET_IDENTITY_ATTRIBUTE_value_to_string (attr->type,
- attr->data,
- attr->data_size);
- GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
- "%s: %s\n", attr->name, value_str);
+ value_str = GNUNET_RECLAIM_ATTRIBUTE_value_to_string (attr->type,
+ attr->data,
+ attr->data_size);
+ attr_type = GNUNET_RECLAIM_ATTRIBUTE_number_to_typename (attr->type);
+ fprintf (stdout,
+ "%s: %s [%s,v%u]\n", attr->name, value_str, attr_type, attr->version);
}
@@ -211,9 +225,9 @@ static void
iter_error (void *cls)
{
attr_iterator = NULL;
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- "Failed to iterate over attributes\n");
- GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
+ fprintf (stderr,
+ "Failed to iterate over attributes\n");
+ cleanup_task = GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
}
static void
@@ -221,28 +235,28 @@ timeout_task (void *cls)
{
timeout = NULL;
ret = 1;
- GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
- "Timeout\n");
- GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
+ fprintf (stderr,
+ "Timeout\n");
+ if (NULL == cleanup_task)
+ cleanup_task = GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
}
static void
process_rvk (void *cls, int success, const char* msg)
{
- idp_op = NULL;
+ reclaim_op = NULL;
if (GNUNET_OK != success)
{
- GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
- "Revocation failed.\n");
+ fprintf (stderr,
+ "Revocation failed.\n");
ret = 1;
}
- GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
+ cleanup_task = GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
}
static void
iter_finished (void *cls)
{
- struct GNUNET_IDENTITY_ATTRIBUTE_Claim *claim;
char *data;
size_t data_size;
int type;
@@ -250,27 +264,27 @@ iter_finished (void *cls)
attr_iterator = NULL;
if (list)
{
- GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
+ cleanup_task = GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
return;
}
if (issue_attrs)
{
- idp_op = GNUNET_IDENTITY_PROVIDER_ticket_issue (idp_handle,
- pkey,
- &rp_key,
- attr_list,
- &ticket_issue_cb,
- NULL);
+ reclaim_op = GNUNET_RECLAIM_ticket_issue (reclaim_handle,
+ pkey,
+ &rp_key,
+ attr_list,
+ &ticket_issue_cb,
+ NULL);
return;
}
if (consume_ticket)
{
- idp_op = GNUNET_IDENTITY_PROVIDER_ticket_consume (idp_handle,
- pkey,
- &ticket,
- &process_attrs,
- NULL);
+ reclaim_op = GNUNET_RECLAIM_ticket_consume (reclaim_handle,
+ pkey,
+ &ticket,
+ &process_attrs,
+ NULL);
timeout = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_SECONDS, 10),
&timeout_task,
NULL);
@@ -278,82 +292,112 @@ iter_finished (void *cls)
}
if (revoke_ticket)
{
- idp_op = GNUNET_IDENTITY_PROVIDER_ticket_revoke (idp_handle,
- pkey,
- &ticket,
- &process_rvk,
- NULL);
+ reclaim_op = GNUNET_RECLAIM_ticket_revoke (reclaim_handle,
+ pkey,
+ &ticket,
+ &process_rvk,
+ NULL);
return;
}
if (attr_name)
{
if (NULL == type_str)
- type = GNUNET_IDENTITY_ATTRIBUTE_TYPE_STRING;
+ type = GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING;
else
- type = GNUNET_IDENTITY_ATTRIBUTE_typename_to_number (type_str);
-
- GNUNET_assert (GNUNET_SYSERR != GNUNET_IDENTITY_ATTRIBUTE_string_to_value (type,
- attr_value,
- (void**)&data,
- &data_size));
- claim = GNUNET_IDENTITY_ATTRIBUTE_claim_new (attr_name,
- type,
- data,
- data_size);
- idp_op = GNUNET_IDENTITY_PROVIDER_attribute_store (idp_handle,
- pkey,
- claim,
- &exp_interval,
- &store_attr_cont,
- NULL);
+ type = GNUNET_RECLAIM_ATTRIBUTE_typename_to_number (type_str);
+
+ GNUNET_assert (GNUNET_SYSERR != GNUNET_RECLAIM_ATTRIBUTE_string_to_value (type,
+ attr_value,
+ (void**)&data,
+ &data_size));
+ if (NULL != claim)
+ {
+ claim->type = type;
+ claim->data = data;
+ claim->data_size = data_size;
+ }
+ else
+ {
+ claim = GNUNET_RECLAIM_ATTRIBUTE_claim_new (attr_name,
+ type,
+ data,
+ data_size);
+ }
+ reclaim_op = GNUNET_RECLAIM_attribute_store (reclaim_handle,
+ pkey,
+ claim,
+ &exp_interval,
+ &store_attr_cont,
+ NULL);
+ GNUNET_free (data);
+ GNUNET_free (claim);
return;
}
- GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
+ cleanup_task = GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
}
static void
iter_cb (void *cls,
const struct GNUNET_CRYPTO_EcdsaPublicKey *identity,
- const struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attr)
+ const struct GNUNET_RECLAIM_ATTRIBUTE_Claim *attr)
{
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *le;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le;
char *attrs_tmp;
char *attr_str;
+ const char *attr_type;
- if (issue_attrs)
+ if ((NULL != attr_name) && (NULL != claim))
+ {
+ if (0 == strcasecmp (attr_name, attr->name))
+ {
+ claim = GNUNET_RECLAIM_ATTRIBUTE_claim_new (attr->name,
+ attr->type,
+ attr->data,
+ attr->data_size);
+ }
+ }
+ else if (issue_attrs)
{
attrs_tmp = GNUNET_strdup (issue_attrs);
attr_str = strtok (attrs_tmp, ",");
while (NULL != attr_str) {
- if (0 != strcmp (attr_str, attr->name)) {
+ if (0 != strcasecmp (attr_str, attr->name)) {
attr_str = strtok (NULL, ",");
continue;
}
- le = GNUNET_new (struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry);
- le->claim = GNUNET_IDENTITY_ATTRIBUTE_claim_new (attr->name,
- attr->type,
- attr->data,
- attr->data_size);
+ le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
+ le->claim = GNUNET_RECLAIM_ATTRIBUTE_claim_new (attr->name,
+ attr->type,
+ attr->data,
+ attr->data_size);
+ le->claim->version = attr->version;
GNUNET_CONTAINER_DLL_insert (attr_list->list_head,
attr_list->list_tail,
le);
break;
}
GNUNET_free (attrs_tmp);
- } else if (list) {
- GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
- "%s: %s\n", attr->name, (char*)attr->data);
+ }
+ else if (list)
+ {
+ attr_str = GNUNET_RECLAIM_ATTRIBUTE_value_to_string (attr->type,
+ attr->data,
+ attr->data_size);
+ attr_type = GNUNET_RECLAIM_ATTRIBUTE_number_to_typename (attr->type);
+ fprintf (stdout,
+ "%s: %s [%s,v%u]\n", attr->name, attr_str, attr_type, attr->version);
}
- GNUNET_IDENTITY_PROVIDER_get_attributes_next (attr_iterator);
+ GNUNET_RECLAIM_get_attributes_next (attr_iterator);
}
static void
-ego_iter_finished (void *cls)
+start_get_attributes ()
{
if (NULL == pkey)
{
- GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
- "Ego %s not found\n", ego_name);
+ fprintf (stderr,
+ "Ego %s not found\n", ego_name);
+ cleanup_task = GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
return;
}
@@ -365,24 +409,23 @@ ego_iter_finished (void *cls)
GNUNET_STRINGS_string_to_data (consume_ticket,
strlen (consume_ticket),
&ticket,
- sizeof (struct GNUNET_IDENTITY_PROVIDER_Ticket));
+ sizeof (struct GNUNET_RECLAIM_Ticket));
if (NULL != revoke_ticket)
GNUNET_STRINGS_string_to_data (revoke_ticket,
strlen (revoke_ticket),
&ticket,
- sizeof (struct GNUNET_IDENTITY_PROVIDER_Ticket));
-
-
- attr_list = GNUNET_new (struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList);
+ sizeof (struct GNUNET_RECLAIM_Ticket));
- attr_iterator = GNUNET_IDENTITY_PROVIDER_get_attributes_start (idp_handle,
- pkey,
- &iter_error,
- NULL,
- &iter_cb,
- NULL,
- &iter_finished,
- NULL);
+ attr_list = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList);
+ claim = NULL;
+ attr_iterator = GNUNET_RECLAIM_get_attributes_start (reclaim_handle,
+ pkey,
+ &iter_error,
+ NULL,
+ &iter_cb,
+ NULL,
+ &iter_finished,
+ NULL);
}
@@ -398,7 +441,7 @@ ego_cb (void *cls,
if (NULL == name) {
if (GNUNET_YES == init) {
init = GNUNET_NO;
- GNUNET_SCHEDULER_add_now (&ego_iter_finished, NULL);
+ start_get_attributes();
}
return;
}
@@ -418,28 +461,28 @@ run (void *cls,
if (NULL == ego_name)
{
ret = 1;
- GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
- _("Ego is required\n"));
+ fprintf (stderr,
+ _("Ego is required\n"));
return;
}
if ( (NULL == attr_value) && (NULL != attr_name) )
{
ret = 1;
- GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
- _("Attribute value missing!\n"));
+ fprintf (stderr,
+ _("Attribute value missing!\n"));
return;
}
if ( (NULL == rp) && (NULL != issue_attrs) )
{
ret = 1;
- GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
- _("Requesting party key is required!\n"));
+ fprintf (stderr,
+ _("Requesting party key is required!\n"));
return;
}
- idp_handle = GNUNET_IDENTITY_PROVIDER_connect (c);
+ reclaim_handle = GNUNET_RECLAIM_connect (c);
//Get Ego
identity_handle = GNUNET_IDENTITY_connect (c,
&ego_cb,
diff --git a/src/identity-provider/gnunet-service-identity-provider.c b/src/reclaim/gnunet-service-reclaim.c
index c53e72477..3321a79d8 100644
--- a/src/identity-provider/gnunet-service-identity-provider.c
+++ b/src/reclaim/gnunet-service-reclaim.c
@@ -17,8 +17,8 @@
*/
/**
* @author Martin Schanzenbach
- * @file src/identity-provider/gnunet-service-identity-provider.c
- * @brief Identity Token Service
+ * @file src/reclaim/gnunet-service-reclaim.c
+ * @brief reclaim Service
*
*/
#include "platform.h"
@@ -32,10 +32,10 @@
#include "gnunet_credential_service.h"
#include "gnunet_statistics_service.h"
#include "gnunet_gns_service.h"
-#include "gnunet_identity_provider_plugin.h"
-#include "gnunet_identity_attribute_lib.h"
+#include "gnunet_reclaim_plugin.h"
+#include "gnunet_reclaim_attribute_lib.h"
#include "gnunet_signatures.h"
-#include "identity_provider.h"
+#include "reclaim.h"
/**
* First pass state
@@ -65,7 +65,7 @@ static struct GNUNET_IDENTITY_Handle *identity_handle;
/**
* Database handle
*/
-static struct GNUNET_IDENTITY_PROVIDER_PluginFunctions *TKT_database;
+static struct GNUNET_RECLAIM_PluginFunctions *TKT_database;
/**
* Name of DB plugin
@@ -396,7 +396,7 @@ struct AttributeStoreHandle
/**
* The attribute to store
*/
- struct GNUNET_IDENTITY_ATTRIBUTE_Claim *claim;
+ struct GNUNET_RECLAIM_ATTRIBUTE_Claim *claim;
/**
* The attribute expiration interval
@@ -433,7 +433,7 @@ struct ConsumeTicketHandle
/**
* Ticket
*/
- struct GNUNET_IDENTITY_PROVIDER_Ticket ticket;
+ struct GNUNET_RECLAIM_Ticket ticket;
/**
* LookupRequest
@@ -473,7 +473,7 @@ struct ConsumeTicketHandle
/**
* Attributes
*/
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs;
/**
* Lookup time
@@ -535,12 +535,12 @@ struct TicketRevocationHandle
/**
* Attributes to reissue
*/
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs;
/**
* Attributes to revoke
*/
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *rvk_attrs;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *rvk_attrs;
/**
* Issuer Key
@@ -550,7 +550,7 @@ struct TicketRevocationHandle
/**
* Ticket to issue
*/
- struct GNUNET_IDENTITY_PROVIDER_Ticket ticket;
+ struct GNUNET_RECLAIM_Ticket ticket;
/**
* QueueEntry
@@ -603,7 +603,7 @@ struct TicketIssueHandle
/**
* Attributes to issue
*/
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs;
/**
* Issuer Key
@@ -613,7 +613,7 @@ struct TicketIssueHandle
/**
* Ticket to issue
*/
- struct GNUNET_IDENTITY_PROVIDER_Ticket ticket;
+ struct GNUNET_RECLAIM_Ticket ticket;
/**
* QueueEntry
@@ -861,7 +861,7 @@ static void
cleanup_ticket_issue_handle (struct TicketIssueHandle *handle)
{
if (NULL != handle->attrs)
- GNUNET_IDENTITY_ATTRIBUTE_list_destroy (handle->attrs);
+ GNUNET_RECLAIM_ATTRIBUTE_list_destroy (handle->attrs);
if (NULL != handle->ns_qe)
GNUNET_NAMESTORE_cancel (handle->ns_qe);
GNUNET_free (handle);
@@ -871,12 +871,12 @@ cleanup_ticket_issue_handle (struct TicketIssueHandle *handle)
static void
send_ticket_result (struct IdpClient *client,
uint32_t r_id,
- const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket,
- const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs)
+ const struct GNUNET_RECLAIM_Ticket *ticket,
+ const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs)
{
struct TicketResultMessage *irm;
struct GNUNET_MQ_Envelope *env;
- struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket_buf;
+ struct GNUNET_RECLAIM_Ticket *ticket_buf;
/* store ticket in DB */
if (GNUNET_OK != TKT_database->store_ticket (TKT_database->cls,
@@ -889,9 +889,9 @@ send_ticket_result (struct IdpClient *client,
}
env = GNUNET_MQ_msg_extra (irm,
- sizeof (struct GNUNET_IDENTITY_PROVIDER_Ticket),
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_RESULT);
- ticket_buf = (struct GNUNET_IDENTITY_PROVIDER_Ticket *)&irm[1];
+ sizeof (struct GNUNET_RECLAIM_Ticket),
+ GNUNET_MESSAGE_TYPE_RECLAIM_TICKET_RESULT);
+ ticket_buf = (struct GNUNET_RECLAIM_Ticket *)&irm[1];
*ticket_buf = *ticket;
irm->id = htonl (r_id);
GNUNET_MQ_send (client->mq,
@@ -927,14 +927,14 @@ store_ticket_issue_cont (void *cls,
int
-serialize_abe_keyinfo2 (const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket,
- const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs,
+serialize_abe_keyinfo2 (const struct GNUNET_RECLAIM_Ticket *ticket,
+ const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs,
const struct GNUNET_ABE_AbeKey *rp_key,
struct GNUNET_CRYPTO_EcdhePrivateKey **ecdh_privkey,
char **result)
{
struct GNUNET_CRYPTO_EcdhePublicKey ecdh_pubkey;
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *le;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le;
char *enc_keyinfo;
char *serialized_key;
char *buf;
@@ -1009,7 +1009,7 @@ issue_ticket_after_abe_bootstrap (void *cls,
struct GNUNET_ABE_AbeMasterKey *abe_key)
{
struct TicketIssueHandle *ih = cls;
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *le;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le;
struct GNUNET_CRYPTO_EcdhePrivateKey *ecdhe_privkey;
struct GNUNET_GNSRECORD_Data code_record[1];
struct GNUNET_ABE_AbeKey *rp_key;
@@ -1101,7 +1101,7 @@ handle_issue_ticket_message (void *cls,
ih = GNUNET_new (struct TicketIssueHandle);
attrs_len = ntohs (im->attr_len);
- ih->attrs = GNUNET_IDENTITY_ATTRIBUTE_list_deserialize ((char*)&im[1], attrs_len);
+ ih->attrs = GNUNET_RECLAIM_ATTRIBUTE_list_deserialize ((char*)&im[1], attrs_len);
ih->r_id = ntohl (im->id);
ih->client = idp;
ih->identity = im->identity;
@@ -1132,9 +1132,9 @@ static void
cleanup_revoke_ticket_handle (struct TicketRevocationHandle *rh)
{
if (NULL != rh->attrs)
- GNUNET_IDENTITY_ATTRIBUTE_list_destroy (rh->attrs);
+ GNUNET_RECLAIM_ATTRIBUTE_list_destroy (rh->attrs);
if (NULL != rh->rvk_attrs)
- GNUNET_IDENTITY_ATTRIBUTE_list_destroy (rh->rvk_attrs);
+ GNUNET_RECLAIM_ATTRIBUTE_list_destroy (rh->rvk_attrs);
if (NULL != rh->abe_key)
GNUNET_ABE_cpabe_delete_master_key (rh->abe_key);
if (NULL != rh->ns_qe)
@@ -1157,9 +1157,12 @@ send_revocation_finished (struct TicketRevocationHandle *rh,
{
struct GNUNET_MQ_Envelope *env;
struct RevokeTicketResultMessage *trm;
+
+ GNUNET_break(TKT_database->delete_ticket (TKT_database->cls,
+ &rh->ticket));
env = GNUNET_MQ_msg (trm,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_REVOKE_TICKET_RESULT);
+ GNUNET_MESSAGE_TYPE_RECLAIM_REVOKE_TICKET_RESULT);
trm->id = htonl (rh->r_id);
trm->success = htonl (success);
GNUNET_MQ_send (rh->client->mq,
@@ -1179,8 +1182,8 @@ send_revocation_finished (struct TicketRevocationHandle *rh,
*/
static void
ticket_reissue_proc (void *cls,
- const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket,
- const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs);
+ const struct GNUNET_RECLAIM_Ticket *ticket,
+ const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs);
static void
revocation_reissue_tickets (struct TicketRevocationHandle *rh);
@@ -1206,9 +1209,6 @@ reissue_ticket_cont (void *cls,
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "%s\n",
"Unknown Error\n");
send_revocation_finished (rh, GNUNET_SYSERR);
- GNUNET_CONTAINER_DLL_remove (rh->client->revoke_op_head,
- rh->client->revoke_op_tail,
- rh);
cleanup_revoke_ticket_handle (rh);
return;
}
@@ -1226,12 +1226,12 @@ reissue_ticket_cont (void *cls,
*/
static void
ticket_reissue_proc (void *cls,
- const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket,
- const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs)
+ const struct GNUNET_RECLAIM_Ticket *ticket,
+ const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs)
{
struct TicketRevocationHandle *rh = cls;
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *le;
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *le_rollover;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le_rollover;
struct GNUNET_CRYPTO_EcdhePrivateKey *ecdhe_privkey;
struct GNUNET_GNSRECORD_Data code_record[1];
struct GNUNET_ABE_AbeKey *rp_key;
@@ -1258,9 +1258,18 @@ ticket_reissue_proc (void *cls,
{
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Do not reissue for this identity.!\n");
-
- rh->offset++;
- GNUNET_SCHEDULER_add_now (&reissue_next, rh);
+ label = GNUNET_STRINGS_data_to_string_alloc (&rh->ticket.rnd,
+ sizeof (uint64_t));
+ //Delete record
+ rh->ns_qe = GNUNET_NAMESTORE_records_store (ns_handle,
+ &rh->identity,
+ label,
+ 0,
+ NULL,
+ &reissue_ticket_cont,
+ rh);
+
+ GNUNET_free (label);
return;
}
@@ -1374,9 +1383,6 @@ revocation_reissue_tickets (struct TicketRevocationHandle *rh)
if (GNUNET_NO == ret)
{
send_revocation_finished (rh, GNUNET_OK);
- GNUNET_CONTAINER_DLL_remove (rh->client->revoke_op_head,
- rh->client->revoke_op_tail,
- rh);
cleanup_revoke_ticket_handle (rh);
return;
}
@@ -1391,10 +1397,8 @@ check_attr_error (void *cls)
struct TicketRevocationHandle *rh = cls;
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Unable to check for existing attribute\n");
+ rh->ns_qe = NULL;
send_revocation_finished (rh, GNUNET_SYSERR);
- GNUNET_CONTAINER_DLL_remove (rh->client->revoke_op_head,
- rh->client->revoke_op_tail,
- rh);
cleanup_revoke_ticket_handle (rh);
}
@@ -1426,17 +1430,18 @@ check_attr_cb (void *cls,
char* policy;
uint32_t attr_ver;
+ rh->ns_qe = NULL;
if (1 != rd_count) {
GNUNET_SCHEDULER_add_now (&reenc_next_attribute,
rh);
return;
}
- buf_size = GNUNET_IDENTITY_ATTRIBUTE_serialize_get_size (rh->attrs->list_head->claim);
+ buf_size = GNUNET_RECLAIM_ATTRIBUTE_serialize_get_size (rh->attrs->list_head->claim);
buf = GNUNET_malloc (buf_size);
- GNUNET_IDENTITY_ATTRIBUTE_serialize (rh->attrs->list_head->claim,
- buf);
rh->attrs->list_head->claim->version++;
+ GNUNET_RECLAIM_ATTRIBUTE_serialize (rh->attrs->list_head->claim,
+ buf);
GNUNET_asprintf (&policy, "%s_%lu",
rh->attrs->list_head->claim->name,
rh->attrs->list_head->claim->version);
@@ -1458,9 +1463,6 @@ check_attr_cb (void *cls,
policy);
GNUNET_free (policy);
send_revocation_finished (rh, GNUNET_SYSERR);
- GNUNET_CONTAINER_DLL_remove (rh->client->revoke_op_head,
- rh->client->revoke_op_tail,
- rh);
cleanup_revoke_ticket_handle (rh);
return;
}
@@ -1525,8 +1527,9 @@ attr_reenc_cont (void *cls,
const char *emsg)
{
struct TicketRevocationHandle *rh = cls;
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *le;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le;
+ rh->ns_qe = NULL;
if (GNUNET_SYSERR == success)
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
@@ -1558,12 +1561,12 @@ attr_reenc_cont (void *cls,
static void
process_attributes_to_update (void *cls,
- const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket,
- const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs)
+ const struct GNUNET_RECLAIM_Ticket *ticket,
+ const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs)
{
struct TicketRevocationHandle *rh = cls;
- rh->attrs = GNUNET_IDENTITY_ATTRIBUTE_list_dup (attrs);
+ rh->attrs = GNUNET_RECLAIM_ATTRIBUTE_list_dup (attrs);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Revocation Phase I: Collecting attributes\n");
/* Reencrypt all attributes with new key */
@@ -1571,9 +1574,6 @@ process_attributes_to_update (void *cls,
{
/* No attributes to reencrypt */
send_revocation_finished (rh, GNUNET_OK);
- GNUNET_CONTAINER_DLL_remove (rh->client->revoke_op_head,
- rh->client->revoke_op_tail,
- rh);
cleanup_revoke_ticket_handle (rh);
return;
} else {
@@ -1621,11 +1621,11 @@ handle_revoke_ticket_message (void *cls,
{
struct TicketRevocationHandle *rh;
struct IdpClient *idp = cls;
- struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket;
+ struct GNUNET_RECLAIM_Ticket *ticket;
rh = GNUNET_new (struct TicketRevocationHandle);
- ticket = (struct GNUNET_IDENTITY_PROVIDER_Ticket*)&rm[1];
- rh->rvk_attrs = GNUNET_new (struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList);
+ ticket = (struct GNUNET_RECLAIM_Ticket*)&rm[1];
+ rh->rvk_attrs = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList);
rh->ticket = *ticket;
rh->r_id = ntohl (rm->id);
rh->client = idp;
@@ -1667,7 +1667,7 @@ cleanup_consume_ticket_handle (struct ConsumeTicketHandle *handle)
GNUNET_ABE_cpabe_delete_key (handle->key,
GNUNET_YES);
if (NULL != handle->attrs)
- GNUNET_IDENTITY_ATTRIBUTE_list_destroy (handle->attrs);
+ GNUNET_RECLAIM_ATTRIBUTE_list_destroy (handle->attrs);
GNUNET_free (handle);
}
@@ -1698,7 +1698,7 @@ process_parallel_lookup2 (void *cls, uint32_t rd_count,
struct ConsumeTicketHandle *handle = parallel_lookup->handle;
struct ConsumeTicketResultMessage *crm;
struct GNUNET_MQ_Envelope *env;
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *attr_le;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *attr_le;
struct GNUNET_TIME_Absolute decrypt_duration;
char *data;
char *data_tmp;
@@ -1741,8 +1741,8 @@ process_parallel_lookup2 (void *cls, uint32_t rd_count,
1,
GNUNET_YES);
- attr_le = GNUNET_new (struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry);
- attr_le->claim = GNUNET_IDENTITY_ATTRIBUTE_deserialize (data,
+ attr_le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
+ attr_le->claim = GNUNET_RECLAIM_ATTRIBUTE_deserialize (data,
attr_len);
attr_le->claim->version = ntohl(*(uint32_t*)rd->data);
GNUNET_CONTAINER_DLL_insert (handle->attrs->list_head,
@@ -1766,15 +1766,15 @@ process_parallel_lookup2 (void *cls, uint32_t rd_count,
}
GNUNET_SCHEDULER_cancel (handle->kill_task);
- attrs_len = GNUNET_IDENTITY_ATTRIBUTE_list_serialize_get_size (handle->attrs);
+ attrs_len = GNUNET_RECLAIM_ATTRIBUTE_list_serialize_get_size (handle->attrs);
env = GNUNET_MQ_msg_extra (crm,
attrs_len,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_CONSUME_TICKET_RESULT);
+ GNUNET_MESSAGE_TYPE_RECLAIM_CONSUME_TICKET_RESULT);
crm->id = htonl (handle->r_id);
crm->attrs_len = htons (attrs_len);
crm->identity = handle->ticket.identity;
data_tmp = (char *) &crm[1];
- GNUNET_IDENTITY_ATTRIBUTE_list_serialize (handle->attrs,
+ GNUNET_RECLAIM_ATTRIBUTE_list_serialize (handle->attrs,
data_tmp);
GNUNET_MQ_send (handle->client->mq, env);
GNUNET_CONTAINER_DLL_remove (handle->client->consume_op_head,
@@ -1805,7 +1805,7 @@ abort_parallel_lookups2 (void *cls)
lu = tmp;
}
env = GNUNET_MQ_msg (arm,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_RESULT);
+ GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_RESULT);
arm->id = htonl (handle->r_id);
arm->attr_len = htons (0);
GNUNET_MQ_send (handle->client->mq, env);
@@ -1918,10 +1918,10 @@ handle_consume_ticket_message (void *cls,
ch->r_id = ntohl (cm->id);
ch->client = idp;
ch->identity = cm->identity;
- ch->attrs = GNUNET_new (struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList);
+ ch->attrs = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList);
GNUNET_CRYPTO_ecdsa_key_get_public (&ch->identity,
&ch->identity_pub);
- ch->ticket = *((struct GNUNET_IDENTITY_PROVIDER_Ticket*)&cm[1]);
+ ch->ticket = *((struct GNUNET_RECLAIM_Ticket*)&cm[1]);
rnd_label = GNUNET_STRINGS_data_to_string_alloc (&ch->ticket.rnd,
sizeof (uint64_t));
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
@@ -1967,7 +1967,7 @@ attr_store_cont (void *cls,
struct AttributeStoreHandle *as_handle = cls;
struct GNUNET_MQ_Envelope *env;
struct AttributeStoreResultMessage *acr_msg;
-
+
as_handle->ns_qe = NULL;
GNUNET_CONTAINER_DLL_remove (as_handle->client->store_op_head,
as_handle->client->store_op_tail,
@@ -1986,7 +1986,7 @@ attr_store_cont (void *cls,
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Sending ATTRIBUTE_STORE_RESPONSE message\n");
env = GNUNET_MQ_msg (acr_msg,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_STORE_RESPONSE);
+ GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_STORE_RESPONSE);
acr_msg->id = htonl (as_handle->r_id);
acr_msg->op_result = htonl (GNUNET_OK);
GNUNET_MQ_send (as_handle->client->mq,
@@ -2009,10 +2009,10 @@ attr_store_task (void *cls)
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Storing attribute\n");
- buf_size = GNUNET_IDENTITY_ATTRIBUTE_serialize_get_size (as_handle->claim);
+ buf_size = GNUNET_RECLAIM_ATTRIBUTE_serialize_get_size (as_handle->claim);
buf = GNUNET_malloc (buf_size);
- GNUNET_IDENTITY_ATTRIBUTE_serialize (as_handle->claim,
+ GNUNET_RECLAIM_ATTRIBUTE_serialize (as_handle->claim,
buf);
GNUNET_asprintf (&policy,
@@ -2111,7 +2111,7 @@ handle_attribute_store_message (void *cls,
data_len = ntohs (sam->attr_len);
as_handle = GNUNET_new (struct AttributeStoreHandle);
- as_handle->claim = GNUNET_IDENTITY_ATTRIBUTE_deserialize ((char*)&sam[1],
+ as_handle->claim = GNUNET_RECLAIM_ATTRIBUTE_deserialize ((char*)&sam[1],
data_len);
as_handle->r_id = ntohl (sam->id);
@@ -2158,7 +2158,7 @@ attr_iter_finished (void *cls)
struct AttributeResultMessage *arm;
env = GNUNET_MQ_msg (arm,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_RESULT);
+ GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_RESULT);
arm->id = htonl (ai->request_id);
arm->attr_len = htons (0);
GNUNET_MQ_send (ai->client->mq, env);
@@ -2189,14 +2189,14 @@ attr_iter_cb (void *cls,
if (rd_count != 1)
{
GNUNET_NAMESTORE_zone_iterator_next (ai->ns_it,
- 1);
+ 1);
return;
}
if (GNUNET_GNSRECORD_TYPE_ID_ATTR != rd->record_type)
{
GNUNET_NAMESTORE_zone_iterator_next (ai->ns_it,
- 1);
+ 1);
return;
}
attr_ver = ntohl(*((uint32_t*)rd->data));
@@ -2213,7 +2213,7 @@ attr_iter_cb (void *cls,
if (GNUNET_SYSERR == msg_extra_len)
{
GNUNET_NAMESTORE_zone_iterator_next (ai->ns_it,
- 1);
+ 1);
return;
}
@@ -2224,7 +2224,7 @@ attr_iter_cb (void *cls,
"Found attribute: %s\n", label);
env = GNUNET_MQ_msg_extra (arm,
msg_extra_len,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_RESULT);
+ GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_RESULT);
arm->id = htonl (ai->request_id);
arm->attr_len = htons (msg_extra_len);
GNUNET_CRYPTO_ecdsa_key_get_public (zone,
@@ -2264,7 +2264,7 @@ iterate_next_after_abe_bootstrap (void *cls,
struct AttributeIterator *ai = cls;
ai->abe_key = abe_key;
GNUNET_NAMESTORE_zone_iterator_next (ai->ns_it,
- 1);
+ 1);
}
@@ -2406,8 +2406,8 @@ cleanup_ticket_iter_handle (struct TicketIteration *ti)
*/
static void
ticket_iterate_proc (void *cls,
- const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket,
- const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs)
+ const struct GNUNET_RECLAIM_Ticket *ticket,
+ const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs)
{
struct TicketIterationProcResult *proc = cls;
@@ -2467,7 +2467,7 @@ run_ticket_iteration_round (struct TicketIteration *ti)
}
/* send empty response to indicate end of list */
env = GNUNET_MQ_msg (trm,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_RESULT);
+ GNUNET_MESSAGE_TYPE_RECLAIM_TICKET_RESULT);
trm->id = htonl (ti->r_id);
GNUNET_MQ_send (ti->client->mq,
env);
@@ -2572,7 +2572,7 @@ run (void *cls,
char *database;
cfg = c;
- stats = GNUNET_STATISTICS_create ("identity-provider", cfg);
+ stats = GNUNET_STATISTICS_create ("reclaim", cfg);
//Connect to identity and namestore services
ns_handle = GNUNET_NAMESTORE_connect (cfg);
@@ -2597,13 +2597,13 @@ run (void *cls,
/* Loading DB plugin */
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_string (cfg,
- "identity-provider",
+ "reclaim",
"database",
&database))
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"No database backend configured\n");
GNUNET_asprintf (&db_lib_name,
- "libgnunet_plugin_identity_provider_%s",
+ "libgnunet_plugin_reclaim_%s",
database);
TKT_database = GNUNET_PLUGIN_load (db_lib_name,
(void *) cfg);
@@ -2619,7 +2619,7 @@ run (void *cls,
if (GNUNET_OK ==
GNUNET_CONFIGURATION_get_value_time (cfg,
- "identity-provider",
+ "reclaim",
"TOKEN_EXPIRATION_INTERVAL",
&token_expiration_interval))
{
@@ -2736,51 +2736,51 @@ client_connect_cb (void *cls,
* Define "main" method using service macro.
*/
GNUNET_SERVICE_MAIN
-("identity-provider",
+("reclaim",
GNUNET_SERVICE_OPTION_NONE,
&run,
&client_connect_cb,
&client_disconnect_cb,
NULL,
GNUNET_MQ_hd_var_size (attribute_store_message,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_STORE,
+ GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_STORE,
struct AttributeStoreMessage,
NULL),
GNUNET_MQ_hd_fixed_size (iteration_start,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_ITERATION_START,
+ GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_ITERATION_START,
struct AttributeIterationStartMessage,
NULL),
GNUNET_MQ_hd_fixed_size (iteration_next,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_ITERATION_NEXT,
+ GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_ITERATION_NEXT,
struct AttributeIterationNextMessage,
NULL),
GNUNET_MQ_hd_fixed_size (iteration_stop,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_ITERATION_STOP,
+ GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_ITERATION_STOP,
struct AttributeIterationStopMessage,
NULL),
GNUNET_MQ_hd_var_size (issue_ticket_message,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ISSUE_TICKET,
+ GNUNET_MESSAGE_TYPE_RECLAIM_ISSUE_TICKET,
struct IssueTicketMessage,
NULL),
GNUNET_MQ_hd_var_size (consume_ticket_message,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_CONSUME_TICKET,
+ GNUNET_MESSAGE_TYPE_RECLAIM_CONSUME_TICKET,
struct ConsumeTicketMessage,
NULL),
GNUNET_MQ_hd_fixed_size (ticket_iteration_start,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_START,
+ GNUNET_MESSAGE_TYPE_RECLAIM_TICKET_ITERATION_START,
struct TicketIterationStartMessage,
NULL),
GNUNET_MQ_hd_fixed_size (ticket_iteration_next,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_NEXT,
+ GNUNET_MESSAGE_TYPE_RECLAIM_TICKET_ITERATION_NEXT,
struct TicketIterationNextMessage,
NULL),
GNUNET_MQ_hd_fixed_size (ticket_iteration_stop,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_STOP,
+ GNUNET_MESSAGE_TYPE_RECLAIM_TICKET_ITERATION_STOP,
struct TicketIterationStopMessage,
NULL),
GNUNET_MQ_hd_var_size (revoke_ticket_message,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_REVOKE_TICKET,
+ GNUNET_MESSAGE_TYPE_RECLAIM_REVOKE_TICKET,
struct RevokeTicketMessage,
NULL),
GNUNET_MQ_handler_end());
-/* end of gnunet-service-identity-provider.c */
+/* end of gnunet-service-reclaim.c */
diff --git a/src/reclaim/jwt.c b/src/reclaim/jwt.c
new file mode 100644
index 000000000..8b1378917
--- /dev/null
+++ b/src/reclaim/jwt.c
@@ -0,0 +1 @@
+
diff --git a/src/reclaim/oidc_helper.c b/src/reclaim/oidc_helper.c
new file mode 100644
index 000000000..1e9e64fec
--- /dev/null
+++ b/src/reclaim/oidc_helper.c
@@ -0,0 +1,440 @@
+/*
+ This file is part of GNUnet
+ Copyright (C) 2010-2015 GNUnet e.V.
+
+ GNUnet is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License,
+ or (at your option) any later version.
+
+ GNUnet is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+/**
+ * @file reclaim/oidc_helper.c
+ * @brief helper library for OIDC related functions
+ * @author Martin Schanzenbach
+ */
+#include "platform.h"
+#include "gnunet_util_lib.h"
+#include "gnunet_signatures.h"
+#include "gnunet_reclaim_service.h"
+#include "gnunet_reclaim_attribute_lib.h"
+#include <jansson.h>
+#include <inttypes.h>
+#include "oidc_helper.h"
+
+static char*
+create_jwt_header(void)
+{
+ json_t *root;
+ char *json_str;
+
+ root = json_object ();
+ json_object_set_new (root, JWT_ALG, json_string (JWT_ALG_VALUE));
+ json_object_set_new (root, JWT_TYP, json_string (JWT_TYP_VALUE));
+
+ json_str = json_dumps (root, JSON_INDENT(0) | JSON_COMPACT);
+ json_decref (root);
+ return json_str;
+}
+
+static void
+replace_char(char* str, char find, char replace){
+ char *current_pos = strchr(str,find);
+ while (current_pos){
+ *current_pos = replace;
+ current_pos = strchr(current_pos,find);
+ }
+}
+
+//RFC4648
+static void
+fix_base64(char* str) {
+ char *padding;
+ //First, remove trailing padding '='
+ padding = strtok(str, "=");
+ while (NULL != padding)
+ padding = strtok(NULL, "=");
+
+ //Replace + with -
+ replace_char (str, '+', '-');
+
+ //Replace / with _
+ replace_char (str, '/', '_');
+
+}
+
+/**
+ * Create a JWT from attributes
+ *
+ * @param aud_key the public of the audience
+ * @param sub_key the public key of the subject
+ * @param attrs the attribute list
+ * @param expiration_time the validity of the token
+ * @param secret_key the key used to sign the JWT
+ * @return a new base64-encoded JWT string.
+ */
+char*
+OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *sub_key,
+ const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs,
+ const struct GNUNET_TIME_Relative *expiration_time,
+ const char *nonce,
+ const char *secret_key)
+{
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le;
+ struct GNUNET_HashCode signature;
+ struct GNUNET_TIME_Absolute exp_time;
+ struct GNUNET_TIME_Absolute time_now;
+ char* audience;
+ char* subject;
+ char* header;
+ char* body_str;
+ char* result;
+ char* header_base64;
+ char* body_base64;
+ char* signature_target;
+ char* signature_base64;
+ char* attr_val_str;
+ json_t* body;
+
+ //iat REQUIRED time now
+ time_now = GNUNET_TIME_absolute_get();
+ //exp REQUIRED time expired from config
+ exp_time = GNUNET_TIME_absolute_add (time_now, *expiration_time);
+ //auth_time only if max_age
+ //nonce only if nonce
+ // OPTIONAL acr,amr,azp
+ subject = GNUNET_STRINGS_data_to_string_alloc (sub_key,
+ sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
+ audience = GNUNET_STRINGS_data_to_string_alloc (aud_key,
+ sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
+ header = create_jwt_header ();
+ body = json_object ();
+
+ //iss REQUIRED case sensitive server uri with https
+ //The issuer is the local reclaim instance (e.g. https://reclaim.id/api/openid)
+ json_object_set_new (body,
+ "iss", json_string (SERVER_ADDRESS));
+ //sub REQUIRED public key identity, not exceed 255 ASCII length
+ json_object_set_new (body,
+ "sub", json_string (subject));
+ //aud REQUIRED public key client_id must be there
+ json_object_set_new (body,
+ "aud", json_string (audience));
+ //iat
+ json_object_set_new (body,
+ "iat", json_integer (time_now.abs_value_us / (1000*1000)));
+ //exp
+ json_object_set_new (body,
+ "exp", json_integer (exp_time.abs_value_us / (1000*1000)));
+ //nbf
+ json_object_set_new (body,
+ "nbf", json_integer (time_now.abs_value_us / (1000*1000)));
+ //nonce
+ if (NULL != nonce)
+ json_object_set_new (body,
+ "nonce", json_string (nonce));
+
+ for (le = attrs->list_head; NULL != le; le = le->next)
+ {
+ attr_val_str = GNUNET_RECLAIM_ATTRIBUTE_value_to_string (le->claim->type,
+ le->claim->data,
+ le->claim->data_size);
+ json_object_set_new (body,
+ le->claim->name,
+ json_string (attr_val_str));
+ GNUNET_free (attr_val_str);
+ }
+ body_str = json_dumps (body, JSON_INDENT(0) | JSON_COMPACT);
+ json_decref (body);
+
+ GNUNET_STRINGS_base64_encode (header,
+ strlen (header),
+ &header_base64);
+ fix_base64(header_base64);
+
+ GNUNET_STRINGS_base64_encode (body_str,
+ strlen (body_str),
+ &body_base64);
+ fix_base64(body_base64);
+
+ GNUNET_free (subject);
+ GNUNET_free (audience);
+
+ /**
+ * Creating the JWT signature. This might not be
+ * standards compliant, check.
+ */
+ GNUNET_asprintf (&signature_target, "%s.%s", header_base64, body_base64);
+ GNUNET_CRYPTO_hmac_raw (secret_key, strlen (secret_key), signature_target, strlen (signature_target), &signature);
+ GNUNET_STRINGS_base64_encode ((const char*)&signature,
+ sizeof (struct GNUNET_HashCode),
+ &signature_base64);
+ fix_base64(signature_base64);
+
+ GNUNET_asprintf (&result, "%s.%s.%s",
+ header_base64, body_base64, signature_base64);
+
+ GNUNET_free (signature_target);
+ GNUNET_free (header);
+ GNUNET_free (body_str);
+ GNUNET_free (signature_base64);
+ GNUNET_free (body_base64);
+ GNUNET_free (header_base64);
+ return result;
+}
+/**
+ * Builds an OIDC authorization code including
+ * a reclaim ticket and nonce
+ *
+ * @param issuer the issuer of the ticket, used to sign the ticket and nonce
+ * @param ticket the ticket to include in the code
+ * @param nonce the nonce to include in the code
+ * @return a new authorization code (caller must free)
+ */
+char*
+OIDC_build_authz_code (const struct GNUNET_CRYPTO_EcdsaPrivateKey *issuer,
+ const struct GNUNET_RECLAIM_Ticket *ticket,
+ const char* nonce)
+{
+ char *ticket_str;
+ json_t *code_json;
+ char *signature_payload;
+ char *signature_str;
+ char *authz_code;
+ size_t signature_payload_len;
+ struct GNUNET_CRYPTO_EcdsaSignature signature;
+ struct GNUNET_CRYPTO_EccSignaturePurpose *purpose;
+
+ signature_payload_len = sizeof (struct GNUNET_RECLAIM_Ticket);
+ if (NULL != nonce)
+ signature_payload_len += strlen (nonce);
+
+ signature_payload = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + signature_payload_len);
+ purpose = (struct GNUNET_CRYPTO_EccSignaturePurpose *)signature_payload;
+ purpose->size = htonl (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + signature_payload_len);
+ purpose->purpose = htonl (GNUNET_SIGNATURE_PURPOSE_RECLAIM_CODE_SIGN);
+ memcpy (&purpose[1],
+ ticket,
+ sizeof (struct GNUNET_RECLAIM_Ticket));
+ if (NULL != nonce)
+ memcpy (((char*)&purpose[1]) + sizeof (struct GNUNET_RECLAIM_Ticket),
+ nonce,
+ strlen (nonce));
+ if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdsa_sign (issuer,
+ purpose,
+ &signature))
+ {
+ GNUNET_free (signature_payload);
+ return NULL;
+ }
+ signature_str = GNUNET_STRINGS_data_to_string_alloc (&signature,
+ sizeof (signature));
+ ticket_str = GNUNET_STRINGS_data_to_string_alloc (ticket,
+ sizeof (struct GNUNET_RECLAIM_Ticket));
+
+ code_json = json_object ();
+ json_object_set_new (code_json,
+ "ticket",
+ json_string (ticket_str));
+ if (NULL != nonce)
+ json_object_set_new (code_json,
+ "nonce",
+ json_string (nonce));
+ json_object_set_new (code_json,
+ "signature",
+ json_string (signature_str));
+ authz_code = json_dumps (code_json,
+ JSON_INDENT(0) | JSON_COMPACT);
+ GNUNET_free (signature_payload);
+ GNUNET_free (signature_str);
+ GNUNET_free (ticket_str);
+ json_decref (code_json);
+ return authz_code;
+}
+
+
+
+
+/**
+ * Parse reclaim ticket and nonce from
+ * authorization code.
+ * This also verifies the signature in the code.
+ *
+ * @param audience the expected audience of the code
+ * @param code the string representation of the code
+ * @param ticket where to store the ticket
+ * @param nonce where to store the nonce
+ * @return GNUNET_OK if successful, else GNUNET_SYSERR
+ */
+int
+OIDC_parse_authz_code (const struct GNUNET_CRYPTO_EcdsaPublicKey *audience,
+ const char* code,
+ struct GNUNET_RECLAIM_Ticket **ticket,
+ char **nonce)
+{
+ json_error_t error;
+ json_t *code_json;
+ json_t *ticket_json;
+ json_t *nonce_json;
+ json_t *signature_json;
+ const char *ticket_str;
+ const char *signature_str;
+ const char *nonce_str;
+ char *code_output;
+ struct GNUNET_CRYPTO_EccSignaturePurpose *purpose;
+ struct GNUNET_CRYPTO_EcdsaSignature signature;
+ size_t signature_payload_len;
+
+ code_output = NULL;
+ GNUNET_STRINGS_base64_decode (code,
+ strlen(code),
+ (void**)&code_output);
+ code_json = json_loads (code_output, 0 , &error);
+ GNUNET_free (code_output);
+ ticket_json = json_object_get (code_json, "ticket");
+ nonce_json = json_object_get (code_json, "nonce");
+ signature_json = json_object_get (code_json, "signature");
+ *ticket = NULL;
+ *nonce = NULL;
+
+ if ((NULL == ticket_json || !json_is_string (ticket_json)) ||
+ (NULL == signature_json || !json_is_string (signature_json)))
+ {
+ json_decref (code_json);
+ return GNUNET_SYSERR;
+ }
+ ticket_str = json_string_value (ticket_json);
+ signature_str = json_string_value (signature_json);
+ nonce_str = NULL;
+ if (NULL != nonce_json)
+ nonce_str = json_string_value (nonce_json);
+ signature_payload_len = sizeof (struct GNUNET_RECLAIM_Ticket);
+ if (NULL != nonce_str)
+ signature_payload_len += strlen (nonce_str);
+ purpose = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
+ signature_payload_len);
+ purpose->size = htonl (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + signature_payload_len);
+ purpose->purpose = htonl (GNUNET_SIGNATURE_PURPOSE_RECLAIM_CODE_SIGN);
+ if (GNUNET_OK != GNUNET_STRINGS_string_to_data (ticket_str,
+ strlen (ticket_str),
+ &purpose[1],
+ sizeof (struct GNUNET_RECLAIM_Ticket)))
+ {
+ GNUNET_free (purpose);
+ json_decref (code_json);
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Cannot parse ticket!\n");
+ return GNUNET_SYSERR;
+ }
+ if (GNUNET_OK != GNUNET_STRINGS_string_to_data (signature_str,
+ strlen (signature_str),
+ &signature,
+ sizeof (struct GNUNET_CRYPTO_EcdsaSignature)))
+ {
+ GNUNET_free (purpose);
+ json_decref (code_json);
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Cannot parse signature!\n");
+ return GNUNET_SYSERR;
+ }
+ *ticket = GNUNET_new (struct GNUNET_RECLAIM_Ticket);
+ memcpy (*ticket,
+ &purpose[1],
+ sizeof (struct GNUNET_RECLAIM_Ticket));
+ if (0 != memcmp (audience,
+ &(*ticket)->audience,
+ sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
+ {
+ GNUNET_free (purpose);
+ GNUNET_free (*ticket);
+ json_decref (code_json);
+ *ticket = NULL;
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Audience in ticket does not match client!\n");
+ return GNUNET_SYSERR;
+
+ }
+ if (NULL != nonce_str)
+ memcpy (((char*)&purpose[1]) + sizeof (struct GNUNET_RECLAIM_Ticket),
+ nonce_str,
+ strlen (nonce_str));
+ if (GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify (GNUNET_SIGNATURE_PURPOSE_RECLAIM_CODE_SIGN,
+ purpose,
+ &signature,
+ &(*ticket)->identity))
+ {
+ GNUNET_free (purpose);
+ GNUNET_free (*ticket);
+ json_decref (code_json);
+ *ticket = NULL;
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Signature of authZ code invalid!\n");
+ return GNUNET_SYSERR;
+ }
+ *nonce = GNUNET_strdup (nonce_str);
+ return GNUNET_OK;
+}
+
+/**
+ * Build a token response for a token request
+ * TODO: Maybe we should add the scope here?
+ *
+ * @param access_token the access token to include
+ * @param id_token the id_token to include
+ * @param expiration_time the expiration time of the token(s)
+ * @param token_response where to store the response
+ */
+void
+OIDC_build_token_response (const char *access_token,
+ const char *id_token,
+ const struct GNUNET_TIME_Relative *expiration_time,
+ char **token_response)
+{
+ json_t *root_json;
+
+ root_json = json_object ();
+
+ GNUNET_assert (NULL != access_token);
+ GNUNET_assert (NULL != id_token);
+ GNUNET_assert (NULL != expiration_time);
+ json_object_set_new (root_json,
+ "access_token",
+ json_string (access_token));
+ json_object_set_new (root_json,
+ "token_type",
+ json_string ("Bearer"));
+ json_object_set_new (root_json,
+ "expires_in",
+ json_integer (expiration_time->rel_value_us / (1000 * 1000)));
+ json_object_set_new (root_json,
+ "id_token",
+ json_string (id_token));
+ *token_response = json_dumps (root_json,
+ JSON_INDENT(0) | JSON_COMPACT);
+ json_decref (root_json);
+}
+
+/**
+ * Generate a new access token
+ */
+char*
+OIDC_access_token_new ()
+{
+ char* access_token_number;
+ char* access_token;
+ uint64_t random_number;
+
+ random_number = GNUNET_CRYPTO_random_u64(GNUNET_CRYPTO_QUALITY_NONCE, UINT64_MAX);
+ GNUNET_asprintf (&access_token_number, "%" PRIu64, random_number);
+ GNUNET_STRINGS_base64_encode(access_token_number,strlen(access_token_number),&access_token);
+ return access_token;
+}
diff --git a/src/reclaim/oidc_helper.h b/src/reclaim/oidc_helper.h
new file mode 100644
index 000000000..7a0f45bf9
--- /dev/null
+++ b/src/reclaim/oidc_helper.h
@@ -0,0 +1,109 @@
+/*
+ This file is part of GNUnet
+ Copyright (C) 2010-2015 GNUnet e.V.
+
+ GNUnet is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License,
+ or (at your option) any later version.
+
+ GNUnet is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+/**
+ * @file reclaim/oidc_helper.h
+ * @brief helper library for OIDC related functions
+ * @author Martin Schanzenbach
+ */
+
+#ifndef JWT_H
+#define JWT_H
+
+#define JWT_ALG "alg"
+
+/* Use 512bit HMAC */
+#define JWT_ALG_VALUE "HS512"
+
+#define JWT_TYP "typ"
+
+#define JWT_TYP_VALUE "jwt"
+
+#define SERVER_ADDRESS "https://reclaim.id"
+
+/**
+ * Create a JWT from attributes
+ *
+ * @param aud_key the public of the audience
+ * @param sub_key the public key of the subject
+ * @param attrs the attribute list
+ * @param expiration_time the validity of the token
+ * @param secret_key the key used to sign the JWT
+ * @return a new base64-encoded JWT string.
+ */
+char*
+OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *sub_key,
+ const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs,
+ const struct GNUNET_TIME_Relative *expiration_time,
+ const char *nonce,
+ const char *secret_key);
+
+/**
+ * Builds an OIDC authorization code including
+ * a reclaim ticket and nonce
+ *
+ * @param issuer the issuer of the ticket, used to sign the ticket and nonce
+ * @param ticket the ticket to include in the code
+ * @param nonce the nonce to include in the code
+ * @return a new authorization code (caller must free)
+ */
+char*
+OIDC_build_authz_code (const struct GNUNET_CRYPTO_EcdsaPrivateKey *issuer,
+ const struct GNUNET_RECLAIM_Ticket *ticket,
+ const char* nonce);
+
+/**
+ * Parse reclaim ticket and nonce from
+ * authorization code.
+ * This also verifies the signature in the code.
+ *
+ * @param audience the expected audience of the code
+ * @param code the string representation of the code
+ * @param ticket where to store the ticket
+ * @param nonce where to store the nonce
+ * @return GNUNET_OK if successful, else GNUNET_SYSERR
+ */
+int
+OIDC_parse_authz_code (const struct GNUNET_CRYPTO_EcdsaPublicKey *audience,
+ const char* code,
+ struct GNUNET_RECLAIM_Ticket **ticket,
+ char **nonce);
+
+/**
+ * Build a token response for a token request
+ * TODO: Maybe we should add the scope here?
+ *
+ * @param access_token the access token to include
+ * @param id_token the id_token to include
+ * @param expiration_time the expiration time of the token(s)
+ * @param token_response where to store the response
+ */
+void
+OIDC_build_token_response (const char *access_token,
+ const char *id_token,
+ const struct GNUNET_TIME_Relative *expiration_time,
+ char **token_response);
+/**
+ * Generate a new access token
+ */
+char*
+OIDC_access_token_new ();
+
+
+#endif
diff --git a/src/identity-provider/plugin_gnsrecord_identity_provider.c b/src/reclaim/plugin_gnsrecord_reclaim.c
index f0dc563dc..781b88abc 100644
--- a/src/identity-provider/plugin_gnsrecord_identity_provider.c
+++ b/src/reclaim/plugin_gnsrecord_reclaim.c
@@ -17,7 +17,7 @@
*/
/**
- * @file identity-provider/plugin_gnsrecord_identity_provider.c
+ * @file reclaim/plugin_gnsrecord_reclaim.c
* @brief gnsrecord plugin to provide the API for identity records
* @author Martin Schanzenbach
*/
@@ -54,6 +54,8 @@ value_to_string (void *cls,
case GNUNET_GNSRECORD_TYPE_ID_ATTR:
return GNUNET_STRINGS_data_to_string_alloc (data, data_size);
case GNUNET_GNSRECORD_TYPE_ID_TOKEN: //DEPRECATED
+ case GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_REDIRECT:
+ case GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_CLIENT:
return GNUNET_strndup (data, data_size);
case GNUNET_GNSRECORD_TYPE_ABE_KEY:
case GNUNET_GNSRECORD_TYPE_ABE_MASTER:
@@ -113,6 +115,8 @@ string_to_value (void *cls,
*data,
*data_size);
case GNUNET_GNSRECORD_TYPE_ID_TOKEN:
+ case GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_REDIRECT:
+ case GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_CLIENT:
*data = GNUNET_strdup (s);
*data_size = strlen (s);
return GNUNET_OK;
@@ -181,6 +185,8 @@ static struct {
{ "ABE_KEY", GNUNET_GNSRECORD_TYPE_ABE_KEY },
{ "ABE_MASTER", GNUNET_GNSRECORD_TYPE_ABE_MASTER },
{ "ID_TOKEN_METADATA", GNUNET_GNSRECORD_TYPE_ID_TOKEN_METADATA },
+ { "RECLAIM_OIDC_CLIENT", GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_CLIENT },
+ { "RECLAIM_OIDC_REDIRECT", GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_REDIRECT },
{ NULL, UINT32_MAX }
};
@@ -234,7 +240,7 @@ number_to_typename (void *cls,
* @return the exported block API
*/
void *
-libgnunet_plugin_gnsrecord_identity_provider_init (void *cls)
+libgnunet_plugin_gnsrecord_reclaim_init (void *cls)
{
struct GNUNET_GNSRECORD_PluginFunctions *api;
@@ -254,7 +260,7 @@ libgnunet_plugin_gnsrecord_identity_provider_init (void *cls)
* @return NULL
*/
void *
-libgnunet_plugin_gnsrecord_identity_provider_done (void *cls)
+libgnunet_plugin_gnsrecord_reclaim_done (void *cls)
{
struct GNUNET_GNSRECORD_PluginFunctions *api = cls;
diff --git a/src/identity-provider/plugin_identity_provider_sqlite.c b/src/reclaim/plugin_reclaim_sqlite.c
index f2a8b7b54..b545a94e8 100644
--- a/src/identity-provider/plugin_identity_provider_sqlite.c
+++ b/src/reclaim/plugin_reclaim_sqlite.c
@@ -17,15 +17,15 @@
*/
/**
- * @file identity-provider/plugin_identity_provider_sqlite.c
+ * @file reclaim/plugin_reclaim_sqlite.c
* @brief sqlite-based idp backend
* @author Martin Schanzenbach
*/
#include "platform.h"
-#include "gnunet_identity_provider_service.h"
-#include "gnunet_identity_provider_plugin.h"
-#include "gnunet_identity_attribute_lib.h"
+#include "gnunet_reclaim_service.h"
+#include "gnunet_reclaim_plugin.h"
+#include "gnunet_reclaim_attribute_lib.h"
#include "gnunet_sq_lib.h"
#include <sqlite3.h>
@@ -47,9 +47,9 @@
* a failure of the command 'cmd' on file 'filename'
* with the message given by strerror(errno).
*/
-#define LOG_SQLITE(db, level, cmd) do { GNUNET_log_from (level, "identity-provider", _("`%s' failed at %s:%d with error: %s\n"), cmd, __FILE__, __LINE__, sqlite3_errmsg(db->dbh)); } while(0)
+#define LOG_SQLITE(db, level, cmd) do { GNUNET_log_from (level, "reclaim", _("`%s' failed at %s:%d with error: %s\n"), cmd, __FILE__, __LINE__, sqlite3_errmsg(db->dbh)); } while(0)
-#define LOG(kind,...) GNUNET_log_from (kind, "identity-provider-sqlite", __VA_ARGS__)
+#define LOG(kind,...) GNUNET_log_from (kind, "reclaim-sqlite", __VA_ARGS__)
/**
@@ -180,12 +180,12 @@ database_setup (struct Plugin *plugin)
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_filename (plugin->cfg,
- "identity-provider-sqlite",
+ "reclaim-sqlite",
"FILENAME",
&afsdir))
{
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
- "identity-provider-sqlite",
+ "reclaim-sqlite",
"FILENAME");
return GNUNET_SYSERR;
}
@@ -370,9 +370,9 @@ database_shutdown (struct Plugin *plugin)
* @return #GNUNET_OK on success, else #GNUNET_SYSERR
*/
static int
-identity_provider_sqlite_store_ticket (void *cls,
- const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket,
- const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs)
+reclaim_sqlite_store_ticket (void *cls,
+ const struct GNUNET_RECLAIM_Ticket *ticket,
+ const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs)
{
struct Plugin *plugin = cls;
size_t attrs_len;
@@ -401,9 +401,9 @@ identity_provider_sqlite_store_ticket (void *cls,
GNUNET_SQ_reset (plugin->dbh,
plugin->delete_ticket);
- attrs_len = GNUNET_IDENTITY_ATTRIBUTE_list_serialize_get_size (attrs);
+ attrs_len = GNUNET_RECLAIM_ATTRIBUTE_list_serialize_get_size (attrs);
attrs_ser = GNUNET_malloc (attrs_len);
- GNUNET_IDENTITY_ATTRIBUTE_list_serialize (attrs,
+ GNUNET_RECLAIM_ATTRIBUTE_list_serialize (attrs,
attrs_ser);
struct GNUNET_SQ_QueryParam sparams[] = {
GNUNET_SQ_query_param_auto_from_type (&ticket->identity),
@@ -458,8 +458,8 @@ identity_provider_sqlite_store_ticket (void *cls,
* @return #GNUNET_OK on success, else #GNUNET_SYSERR
*/
static int
-identity_provider_sqlite_delete_ticket (void *cls,
- const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket)
+reclaim_sqlite_delete_ticket (void *cls,
+ const struct GNUNET_RECLAIM_Ticket *ticket)
{
struct Plugin *plugin = cls;
int n;
@@ -521,11 +521,11 @@ identity_provider_sqlite_delete_ticket (void *cls,
static int
get_ticket_and_call_iterator (struct Plugin *plugin,
sqlite3_stmt *stmt,
- GNUNET_IDENTITY_PROVIDER_TicketIterator iter,
+ GNUNET_RECLAIM_TicketIterator iter,
void *iter_cls)
{
- struct GNUNET_IDENTITY_PROVIDER_Ticket ticket;
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs;
+ struct GNUNET_RECLAIM_Ticket ticket;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs;
int ret;
int sret;
size_t attrs_len;
@@ -552,13 +552,13 @@ get_ticket_and_call_iterator (struct Plugin *plugin,
}
else
{
- attrs = GNUNET_IDENTITY_ATTRIBUTE_list_deserialize (attrs_ser,
+ attrs = GNUNET_RECLAIM_ATTRIBUTE_list_deserialize (attrs_ser,
attrs_len);
if (NULL != iter)
iter (iter_cls,
&ticket,
attrs);
- GNUNET_IDENTITY_ATTRIBUTE_list_destroy (attrs);
+ GNUNET_RECLAIM_ATTRIBUTE_list_destroy (attrs);
ret = GNUNET_YES;
}
GNUNET_SQ_cleanup_result (rs);
@@ -586,9 +586,9 @@ get_ticket_and_call_iterator (struct Plugin *plugin,
* @return #GNUNET_OK on success, else #GNUNET_SYSERR
*/
static int
-identity_provider_sqlite_ticket_get_attrs (void *cls,
- const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket,
- GNUNET_IDENTITY_PROVIDER_TicketIterator iter,
+reclaim_sqlite_ticket_get_attrs (void *cls,
+ const struct GNUNET_RECLAIM_Ticket *ticket,
+ GNUNET_RECLAIM_TicketIterator iter,
void *iter_cls)
{
struct Plugin *plugin = cls;
@@ -628,11 +628,11 @@ identity_provider_sqlite_ticket_get_attrs (void *cls,
* @return #GNUNET_OK on success, #GNUNET_NO if there were no results, #GNUNET_SYSERR on error
*/
static int
-identity_provider_sqlite_iterate_tickets (void *cls,
+reclaim_sqlite_iterate_tickets (void *cls,
const struct GNUNET_CRYPTO_EcdsaPublicKey *identity,
int audience,
uint64_t offset,
- GNUNET_IDENTITY_PROVIDER_TicketIterator iter,
+ GNUNET_RECLAIM_TicketIterator iter,
void *iter_cls)
{
struct Plugin *plugin = cls;
@@ -680,15 +680,15 @@ identity_provider_sqlite_iterate_tickets (void *cls,
/**
* Entry point for the plugin.
*
- * @param cls the "struct GNUNET_IDENTITY_PROVIDER_PluginEnvironment*"
+ * @param cls the "struct GNUNET_RECLAIM_PluginEnvironment*"
* @return NULL on error, otherwise the plugin context
*/
void *
-libgnunet_plugin_identity_provider_sqlite_init (void *cls)
+libgnunet_plugin_reclaim_sqlite_init (void *cls)
{
static struct Plugin plugin;
const struct GNUNET_CONFIGURATION_Handle *cfg = cls;
- struct GNUNET_IDENTITY_PROVIDER_PluginFunctions *api;
+ struct GNUNET_RECLAIM_PluginFunctions *api;
if (NULL != plugin.cfg)
return NULL; /* can only initialize once! */
@@ -699,12 +699,12 @@ libgnunet_plugin_identity_provider_sqlite_init (void *cls)
database_shutdown (&plugin);
return NULL;
}
- api = GNUNET_new (struct GNUNET_IDENTITY_PROVIDER_PluginFunctions);
+ api = GNUNET_new (struct GNUNET_RECLAIM_PluginFunctions);
api->cls = &plugin;
- api->store_ticket = &identity_provider_sqlite_store_ticket;
- api->delete_ticket = &identity_provider_sqlite_delete_ticket;
- api->iterate_tickets = &identity_provider_sqlite_iterate_tickets;
- api->get_ticket_attributes = &identity_provider_sqlite_ticket_get_attrs;
+ api->store_ticket = &reclaim_sqlite_store_ticket;
+ api->delete_ticket = &reclaim_sqlite_delete_ticket;
+ api->iterate_tickets = &reclaim_sqlite_iterate_tickets;
+ api->get_ticket_attributes = &reclaim_sqlite_ticket_get_attrs;
LOG (GNUNET_ERROR_TYPE_INFO,
_("Sqlite database running\n"));
return api;
@@ -718,9 +718,9 @@ libgnunet_plugin_identity_provider_sqlite_init (void *cls)
* @return always NULL
*/
void *
-libgnunet_plugin_identity_provider_sqlite_done (void *cls)
+libgnunet_plugin_reclaim_sqlite_done (void *cls)
{
- struct GNUNET_IDENTITY_PROVIDER_PluginFunctions *api = cls;
+ struct GNUNET_RECLAIM_PluginFunctions *api = cls;
struct Plugin *plugin = api->cls;
database_shutdown (plugin);
@@ -731,4 +731,4 @@ libgnunet_plugin_identity_provider_sqlite_done (void *cls)
return NULL;
}
-/* end of plugin_identity_provider_sqlite.c */
+/* end of plugin_reclaim_sqlite.c */
diff --git a/src/identity-provider/plugin_rest_openid_connect.c b/src/reclaim/plugin_rest_openid_connect.c
index d87a345cf..24673c692 100644
--- a/src/identity-provider/plugin_rest_openid_connect.c
+++ b/src/reclaim/plugin_rest_openid_connect.c
@@ -36,9 +36,9 @@
#include <jansson.h>
#include <inttypes.h>
#include "gnunet_signatures.h"
-#include "gnunet_identity_attribute_lib.h"
-#include "gnunet_identity_provider_service.h"
-#include "jwt.h"
+#include "gnunet_reclaim_attribute_lib.h"
+#include "gnunet_reclaim_service.h"
+#include "oidc_helper.h"
/**
* REST root namespace
@@ -68,7 +68,7 @@
/**
* Attribute key
*/
-#define GNUNET_REST_JSONAPI_IDENTITY_ATTRIBUTE "attribute"
+#define GNUNET_REST_JSONAPI_RECLAIM_ATTRIBUTE "attribute"
/**
* Ticket key
@@ -79,7 +79,7 @@
/**
* Value key
*/
-#define GNUNET_REST_JSONAPI_IDENTITY_ATTRIBUTE_VALUE "value"
+#define GNUNET_REST_JSONAPI_RECLAIM_ATTRIBUTE_VALUE "value"
/**
* State while collecting all egos
@@ -168,7 +168,6 @@ static char* OIDC_ignored_parameter_array [] =
{
"display",
"prompt",
- "max_age",
"ui_locales",
"response_mode",
"id_token_hint",
@@ -230,12 +229,6 @@ struct OIDC_Variables
char *client_id;
/**
- * GNUNET_YES if there is a delegation to
- * this RP or if it is a local identity
- */
- int is_client_trusted;
-
- /**
* The OIDC redirect uri
*/
char *redirect_uri;
@@ -347,6 +340,16 @@ struct RequestHandle
struct GNUNET_REST_RequestHandle *rest_handle;
/**
+ * GNS handle
+ */
+ struct GNUNET_GNS_Handle *gns_handle;
+
+ /**
+ * GNS lookup op
+ */
+ struct GNUNET_GNS_LookupRequest *gns_op;
+
+ /**
* Handle to NAMESTORE
*/
struct GNUNET_NAMESTORE_Handle *namestore_handle;
@@ -359,7 +362,7 @@ struct RequestHandle
/**
* Attribute claim list
*/
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attr_list;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attr_list;
/**
* IDENTITY Operation
@@ -369,27 +372,27 @@ struct RequestHandle
/**
* Identity Provider
*/
- struct GNUNET_IDENTITY_PROVIDER_Handle *idp;
+ struct GNUNET_RECLAIM_Handle *idp;
/**
* Idp Operation
*/
- struct GNUNET_IDENTITY_PROVIDER_Operation *idp_op;
+ struct GNUNET_RECLAIM_Operation *idp_op;
/**
* Attribute iterator
*/
- struct GNUNET_IDENTITY_PROVIDER_AttributeIterator *attr_it;
+ struct GNUNET_RECLAIM_AttributeIterator *attr_it;
/**
* Ticket iterator
*/
- struct GNUNET_IDENTITY_PROVIDER_TicketIterator *ticket_it;
+ struct GNUNET_RECLAIM_TicketIterator *ticket_it;
/**
* A ticket
*/
- struct GNUNET_IDENTITY_PROVIDER_Ticket ticket;
+ struct GNUNET_RECLAIM_Ticket ticket;
/**
* Desired timeout for the lookup (default is no timeout).
@@ -422,6 +425,16 @@ struct RequestHandle
char *tld;
/**
+ * The redirect prefix
+ */
+ char *redirect_prefix;
+
+ /**
+ * The redirect suffix
+ */
+ char *redirect_suffix;
+
+ /**
* Error response message
*/
char *emsg;
@@ -450,8 +463,8 @@ struct RequestHandle
static void
cleanup_handle (struct RequestHandle *handle)
{
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *claim_entry;
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *claim_tmp;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *claim_entry;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *claim_tmp;
struct EgoEntry *ego_entry;
struct EgoEntry *ego_tmp;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
@@ -463,19 +476,28 @@ cleanup_handle (struct RequestHandle *handle)
if (NULL != handle->identity_handle)
GNUNET_IDENTITY_disconnect (handle->identity_handle);
if (NULL != handle->attr_it)
- GNUNET_IDENTITY_PROVIDER_get_attributes_stop (handle->attr_it);
+ GNUNET_RECLAIM_get_attributes_stop (handle->attr_it);
if (NULL != handle->ticket_it)
- GNUNET_IDENTITY_PROVIDER_ticket_iteration_stop (handle->ticket_it);
+ GNUNET_RECLAIM_ticket_iteration_stop (handle->ticket_it);
if (NULL != handle->idp)
- GNUNET_IDENTITY_PROVIDER_disconnect (handle->idp);
+ GNUNET_RECLAIM_disconnect (handle->idp);
if (NULL != handle->url)
GNUNET_free (handle->url);
if (NULL != handle->tld)
GNUNET_free (handle->tld);
+ if (NULL != handle->redirect_prefix)
+ GNUNET_free (handle->redirect_prefix);
+ if (NULL != handle->redirect_suffix)
+ GNUNET_free (handle->redirect_suffix);
if (NULL != handle->emsg)
GNUNET_free (handle->emsg);
if (NULL != handle->edesc)
GNUNET_free (handle->edesc);
+ if (NULL != handle->gns_op)
+ GNUNET_GNS_lookup_cancel (handle->gns_op);
+ if (NULL != handle->gns_handle)
+ GNUNET_GNS_disconnect (handle->gns_handle);
+
if (NULL != handle->namestore_handle)
GNUNET_NAMESTORE_disconnect (handle->namestore_handle);
if (NULL != handle->oidc)
@@ -732,6 +754,8 @@ cookie_identity_interpretation (struct RequestHandle *handle)
{
handle->oidc->login_identity = strtok(handle->oidc->login_identity, OIDC_COOKIE_HEADER_INFORMATION_KEY);
handle->oidc->login_identity = GNUNET_strdup(handle->oidc->login_identity);
+ } else {
+ handle->oidc->login_identity = NULL;
}
}
else
@@ -753,7 +777,7 @@ login_redirection(void *cls)
struct RequestHandle *handle = cls;
if ( GNUNET_OK
- == GNUNET_CONFIGURATION_get_value_string (cfg, "identity-rest-plugin",
+ == GNUNET_CONFIGURATION_get_value_string (cfg, "reclaim-rest-plugin",
"address", &login_base_url) )
{
GNUNET_asprintf (&new_redirect, "%s?%s=%s&%s=%s&%s=%s&%s=%s&%s=%s&%s=%s",
@@ -799,11 +823,12 @@ oidc_iteration_error (void *cls)
GNUNET_SCHEDULER_add_now (&do_error, handle);
}
-static void get_client_name_result (void *cls,
- const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone,
- const char *label,
- unsigned int rd_count,
- const struct GNUNET_GNSRECORD_Data *rd)
+static void
+get_client_name_result (void *cls,
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone,
+ const char *label,
+ unsigned int rd_count,
+ const struct GNUNET_GNSRECORD_Data *rd)
{
struct RequestHandle *handle = cls;
struct MHD_Response *resp;
@@ -811,46 +836,33 @@ static void get_client_name_result (void *cls,
char *redirect_uri;
char *code_json_string;
char *code_base64_final_string;
- char *redirect_path;
- char *tmp;
- char *tmp_prefix;
- char *prefix;
+
ticket_str = GNUNET_STRINGS_data_to_string_alloc (&handle->ticket,
- sizeof (struct GNUNET_IDENTITY_PROVIDER_Ticket));
+ sizeof (struct GNUNET_RECLAIM_Ticket));
//TODO change if more attributes are needed (see max_age)
- GNUNET_asprintf (&code_json_string, "{\"ticket\":\"%s\"%s%s%s}",
- ticket_str,
- (NULL != handle->oidc->nonce) ? ", \"nonce\":\"" : "",
- (NULL != handle->oidc->nonce) ? handle->oidc->nonce : "",
- (NULL != handle->oidc->nonce) ? "\"" : "");
+ code_json_string = OIDC_build_authz_code (&handle->priv_key,
+ &handle->ticket,
+ handle->oidc->nonce);
code_base64_final_string = base_64_encode(code_json_string);
- tmp = GNUNET_strdup (handle->oidc->redirect_uri);
- redirect_path = strtok (tmp, "/");
- redirect_path = strtok (NULL, "/");
- redirect_path = strtok (NULL, "/");
- tmp_prefix = GNUNET_strdup (handle->oidc->redirect_uri);
- prefix = strrchr (tmp_prefix,
- (unsigned char) '.');
- *prefix = '\0';
GNUNET_asprintf (&redirect_uri, "%s.%s/%s?%s=%s&state=%s",
- tmp_prefix,
+ handle->redirect_prefix,
handle->tld,
- redirect_path,
+ handle->redirect_suffix,
handle->oidc->response_type,
code_base64_final_string, handle->oidc->state);
resp = GNUNET_REST_create_response ("");
MHD_add_response_header (resp, "Location", redirect_uri);
handle->proc (handle->proc_cls, resp, MHD_HTTP_FOUND);
GNUNET_SCHEDULER_add_now (&cleanup_handle_delayed, handle);
- GNUNET_free (tmp);
- GNUNET_free (tmp_prefix);
GNUNET_free (redirect_uri);
GNUNET_free (ticket_str);
GNUNET_free (code_json_string);
GNUNET_free (code_base64_final_string);
return;
+
}
+
static void
get_client_name_error (void *cls)
{
@@ -861,32 +873,93 @@ get_client_name_error (void *cls)
GNUNET_SCHEDULER_add_now (&do_redirect_error, handle);
}
-/**
- * Issues ticket and redirects to relying party with the authorization code as
- * parameter. Otherwise redirects with error
- */
+
static void
-oidc_ticket_issue_cb (void* cls,
- const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket)
+lookup_redirect_uri_result (void *cls,
+ uint32_t rd_count,
+ const struct GNUNET_GNSRECORD_Data *rd)
{
struct RequestHandle *handle = cls;
- handle->idp_op = NULL;
- handle->ticket = *ticket;
- if (NULL != ticket) {
+ char *tmp;
+ char *tmp_key_str;
+ char *pos;
+ struct GNUNET_CRYPTO_EcdsaPublicKey redirect_zone;
+
+ handle->gns_op = NULL;
+ if (0 == rd_count)
+ {
+ handle->emsg = GNUNET_strdup("server_error");
+ handle->edesc = GNUNET_strdup("Server cannot generate ticket, redirect uri not found.");
+ GNUNET_SCHEDULER_add_now (&do_redirect_error, handle);
+ return;
+ }
+ for (int i = 0; i < rd_count; i++)
+ {
+ if (GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_REDIRECT != rd[i].record_type)
+ continue;
+ if (0 != strcmp (rd[i].data,
+ handle->oidc->redirect_uri))
+ continue;
+ tmp = GNUNET_strdup (rd[i].data);
+ pos = strrchr (tmp,
+ (unsigned char) '.');
+ *pos = '\0';
+ handle->redirect_prefix = GNUNET_strdup (tmp);
+ tmp_key_str = pos + 1;
+ pos = strchr (tmp_key_str,
+ (unsigned char) '/');
+ *pos = '\0';
+ handle->redirect_suffix = GNUNET_strdup (pos + 1);
+
+ GNUNET_STRINGS_string_to_data (tmp_key_str,
+ strlen (tmp_key_str),
+ &redirect_zone,
+ sizeof (redirect_zone));
+
GNUNET_NAMESTORE_zone_to_name (handle->namestore_handle,
&handle->priv_key,
- &handle->oidc->client_pkey,
+ &redirect_zone,
&get_client_name_error,
handle,
&get_client_name_result,
handle);
+ GNUNET_free (tmp);
return;
}
handle->emsg = GNUNET_strdup("server_error");
- handle->edesc = GNUNET_strdup("Server cannot generate ticket.");
+ handle->edesc = GNUNET_strdup("Server cannot generate ticket, redirect uri not found.");
GNUNET_SCHEDULER_add_now (&do_redirect_error, handle);
}
+/**
+ * Issues ticket and redirects to relying party with the authorization code as
+ * parameter. Otherwise redirects with error
+ */
+static void
+oidc_ticket_issue_cb (void* cls,
+ const struct GNUNET_RECLAIM_Ticket *ticket)
+{
+ struct RequestHandle *handle = cls;
+
+ handle->idp_op = NULL;
+ handle->ticket = *ticket;
+ if (NULL == ticket)
+ {
+ handle->emsg = GNUNET_strdup("server_error");
+ handle->edesc = GNUNET_strdup("Server cannot generate ticket.");
+ GNUNET_SCHEDULER_add_now (&do_redirect_error, handle);
+ return;
+ }
+ handle->gns_op = GNUNET_GNS_lookup (handle->gns_handle,
+ "+",
+ &handle->oidc->client_pkey,
+ GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_REDIRECT,
+ GNUNET_GNS_LO_DEFAULT,
+ &lookup_redirect_uri_result,
+ handle);
+
+}
+
static void
oidc_collect_finished_cb (void *cls)
{
@@ -900,12 +973,12 @@ oidc_collect_finished_cb (void *cls)
GNUNET_SCHEDULER_add_now (&do_redirect_error, handle);
return;
}
- handle->idp_op = GNUNET_IDENTITY_PROVIDER_ticket_issue (handle->idp,
- &handle->priv_key,
- &handle->oidc->client_pkey,
- handle->attr_list,
- &oidc_ticket_issue_cb,
- handle);
+ handle->idp_op = GNUNET_RECLAIM_ticket_issue (handle->idp,
+ &handle->priv_key,
+ &handle->oidc->client_pkey,
+ handle->attr_list,
+ &oidc_ticket_issue_cb,
+ handle);
}
@@ -915,17 +988,17 @@ oidc_collect_finished_cb (void *cls)
static void
oidc_attr_collect (void *cls,
const struct GNUNET_CRYPTO_EcdsaPublicKey *identity,
- const struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attr)
+ const struct GNUNET_RECLAIM_ATTRIBUTE_Claim *attr)
{
struct RequestHandle *handle = cls;
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *le;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le;
char* scope_variables;
char* scope_variable;
char delimiter[]=" ";
if ( (NULL == attr->name) || (NULL == attr->data) )
{
- GNUNET_IDENTITY_PROVIDER_get_attributes_next (handle->attr_it);
+ GNUNET_RECLAIM_get_attributes_next (handle->attr_it);
return;
}
@@ -941,18 +1014,18 @@ oidc_attr_collect (void *cls,
}
if ( NULL == scope_variable )
{
- GNUNET_IDENTITY_PROVIDER_get_attributes_next (handle->attr_it);
+ GNUNET_RECLAIM_get_attributes_next (handle->attr_it);
GNUNET_free(scope_variables);
return;
}
GNUNET_free(scope_variables);
- le = GNUNET_new(struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry);
- le->claim = GNUNET_IDENTITY_ATTRIBUTE_claim_new (attr->name, attr->type,
- attr->data, attr->data_size);
+ le = GNUNET_new(struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
+ le->claim = GNUNET_RECLAIM_ATTRIBUTE_claim_new (attr->name, attr->type,
+ attr->data, attr->data_size);
GNUNET_CONTAINER_DLL_insert(handle->attr_list->list_head,
handle->attr_list->list_tail, le);
- GNUNET_IDENTITY_PROVIDER_get_attributes_next (handle->attr_it);
+ GNUNET_RECLAIM_get_attributes_next (handle->attr_it);
}
@@ -1005,88 +1078,33 @@ login_check (void *cls)
handle->priv_key = *GNUNET_IDENTITY_ego_get_private_key (
handle->ego_entry->ego);
handle->resp_object = GNUNET_JSONAPI_document_new ();
- handle->idp = GNUNET_IDENTITY_PROVIDER_connect (cfg);
+ handle->idp = GNUNET_RECLAIM_connect (cfg);
handle->attr_list = GNUNET_new(
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList);
- handle->attr_it = GNUNET_IDENTITY_PROVIDER_get_attributes_start (
- handle->idp, &handle->priv_key, &oidc_iteration_error, handle,
- &oidc_attr_collect, handle, &oidc_collect_finished_cb, handle);
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList);
+ handle->attr_it = GNUNET_RECLAIM_get_attributes_start (
+ handle->idp, &handle->priv_key, &oidc_iteration_error, handle,
+ &oidc_attr_collect, handle, &oidc_collect_finished_cb, handle);
return;
}
}
- handle->emsg = GNUNET_strdup("invalid_cookie");
- handle->edesc = GNUNET_strdup(
- "The cookie of the login identity is not valid");
- GNUNET_SCHEDULER_add_now (&do_redirect_error, handle);
+ //handle->emsg = GNUNET_strdup("invalid_cookie");
+ //handle->edesc = GNUNET_strdup(
+ // "The cookie of the login identity is not valid");
+ //GNUNET_SCHEDULER_add_now (&do_redirect_error, handle);
+ GNUNET_SCHEDULER_add_now (&login_redirection,handle);
return;
}
}
}
/**
- * Searches for client_id in namestore. If found trust status stored in handle
- * Else continues to search
- *
- * @param handle the RequestHandle
- */
-static void
-namestore_iteration_callback (
- void *cls, const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone_key,
- const char *rname, unsigned int rd_len,
- const struct GNUNET_GNSRECORD_Data *rd)
-{
- struct RequestHandle *handle = cls;
- struct GNUNET_CRYPTO_EcdsaPublicKey login_identity_pkey;
- struct GNUNET_CRYPTO_EcdsaPublicKey current_zone_pkey;
- int i;
-
- for (i = 0; i < rd_len; i++)
- {
- if ( GNUNET_GNSRECORD_TYPE_PKEY != rd[i].record_type )
- continue;
-
- if ( NULL != handle->oidc->login_identity )
- {
- GNUNET_CRYPTO_ecdsa_public_key_from_string (
- handle->oidc->login_identity,
- strlen (handle->oidc->login_identity),
- &login_identity_pkey);
- GNUNET_IDENTITY_ego_get_public_key (handle->ego_entry->ego,
- &current_zone_pkey);
-
- if ( 0 == memcmp (rd[i].data, &handle->oidc->client_pkey,
- sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)) )
- {
- if ( 0 == memcmp (&login_identity_pkey, &current_zone_pkey,
- sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)) )
- {
- handle->oidc->is_client_trusted = GNUNET_YES;
- }
- }
- }
- else
- {
- if ( 0 == memcmp (rd[i].data, &handle->oidc->client_pkey,
- sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)) )
- {
- handle->oidc->is_client_trusted = GNUNET_YES;
- }
- }
- }
-
- GNUNET_NAMESTORE_zone_iterator_next (handle->namestore_handle_it,
- 1);
-}
-
-
-/**
* Iteration over all results finished, build final
* response.
*
* @param cls the `struct RequestHandle`
*/
static void
-namestore_iteration_finished (void *cls)
+build_authz_response (void *cls)
{
struct RequestHandle *handle = cls;
struct GNUNET_HashCode cache_key;
@@ -1096,25 +1114,6 @@ namestore_iteration_finished (void *cls)
int number_of_ignored_parameter, iterator;
- handle->ego_entry = handle->ego_entry->next;
-
- if(NULL != handle->ego_entry)
- {
- handle->priv_key = *GNUNET_IDENTITY_ego_get_private_key (handle->ego_entry->ego);
- handle->namestore_handle_it = GNUNET_NAMESTORE_zone_iteration_start (handle->namestore_handle, &handle->priv_key,
- &oidc_iteration_error, handle, &namestore_iteration_callback, handle,
- &namestore_iteration_finished, handle);
- return;
- }
- if (GNUNET_NO == handle->oidc->is_client_trusted)
- {
- handle->emsg = GNUNET_strdup("unauthorized_client");
- handle->edesc = GNUNET_strdup("The client is not authorized to request an "
- "authorization code using this method.");
- GNUNET_SCHEDULER_add_now (&do_error, handle);
- return;
- }
-
// REQUIRED value: redirect_uri
GNUNET_CRYPTO_hash (OIDC_REDIRECT_URI_KEY, strlen (OIDC_REDIRECT_URI_KEY),
&cache_key);
@@ -1244,8 +1243,8 @@ authorize_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
struct RequestHandle *handle = cls;
struct GNUNET_HashCode cache_key;
struct EgoEntry *tmp_ego;
- struct GNUNET_CRYPTO_EcdsaPublicKey pkey;
const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key;
+ struct GNUNET_CRYPTO_EcdsaPublicKey pkey;
cookie_identity_interpretation(handle);
@@ -1299,9 +1298,8 @@ authorize_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
handle->ego_entry = handle->ego_head;
handle->priv_key = *GNUNET_IDENTITY_ego_get_private_key (handle->ego_head->ego);
- handle->oidc->is_client_trusted = GNUNET_NO;
-
- //First check if client_id is one of our egos; TODO: handle other TLD cases: Delegation, from config
+ //If we know this identity, translated the corresponding TLD
+ //TODO: We might want to have a reverse lookup functionality for TLDs?
for (tmp_ego = handle->ego_head; NULL != tmp_ego; tmp_ego = tmp_ego->next)
{
priv_key = GNUNET_IDENTITY_ego_get_private_key (tmp_ego->ego);
@@ -1311,17 +1309,10 @@ authorize_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)) )
{
handle->tld = GNUNET_strdup (tmp_ego->identifier);
- handle->oidc->is_client_trusted = GNUNET_YES;
handle->ego_entry = handle->ego_tail;
}
- }
-
-
- // Checks if client_id is valid:
- handle->namestore_handle_it = GNUNET_NAMESTORE_zone_iteration_start (
- handle->namestore_handle, &handle->priv_key, &oidc_iteration_error,
- handle, &namestore_iteration_callback, handle,
- &namestore_iteration_finished, handle);
+ }
+ GNUNET_SCHEDULER_add_now (&build_authz_response, handle);
}
/**
@@ -1359,8 +1350,8 @@ login_cont (struct GNUNET_REST_RequestHandle *con_handle,
current_time = GNUNET_new(struct GNUNET_TIME_Absolute);
*current_time = GNUNET_TIME_relative_to_absolute (
- GNUNET_TIME_relative_multiply (GNUNET_TIME_relative_get_minute_ (),
- 30));
+ GNUNET_TIME_relative_multiply (GNUNET_TIME_relative_get_second_ (),
+ 5));
last_time = GNUNET_CONTAINER_multihashmap_get(OIDC_identity_login_time, &cache_key);
if (NULL != last_time)
{
@@ -1382,37 +1373,19 @@ login_cont (struct GNUNET_REST_RequestHandle *con_handle,
return;
}
-/**
- * Responds to token url-encoded POST request
- *
- * @param con_handle the connection handle
- * @param url the url
- * @param cls the RequestHandle
- */
-static void
-token_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
- const char* url,
- void *cls)
+static int
+check_authorization (struct RequestHandle *handle,
+ struct GNUNET_CRYPTO_EcdsaPublicKey *cid)
{
- //TODO static strings
- struct RequestHandle *handle = cls;
struct GNUNET_HashCode cache_key;
- char *authorization, *credentials;
- char delimiter[]=" ";
- char delimiter_user_psw[]=":";
- char *grant_type, *code;
- char *user_psw = NULL, *client_id, *psw;
- char *expected_psw;
+ char *authorization;
+ char *credentials;
+ char *basic_authorization;
+ char *client_id;
+ char *pass;
+ char *expected_pass;
int client_exists = GNUNET_NO;
- struct MHD_Response *resp;
- char* code_output;
- json_t *root, *ticket_string, *nonce, *max_age;
- json_error_t error;
- char *json_response;
- /*
- * Check Authorization
- */
GNUNET_CRYPTO_hash (OIDC_AUTHORIZATION_HEADER_KEY,
strlen (OIDC_AUTHORIZATION_HEADER_KEY),
&cache_key);
@@ -1422,80 +1395,75 @@ token_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
handle->emsg=GNUNET_strdup("invalid_client");
handle->edesc=GNUNET_strdup("missing authorization");
handle->response_code = MHD_HTTP_UNAUTHORIZED;
- GNUNET_SCHEDULER_add_now (&do_error, handle);
- return;
+ return GNUNET_SYSERR;
}
- authorization = GNUNET_CONTAINER_multihashmap_get ( handle->rest_handle->header_param_map, &cache_key);
+ authorization = GNUNET_CONTAINER_multihashmap_get (handle->rest_handle->header_param_map,
+ &cache_key);
//split header in "Basic" and [content]
- credentials = strtok (authorization, delimiter);
- if (0 != strcmp ("Basic",credentials))
+ credentials = strtok (authorization, " ");
+ if (0 != strcmp ("Basic", credentials))
{
handle->emsg=GNUNET_strdup("invalid_client");
handle->response_code = MHD_HTTP_UNAUTHORIZED;
- GNUNET_SCHEDULER_add_now (&do_error, handle);
- return;
+ return GNUNET_SYSERR;
}
- credentials = strtok(NULL, delimiter);
+ credentials = strtok(NULL, " ");
if (NULL == credentials)
{
handle->emsg=GNUNET_strdup("invalid_client");
handle->response_code = MHD_HTTP_UNAUTHORIZED;
- GNUNET_SCHEDULER_add_now (&do_error, handle);
- return;
+ return GNUNET_SYSERR;
}
- GNUNET_STRINGS_base64_decode (credentials, strlen (credentials), &user_psw);
+ GNUNET_STRINGS_base64_decode (credentials,
+ strlen (credentials),
+ (void**)&basic_authorization);
- if ( NULL == user_psw )
+ if ( NULL == basic_authorization )
{
handle->emsg=GNUNET_strdup("invalid_client");
handle->response_code = MHD_HTTP_UNAUTHORIZED;
- GNUNET_SCHEDULER_add_now (&do_error, handle);
- return;
+ return GNUNET_SYSERR;
}
- client_id = strtok (user_psw, delimiter_user_psw);
+ client_id = strtok (basic_authorization, ":");
if ( NULL == client_id )
{
- GNUNET_free_non_null(user_psw);
+ GNUNET_free_non_null(basic_authorization);
handle->emsg=GNUNET_strdup("invalid_client");
handle->response_code = MHD_HTTP_UNAUTHORIZED;
- GNUNET_SCHEDULER_add_now (&do_error, handle);
- return;
+ return GNUNET_SYSERR;
}
- psw = strtok (NULL, delimiter_user_psw);
- if (NULL == psw)
+ pass = strtok (NULL, ":");
+ if (NULL == pass)
{
- GNUNET_free_non_null(user_psw);
+ GNUNET_free_non_null(basic_authorization);
handle->emsg=GNUNET_strdup("invalid_client");
handle->response_code = MHD_HTTP_UNAUTHORIZED;
- GNUNET_SCHEDULER_add_now (&do_error, handle);
- return;
+ return GNUNET_SYSERR;
}
//check client password
if ( GNUNET_OK
- == GNUNET_CONFIGURATION_get_value_string (cfg, "identity-rest-plugin",
- "psw", &expected_psw) )
+ == GNUNET_CONFIGURATION_get_value_string (cfg, "reclaim-rest-plugin",
+ "psw", &expected_pass) )
{
- if (0 != strcmp (expected_psw, psw))
+ if (0 != strcmp (expected_pass, pass))
{
- GNUNET_free_non_null(user_psw);
- GNUNET_free(expected_psw);
+ GNUNET_free_non_null(basic_authorization);
+ GNUNET_free(expected_pass);
handle->emsg=GNUNET_strdup("invalid_client");
handle->response_code = MHD_HTTP_UNAUTHORIZED;
- GNUNET_SCHEDULER_add_now (&do_error, handle);
- return;
+ return GNUNET_SYSERR;
}
- GNUNET_free(expected_psw);
+ GNUNET_free(expected_pass);
}
else
{
- GNUNET_free_non_null(user_psw);
+ GNUNET_free_non_null(basic_authorization);
handle->emsg = GNUNET_strdup("server_error");
handle->edesc = GNUNET_strdup ("gnunet configuration failed");
handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR;
- GNUNET_SCHEDULER_add_now (&do_error, handle);
- return;
+ return GNUNET_SYSERR;
}
//check client_id
@@ -1510,9 +1478,107 @@ token_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
}
if (GNUNET_NO == client_exists)
{
- GNUNET_free_non_null(user_psw);
+ GNUNET_free_non_null(basic_authorization);
handle->emsg=GNUNET_strdup("invalid_client");
handle->response_code = MHD_HTTP_UNAUTHORIZED;
+ return GNUNET_SYSERR;
+ }
+ GNUNET_STRINGS_string_to_data (client_id,
+ strlen(client_id),
+ cid,
+ sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
+
+ GNUNET_free (basic_authorization);
+ return GNUNET_OK;
+}
+
+static int
+ego_exists (struct RequestHandle *handle,
+ struct GNUNET_CRYPTO_EcdsaPublicKey *test_key)
+{
+ struct EgoEntry *ego_entry;
+ struct GNUNET_CRYPTO_EcdsaPublicKey pub_key;
+
+ for (ego_entry = handle->ego_head; NULL != ego_entry; ego_entry = ego_entry->next)
+ {
+ GNUNET_IDENTITY_ego_get_public_key (ego_entry->ego, &pub_key);
+ if (0 == memcmp (&pub_key,
+ test_key,
+ sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)))
+ {
+ break;
+ }
+ }
+ if (NULL == ego_entry)
+ return GNUNET_NO;
+ return GNUNET_YES;
+}
+
+static void
+store_ticket_reference (const struct RequestHandle *handle,
+ const char* access_token,
+ const struct GNUNET_RECLAIM_Ticket *ticket,
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *cid)
+{
+ struct GNUNET_HashCode cache_key;
+ char *id_ticket_combination;
+ char *ticket_string;
+ char *client_id;
+
+ GNUNET_CRYPTO_hash(access_token, strlen(access_token), &cache_key);
+ client_id = GNUNET_STRINGS_data_to_string_alloc (cid,
+ sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
+ ticket_string = GNUNET_STRINGS_data_to_string_alloc (ticket,
+ sizeof (struct GNUNET_RECLAIM_Ticket));
+ GNUNET_asprintf(&id_ticket_combination,
+ "%s;%s",
+ client_id,
+ ticket_string);
+ GNUNET_CONTAINER_multihashmap_put(OIDC_interpret_access_token,
+ &cache_key,
+ id_ticket_combination,
+ GNUNET_CONTAINER_MULTIHASHMAPOPTION_REPLACE);
+
+ GNUNET_free (client_id);
+ GNUNET_free (ticket_string);
+}
+
+/**
+ * Responds to token url-encoded POST request
+ *
+ * @param con_handle the connection handle
+ * @param url the url
+ * @param cls the RequestHandle
+ */
+static void
+token_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
+ const char* url,
+ void *cls)
+{
+ struct RequestHandle *handle = cls;
+ struct GNUNET_TIME_Relative expiration_time;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *cl;
+ struct GNUNET_RECLAIM_Ticket *ticket;
+ struct GNUNET_CRYPTO_EcdsaPublicKey cid;
+ struct GNUNET_HashCode cache_key;
+ struct MHD_Response *resp;
+ char *grant_type;
+ char *code;
+ char *json_response;
+ char *id_token;
+ char *access_token;
+ char *jwt_secret;
+ char *nonce;
+ int i = 1;
+
+ /*
+ * Check Authorization
+ */
+ if (GNUNET_SYSERR == check_authorization (handle,
+ &cid))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "OIDC authorization for token endpoint failed\n");
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
@@ -1524,27 +1590,25 @@ token_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
//TODO Do not allow multiple equal parameter names
//REQUIRED grant_type
GNUNET_CRYPTO_hash (OIDC_GRANT_TYPE_KEY, strlen (OIDC_GRANT_TYPE_KEY), &cache_key);
- if ( GNUNET_NO
- == GNUNET_CONTAINER_multihashmap_contains (
- handle->rest_handle->url_param_map, &cache_key) )
+ if (GNUNET_NO ==
+ GNUNET_CONTAINER_multihashmap_contains (handle->rest_handle->url_param_map,
+ &cache_key))
{
- GNUNET_free_non_null(user_psw);
handle->emsg = GNUNET_strdup("invalid_request");
handle->edesc = GNUNET_strdup("missing parameter grant_type");
handle->response_code = MHD_HTTP_BAD_REQUEST;
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
- grant_type = GNUNET_CONTAINER_multihashmap_get (
- handle->rest_handle->url_param_map, &cache_key);
+ grant_type = GNUNET_CONTAINER_multihashmap_get (handle->rest_handle->url_param_map,
+ &cache_key);
//REQUIRED code
GNUNET_CRYPTO_hash (OIDC_CODE_KEY, strlen (OIDC_CODE_KEY), &cache_key);
- if ( GNUNET_NO
- == GNUNET_CONTAINER_multihashmap_contains (
- handle->rest_handle->url_param_map, &cache_key) )
+ if (GNUNET_NO ==
+ GNUNET_CONTAINER_multihashmap_contains (handle->rest_handle->url_param_map,
+ &cache_key))
{
- GNUNET_free_non_null(user_psw);
handle->emsg = GNUNET_strdup("invalid_request");
handle->edesc = GNUNET_strdup("missing parameter code");
handle->response_code = MHD_HTTP_BAD_REQUEST;
@@ -1557,11 +1621,10 @@ token_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
//REQUIRED redirect_uri
GNUNET_CRYPTO_hash (OIDC_REDIRECT_URI_KEY, strlen (OIDC_REDIRECT_URI_KEY),
&cache_key);
- if ( GNUNET_NO
- == GNUNET_CONTAINER_multihashmap_contains (
- handle->rest_handle->url_param_map, &cache_key) )
+ if (GNUNET_NO ==
+ GNUNET_CONTAINER_multihashmap_contains (handle->rest_handle->url_param_map,
+ &cache_key) )
{
- GNUNET_free_non_null(user_psw);
handle->emsg = GNUNET_strdup("invalid_request");
handle->edesc = GNUNET_strdup("missing parameter redirect_uri");
handle->response_code = MHD_HTTP_BAD_REQUEST;
@@ -1572,21 +1635,18 @@ token_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
//Check parameter grant_type == "authorization_code"
if (0 != strcmp(OIDC_GRANT_TYPE_VALUE, grant_type))
{
- GNUNET_free_non_null(user_psw);
handle->emsg=GNUNET_strdup("unsupported_grant_type");
handle->response_code = MHD_HTTP_BAD_REQUEST;
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
GNUNET_CRYPTO_hash (code, strlen (code), &cache_key);
- int i = 1;
- if ( GNUNET_SYSERR
- == GNUNET_CONTAINER_multihashmap_put (OIDC_ticket_once,
- &cache_key,
- &i,
- GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY) )
+ if (GNUNET_SYSERR ==
+ GNUNET_CONTAINER_multihashmap_put (OIDC_ticket_once,
+ &cache_key,
+ &i,
+ GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY) )
{
- GNUNET_free_non_null(user_psw);
handle->emsg = GNUNET_strdup("invalid_request");
handle->edesc = GNUNET_strdup("Cannot use the same code more than once");
handle->response_code = MHD_HTTP_BAD_REQUEST;
@@ -1595,16 +1655,11 @@ token_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
}
//decode code
- GNUNET_STRINGS_base64_decode(code,strlen(code),&code_output);
- root = json_loads (code_output, 0, &error);
- GNUNET_free(code_output);
- ticket_string = json_object_get (root, "ticket");
- nonce = json_object_get (root, "nonce");
- max_age = json_object_get (root, "max_age");
-
- if(ticket_string == NULL && !json_is_string(ticket_string))
+ if(GNUNET_OK != OIDC_parse_authz_code (&cid,
+ code,
+ &ticket,
+ &nonce))
{
- GNUNET_free_non_null(user_psw);
handle->emsg = GNUNET_strdup("invalid_request");
handle->edesc = GNUNET_strdup("invalid code");
handle->response_code = MHD_HTTP_BAD_REQUEST;
@@ -1612,42 +1667,13 @@ token_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
return;
}
- struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket = GNUNET_new(struct GNUNET_IDENTITY_PROVIDER_Ticket);
- if ( GNUNET_OK
- != GNUNET_STRINGS_string_to_data (json_string_value(ticket_string),
- strlen (json_string_value(ticket_string)),
- ticket,
- sizeof(struct GNUNET_IDENTITY_PROVIDER_Ticket)))
- {
- GNUNET_free_non_null(user_psw);
- handle->emsg = GNUNET_strdup("invalid_request");
- handle->edesc = GNUNET_strdup("invalid code");
- handle->response_code = MHD_HTTP_BAD_REQUEST;
- GNUNET_SCHEDULER_add_now (&do_error, handle);
- GNUNET_free(ticket);
- return;
- }
- // this is the current client (relying party)
- struct GNUNET_CRYPTO_EcdsaPublicKey pub_key;
- GNUNET_IDENTITY_ego_get_public_key(handle->ego_entry->ego,&pub_key);
- if (0 != memcmp(&pub_key,&ticket->audience,sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)))
- {
- GNUNET_free_non_null(user_psw);
- handle->emsg = GNUNET_strdup("invalid_request");
- handle->edesc = GNUNET_strdup("invalid code");
- handle->response_code = MHD_HTTP_BAD_REQUEST;
- GNUNET_SCHEDULER_add_now (&do_error, handle);
- GNUNET_free(ticket);
- return;
- }
-
//create jwt
- unsigned long long int expiration_time;
- if ( GNUNET_OK
- != GNUNET_CONFIGURATION_get_value_number(cfg, "identity-rest-plugin",
- "expiration_time", &expiration_time) )
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_time(cfg,
+ "reclaim-rest-plugin",
+ "expiration_time",
+ &expiration_time))
{
- GNUNET_free_non_null(user_psw);
handle->emsg = GNUNET_strdup("server_error");
handle->edesc = GNUNET_strdup ("gnunet configuration failed");
handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR;
@@ -1656,118 +1682,56 @@ token_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
return;
}
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *cl = GNUNET_new (struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList);
- //aud REQUIRED public key client_id must be there
- GNUNET_IDENTITY_ATTRIBUTE_list_add(cl,
- "aud",
- GNUNET_IDENTITY_ATTRIBUTE_TYPE_STRING,
- client_id,
- strlen(client_id));
- //exp REQUIRED time expired from config
- struct GNUNET_TIME_Absolute exp_time = GNUNET_TIME_relative_to_absolute (
- GNUNET_TIME_relative_multiply (GNUNET_TIME_relative_get_second_ (),
- expiration_time));
- const char* exp_time_string = GNUNET_STRINGS_absolute_time_to_string(exp_time);
- GNUNET_IDENTITY_ATTRIBUTE_list_add (cl,
- "exp",
- GNUNET_IDENTITY_ATTRIBUTE_TYPE_STRING,
- exp_time_string,
- strlen(exp_time_string));
- //iat REQUIRED time now
- struct GNUNET_TIME_Absolute time_now = GNUNET_TIME_absolute_get();
- const char* time_now_string = GNUNET_STRINGS_absolute_time_to_string(time_now);
- GNUNET_IDENTITY_ATTRIBUTE_list_add (cl,
- "iat",
- GNUNET_IDENTITY_ATTRIBUTE_TYPE_STRING,
- time_now_string,
- strlen(time_now_string));
- //nonce only if nonce is provided
- if ( NULL != nonce && json_is_string(nonce) )
- {
- GNUNET_IDENTITY_ATTRIBUTE_list_add (cl,
- "nonce",
- GNUNET_IDENTITY_ATTRIBUTE_TYPE_STRING,
- json_string_value(nonce),
- strlen(json_string_value(nonce)));
- }
- //auth_time only if max_age is provided
- if ( NULL != max_age && json_is_string(max_age) )
- {
- GNUNET_IDENTITY_ATTRIBUTE_list_add (cl,
- "auth_time",
- GNUNET_IDENTITY_ATTRIBUTE_TYPE_STRING,
- json_string_value(max_age),
- strlen(json_string_value(max_age)));
- }
- //TODO OPTIONAL acr,amr,azp
- struct EgoEntry *ego_entry;
- for (ego_entry = handle->ego_head; NULL != ego_entry; ego_entry = ego_entry->next)
+ //TODO OPTIONAL acr,amr,azp
+ if (GNUNET_NO == ego_exists (handle,
+ &ticket->audience))
{
- GNUNET_IDENTITY_ego_get_public_key (ego_entry->ego, &pub_key);
- if (0 == memcmp (&pub_key, &ticket->audience, sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)))
- {
- break;
- }
+ handle->emsg = GNUNET_strdup("invalid_request");
+ handle->edesc = GNUNET_strdup("invalid code...");
+ handle->response_code = MHD_HTTP_BAD_REQUEST;
+ GNUNET_SCHEDULER_add_now (&do_error, handle);
+ GNUNET_free(ticket);
}
- if ( NULL == ego_entry )
+ if ( GNUNET_OK
+ != GNUNET_CONFIGURATION_get_value_string (cfg, "reclaim-rest-plugin",
+ "jwt_secret", &jwt_secret) )
{
- GNUNET_free_non_null(user_psw);
handle->emsg = GNUNET_strdup("invalid_request");
- handle->edesc = GNUNET_strdup("invalid code....");
- handle->response_code = MHD_HTTP_BAD_REQUEST;
+ handle->edesc = GNUNET_strdup("No signing secret configured!");
+ handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR;
GNUNET_SCHEDULER_add_now (&do_error, handle);
GNUNET_free(ticket);
return;
}
- char *id_token = jwt_create_from_list(&ticket->audience,
- cl,
- GNUNET_IDENTITY_ego_get_private_key(ego_entry->ego));
-
- //Create random access_token
- char* access_token_number;
- char* access_token;
- uint64_t random_number;
- random_number = GNUNET_CRYPTO_random_u64(GNUNET_CRYPTO_QUALITY_NONCE, UINT64_MAX);
- GNUNET_asprintf(&access_token_number, "%" PRIu64, random_number);
- GNUNET_STRINGS_base64_encode(access_token_number,strlen(access_token_number),&access_token);
-
-
-
- //TODO OPTIONAL add refresh_token and scope
- GNUNET_asprintf (&json_response,
- "{ \"access_token\" : \"%s\", "
- "\"token_type\" : \"Bearer\", "
- "\"expires_in\" : %d, "
- "\"id_token\" : \"%s\"}",
- access_token,
- expiration_time,
- id_token);
- GNUNET_CRYPTO_hash(access_token, strlen(access_token), &cache_key);
- char *id_ticket_combination;
- GNUNET_asprintf(&id_ticket_combination,
- "%s;%s",
- client_id,
- json_string_value(ticket_string));
- GNUNET_CONTAINER_multihashmap_put(OIDC_interpret_access_token,
- &cache_key,
- id_ticket_combination,
- GNUNET_CONTAINER_MULTIHASHMAPOPTION_REPLACE);
-
+ //TODO We should collect the attributes here. cl always empty
+ cl = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList);
+ id_token = OIDC_id_token_new (&ticket->audience,
+ &ticket->identity,
+ cl,
+ &expiration_time,
+ (NULL != nonce) ? nonce : NULL,
+ jwt_secret);
+ access_token = OIDC_access_token_new ();
+ OIDC_build_token_response (access_token,
+ id_token,
+ &expiration_time,
+ &json_response);
+
+ store_ticket_reference (handle,
+ access_token,
+ ticket,
+ &cid);
resp = GNUNET_REST_create_response (json_response);
MHD_add_response_header (resp, "Cache-Control", "no-store");
MHD_add_response_header (resp, "Pragma", "no-cache");
MHD_add_response_header (resp, "Content-Type", "application/json");
handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
-
- GNUNET_IDENTITY_ATTRIBUTE_list_destroy(cl);
- GNUNET_free(access_token_number);
+ GNUNET_RECLAIM_ATTRIBUTE_list_destroy(cl);
GNUNET_free(access_token);
- GNUNET_free(user_psw);
GNUNET_free(json_response);
GNUNET_free(ticket);
GNUNET_free(id_token);
- json_decref (root);
GNUNET_SCHEDULER_add_now(&cleanup_handle_delayed, handle);
}
@@ -1777,7 +1741,7 @@ token_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
static void
consume_ticket (void *cls,
const struct GNUNET_CRYPTO_EcdsaPublicKey *identity,
- const struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attr)
+ const struct GNUNET_RECLAIM_ATTRIBUTE_Claim *attr)
{
struct RequestHandle *handle = cls;
char *tmp_value;
@@ -1789,9 +1753,9 @@ consume_ticket (void *cls,
return;
}
- tmp_value = GNUNET_IDENTITY_ATTRIBUTE_value_to_string (attr->type,
- attr->data,
- attr->data_size);
+ tmp_value = GNUNET_RECLAIM_ATTRIBUTE_value_to_string (attr->type,
+ attr->data,
+ attr->data_size);
value = json_string (tmp_value);
@@ -1820,7 +1784,7 @@ userinfo_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
struct GNUNET_HashCode cache_key;
char *authorization, *authorization_type, *authorization_access_token;
char *client_ticket, *client, *ticket_str;
- struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket;
+ struct GNUNET_RECLAIM_Ticket *ticket;
GNUNET_CRYPTO_hash (OIDC_AUTHORIZATION_HEADER_KEY,
strlen (OIDC_AUTHORIZATION_HEADER_KEY),
@@ -1918,12 +1882,12 @@ userinfo_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
GNUNET_free(client_ticket);
return;
}
- ticket = GNUNET_new(struct GNUNET_IDENTITY_PROVIDER_Ticket);
+ ticket = GNUNET_new(struct GNUNET_RECLAIM_Ticket);
if ( GNUNET_OK
!= GNUNET_STRINGS_string_to_data (ticket_str,
strlen (ticket_str),
ticket,
- sizeof(struct GNUNET_IDENTITY_PROVIDER_Ticket)))
+ sizeof(struct GNUNET_RECLAIM_Ticket)))
{
handle->emsg = GNUNET_strdup("invalid_token");
handle->edesc = GNUNET_strdup("The Access Token expired");
@@ -1935,15 +1899,15 @@ userinfo_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
return;
}
- handle->idp = GNUNET_IDENTITY_PROVIDER_connect (cfg);
+ handle->idp = GNUNET_RECLAIM_connect (cfg);
handle->oidc->response = json_object();
json_object_set_new( handle->oidc->response, "sub", json_string( handle->ego_entry->keystring));
- handle->idp_op = GNUNET_IDENTITY_PROVIDER_ticket_consume (
- handle->idp,
- GNUNET_IDENTITY_ego_get_private_key (handle->ego_entry->ego),
- ticket,
- consume_ticket,
- handle);
+ handle->idp_op = GNUNET_RECLAIM_ticket_consume (
+ handle->idp,
+ GNUNET_IDENTITY_ego_get_private_key (handle->ego_entry->ego),
+ ticket,
+ consume_ticket,
+ handle);
GNUNET_free(ticket);
GNUNET_free(authorization);
GNUNET_free(client_ticket);
@@ -2103,6 +2067,7 @@ rest_identity_process_request(struct GNUNET_REST_RequestHandle *rest_handle,
handle->identity_handle = GNUNET_IDENTITY_connect (cfg,
&list_ego,
handle);
+ handle->gns_handle = GNUNET_GNS_connect (cfg);
handle->namestore_handle = GNUNET_NAMESTORE_connect (cfg);
handle->timeout_task =
GNUNET_SCHEDULER_add_delayed (handle->timeout,
diff --git a/src/identity-provider/plugin_rest_identity_provider.c b/src/reclaim/plugin_rest_reclaim.c
index a83163db2..38ffc4ddb 100644
--- a/src/identity-provider/plugin_rest_identity_provider.c
+++ b/src/reclaim/plugin_rest_reclaim.c
@@ -18,8 +18,8 @@
/**
* @author Martin Schanzenbach
* @author Philippe Buschmann
- * @file identity/plugin_rest_identity.c
- * @brief GNUnet Namestore REST plugin
+ * @file reclaim/plugin_rest_reclaim.c
+ * @brief GNUnet reclaim REST plugin
*
*/
@@ -36,38 +36,38 @@
#include <jansson.h>
#include <inttypes.h>
#include "gnunet_signatures.h"
-#include "gnunet_identity_attribute_lib.h"
-#include "gnunet_identity_provider_service.h"
+#include "gnunet_reclaim_attribute_lib.h"
+#include "gnunet_reclaim_service.h"
/**
* REST root namespace
*/
-#define GNUNET_REST_API_NS_IDENTITY_PROVIDER "/idp"
+#define GNUNET_REST_API_NS_RECLAIM "/reclaim"
/**
* Attribute namespace
*/
-#define GNUNET_REST_API_NS_IDENTITY_ATTRIBUTES "/idp/attributes"
+#define GNUNET_REST_API_NS_RECLAIM_ATTRIBUTES "/reclaim/attributes"
/**
* Ticket namespace
*/
-#define GNUNET_REST_API_NS_IDENTITY_TICKETS "/idp/tickets"
+#define GNUNET_REST_API_NS_IDENTITY_TICKETS "/reclaim/tickets"
/**
* Revoke namespace
*/
-#define GNUNET_REST_API_NS_IDENTITY_REVOKE "/idp/revoke"
+#define GNUNET_REST_API_NS_IDENTITY_REVOKE "/reclaim/revoke"
/**
* Revoke namespace
*/
-#define GNUNET_REST_API_NS_IDENTITY_CONSUME "/idp/consume"
+#define GNUNET_REST_API_NS_IDENTITY_CONSUME "/reclaim/consume"
/**
* Attribute key
*/
-#define GNUNET_REST_JSONAPI_IDENTITY_ATTRIBUTE "attribute"
+#define GNUNET_REST_JSONAPI_RECLAIM_ATTRIBUTE "attribute"
/**
* Ticket key
@@ -78,7 +78,7 @@
/**
* Value key
*/
-#define GNUNET_REST_JSONAPI_IDENTITY_ATTRIBUTE_VALUE "value"
+#define GNUNET_REST_JSONAPI_RECLAIM_ATTRIBUTE_VALUE "value"
/**
* State while collecting all egos
@@ -190,7 +190,7 @@ struct RequestHandle
/**
* Attribute claim list
*/
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attr_list;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attr_list;
/**
* IDENTITY Operation
@@ -200,27 +200,27 @@ struct RequestHandle
/**
* Identity Provider
*/
- struct GNUNET_IDENTITY_PROVIDER_Handle *idp;
+ struct GNUNET_RECLAIM_Handle *idp;
/**
* Idp Operation
*/
- struct GNUNET_IDENTITY_PROVIDER_Operation *idp_op;
+ struct GNUNET_RECLAIM_Operation *idp_op;
/**
* Attribute iterator
*/
- struct GNUNET_IDENTITY_PROVIDER_AttributeIterator *attr_it;
+ struct GNUNET_RECLAIM_AttributeIterator *attr_it;
/**
* Ticket iterator
*/
- struct GNUNET_IDENTITY_PROVIDER_TicketIterator *ticket_it;
+ struct GNUNET_RECLAIM_TicketIterator *ticket_it;
/**
* A ticket
*/
- struct GNUNET_IDENTITY_PROVIDER_Ticket ticket;
+ struct GNUNET_RECLAIM_Ticket ticket;
/**
* Desired timeout for the lookup (default is no timeout).
@@ -271,8 +271,8 @@ struct RequestHandle
static void
cleanup_handle (struct RequestHandle *handle)
{
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *claim_entry;
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *claim_tmp;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *claim_entry;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *claim_tmp;
struct EgoEntry *ego_entry;
struct EgoEntry *ego_tmp;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
@@ -284,11 +284,11 @@ cleanup_handle (struct RequestHandle *handle)
if (NULL != handle->identity_handle)
GNUNET_IDENTITY_disconnect (handle->identity_handle);
if (NULL != handle->attr_it)
- GNUNET_IDENTITY_PROVIDER_get_attributes_stop (handle->attr_it);
+ GNUNET_RECLAIM_get_attributes_stop (handle->attr_it);
if (NULL != handle->ticket_it)
- GNUNET_IDENTITY_PROVIDER_ticket_iteration_stop (handle->ticket_it);
+ GNUNET_RECLAIM_ticket_iteration_stop (handle->ticket_it);
if (NULL != handle->idp)
- GNUNET_IDENTITY_PROVIDER_disconnect (handle->idp);
+ GNUNET_RECLAIM_disconnect (handle->idp);
if (NULL != handle->url)
GNUNET_free (handle->url);
if (NULL != handle->emsg)
@@ -435,7 +435,7 @@ collect_finished_cb (void *cls)
*/
static void
ticket_collect (void *cls,
- const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket)
+ const struct GNUNET_RECLAIM_Ticket *ticket)
{
struct GNUNET_JSONAPI_Resource *json_resource;
struct RequestHandle *handle = cls;
@@ -474,7 +474,7 @@ ticket_collect (void *cls,
value);
GNUNET_free (tmp);
json_decref (value);
- GNUNET_IDENTITY_PROVIDER_ticket_iteration_next (handle->ticket_it);
+ GNUNET_RECLAIM_ticket_iteration_next (handle->ticket_it);
}
@@ -523,8 +523,8 @@ list_tickets_cont (struct GNUNET_REST_RequestHandle *con_handle,
return;
}
priv_key = GNUNET_IDENTITY_ego_get_private_key (ego_entry->ego);
- handle->idp = GNUNET_IDENTITY_PROVIDER_connect (cfg);
- handle->ticket_it = GNUNET_IDENTITY_PROVIDER_ticket_iteration_start (handle->idp,
+ handle->idp = GNUNET_RECLAIM_connect (cfg);
+ handle->ticket_it = GNUNET_RECLAIM_ticket_iteration_start (handle->idp,
priv_key,
&collect_error_cb,
handle,
@@ -549,7 +549,7 @@ add_attribute_cont (struct GNUNET_REST_RequestHandle *con_handle,
struct RequestHandle *handle = cls;
struct EgoEntry *ego_entry;
struct MHD_Response *resp;
- struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attribute;
+ struct GNUNET_RECLAIM_ATTRIBUTE_Claim *attribute;
struct GNUNET_JSONAPI_Document *json_obj;
struct GNUNET_JSONAPI_Resource *json_res;
struct GNUNET_TIME_Relative exp;
@@ -565,14 +565,14 @@ add_attribute_cont (struct GNUNET_REST_RequestHandle *con_handle,
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding an attribute for %s.\n",
handle->url);
- if ( strlen (GNUNET_REST_API_NS_IDENTITY_ATTRIBUTES) >=
+ if ( strlen (GNUNET_REST_API_NS_RECLAIM_ATTRIBUTES) >=
strlen (handle->url))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No identity given.\n");
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
- identity = handle->url + strlen (GNUNET_REST_API_NS_IDENTITY_ATTRIBUTES) + 1;
+ identity = handle->url + strlen (GNUNET_REST_API_NS_RECLAIM_ATTRIBUTES) + 1;
for (ego_entry = handle->ego_head;
NULL != ego_entry;
@@ -625,7 +625,7 @@ add_attribute_cont (struct GNUNET_REST_RequestHandle *con_handle,
}
json_res = GNUNET_JSONAPI_document_get_resource (json_obj, 0);
if (GNUNET_NO == GNUNET_JSONAPI_resource_check_type (json_res,
- GNUNET_REST_JSONAPI_IDENTITY_ATTRIBUTE))
+ GNUNET_REST_JSONAPI_RECLAIM_ATTRIBUTE))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Unsupported JSON data type\n");
@@ -651,12 +651,12 @@ add_attribute_cont (struct GNUNET_REST_RequestHandle *con_handle,
value_json = GNUNET_JSONAPI_resource_read_attr (json_res,
"value");
value_str = json_string_value (value_json);
- attribute = GNUNET_IDENTITY_ATTRIBUTE_claim_new (name_str,
- GNUNET_IDENTITY_ATTRIBUTE_TYPE_STRING,
+ attribute = GNUNET_RECLAIM_ATTRIBUTE_claim_new (name_str,
+ GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING,
value_str,
strlen (value_str) + 1);
- handle->idp = GNUNET_IDENTITY_PROVIDER_connect (cfg);
- handle->idp_op = GNUNET_IDENTITY_PROVIDER_attribute_store (handle->idp,
+ handle->idp = GNUNET_RECLAIM_connect (cfg);
+ handle->idp_op = GNUNET_RECLAIM_attribute_store (handle->idp,
identity_priv,
attribute,
&exp,
@@ -675,7 +675,7 @@ add_attribute_cont (struct GNUNET_REST_RequestHandle *con_handle,
static void
attr_collect (void *cls,
const struct GNUNET_CRYPTO_EcdsaPublicKey *identity,
- const struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attr)
+ const struct GNUNET_RECLAIM_ATTRIBUTE_Claim *attr)
{
struct GNUNET_JSONAPI_Resource *json_resource;
struct RequestHandle *handle = cls;
@@ -684,17 +684,17 @@ attr_collect (void *cls,
if ((NULL == attr->name) || (NULL == attr->data))
{
- GNUNET_IDENTITY_PROVIDER_get_attributes_next (handle->attr_it);
+ GNUNET_RECLAIM_get_attributes_next (handle->attr_it);
return;
}
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding attribute: %s\n",
attr->name);
- json_resource = GNUNET_JSONAPI_resource_new (GNUNET_REST_JSONAPI_IDENTITY_ATTRIBUTE,
+ json_resource = GNUNET_JSONAPI_resource_new (GNUNET_REST_JSONAPI_RECLAIM_ATTRIBUTE,
attr->name);
GNUNET_JSONAPI_document_resource_add (handle->resp_object, json_resource);
- tmp_value = GNUNET_IDENTITY_ATTRIBUTE_value_to_string (attr->type,
+ tmp_value = GNUNET_RECLAIM_ATTRIBUTE_value_to_string (attr->type,
attr->data,
attr->data_size);
@@ -705,7 +705,7 @@ attr_collect (void *cls,
value);
json_decref (value);
GNUNET_free(tmp_value);
- GNUNET_IDENTITY_PROVIDER_get_attributes_next (handle->attr_it);
+ GNUNET_RECLAIM_get_attributes_next (handle->attr_it);
}
@@ -729,14 +729,14 @@ list_attribute_cont (struct GNUNET_REST_RequestHandle *con_handle,
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Getting attributes for %s.\n",
handle->url);
- if ( strlen (GNUNET_REST_API_NS_IDENTITY_ATTRIBUTES) >=
+ if ( strlen (GNUNET_REST_API_NS_RECLAIM_ATTRIBUTES) >=
strlen (handle->url))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No identity given.\n");
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
- identity = handle->url + strlen (GNUNET_REST_API_NS_IDENTITY_ATTRIBUTES) + 1;
+ identity = handle->url + strlen (GNUNET_REST_API_NS_RECLAIM_ATTRIBUTES) + 1;
for (ego_entry = handle->ego_head;
NULL != ego_entry;
@@ -755,8 +755,8 @@ list_attribute_cont (struct GNUNET_REST_RequestHandle *con_handle,
return;
}
priv_key = GNUNET_IDENTITY_ego_get_private_key (ego_entry->ego);
- handle->idp = GNUNET_IDENTITY_PROVIDER_connect (cfg);
- handle->attr_it = GNUNET_IDENTITY_PROVIDER_get_attributes_start (handle->idp,
+ handle->idp = GNUNET_RECLAIM_connect (cfg);
+ handle->attr_it = GNUNET_RECLAIM_get_attributes_start (handle->idp,
priv_key,
&collect_error_cb,
handle,
@@ -780,7 +780,7 @@ revoke_ticket_cont (struct GNUNET_REST_RequestHandle *con_handle,
struct RequestHandle *handle = cls;
struct EgoEntry *ego_entry;
struct MHD_Response *resp;
- struct GNUNET_IDENTITY_PROVIDER_Ticket ticket;
+ struct GNUNET_RECLAIM_Ticket ticket;
struct GNUNET_JSONAPI_Document *json_obj;
struct GNUNET_JSONAPI_Resource *json_res;
struct GNUNET_CRYPTO_EcdsaPublicKey tmp_pk;
@@ -844,7 +844,7 @@ revoke_ticket_cont (struct GNUNET_REST_RequestHandle *con_handle,
rnd_json = GNUNET_JSONAPI_resource_read_attr (json_res,
"rnd");
identity_json = GNUNET_JSONAPI_resource_read_attr (json_res,
- "identity");
+ "issuer");
audience_json = GNUNET_JSONAPI_resource_read_attr (json_res,
"audience");
rnd_str = json_string_value (rnd_json);
@@ -884,8 +884,8 @@ revoke_ticket_cont (struct GNUNET_REST_RequestHandle *con_handle,
}
identity_priv = GNUNET_IDENTITY_ego_get_private_key (ego_entry->ego);
- handle->idp = GNUNET_IDENTITY_PROVIDER_connect (cfg);
- handle->idp_op = GNUNET_IDENTITY_PROVIDER_ticket_revoke (handle->idp,
+ handle->idp = GNUNET_RECLAIM_connect (cfg);
+ handle->idp_op = GNUNET_RECLAIM_ticket_revoke (handle->idp,
identity_priv,
&ticket,
&finished_cont,
@@ -896,7 +896,7 @@ revoke_ticket_cont (struct GNUNET_REST_RequestHandle *con_handle,
static void
consume_cont (void *cls,
const struct GNUNET_CRYPTO_EcdsaPublicKey *identity,
- const struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attr)
+ const struct GNUNET_RECLAIM_ATTRIBUTE_Claim *attr)
{
struct RequestHandle *handle = cls;
struct GNUNET_JSONAPI_Resource *json_resource;
@@ -910,7 +910,7 @@ consume_cont (void *cls,
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding attribute: %s\n",
attr->name);
- json_resource = GNUNET_JSONAPI_resource_new (GNUNET_REST_JSONAPI_IDENTITY_ATTRIBUTE,
+ json_resource = GNUNET_JSONAPI_resource_new (GNUNET_REST_JSONAPI_RECLAIM_ATTRIBUTE,
attr->name);
GNUNET_JSONAPI_document_resource_add (handle->resp_object, json_resource);
@@ -934,7 +934,7 @@ consume_ticket_cont (struct GNUNET_REST_RequestHandle *con_handle,
struct RequestHandle *handle = cls;
struct EgoEntry *ego_entry;
struct MHD_Response *resp;
- struct GNUNET_IDENTITY_PROVIDER_Ticket ticket;
+ struct GNUNET_RECLAIM_Ticket ticket;
struct GNUNET_JSONAPI_Document *json_obj;
struct GNUNET_JSONAPI_Resource *json_res;
struct GNUNET_CRYPTO_EcdsaPublicKey tmp_pk;
@@ -1038,8 +1038,8 @@ consume_ticket_cont (struct GNUNET_REST_RequestHandle *con_handle,
}
identity_priv = GNUNET_IDENTITY_ego_get_private_key (ego_entry->ego);
handle->resp_object = GNUNET_JSONAPI_document_new ();
- handle->idp = GNUNET_IDENTITY_PROVIDER_connect (cfg);
- handle->idp_op = GNUNET_IDENTITY_PROVIDER_ticket_consume (handle->idp,
+ handle->idp = GNUNET_RECLAIM_connect (cfg);
+ handle->idp_op = GNUNET_RECLAIM_ticket_consume (handle->idp,
identity_priv,
&ticket,
&consume_cont,
@@ -1084,12 +1084,12 @@ init_cont (struct RequestHandle *handle)
{
struct GNUNET_REST_RequestHandlerError err;
static const struct GNUNET_REST_RequestHandler handlers[] = {
- {MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_IDENTITY_ATTRIBUTES, &list_attribute_cont},
- {MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_IDENTITY_ATTRIBUTES, &add_attribute_cont},
+ {MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_RECLAIM_ATTRIBUTES, &list_attribute_cont},
+ {MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_RECLAIM_ATTRIBUTES, &add_attribute_cont},
{MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_IDENTITY_TICKETS, &list_tickets_cont},
{MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_IDENTITY_REVOKE, &revoke_ticket_cont},
{MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_IDENTITY_CONSUME, &consume_ticket_cont},
- {MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_IDENTITY_PROVIDER,
+ {MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_RECLAIM,
&options_cont},
GNUNET_REST_HANDLER_END
};
@@ -1202,7 +1202,7 @@ rest_identity_process_request(struct GNUNET_REST_RequestHandle *rest_handle,
* @return NULL on error, otherwise the plugin context
*/
void *
-libgnunet_plugin_rest_identity_provider_init (void *cls)
+libgnunet_plugin_rest_reclaim_init (void *cls)
{
static struct Plugin plugin;
struct GNUNET_REST_Plugin *api;
@@ -1214,7 +1214,7 @@ libgnunet_plugin_rest_identity_provider_init (void *cls)
plugin.cfg = cfg;
api = GNUNET_new (struct GNUNET_REST_Plugin);
api->cls = &plugin;
- api->name = GNUNET_REST_API_NS_IDENTITY_PROVIDER;
+ api->name = GNUNET_REST_API_NS_RECLAIM;
api->process_request = &rest_identity_process_request;
GNUNET_asprintf (&allow_methods,
"%s, %s, %s, %s, %s",
@@ -1237,7 +1237,7 @@ libgnunet_plugin_rest_identity_provider_init (void *cls)
* @return always NULL
*/
void *
-libgnunet_plugin_rest_identity_provider_done (void *cls)
+libgnunet_plugin_rest_reclaim_done (void *cls)
{
struct GNUNET_REST_Plugin *api = cls;
struct Plugin *plugin = api->cls;
@@ -1250,4 +1250,4 @@ libgnunet_plugin_rest_identity_provider_done (void *cls)
return NULL;
}
-/* end of plugin_rest_identity_provider.c */
+/* end of plugin_rest_reclaim.c */
diff --git a/src/identity-provider/identity-provider.conf b/src/reclaim/reclaim.conf
index cc50152a1..cf0a0dc5e 100644
--- a/src/identity-provider/identity-provider.conf
+++ b/src/reclaim/reclaim.conf
@@ -1,22 +1,23 @@
-[identity-provider]
+[reclaim]
START_ON_DEMAND = NO
RUN_PER_USER = YES
#PORT = 2108
HOSTNAME = localhost
-BINARY = gnunet-service-identity-provider
+BINARY = gnunet-service-reclaim
ACCEPT_FROM = 127.0.0.1;
ACCEPT_FROM6 = ::1;
-UNIXPATH = $GNUNET_USER_RUNTIME_DIR/gnunet-service-identity-provider.sock
+UNIXPATH = $GNUNET_USER_RUNTIME_DIR/gnunet-service-reclaim.sock
UNIX_MATCH_UID = NO
UNIX_MATCH_GID = YES
TOKEN_EXPIRATION_INTERVAL = 30 m
DATABASE = sqlite
-[identity-rest-plugin]
+[reclaim-rest-plugin]
#ADDRESS = https://identity.gnu:8000#/login
ADDRESS = https://reclaim.ui/#/login
PSW = secret
-EXPIRATION_TIME = 3600
+JWT_SECRET = secret
+EXPIRATION_TIME = 1d
-[identity-provider-sqlite]
-FILENAME = $GNUNET_DATA_HOME/identity-provider/sqlite.db
+[reclaim-sqlite]
+FILENAME = $GNUNET_DATA_HOME/reclaim/sqlite.db
diff --git a/src/identity-provider/identity_provider.h b/src/reclaim/reclaim.h
index 6a4b7769f..d2c84686d 100644
--- a/src/identity-provider/identity_provider.h
+++ b/src/reclaim/reclaim.h
@@ -18,13 +18,13 @@
/**
* @author Martin Schanzenbach
- * @file identity-provider/identity_provider.h
+ * @file reclaim/reclaim.h
*
* @brief Common type definitions for the identity provider
* service and API.
*/
-#ifndef IDENTITY_PROVIDER_H
-#define IDENTITY_PROVIDER_H
+#ifndef RECLAIM_H
+#define RECLAIM_H
#include "gnunet_common.h"
@@ -152,7 +152,7 @@ struct AttributeIterationStartMessage
struct AttributeIterationNextMessage
{
/**
- * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_ITERATION_NEXT
+ * Type will be #GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_ITERATION_NEXT
*/
struct GNUNET_MessageHeader header;
@@ -170,7 +170,7 @@ struct AttributeIterationNextMessage
struct AttributeIterationStopMessage
{
/**
- * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_ITERATION_STOP
+ * Type will be #GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_ITERATION_STOP
*/
struct GNUNET_MessageHeader header;
@@ -214,7 +214,7 @@ struct TicketIterationStartMessage
struct TicketIterationNextMessage
{
/**
- * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_NEXT
+ * Type will be #GNUNET_MESSAGE_TYPE_RECLAIM_TICKET_ITERATION_NEXT
*/
struct GNUNET_MessageHeader header;
@@ -232,7 +232,7 @@ struct TicketIterationNextMessage
struct TicketIterationStopMessage
{
/**
- * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_STOP
+ * Type will be #GNUNET_MESSAGE_TYPE_RECLAIM_TICKET_ITERATION_STOP
*/
struct GNUNET_MessageHeader header;
@@ -251,7 +251,7 @@ struct TicketIterationStopMessage
struct IssueTicketMessage
{
/**
- * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ISSUE_TICKET
+ * Type will be #GNUNET_MESSAGE_TYPE_RECLAIM_ISSUE_TICKET
*/
struct GNUNET_MessageHeader header;
@@ -284,7 +284,7 @@ struct IssueTicketMessage
struct RevokeTicketMessage
{
/**
- * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_REVOKE_TICKET
+ * Type will be #GNUNET_MESSAGE_TYPE_RECLAIM_REVOKE_TICKET
*/
struct GNUNET_MessageHeader header;
@@ -312,7 +312,7 @@ struct RevokeTicketMessage
struct RevokeTicketResultMessage
{
/**
- * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_REVOKE_TICKET_RESULT
+ * Type will be #GNUNET_MESSAGE_TYPE_RECLAIM_REVOKE_TICKET_RESULT
*/
struct GNUNET_MessageHeader header;
@@ -334,7 +334,7 @@ struct RevokeTicketResultMessage
struct TicketResultMessage
{
/**
- * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_RESULT
+ * Type will be #GNUNET_MESSAGE_TYPE_RECLAIM_TICKET_RESULT
*/
struct GNUNET_MessageHeader header;
@@ -351,7 +351,7 @@ struct TicketResultMessage
struct ConsumeTicketMessage
{
/**
- * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_CONSUME_TICKET
+ * Type will be #GNUNET_MESSAGE_TYPE_RECLAIM_CONSUME_TICKET
*/
struct GNUNET_MessageHeader header;
diff --git a/src/identity-provider/identity_provider_api.c b/src/reclaim/reclaim_api.c
index 772b4a244..3f1584ccd 100644
--- a/src/identity-provider/identity_provider_api.c
+++ b/src/reclaim/reclaim_api.c
@@ -17,8 +17,8 @@
*/
/**
- * @file identity-provider/identity_provider_api.c
- * @brief api to interact with the identity provider service
+ * @file reclaim/reclaim_api.c
+ * @brief api to interact with the reclaim service
* @author Martin Schanzenbach
*/
#include "platform.h"
@@ -26,33 +26,33 @@
#include "gnunet_constants.h"
#include "gnunet_protocols.h"
#include "gnunet_mq_lib.h"
-#include "gnunet_identity_provider_service.h"
-#include "gnunet_identity_attribute_lib.h"
-#include "identity_provider.h"
+#include "gnunet_reclaim_service.h"
+#include "gnunet_reclaim_attribute_lib.h"
+#include "reclaim.h"
-#define LOG(kind,...) GNUNET_log_from (kind, "identity-api",__VA_ARGS__)
+#define LOG(kind,...) GNUNET_log_from (kind, "reclaim-api",__VA_ARGS__)
/**
* Handle for an operation with the service.
*/
-struct GNUNET_IDENTITY_PROVIDER_Operation
+struct GNUNET_RECLAIM_Operation
{
/**
* Main handle.
*/
- struct GNUNET_IDENTITY_PROVIDER_Handle *h;
+ struct GNUNET_RECLAIM_Handle *h;
/**
* We keep operations in a DLL.
*/
- struct GNUNET_IDENTITY_PROVIDER_Operation *next;
+ struct GNUNET_RECLAIM_Operation *next;
/**
* We keep operations in a DLL.
*/
- struct GNUNET_IDENTITY_PROVIDER_Operation *prev;
+ struct GNUNET_RECLAIM_Operation *prev;
/**
* Message to send to the service.
@@ -63,22 +63,22 @@ struct GNUNET_IDENTITY_PROVIDER_Operation
/**
* Continuation to invoke after attribute store call
*/
- GNUNET_IDENTITY_PROVIDER_ContinuationWithStatus as_cb;
+ GNUNET_RECLAIM_ContinuationWithStatus as_cb;
/**
* Attribute result callback
*/
- GNUNET_IDENTITY_PROVIDER_AttributeResult ar_cb;
+ GNUNET_RECLAIM_AttributeResult ar_cb;
/**
* Revocation result callback
*/
- GNUNET_IDENTITY_PROVIDER_ContinuationWithStatus rvk_cb;
+ GNUNET_RECLAIM_ContinuationWithStatus rvk_cb;
/**
* Ticket result callback
*/
- GNUNET_IDENTITY_PROVIDER_TicketCallback tr_cb;
+ GNUNET_RECLAIM_TicketCallback tr_cb;
/**
* Envelope with the message for this queue entry.
@@ -100,23 +100,23 @@ struct GNUNET_IDENTITY_PROVIDER_Operation
/**
* Handle for a ticket iterator operation
*/
-struct GNUNET_IDENTITY_PROVIDER_TicketIterator
+struct GNUNET_RECLAIM_TicketIterator
{
/**
* Kept in a DLL.
*/
- struct GNUNET_IDENTITY_PROVIDER_TicketIterator *next;
+ struct GNUNET_RECLAIM_TicketIterator *next;
/**
* Kept in a DLL.
*/
- struct GNUNET_IDENTITY_PROVIDER_TicketIterator *prev;
+ struct GNUNET_RECLAIM_TicketIterator *prev;
/**
* Main handle to access the idp.
*/
- struct GNUNET_IDENTITY_PROVIDER_Handle *h;
+ struct GNUNET_RECLAIM_Handle *h;
/**
* Function to call on completion.
@@ -131,7 +131,7 @@ struct GNUNET_IDENTITY_PROVIDER_TicketIterator
/**
* The continuation to call with the results
*/
- GNUNET_IDENTITY_PROVIDER_TicketCallback tr_cb;
+ GNUNET_RECLAIM_TicketCallback tr_cb;
/**
* Closure for @e tr_cb.
@@ -165,23 +165,23 @@ struct GNUNET_IDENTITY_PROVIDER_TicketIterator
/**
* Handle for a attribute iterator operation
*/
-struct GNUNET_IDENTITY_PROVIDER_AttributeIterator
+struct GNUNET_RECLAIM_AttributeIterator
{
/**
* Kept in a DLL.
*/
- struct GNUNET_IDENTITY_PROVIDER_AttributeIterator *next;
+ struct GNUNET_RECLAIM_AttributeIterator *next;
/**
* Kept in a DLL.
*/
- struct GNUNET_IDENTITY_PROVIDER_AttributeIterator *prev;
+ struct GNUNET_RECLAIM_AttributeIterator *prev;
/**
* Main handle to access the idp.
*/
- struct GNUNET_IDENTITY_PROVIDER_Handle *h;
+ struct GNUNET_RECLAIM_Handle *h;
/**
* Function to call on completion.
@@ -196,7 +196,7 @@ struct GNUNET_IDENTITY_PROVIDER_AttributeIterator
/**
* The continuation to call with the results
*/
- GNUNET_IDENTITY_PROVIDER_AttributeResult proc;
+ GNUNET_RECLAIM_AttributeResult proc;
/**
* Closure for @e proc.
@@ -235,7 +235,7 @@ struct GNUNET_IDENTITY_PROVIDER_AttributeIterator
/**
* Handle for the service.
*/
-struct GNUNET_IDENTITY_PROVIDER_Handle
+struct GNUNET_RECLAIM_Handle
{
/**
* Configuration to use.
@@ -255,32 +255,32 @@ struct GNUNET_IDENTITY_PROVIDER_Handle
/**
* Head of active operations.
*/
- struct GNUNET_IDENTITY_PROVIDER_Operation *op_head;
+ struct GNUNET_RECLAIM_Operation *op_head;
/**
* Tail of active operations.
*/
- struct GNUNET_IDENTITY_PROVIDER_Operation *op_tail;
+ struct GNUNET_RECLAIM_Operation *op_tail;
/**
* Head of active iterations
*/
- struct GNUNET_IDENTITY_PROVIDER_AttributeIterator *it_head;
+ struct GNUNET_RECLAIM_AttributeIterator *it_head;
/**
* Tail of active iterations
*/
- struct GNUNET_IDENTITY_PROVIDER_AttributeIterator *it_tail;
+ struct GNUNET_RECLAIM_AttributeIterator *it_tail;
/**
* Head of active iterations
*/
- struct GNUNET_IDENTITY_PROVIDER_TicketIterator *ticket_it_head;
+ struct GNUNET_RECLAIM_TicketIterator *ticket_it_head;
/**
* Tail of active iterations
*/
- struct GNUNET_IDENTITY_PROVIDER_TicketIterator *ticket_it_tail;
+ struct GNUNET_RECLAIM_TicketIterator *ticket_it_tail;
/**
@@ -318,10 +318,10 @@ struct GNUNET_IDENTITY_PROVIDER_Handle
/**
* Try again to connect to the service.
*
- * @param h handle to the identity provider service.
+ * @param h handle to the reclaim service.
*/
static void
-reconnect (struct GNUNET_IDENTITY_PROVIDER_Handle *h);
+reconnect (struct GNUNET_RECLAIM_Handle *h);
/**
* Reconnect
@@ -331,7 +331,7 @@ reconnect (struct GNUNET_IDENTITY_PROVIDER_Handle *h);
static void
reconnect_task (void *cls)
{
- struct GNUNET_IDENTITY_PROVIDER_Handle *handle = cls;
+ struct GNUNET_RECLAIM_Handle *handle = cls;
handle->reconnect_task = NULL;
reconnect (handle);
@@ -344,7 +344,7 @@ reconnect_task (void *cls)
* @param handle our service
*/
static void
-force_reconnect (struct GNUNET_IDENTITY_PROVIDER_Handle *handle)
+force_reconnect (struct GNUNET_RECLAIM_Handle *handle)
{
GNUNET_MQ_destroy (handle->mq);
handle->mq = NULL;
@@ -362,9 +362,9 @@ force_reconnect (struct GNUNET_IDENTITY_PROVIDER_Handle *handle)
* @param it entry to free
*/
static void
-free_it (struct GNUNET_IDENTITY_PROVIDER_AttributeIterator *it)
+free_it (struct GNUNET_RECLAIM_AttributeIterator *it)
{
- struct GNUNET_IDENTITY_PROVIDER_Handle *h = it->h;
+ struct GNUNET_RECLAIM_Handle *h = it->h;
GNUNET_CONTAINER_DLL_remove (h->it_head,
h->it_tail,
@@ -375,7 +375,7 @@ free_it (struct GNUNET_IDENTITY_PROVIDER_AttributeIterator *it)
}
static void
-free_op (struct GNUNET_IDENTITY_PROVIDER_Operation* op)
+free_op (struct GNUNET_RECLAIM_Operation* op)
{
if (NULL == op)
return;
@@ -397,7 +397,7 @@ static void
mq_error_handler (void *cls,
enum GNUNET_MQ_Error error)
{
- struct GNUNET_IDENTITY_PROVIDER_Handle *handle = cls;
+ struct GNUNET_RECLAIM_Handle *handle = cls;
force_reconnect (handle);
}
@@ -412,8 +412,8 @@ static void
handle_attribute_store_response (void *cls,
const struct AttributeStoreResultMessage *msg)
{
- struct GNUNET_IDENTITY_PROVIDER_Handle *h = cls;
- struct GNUNET_IDENTITY_PROVIDER_Operation *op;
+ struct GNUNET_RECLAIM_Handle *h = cls;
+ struct GNUNET_RECLAIM_Operation *op;
uint32_t r_id = ntohl (msg->id);
int res;
const char *emsg;
@@ -448,7 +448,7 @@ handle_attribute_store_response (void *cls,
/**
* Handle an incoming message of type
- * #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_CONSUME_TICKET_RESULT
+ * #GNUNET_MESSAGE_TYPE_RECLAIM_CONSUME_TICKET_RESULT
*
* @param cls
* @param msg the message we received
@@ -474,7 +474,7 @@ check_consume_ticket_result (void *cls,
/**
* Handle an incoming message of type
- * #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_CONSUME_TICKET_RESULT
+ * #GNUNET_MESSAGE_TYPE_RECLAIM_CONSUME_TICKET_RESULT
*
* @param cls
* @param msg the message we received
@@ -483,8 +483,8 @@ static void
handle_consume_ticket_result (void *cls,
const struct ConsumeTicketResultMessage *msg)
{
- struct GNUNET_IDENTITY_PROVIDER_Handle *h = cls;
- struct GNUNET_IDENTITY_PROVIDER_Operation *op;
+ struct GNUNET_RECLAIM_Handle *h = cls;
+ struct GNUNET_RECLAIM_Operation *op;
size_t attrs_len;
uint32_t r_id = ntohl (msg->id);
@@ -500,9 +500,9 @@ handle_consume_ticket_result (void *cls,
return;
{
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs;
- struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *le;
- attrs = GNUNET_IDENTITY_ATTRIBUTE_list_deserialize ((char*)&msg[1],
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs;
+ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le;
+ attrs = GNUNET_RECLAIM_ATTRIBUTE_list_deserialize ((char*)&msg[1],
attrs_len);
if (NULL != op->ar_cb)
{
@@ -518,7 +518,7 @@ handle_consume_ticket_result (void *cls,
op->ar_cb (op->cls,
&msg->identity,
le->claim);
- GNUNET_IDENTITY_ATTRIBUTE_list_destroy (attrs);
+ GNUNET_RECLAIM_ATTRIBUTE_list_destroy (attrs);
}
}
if (NULL != op)
@@ -539,7 +539,7 @@ handle_consume_ticket_result (void *cls,
/**
* Handle an incoming message of type
- * #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_RESULT
+ * #GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_RESULT
*
* @param cls
* @param msg the message we received
@@ -565,7 +565,7 @@ check_attribute_result (void *cls,
/**
* Handle an incoming message of type
- * #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_RESULT
+ * #GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_RESULT
*
* @param cls
* @param msg the message we received
@@ -575,9 +575,9 @@ handle_attribute_result (void *cls,
const struct AttributeResultMessage *msg)
{
static struct GNUNET_CRYPTO_EcdsaPrivateKey identity_dummy;
- struct GNUNET_IDENTITY_PROVIDER_Handle *h = cls;
- struct GNUNET_IDENTITY_PROVIDER_AttributeIterator *it;
- struct GNUNET_IDENTITY_PROVIDER_Operation *op;
+ struct GNUNET_RECLAIM_Handle *h = cls;
+ struct GNUNET_RECLAIM_AttributeIterator *it;
+ struct GNUNET_RECLAIM_Operation *op;
size_t attr_len;
uint32_t r_id = ntohl (msg->id);
@@ -627,8 +627,8 @@ handle_attribute_result (void *cls,
}
{
- struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attr;
- attr = GNUNET_IDENTITY_ATTRIBUTE_deserialize ((char*)&msg[1],
+ struct GNUNET_RECLAIM_ATTRIBUTE_Claim *attr;
+ attr = GNUNET_RECLAIM_ATTRIBUTE_deserialize ((char*)&msg[1],
attr_len);
if (NULL != it)
{
@@ -652,7 +652,7 @@ handle_attribute_result (void *cls,
/**
* Handle an incoming message of type
- * #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_RESULT
+ * #GNUNET_MESSAGE_TYPE_RECLAIM_TICKET_RESULT
*
* @param cls
* @param msg the message we received
@@ -677,7 +677,7 @@ check_ticket_result (void *cls,
/**
* Handle an incoming message of type
- * #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_RESULT
+ * #GNUNET_MESSAGE_TYPE_RECLAIM_TICKET_RESULT
*
* @param cls
* @param msg the message we received
@@ -686,10 +686,10 @@ static void
handle_ticket_result (void *cls,
const struct TicketResultMessage *msg)
{
- struct GNUNET_IDENTITY_PROVIDER_Handle *handle = cls;
- struct GNUNET_IDENTITY_PROVIDER_Operation *op;
- struct GNUNET_IDENTITY_PROVIDER_TicketIterator *it;
- const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket;
+ struct GNUNET_RECLAIM_Handle *handle = cls;
+ struct GNUNET_RECLAIM_Operation *op;
+ struct GNUNET_RECLAIM_TicketIterator *it;
+ const struct GNUNET_RECLAIM_Ticket *ticket;
uint32_t r_id = ntohl (msg->id);
size_t msg_len;
@@ -712,7 +712,7 @@ handle_ticket_result (void *cls,
if (NULL != op->tr_cb)
op->tr_cb (op->cls, NULL);
} else {
- ticket = (struct GNUNET_IDENTITY_PROVIDER_Ticket *)&msg[1];
+ ticket = (struct GNUNET_RECLAIM_Ticket *)&msg[1];
if (NULL != op->tr_cb)
op->tr_cb (op->cls, ticket);
}
@@ -728,7 +728,7 @@ handle_ticket_result (void *cls,
it->finish_cb (it->finish_cb_cls);
GNUNET_free (it);
} else {
- ticket = (struct GNUNET_IDENTITY_PROVIDER_Ticket *)&msg[1];
+ ticket = (struct GNUNET_RECLAIM_Ticket *)&msg[1];
if (NULL != it->tr_cb)
it->tr_cb (it->cls, ticket);
}
@@ -740,7 +740,7 @@ handle_ticket_result (void *cls,
/**
* Handle an incoming message of type
- * #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_REVOKE_TICKET_RESULT
+ * #GNUNET_MESSAGE_TYPE_RECLAIM_REVOKE_TICKET_RESULT
*
* @param cls
* @param msg the message we received
@@ -749,8 +749,8 @@ static void
handle_revoke_ticket_result (void *cls,
const struct RevokeTicketResultMessage *msg)
{
- struct GNUNET_IDENTITY_PROVIDER_Handle *h = cls;
- struct GNUNET_IDENTITY_PROVIDER_Operation *op;
+ struct GNUNET_RECLAIM_Handle *h = cls;
+ struct GNUNET_RECLAIM_Operation *op;
uint32_t r_id = ntohl (msg->id);
int32_t success;
@@ -785,42 +785,42 @@ handle_revoke_ticket_result (void *cls,
/**
* Try again to connect to the service.
*
- * @param h handle to the identity provider service.
+ * @param h handle to the reclaim service.
*/
static void
-reconnect (struct GNUNET_IDENTITY_PROVIDER_Handle *h)
+reconnect (struct GNUNET_RECLAIM_Handle *h)
{
struct GNUNET_MQ_MessageHandler handlers[] = {
GNUNET_MQ_hd_fixed_size (attribute_store_response,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_STORE_RESPONSE,
+ GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_STORE_RESPONSE,
struct AttributeStoreResultMessage,
h),
GNUNET_MQ_hd_var_size (attribute_result,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_RESULT,
+ GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_RESULT,
struct AttributeResultMessage,
h),
GNUNET_MQ_hd_var_size (ticket_result,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_RESULT,
+ GNUNET_MESSAGE_TYPE_RECLAIM_TICKET_RESULT,
struct TicketResultMessage,
h),
GNUNET_MQ_hd_var_size (consume_ticket_result,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_CONSUME_TICKET_RESULT,
+ GNUNET_MESSAGE_TYPE_RECLAIM_CONSUME_TICKET_RESULT,
struct ConsumeTicketResultMessage,
h),
GNUNET_MQ_hd_fixed_size (revoke_ticket_result,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_REVOKE_TICKET_RESULT,
+ GNUNET_MESSAGE_TYPE_RECLAIM_REVOKE_TICKET_RESULT,
struct RevokeTicketResultMessage,
h),
GNUNET_MQ_handler_end ()
};
- struct GNUNET_IDENTITY_PROVIDER_Operation *op;
+ struct GNUNET_RECLAIM_Operation *op;
GNUNET_assert (NULL == h->mq);
LOG (GNUNET_ERROR_TYPE_DEBUG,
- "Connecting to identity provider service.\n");
+ "Connecting to reclaim service.\n");
h->mq = GNUNET_CLIENT_connect (h->cfg,
- "identity-provider",
+ "reclaim",
handlers,
&mq_error_handler,
h);
@@ -833,17 +833,17 @@ reconnect (struct GNUNET_IDENTITY_PROVIDER_Handle *h)
/**
- * Connect to the identity provider service.
+ * Connect to the reclaim service.
*
* @param cfg the configuration to use
* @return handle to use
*/
-struct GNUNET_IDENTITY_PROVIDER_Handle *
-GNUNET_IDENTITY_PROVIDER_connect (const struct GNUNET_CONFIGURATION_Handle *cfg)
+struct GNUNET_RECLAIM_Handle *
+GNUNET_RECLAIM_connect (const struct GNUNET_CONFIGURATION_Handle *cfg)
{
- struct GNUNET_IDENTITY_PROVIDER_Handle *h;
+ struct GNUNET_RECLAIM_Handle *h;
- h = GNUNET_new (struct GNUNET_IDENTITY_PROVIDER_Handle);
+ h = GNUNET_new (struct GNUNET_RECLAIM_Handle);
h->cfg = cfg;
reconnect (h);
if (NULL == h->mq)
@@ -864,9 +864,9 @@ GNUNET_IDENTITY_PROVIDER_connect (const struct GNUNET_CONFIGURATION_Handle *cfg)
* @param op operation to cancel
*/
void
-GNUNET_IDENTITY_PROVIDER_cancel (struct GNUNET_IDENTITY_PROVIDER_Operation *op)
+GNUNET_RECLAIM_cancel (struct GNUNET_RECLAIM_Operation *op)
{
- struct GNUNET_IDENTITY_PROVIDER_Handle *h = op->h;
+ struct GNUNET_RECLAIM_Handle *h = op->h;
GNUNET_CONTAINER_DLL_remove (h->op_head,
h->op_tail,
@@ -881,7 +881,7 @@ GNUNET_IDENTITY_PROVIDER_cancel (struct GNUNET_IDENTITY_PROVIDER_Operation *op)
* @param h handle to destroy
*/
void
-GNUNET_IDENTITY_PROVIDER_disconnect (struct GNUNET_IDENTITY_PROVIDER_Handle *h)
+GNUNET_RECLAIM_disconnect (struct GNUNET_RECLAIM_Handle *h)
{
GNUNET_assert (NULL != h);
if (NULL != h->mq)
@@ -902,7 +902,7 @@ GNUNET_IDENTITY_PROVIDER_disconnect (struct GNUNET_IDENTITY_PROVIDER_Handle *h)
* Store an attribute. If the attribute is already present,
* it is replaced with the new attribute.
*
- * @param h handle to the identity provider
+ * @param h handle to the reclaim
* @param pkey private key of the identity
* @param attr the attribute value
* @param exp_interval the relative expiration interval for the attribute
@@ -910,19 +910,19 @@ GNUNET_IDENTITY_PROVIDER_disconnect (struct GNUNET_IDENTITY_PROVIDER_Handle *h)
* @param cont_cls closure for @a cont
* @return handle to abort the request
*/
-struct GNUNET_IDENTITY_PROVIDER_Operation *
-GNUNET_IDENTITY_PROVIDER_attribute_store (struct GNUNET_IDENTITY_PROVIDER_Handle *h,
+struct GNUNET_RECLAIM_Operation *
+GNUNET_RECLAIM_attribute_store (struct GNUNET_RECLAIM_Handle *h,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *pkey,
- const struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attr,
+ const struct GNUNET_RECLAIM_ATTRIBUTE_Claim *attr,
const struct GNUNET_TIME_Relative *exp_interval,
- GNUNET_IDENTITY_PROVIDER_ContinuationWithStatus cont,
+ GNUNET_RECLAIM_ContinuationWithStatus cont,
void *cont_cls)
{
- struct GNUNET_IDENTITY_PROVIDER_Operation *op;
+ struct GNUNET_RECLAIM_Operation *op;
struct AttributeStoreMessage *sam;
size_t attr_len;
- op = GNUNET_new (struct GNUNET_IDENTITY_PROVIDER_Operation);
+ op = GNUNET_new (struct GNUNET_RECLAIM_Operation);
op->h = h;
op->as_cb = cont;
op->cls = cont_cls;
@@ -930,15 +930,15 @@ GNUNET_IDENTITY_PROVIDER_attribute_store (struct GNUNET_IDENTITY_PROVIDER_Handle
GNUNET_CONTAINER_DLL_insert_tail (h->op_head,
h->op_tail,
op);
- attr_len = GNUNET_IDENTITY_ATTRIBUTE_serialize_get_size (attr);
+ attr_len = GNUNET_RECLAIM_ATTRIBUTE_serialize_get_size (attr);
op->env = GNUNET_MQ_msg_extra (sam,
attr_len,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_STORE);
+ GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_STORE);
sam->identity = *pkey;
sam->id = htonl (op->r_id);
sam->exp = GNUNET_htonll (exp_interval->rel_value_us);
- GNUNET_IDENTITY_ATTRIBUTE_serialize (attr,
+ GNUNET_RECLAIM_ATTRIBUTE_serialize (attr,
(char*)&sam[1]);
sam->attr_len = htons (attr_len);
@@ -952,11 +952,11 @@ GNUNET_IDENTITY_PROVIDER_attribute_store (struct GNUNET_IDENTITY_PROVIDER_Handle
/**
* List all attributes for a local identity.
- * This MUST lock the `struct GNUNET_IDENTITY_PROVIDER_Handle`
- * for any other calls than #GNUNET_IDENTITY_PROVIDER_get_attributes_next() and
- * #GNUNET_IDENTITY_PROVIDER_get_attributes_stop. @a proc will be called once
+ * This MUST lock the `struct GNUNET_RECLAIM_Handle`
+ * for any other calls than #GNUNET_RECLAIM_get_attributes_next() and
+ * #GNUNET_RECLAIM_get_attributes_stop. @a proc will be called once
* immediately, and then again after
- * #GNUNET_IDENTITY_PROVIDER_get_attributes_next() is invoked.
+ * #GNUNET_RECLAIM_get_attributes_next() is invoked.
*
* On error (disconnect), @a error_cb will be invoked.
* On normal completion, @a finish_cb proc will be
@@ -975,23 +975,23 @@ GNUNET_IDENTITY_PROVIDER_attribute_store (struct GNUNET_IDENTITY_PROVIDER_Handle
* @param finish_cb_cls closure for @a finish_cb
* @return an iterator handle to use for iteration
*/
-struct GNUNET_IDENTITY_PROVIDER_AttributeIterator *
-GNUNET_IDENTITY_PROVIDER_get_attributes_start (struct GNUNET_IDENTITY_PROVIDER_Handle *h,
+struct GNUNET_RECLAIM_AttributeIterator *
+GNUNET_RECLAIM_get_attributes_start (struct GNUNET_RECLAIM_Handle *h,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity,
GNUNET_SCHEDULER_TaskCallback error_cb,
void *error_cb_cls,
- GNUNET_IDENTITY_PROVIDER_AttributeResult proc,
+ GNUNET_RECLAIM_AttributeResult proc,
void *proc_cls,
GNUNET_SCHEDULER_TaskCallback finish_cb,
void *finish_cb_cls)
{
- struct GNUNET_IDENTITY_PROVIDER_AttributeIterator *it;
+ struct GNUNET_RECLAIM_AttributeIterator *it;
struct GNUNET_MQ_Envelope *env;
struct AttributeIterationStartMessage *msg;
uint32_t rid;
rid = h->r_id_gen++;
- it = GNUNET_new (struct GNUNET_IDENTITY_PROVIDER_AttributeIterator);
+ it = GNUNET_new (struct GNUNET_RECLAIM_AttributeIterator);
it->h = h;
it->error_cb = error_cb;
it->error_cb_cls = error_cb_cls;
@@ -1005,7 +1005,7 @@ GNUNET_IDENTITY_PROVIDER_get_attributes_start (struct GNUNET_IDENTITY_PROVIDER_H
h->it_tail,
it);
env = GNUNET_MQ_msg (msg,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_ITERATION_START);
+ GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_ITERATION_START);
msg->id = htonl (rid);
msg->identity = *identity;
if (NULL == h->mq)
@@ -1018,20 +1018,20 @@ GNUNET_IDENTITY_PROVIDER_get_attributes_start (struct GNUNET_IDENTITY_PROVIDER_H
/**
- * Calls the record processor specified in #GNUNET_IDENTITY_PROVIDER_get_attributes_start
+ * Calls the record processor specified in #GNUNET_RECLAIM_get_attributes_start
* for the next record.
*
* @param it the iterator
*/
void
-GNUNET_IDENTITY_PROVIDER_get_attributes_next (struct GNUNET_IDENTITY_PROVIDER_AttributeIterator *it)
+GNUNET_RECLAIM_get_attributes_next (struct GNUNET_RECLAIM_AttributeIterator *it)
{
- struct GNUNET_IDENTITY_PROVIDER_Handle *h = it->h;
+ struct GNUNET_RECLAIM_Handle *h = it->h;
struct AttributeIterationNextMessage *msg;
struct GNUNET_MQ_Envelope *env;
env = GNUNET_MQ_msg (msg,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_ITERATION_NEXT);
+ GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_ITERATION_NEXT);
msg->id = htonl (it->r_id);
GNUNET_MQ_send (h->mq,
env);
@@ -1041,21 +1041,21 @@ GNUNET_IDENTITY_PROVIDER_get_attributes_next (struct GNUNET_IDENTITY_PROVIDER_At
/**
* Stops iteration and releases the idp handle for further calls. Must
* be called on any iteration that has not yet completed prior to calling
- * #GNUNET_IDENTITY_PROVIDER_disconnect.
+ * #GNUNET_RECLAIM_disconnect.
*
* @param it the iterator
*/
void
-GNUNET_IDENTITY_PROVIDER_get_attributes_stop (struct GNUNET_IDENTITY_PROVIDER_AttributeIterator *it)
+GNUNET_RECLAIM_get_attributes_stop (struct GNUNET_RECLAIM_AttributeIterator *it)
{
- struct GNUNET_IDENTITY_PROVIDER_Handle *h = it->h;
+ struct GNUNET_RECLAIM_Handle *h = it->h;
struct GNUNET_MQ_Envelope *env;
struct AttributeIterationStopMessage *msg;
if (NULL != h->mq)
{
env = GNUNET_MQ_msg (msg,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_ITERATION_STOP);
+ GNUNET_MESSAGE_TYPE_RECLAIM_ATTRIBUTE_ITERATION_STOP);
msg->id = htonl (it->r_id);
GNUNET_MQ_send (h->mq,
env);
@@ -1066,10 +1066,10 @@ GNUNET_IDENTITY_PROVIDER_get_attributes_stop (struct GNUNET_IDENTITY_PROVIDER_At
/** TODO
* Issues a ticket to another identity. The identity may use
- * @GNUNET_IDENTITY_PROVIDER_authorization_ticket_consume to consume the ticket
+ * @GNUNET_RECLAIM_authorization_ticket_consume to consume the ticket
* and retrieve the attributes specified in the AttributeList.
*
- * @param h the identity provider to use
+ * @param h the reclaim to use
* @param iss the issuing identity
* @param rp the subject of the ticket (the relying party)
* @param attrs the attributes that the relying party is given access to
@@ -1077,19 +1077,19 @@ GNUNET_IDENTITY_PROVIDER_get_attributes_stop (struct GNUNET_IDENTITY_PROVIDER_At
* @param cb_cls the callback closure
* @return handle to abort the operation
*/
-struct GNUNET_IDENTITY_PROVIDER_Operation *
-GNUNET_IDENTITY_PROVIDER_ticket_issue (struct GNUNET_IDENTITY_PROVIDER_Handle *h,
+struct GNUNET_RECLAIM_Operation *
+GNUNET_RECLAIM_ticket_issue (struct GNUNET_RECLAIM_Handle *h,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *iss,
const struct GNUNET_CRYPTO_EcdsaPublicKey *rp,
- const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs,
- GNUNET_IDENTITY_PROVIDER_TicketCallback cb,
+ const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs,
+ GNUNET_RECLAIM_TicketCallback cb,
void *cb_cls)
{
- struct GNUNET_IDENTITY_PROVIDER_Operation *op;
+ struct GNUNET_RECLAIM_Operation *op;
struct IssueTicketMessage *tim;
size_t attr_len;
- op = GNUNET_new (struct GNUNET_IDENTITY_PROVIDER_Operation);
+ op = GNUNET_new (struct GNUNET_RECLAIM_Operation);
op->h = h;
op->tr_cb = cb;
op->cls = cb_cls;
@@ -1097,15 +1097,15 @@ GNUNET_IDENTITY_PROVIDER_ticket_issue (struct GNUNET_IDENTITY_PROVIDER_Handle *h
GNUNET_CONTAINER_DLL_insert_tail (h->op_head,
h->op_tail,
op);
- attr_len = GNUNET_IDENTITY_ATTRIBUTE_list_serialize_get_size (attrs);
+ attr_len = GNUNET_RECLAIM_ATTRIBUTE_list_serialize_get_size (attrs);
op->env = GNUNET_MQ_msg_extra (tim,
attr_len,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ISSUE_TICKET);
+ GNUNET_MESSAGE_TYPE_RECLAIM_ISSUE_TICKET);
tim->identity = *iss;
tim->rp = *rp;
tim->id = htonl (op->r_id);
- GNUNET_IDENTITY_ATTRIBUTE_list_serialize (attrs,
+ GNUNET_RECLAIM_ATTRIBUTE_list_serialize (attrs,
(char*)&tim[1]);
tim->attr_len = htons (attr_len);
@@ -1119,24 +1119,24 @@ GNUNET_IDENTITY_PROVIDER_ticket_issue (struct GNUNET_IDENTITY_PROVIDER_Handle *h
* Consumes an issued ticket. The ticket is persisted
* and used to retrieve identity information from the issuer
*
- * @param h the identity provider to use
+ * @param h the reclaim to use
* @param identity the identity that is the subject of the issued ticket (the relying party)
* @param ticket the issued ticket to consume
* @param cb the callback to call
* @param cb_cls the callback closure
* @return handle to abort the operation
*/
-struct GNUNET_IDENTITY_PROVIDER_Operation *
-GNUNET_IDENTITY_PROVIDER_ticket_consume (struct GNUNET_IDENTITY_PROVIDER_Handle *h,
+struct GNUNET_RECLAIM_Operation *
+GNUNET_RECLAIM_ticket_consume (struct GNUNET_RECLAIM_Handle *h,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity,
- const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket,
- GNUNET_IDENTITY_PROVIDER_AttributeResult cb,
+ const struct GNUNET_RECLAIM_Ticket *ticket,
+ GNUNET_RECLAIM_AttributeResult cb,
void *cb_cls)
{
- struct GNUNET_IDENTITY_PROVIDER_Operation *op;
+ struct GNUNET_RECLAIM_Operation *op;
struct ConsumeTicketMessage *ctm;
- op = GNUNET_new (struct GNUNET_IDENTITY_PROVIDER_Operation);
+ op = GNUNET_new (struct GNUNET_RECLAIM_Operation);
op->h = h;
op->ar_cb = cb;
op->cls = cb_cls;
@@ -1145,14 +1145,14 @@ GNUNET_IDENTITY_PROVIDER_ticket_consume (struct GNUNET_IDENTITY_PROVIDER_Handle
h->op_tail,
op);
op->env = GNUNET_MQ_msg_extra (ctm,
- sizeof (const struct GNUNET_IDENTITY_PROVIDER_Ticket),
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_CONSUME_TICKET);
+ sizeof (const struct GNUNET_RECLAIM_Ticket),
+ GNUNET_MESSAGE_TYPE_RECLAIM_CONSUME_TICKET);
ctm->identity = *identity;
ctm->id = htonl (op->r_id);
GNUNET_memcpy ((char*)&ctm[1],
ticket,
- sizeof (const struct GNUNET_IDENTITY_PROVIDER_Ticket));
+ sizeof (const struct GNUNET_RECLAIM_Ticket));
if (NULL != h->mq)
GNUNET_MQ_send_copy (h->mq,
@@ -1166,7 +1166,7 @@ GNUNET_IDENTITY_PROVIDER_ticket_consume (struct GNUNET_IDENTITY_PROVIDER_Handle
* Lists all tickets that have been issued to remote
* identites (relying parties)
*
- * @param h the identity provider to use
+ * @param h the reclaim to use
* @param identity the issuing identity
* @param error_cb function to call on error (i.e. disconnect),
* the handle is afterwards invalid
@@ -1179,17 +1179,17 @@ GNUNET_IDENTITY_PROVIDER_ticket_consume (struct GNUNET_IDENTITY_PROVIDER_Handle
* @param finish_cb_cls closure for @a finish_cb
* @return an iterator handle to use for iteration
*/
-struct GNUNET_IDENTITY_PROVIDER_TicketIterator *
-GNUNET_IDENTITY_PROVIDER_ticket_iteration_start (struct GNUNET_IDENTITY_PROVIDER_Handle *h,
+struct GNUNET_RECLAIM_TicketIterator *
+GNUNET_RECLAIM_ticket_iteration_start (struct GNUNET_RECLAIM_Handle *h,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity,
GNUNET_SCHEDULER_TaskCallback error_cb,
void *error_cb_cls,
- GNUNET_IDENTITY_PROVIDER_TicketCallback proc,
+ GNUNET_RECLAIM_TicketCallback proc,
void *proc_cls,
GNUNET_SCHEDULER_TaskCallback finish_cb,
void *finish_cb_cls)
{
- struct GNUNET_IDENTITY_PROVIDER_TicketIterator *it;
+ struct GNUNET_RECLAIM_TicketIterator *it;
struct GNUNET_CRYPTO_EcdsaPublicKey identity_pub;
struct GNUNET_MQ_Envelope *env;
struct TicketIterationStartMessage *msg;
@@ -1198,7 +1198,7 @@ GNUNET_IDENTITY_PROVIDER_ticket_iteration_start (struct GNUNET_IDENTITY_PROVIDER
GNUNET_CRYPTO_ecdsa_key_get_public (identity,
&identity_pub);
rid = h->r_id_gen++;
- it = GNUNET_new (struct GNUNET_IDENTITY_PROVIDER_TicketIterator);
+ it = GNUNET_new (struct GNUNET_RECLAIM_TicketIterator);
it->h = h;
it->error_cb = error_cb;
it->error_cb_cls = error_cb_cls;
@@ -1211,7 +1211,7 @@ GNUNET_IDENTITY_PROVIDER_ticket_iteration_start (struct GNUNET_IDENTITY_PROVIDER
h->ticket_it_tail,
it);
env = GNUNET_MQ_msg (msg,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_START);
+ GNUNET_MESSAGE_TYPE_RECLAIM_TICKET_ITERATION_START);
msg->id = htonl (rid);
msg->identity = identity_pub;
msg->is_audience = htonl (GNUNET_NO);
@@ -1229,7 +1229,7 @@ GNUNET_IDENTITY_PROVIDER_ticket_iteration_start (struct GNUNET_IDENTITY_PROVIDER
* Lists all tickets that have been issued to remote
* identites (relying parties)
*
- * @param h the identity provider to use
+ * @param h the reclaim to use
* @param identity the issuing identity
* @param error_cb function to call on error (i.e. disconnect),
* the handle is afterwards invalid
@@ -1242,23 +1242,23 @@ GNUNET_IDENTITY_PROVIDER_ticket_iteration_start (struct GNUNET_IDENTITY_PROVIDER
* @param finish_cb_cls closure for @a finish_cb
* @return an iterator handle to use for iteration
*/
-struct GNUNET_IDENTITY_PROVIDER_TicketIterator *
-GNUNET_IDENTITY_PROVIDER_ticket_iteration_start_rp (struct GNUNET_IDENTITY_PROVIDER_Handle *h,
+struct GNUNET_RECLAIM_TicketIterator *
+GNUNET_RECLAIM_ticket_iteration_start_rp (struct GNUNET_RECLAIM_Handle *h,
const struct GNUNET_CRYPTO_EcdsaPublicKey *identity,
GNUNET_SCHEDULER_TaskCallback error_cb,
void *error_cb_cls,
- GNUNET_IDENTITY_PROVIDER_TicketCallback proc,
+ GNUNET_RECLAIM_TicketCallback proc,
void *proc_cls,
GNUNET_SCHEDULER_TaskCallback finish_cb,
void *finish_cb_cls)
{
- struct GNUNET_IDENTITY_PROVIDER_TicketIterator *it;
+ struct GNUNET_RECLAIM_TicketIterator *it;
struct GNUNET_MQ_Envelope *env;
struct TicketIterationStartMessage *msg;
uint32_t rid;
rid = h->r_id_gen++;
- it = GNUNET_new (struct GNUNET_IDENTITY_PROVIDER_TicketIterator);
+ it = GNUNET_new (struct GNUNET_RECLAIM_TicketIterator);
it->h = h;
it->error_cb = error_cb;
it->error_cb_cls = error_cb_cls;
@@ -1271,7 +1271,7 @@ GNUNET_IDENTITY_PROVIDER_ticket_iteration_start_rp (struct GNUNET_IDENTITY_PROVI
h->ticket_it_tail,
it);
env = GNUNET_MQ_msg (msg,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_START);
+ GNUNET_MESSAGE_TYPE_RECLAIM_TICKET_ITERATION_START);
msg->id = htonl (rid);
msg->identity = *identity;
msg->is_audience = htonl (GNUNET_YES);
@@ -1286,20 +1286,20 @@ GNUNET_IDENTITY_PROVIDER_ticket_iteration_start_rp (struct GNUNET_IDENTITY_PROVI
}
/**
- * Calls the record processor specified in #GNUNET_IDENTITY_PROVIDER_ticket_iteration_start
+ * Calls the record processor specified in #GNUNET_RECLAIM_ticket_iteration_start
* for the next record.
*
* @param it the iterator
*/
void
-GNUNET_IDENTITY_PROVIDER_ticket_iteration_next (struct GNUNET_IDENTITY_PROVIDER_TicketIterator *it)
+GNUNET_RECLAIM_ticket_iteration_next (struct GNUNET_RECLAIM_TicketIterator *it)
{
- struct GNUNET_IDENTITY_PROVIDER_Handle *h = it->h;
+ struct GNUNET_RECLAIM_Handle *h = it->h;
struct TicketIterationNextMessage *msg;
struct GNUNET_MQ_Envelope *env;
env = GNUNET_MQ_msg (msg,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_NEXT);
+ GNUNET_MESSAGE_TYPE_RECLAIM_TICKET_ITERATION_NEXT);
msg->id = htonl (it->r_id);
GNUNET_MQ_send (h->mq,
env);
@@ -1309,21 +1309,21 @@ GNUNET_IDENTITY_PROVIDER_ticket_iteration_next (struct GNUNET_IDENTITY_PROVIDER_
/**
* Stops iteration and releases the idp handle for further calls. Must
* be called on any iteration that has not yet completed prior to calling
- * #GNUNET_IDENTITY_PROVIDER_disconnect.
+ * #GNUNET_RECLAIM_disconnect.
*
* @param it the iterator
*/
void
-GNUNET_IDENTITY_PROVIDER_ticket_iteration_stop (struct GNUNET_IDENTITY_PROVIDER_TicketIterator *it)
+GNUNET_RECLAIM_ticket_iteration_stop (struct GNUNET_RECLAIM_TicketIterator *it)
{
- struct GNUNET_IDENTITY_PROVIDER_Handle *h = it->h;
+ struct GNUNET_RECLAIM_Handle *h = it->h;
struct GNUNET_MQ_Envelope *env;
struct TicketIterationStopMessage *msg;
if (NULL != h->mq)
{
env = GNUNET_MQ_msg (msg,
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_STOP);
+ GNUNET_MESSAGE_TYPE_RECLAIM_TICKET_ITERATION_STOP);
msg->id = htonl (it->r_id);
GNUNET_MQ_send (h->mq,
env);
@@ -1335,27 +1335,26 @@ GNUNET_IDENTITY_PROVIDER_ticket_iteration_stop (struct GNUNET_IDENTITY_PROVIDER_
* Revoked an issued ticket. The relying party will be unable to retrieve
* updated attributes.
*
- * @param h the identity provider to use
+ * @param h the reclaim to use
* @param identity the issuing identity
* @param ticket the ticket to revoke
* @param cb the callback
* @param cb_cls the callback closure
* @return handle to abort the operation
*/
-struct GNUNET_IDENTITY_PROVIDER_Operation *
-GNUNET_IDENTITY_PROVIDER_ticket_revoke (struct GNUNET_IDENTITY_PROVIDER_Handle *h,
+struct GNUNET_RECLAIM_Operation *
+GNUNET_RECLAIM_ticket_revoke (struct GNUNET_RECLAIM_Handle *h,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity,
- const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket,
- GNUNET_IDENTITY_PROVIDER_ContinuationWithStatus cb,
+ const struct GNUNET_RECLAIM_Ticket *ticket,
+ GNUNET_RECLAIM_ContinuationWithStatus cb,
void *cb_cls)
{
- struct GNUNET_IDENTITY_PROVIDER_Operation *op;
- struct GNUNET_MQ_Envelope *env;
+ struct GNUNET_RECLAIM_Operation *op;
struct RevokeTicketMessage *msg;
uint32_t rid;
rid = h->r_id_gen++;
- op = GNUNET_new (struct GNUNET_IDENTITY_PROVIDER_Operation);
+ op = GNUNET_new (struct GNUNET_RECLAIM_Operation);
op->h = h;
op->rvk_cb = cb;
op->cls = cb_cls;
@@ -1363,22 +1362,22 @@ GNUNET_IDENTITY_PROVIDER_ticket_revoke (struct GNUNET_IDENTITY_PROVIDER_Handle *
GNUNET_CONTAINER_DLL_insert_tail (h->op_head,
h->op_tail,
op);
- env = GNUNET_MQ_msg_extra (msg,
- sizeof (struct GNUNET_IDENTITY_PROVIDER_Ticket),
- GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_REVOKE_TICKET);
+ op->env = GNUNET_MQ_msg_extra (msg,
+ sizeof (struct GNUNET_RECLAIM_Ticket),
+ GNUNET_MESSAGE_TYPE_RECLAIM_REVOKE_TICKET);
msg->id = htonl (rid);
msg->identity = *identity;
GNUNET_memcpy (&msg[1],
ticket,
- sizeof (struct GNUNET_IDENTITY_PROVIDER_Ticket));
- if (NULL == h->mq)
- op->env = env;
- else
+ sizeof (struct GNUNET_RECLAIM_Ticket));
+ if (NULL != h->mq) {
GNUNET_MQ_send (h->mq,
- env);
+ op->env);
+ op->env = NULL;
+ }
return op;
}
-/* end of identity_provider_api.c */
+/* end of reclaim_api.c */
diff --git a/src/reclaim/test_reclaim.sh b/src/reclaim/test_reclaim.sh
new file mode 100755
index 000000000..311f5382a
--- /dev/null
+++ b/src/reclaim/test_reclaim.sh
@@ -0,0 +1,31 @@
+#!/bin/bash
+#trap "gnunet-arm -e -c test_reclaim_lookup.conf" SIGINT
+
+LOCATION=$(which gnunet-config)
+if [ -z $LOCATION ]
+then
+ LOCATION="gnunet-config"
+fi
+$LOCATION --version 1> /dev/null
+if test $? != 0
+then
+ echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
+ exit 77
+fi
+
+rm -rf `gnunet-config -c test_reclaim.conf -s PATHS -o GNUNET_HOME -f`
+
+# (1) PKEY1.user -> PKEY2.resu.user
+# (2) PKEY2.resu -> PKEY3
+# (3) PKEY3.user -> PKEY4
+
+
+which timeout &> /dev/null && DO_TIMEOUT="timeout 30"
+
+TEST_ATTR="test"
+gnunet-arm -s -c test_reclaim.conf
+gnunet-identity -C testego -c test_reclaim.conf
+valgrind gnunet-reclaim -e testego -a email -V john@doe.gnu -c test_reclaim.conf
+gnunet-reclaim -e testego -a name -V John -c test_reclaim.conf
+gnunet-reclaim -e testego -D -c test_reclaim.conf
+gnunet-arm -e -c test_reclaim.conf
diff --git a/src/reclaim/test_reclaim_attribute.sh b/src/reclaim/test_reclaim_attribute.sh
new file mode 100755
index 000000000..39bd715b7
--- /dev/null
+++ b/src/reclaim/test_reclaim_attribute.sh
@@ -0,0 +1,40 @@
+#!/bin/bash
+trap "gnunet-arm -e -c test_reclaim.conf" SIGINT
+
+LOCATION=$(which gnunet-config)
+if [ -z $LOCATION ]
+then
+ LOCATION="gnunet-config"
+fi
+$LOCATION --version 1> /dev/null
+if test $? != 0
+then
+ echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
+ exit 77
+fi
+
+rm -rf `gnunet-config -c test_reclaim.conf -s PATHS -o GNUNET_HOME -f`
+
+# (1) PKEY1.user -> PKEY2.resu.user
+# (2) PKEY2.resu -> PKEY3
+# (3) PKEY3.user -> PKEY4
+
+
+which timeout &> /dev/null && DO_TIMEOUT="timeout 30"
+
+TEST_ATTR="test"
+gnunet-arm -s -c test_reclaim.conf
+#gnunet-arm -i rest -c test_reclaim.conf
+gnunet-identity -C testego -c test_reclaim.conf
+gnunet-identity -C rpego -c test_reclaim.conf
+TEST_KEY=$(gnunet-identity -d -c test_reclaim.conf | grep testego | awk '{print $3}')
+gnunet-reclaim -e testego -a email -V john@doe.gnu -c test_reclaim.conf
+gnunet-reclaim -e testego -a name -V John -c test_reclaim.conf > /dev/null 2>&1
+if test $? != 0
+then
+ echo "Failed."
+ exit 1
+fi
+
+#curl localhost:7776/reclaim/attributes/testego
+gnunet-arm -e -c test_reclaim.conf
diff --git a/src/reclaim/test_reclaim_consume.sh b/src/reclaim/test_reclaim_consume.sh
new file mode 100755
index 000000000..36c8052d0
--- /dev/null
+++ b/src/reclaim/test_reclaim_consume.sh
@@ -0,0 +1,43 @@
+#!/bin/bash
+trap "gnunet-arm -e -c test_reclaim.conf" SIGINT
+
+LOCATION=$(which gnunet-config)
+if [ -z $LOCATION ]
+then
+ LOCATION="gnunet-config"
+fi
+$LOCATION --version 1> /dev/null
+if test $? != 0
+then
+ echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
+ exit 77
+fi
+
+rm -rf `gnunet-config -c test_reclaim.conf -s PATHS -o GNUNET_HOME -f`
+
+# (1) PKEY1.user -> PKEY2.resu.user
+# (2) PKEY2.resu -> PKEY3
+# (3) PKEY3.user -> PKEY4
+
+
+which timeout &> /dev/null && DO_TIMEOUT="timeout 30"
+
+TEST_ATTR="test"
+gnunet-arm -s -c test_reclaim.conf
+#gnunet-arm -i rest -c test_reclaim.conf
+gnunet-identity -C testego -c test_reclaim.conf
+gnunet-identity -C rpego -c test_reclaim.conf
+SUBJECT_KEY=$(gnunet-identity -d -c test_reclaim.conf | grep rpego | awk '{print $3}')
+TEST_KEY=$(gnunet-identity -d -c test_reclaim.conf | grep testego | awk '{print $3}')
+gnunet-reclaim -e testego -a email -V john@doe.gnu -c test_reclaim.conf
+gnunet-reclaim -e testego -a name -V John -c test_reclaim.conf
+TICKET=$(gnunet-reclaim -e testego -i "email,name" -r $SUBJECT_KEY -c test_reclaim.conf | awk '{print $1}')
+gnunet-reclaim -e rpego -C $TICKET -c test_reclaim.conf > /dev/null 2>&1
+
+if test $? != 0
+then
+ "Failed."
+ exit 1
+fi
+#curl http://localhost:7776/reclaim/tickets/testego
+gnunet-arm -e -c test_reclaim.conf
diff --git a/src/identity-provider/test_idp_defaults.conf b/src/reclaim/test_reclaim_defaults.conf
index a9a197dea..a9a197dea 100644
--- a/src/identity-provider/test_idp_defaults.conf
+++ b/src/reclaim/test_reclaim_defaults.conf
diff --git a/src/reclaim/test_reclaim_issue.sh b/src/reclaim/test_reclaim_issue.sh
new file mode 100755
index 000000000..6a71470e1
--- /dev/null
+++ b/src/reclaim/test_reclaim_issue.sh
@@ -0,0 +1,42 @@
+#!/bin/bash
+trap "gnunet-arm -e -c test_reclaim.conf" SIGINT
+
+LOCATION=$(which gnunet-config)
+if [ -z $LOCATION ]
+then
+ LOCATION="gnunet-config"
+fi
+$LOCATION --version 1> /dev/null
+if test $? != 0
+then
+ echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
+ exit 77
+fi
+
+rm -rf `gnunet-config -c test_reclaim.conf -s PATHS -o GNUNET_HOME -f`
+
+# (1) PKEY1.user -> PKEY2.resu.user
+# (2) PKEY2.resu -> PKEY3
+# (3) PKEY3.user -> PKEY4
+
+
+which timeout &> /dev/null && DO_TIMEOUT="timeout 30"
+
+TEST_ATTR="test"
+gnunet-arm -s -c test_reclaim.conf
+#gnunet-arm -i rest -c test_reclaim.conf
+gnunet-identity -C testego -c test_reclaim.conf
+gnunet-identity -C rpego -c test_reclaim.conf
+SUBJECT_KEY=$(gnunet-identity -d -c test_reclaim.conf | grep rpego | awk '{print $3}')
+TEST_KEY=$(gnunet-identity -d -c test_reclaim.conf | grep testego | awk '{print $3}')
+gnunet-reclaim -e testego -a email -V john@doe.gnu -c test_reclaim.conf > /dev/null 2>&1
+gnunet-reclaim -e testego -a name -V John -c test_reclaim.conf > /dev/null 2>&1
+#gnunet-reclaim -e testego -D -c test_reclaim.conf
+gnunet-reclaim -e testego -i "email,name" -r $SUBJECT_KEY -c test_reclaim.conf > /dev/null 2>&1
+if test $? != 0
+then
+ echo "Failed."
+ exit 1
+fi
+#curl http://localhost:7776/reclaim/attributes/testego
+gnunet-arm -e -c test_reclaim.conf
diff --git a/src/reclaim/test_reclaim_revoke.sh b/src/reclaim/test_reclaim_revoke.sh
new file mode 100755
index 000000000..595752fd8
--- /dev/null
+++ b/src/reclaim/test_reclaim_revoke.sh
@@ -0,0 +1,65 @@
+#!/bin/bash
+trap "gnunet-arm -e -c test_reclaim.conf" SIGINT
+
+LOCATION=$(which gnunet-config)
+if [ -z $LOCATION ]
+then
+ LOCATION="gnunet-config"
+fi
+$LOCATION --version 1> /dev/null
+if test $? != 0
+then
+ echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
+ exit 77
+fi
+
+rm -rf `gnunet-config -c test_reclaim.conf -s PATHS -o GNUNET_HOME -f`
+
+# (1) PKEY1.user -> PKEY2.resu.user
+# (2) PKEY2.resu -> PKEY3
+# (3) PKEY3.user -> PKEY4
+
+
+which timeout &> /dev/null && DO_TIMEOUT="timeout 30"
+
+TEST_ATTR="test"
+gnunet-arm -s -c test_reclaim.conf 2&>1 > /dev/null
+gnunet-identity -C alice -c test_reclaim.conf
+gnunet-identity -C bob -c test_reclaim.conf
+gnunet-identity -C eve -c test_reclaim.conf
+ALICE_KEY=$(gnunet-identity -d -c test_reclaim.conf | grep alice | awk '{print $3}')
+BOB_KEY=$(gnunet-identity -d -c test_reclaim.conf | grep bob | awk '{print $3}')
+EVE_KEY=$(gnunet-identity -d -c test_reclaim.conf | grep eve | awk '{print $3}')
+
+gnunet-reclaim -e alice -E 15s -a email -V john@doe.gnu -c test_reclaim.conf
+gnunet-reclaim -e alice -E 15s -a name -V John -c test_reclaim.conf
+TICKET_BOB=$(gnunet-reclaim -e alice -i "email,name" -r $BOB_KEY -c test_reclaim.conf | awk '{print $1}')
+#gnunet-reclaim -e bob -C $TICKET_BOB -c test_reclaim.conf
+TICKET_EVE=$(gnunet-reclaim -e alice -i "email" -r $EVE_KEY -c test_reclaim.conf | awk '{print $1}')
+
+#echo "Consuming $TICKET"
+#gnunet-reclaim -e eve -C $TICKET_EVE -c test_reclaim.conf
+gnunet-reclaim -e alice -R $TICKET_EVE -c test_reclaim.conf
+
+#sleep 6
+
+gnunet-reclaim -e eve -C $TICKET_EVE -c test_reclaim.conf 2&>1 >/dev/null
+if test $? == 0
+then
+ echo "Eve can still resolve attributes..."
+ gnunet-arm -e -c test_reclaim.conf
+ exit 1
+fi
+
+gnunet-arm -e -c test_reclaim.conf
+gnunet-arm -s -c test_reclaim.conf 2&>1 > /dev/null
+
+gnunet-reclaim -e bob -C $TICKET_BOB -c test_reclaim.conf 2&>1 >/dev/null
+if test $? != 0
+then
+ echo "Bob cannot resolve attributes..."
+ gnunet-arm -e -c test_reclaim.conf
+ exit 1
+fi
+
+gnunet-arm -e -c test_reclaim.conf
diff --git a/src/rest/Makefile.am b/src/rest/Makefile.am
index ebfb98024..ce0454d53 100644
--- a/src/rest/Makefile.am
+++ b/src/rest/Makefile.am
@@ -29,6 +29,18 @@ libexec_PROGRAMS = \
EXTRA_DIST = \
rest.conf
+plugin_LTLIBRARIES = libgnunet_plugin_rest_copying.la
+
+libgnunet_plugin_rest_copying_la_SOURCES = \
+ plugin_rest_copying.c
+libgnunet_plugin_rest_copying_la_LIBADD = \
+ $(top_builddir)/src/rest/libgnunetrest.la \
+ $(top_builddir)/src/util/libgnunetutil.la $(XLIBS) \
+ $(LTLIBINTL) -lmicrohttpd
+libgnunet_plugin_rest_copying_la_LDFLAGS = \
+ $(GN_PLUGIN_LDFLAGS)
+
+
gnunet_rest_server_SOURCES = \
gnunet-rest-server.c
diff --git a/src/rest/plugin_rest_copying.c b/src/rest/plugin_rest_copying.c
new file mode 100644
index 000000000..668dc5d38
--- /dev/null
+++ b/src/rest/plugin_rest_copying.c
@@ -0,0 +1,231 @@
+/*
+ This file is part of GNUnet.
+ Copyright (C) 2012-2018 GNUnet e.V.
+
+ GNUnet is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License,
+ or (at your option) any later version.
+
+ GNUnet is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+/**
+ * @author Martin Schanzenbach
+ * @file gns/plugin_rest_copying.c
+ * @brief REST plugin that serves licensing information.
+ *
+ */
+
+#include "platform.h"
+#include "gnunet_rest_plugin.h"
+#include <gnunet_rest_lib.h>
+
+#define GNUNET_REST_API_NS_COPYING "/copying"
+
+#define GNUNET_REST_COPYING_TEXT "GNU Affero General Public License version 3 or later. See also: <http://www.gnu.org/licenses/>"
+
+/**
+ * @brief struct returned by the initialization function of the plugin
+ */
+struct Plugin
+{
+ const struct GNUNET_CONFIGURATION_Handle *cfg;
+};
+
+const struct GNUNET_CONFIGURATION_Handle *cfg;
+
+struct RequestHandle
+{
+ /**
+ * Handle to rest request
+ */
+ struct GNUNET_REST_RequestHandle *rest_handle;
+
+ /**
+ * The plugin result processor
+ */
+ GNUNET_REST_ResultProcessor proc;
+
+ /**
+ * The closure of the result processor
+ */
+ void *proc_cls;
+
+ /**
+ * HTTP response code
+ */
+ int response_code;
+
+};
+
+
+/**
+ * Cleanup request handle.
+ *
+ * @param handle Handle to clean up
+ */
+static void
+cleanup_handle (struct RequestHandle *handle)
+{
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Cleaning up\n");
+ GNUNET_free (handle);
+}
+
+
+/**
+ * Task run on shutdown. Cleans up everything.
+ *
+ * @param cls unused
+ * @param tc scheduler context
+ */
+static void
+do_error (void *cls)
+{
+ struct RequestHandle *handle = cls;
+ struct MHD_Response *resp;
+
+ resp = GNUNET_REST_create_response (NULL);
+ handle->proc (handle->proc_cls, resp, handle->response_code);
+ cleanup_handle (handle);
+}
+
+
+/**
+ * Handle rest request
+ *
+ * @param handle the lookup handle
+ */
+static void
+get_cont (struct GNUNET_REST_RequestHandle *con_handle,
+ const char* url,
+ void *cls)
+{
+ struct MHD_Response *resp;
+ struct RequestHandle *handle = cls;
+
+ resp = GNUNET_REST_create_response (GNUNET_REST_COPYING_TEXT);
+ handle->proc (handle->proc_cls,
+ resp,
+ MHD_HTTP_OK);
+ cleanup_handle (handle);
+}
+
+
+
+/**
+ * Handle rest request
+ *
+ * @param handle the lookup handle
+ */
+static void
+options_cont (struct GNUNET_REST_RequestHandle *con_handle,
+ const char* url,
+ void *cls)
+{
+ struct MHD_Response *resp;
+ struct RequestHandle *handle = cls;
+
+ resp = GNUNET_REST_create_response (NULL);
+ MHD_add_response_header (resp,
+ "Access-Control-Allow-Methods",
+ MHD_HTTP_METHOD_GET);
+ handle->proc (handle->proc_cls,
+ resp,
+ MHD_HTTP_OK);
+ cleanup_handle (handle);
+}
+
+
+/**
+ * Function processing the REST call
+ *
+ * @param method HTTP method
+ * @param url URL of the HTTP request
+ * @param data body of the HTTP request (optional)
+ * @param data_size length of the body
+ * @param proc callback function for the result
+ * @param proc_cls closure for @a proc
+ * @return #GNUNET_OK if request accepted
+ */
+static void
+rest_copying_process_request (struct GNUNET_REST_RequestHandle *conndata_handle,
+ GNUNET_REST_ResultProcessor proc,
+ void *proc_cls)
+{
+ static const struct GNUNET_REST_RequestHandler handlers[] = {
+ {MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_COPYING, &get_cont},
+ {MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_COPYING, &options_cont},
+ GNUNET_REST_HANDLER_END
+ };
+ struct RequestHandle *handle = GNUNET_new (struct RequestHandle);
+ struct GNUNET_REST_RequestHandlerError err;
+
+ handle->proc_cls = proc_cls;
+ handle->proc = proc;
+ handle->rest_handle = conndata_handle;
+
+ if (GNUNET_NO == GNUNET_REST_handle_request (conndata_handle,
+ handlers,
+ &err,
+ handle))
+ {
+ handle->response_code = err.error_code;
+ GNUNET_SCHEDULER_add_now (&do_error, handle);
+ }
+}
+
+
+/**
+ * Entry point for the plugin.
+ *
+ * @param cls the "struct GNUNET_NAMESTORE_PluginEnvironment*"
+ * @return NULL on error, otherwise the plugin context
+ */
+void *
+libgnunet_plugin_rest_copying_init (void *cls)
+{
+ static struct Plugin plugin;
+ cfg = cls;
+ struct GNUNET_REST_Plugin *api;
+
+ if (NULL != plugin.cfg)
+ return NULL; /* can only initialize once! */
+ memset (&plugin, 0, sizeof (struct Plugin));
+ plugin.cfg = cfg;
+ api = GNUNET_new (struct GNUNET_REST_Plugin);
+ api->cls = &plugin;
+ api->name = GNUNET_REST_API_NS_COPYING;
+ api->process_request = &rest_copying_process_request;
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ _("COPYING REST API initialized\n"));
+ return api;
+}
+
+
+/**
+ * Exit point from the plugin.
+ *
+ * @param cls the plugin context (as returned by "init")
+ * @return always NULL
+ */
+void *
+libgnunet_plugin_rest_copying_done (void *cls)
+{
+ struct GNUNET_REST_Plugin *api = cls;
+ struct Plugin *plugin = api->cls;
+
+ plugin->cfg = NULL;
+ GNUNET_free (api);
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "COPYING REST plugin is finished\n");
+ return NULL;
+}
+
+/* end of plugin_rest_copying.c */
diff --git a/src/rps/gnunet-rps-profiler.c b/src/rps/gnunet-rps-profiler.c
index 16f23e86c..49714872f 100644
--- a/src/rps/gnunet-rps-profiler.c
+++ b/src/rps/gnunet-rps-profiler.c
@@ -49,7 +49,11 @@ static unsigned bits_needed;
/**
* How long do we run the test?
*/
-//#define TIMEOUT GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 30)
+static struct GNUNET_TIME_Relative duration;
+
+/**
+ * When do we do a hard shutdown?
+ */
static struct GNUNET_TIME_Relative timeout;
@@ -446,6 +450,10 @@ struct RPSPeer
* @brief statistics values
*/
uint64_t stats[STAT_TYPE_MAX];
+ /**
+ * @brief Handle for the statistics get request
+ */
+ struct GNUNET_STATISTICS_GetHandle *h_stat_get[STAT_TYPE_MAX];
};
/**
@@ -489,15 +497,16 @@ static unsigned int view_sizes;
static int ok;
/**
- * Identifier for the churn task that runs periodically
+ * Identifier for the task that runs after the test to collect results
*/
static struct GNUNET_SCHEDULER_Task *post_test_task;
/**
- * Identifier for the churn task that runs periodically
+ * Identifier for the shutdown task
*/
static struct GNUNET_SCHEDULER_Task *shutdown_task;
+
/**
* Identifier for the churn task that runs periodically
*/
@@ -874,6 +883,75 @@ static int check_statistics_collect_completed ()
return GNUNET_YES;
}
+static void
+rps_disconnect_adapter (void *cls,
+ void *op_result);
+
+static void
+cancel_pending_req (struct PendingRequest *pending_req)
+{
+ struct RPSPeer *rps_peer;
+
+ rps_peer = pending_req->rps_peer;
+ GNUNET_CONTAINER_DLL_remove (rps_peer->pending_req_head,
+ rps_peer->pending_req_tail,
+ pending_req);
+ rps_peer->num_pending_reqs--;
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Cancelling pending rps get request\n");
+ GNUNET_SCHEDULER_cancel (pending_req->request_task);
+ GNUNET_free (pending_req);
+}
+
+static void
+cancel_request (struct PendingReply *pending_rep)
+{
+ struct RPSPeer *rps_peer;
+
+ rps_peer = pending_rep->rps_peer;
+ GNUNET_CONTAINER_DLL_remove (rps_peer->pending_rep_head,
+ rps_peer->pending_rep_tail,
+ pending_rep);
+ rps_peer->num_pending_reps--;
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Cancelling rps get reply\n");
+ GNUNET_RPS_request_cancel (pending_rep->req_handle);
+ GNUNET_free (pending_rep);
+}
+
+void
+clean_peer (unsigned peer_index)
+{
+ struct PendingRequest *pending_req;
+
+ while (NULL != (pending_req = rps_peers[peer_index].pending_req_head))
+ {
+ cancel_pending_req (pending_req);
+ }
+ pending_req = rps_peers[peer_index].pending_req_head;
+ rps_disconnect_adapter (&rps_peers[peer_index],
+ &rps_peers[peer_index].rps_handle);
+ for (unsigned stat_type = STAT_TYPE_ROUNDS;
+ stat_type < STAT_TYPE_MAX;
+ stat_type++)
+ {
+ if (NULL != rps_peers[peer_index].h_stat_get[stat_type])
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "(%u) did not yet receive stat value for `%s'\n",
+ rps_peers[peer_index].index,
+ stat_type_2_str (stat_type));
+ GNUNET_STATISTICS_get_cancel (
+ rps_peers[peer_index].h_stat_get[stat_type]);
+ }
+ }
+ if (NULL != rps_peers[peer_index].op)
+ {
+ GNUNET_TESTBED_operation_done (rps_peers[peer_index].op);
+ rps_peers[peer_index].op = NULL;
+ }
+}
+
/**
* Task run on timeout to shut everything down.
*/
@@ -881,35 +959,55 @@ static void
shutdown_op (void *cls)
{
unsigned int i;
+ struct OpListEntry *entry;
- GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Shutdown task scheduled, going down.\n");
in_shutdown = GNUNET_YES;
+
+ if (NULL != shutdown_task)
+ {
+ GNUNET_SCHEDULER_cancel (shutdown_task);
+ shutdown_task = NULL;
+ }
if (NULL != post_test_task)
{
GNUNET_SCHEDULER_cancel (post_test_task);
+ post_test_task = NULL;
}
if (NULL != churn_task)
{
GNUNET_SCHEDULER_cancel (churn_task);
churn_task = NULL;
}
+ entry = oplist_head;
+ while (NULL != (entry = oplist_head))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "Operation still pending on shutdown (%u)\n",
+ entry->index);
+ GNUNET_TESTBED_operation_done (entry->op);
+ GNUNET_CONTAINER_DLL_remove (oplist_head, oplist_tail, entry);
+ GNUNET_free (entry);
+ }
for (i = 0; i < num_peers; i++)
{
- if (NULL != rps_peers[i].rps_handle)
- {
- GNUNET_RPS_disconnect (rps_peers[i].rps_handle);
- }
- if (NULL != rps_peers[i].op)
- {
- GNUNET_TESTBED_operation_done (rps_peers[i].op);
- }
+ clean_peer (i);
}
}
+static void
+trigger_shutdown (void *cls)
+{
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "Shutdown was triggerd by timeout, going down.\n");
+ shutdown_task = NULL;
+ GNUNET_SCHEDULER_shutdown ();
+}
+
/**
- * Task run on timeout to collect statistics and potentially shut down.
+ * Task run after #duration to collect statistics and potentially shut down.
*/
static void
post_test_op (void *cls)
@@ -919,7 +1017,7 @@ post_test_op (void *cls)
post_test_task = NULL;
post_test = GNUNET_YES;
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
- "Post test task scheduled, going down.\n");
+ "Post test task scheduled.\n");
if (NULL != churn_task)
{
GNUNET_SCHEDULER_cancel (churn_task);
@@ -943,7 +1041,7 @@ post_test_op (void *cls)
GNUNET_YES == check_statistics_collect_completed())
{
GNUNET_SCHEDULER_cancel (shutdown_task);
- shutdown_task = GNUNET_SCHEDULER_add_now (&shutdown_op, NULL);
+ shutdown_task = NULL;
GNUNET_SCHEDULER_shutdown ();
}
}
@@ -1030,9 +1128,9 @@ info_cb (void *cb_cls,
*/
static void
rps_connect_complete_cb (void *cls,
- struct GNUNET_TESTBED_Operation *op,
- void *ca_result,
- const char *emsg)
+ struct GNUNET_TESTBED_Operation *op,
+ void *ca_result,
+ const char *emsg)
{
struct RPSPeer *rps_peer = cls;
struct GNUNET_RPS_Handle *rps = ca_result;
@@ -1057,7 +1155,9 @@ rps_connect_complete_cb (void *cls,
return;
}
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Started client successfully\n");
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Started client successfully (%u)\n",
+ rps_peer->index);
cur_test_run.main_test (rps_peer);
}
@@ -1075,7 +1175,7 @@ rps_connect_complete_cb (void *cls,
*/
static void *
rps_connect_adapter (void *cls,
- const struct GNUNET_CONFIGURATION_Handle *cfg)
+ const struct GNUNET_CONFIGURATION_Handle *cfg)
{
struct GNUNET_RPS_Handle *h;
@@ -1167,15 +1267,26 @@ stat_complete_cb (void *cls, struct GNUNET_TESTBED_Operation *op,
*/
static void
rps_disconnect_adapter (void *cls,
- void *op_result)
+ void *op_result)
{
struct RPSPeer *peer = cls;
struct GNUNET_RPS_Handle *h = op_result;
+ struct PendingReply *pending_rep;
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "disconnect_adapter()\n");
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "disconnect_adapter (%u)\n",
+ peer->index);
GNUNET_assert (NULL != peer);
- GNUNET_RPS_disconnect (h);
- peer->rps_handle = NULL;
+ if (NULL != peer->rps_handle)
+ {
+ while (NULL != (pending_rep = peer->pending_rep_head))
+ {
+ cancel_request (pending_rep);
+ }
+ GNUNET_assert (h == peer->rps_handle);
+ GNUNET_RPS_disconnect (h);
+ peer->rps_handle = NULL;
+ }
}
@@ -1219,13 +1330,15 @@ default_reply_handle (void *cls,
rps_peer->num_recv_ids++;
}
- if (0 == evaluate () && HAVE_QUICK_QUIT == cur_test_run.have_quick_quit)
+ if (GNUNET_YES != post_test) return;
+ if (HAVE_QUICK_QUIT != cur_test_run.have_quick_quit) return;
+ if (0 == evaluate())
{
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Test succeeded before timeout\n");
- GNUNET_assert (NULL != post_test_task);
- GNUNET_SCHEDULER_cancel (post_test_task);
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Test succeeded before end of duration\n");
+ if (NULL != post_test_task) GNUNET_SCHEDULER_cancel (post_test_task);
post_test_task = GNUNET_SCHEDULER_add_now (&post_test_op, NULL);
- GNUNET_assert (NULL!= post_test_task);
+ GNUNET_assert (NULL != post_test_task);
}
}
@@ -1239,13 +1352,13 @@ request_peers (void *cls)
struct RPSPeer *rps_peer;
struct PendingReply *pending_rep;
- if (GNUNET_YES == in_shutdown || GNUNET_YES == post_test)
- return;
rps_peer = pending_req->rps_peer;
GNUNET_assert (1 <= rps_peer->num_pending_reqs);
GNUNET_CONTAINER_DLL_remove (rps_peer->pending_req_head,
rps_peer->pending_req_tail,
pending_req);
+ rps_peer->num_pending_reqs--;
+ if (GNUNET_YES == in_shutdown || GNUNET_YES == post_test) return;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Requesting one peer\n");
pending_rep = GNUNET_new (struct PendingReply);
@@ -1258,39 +1371,6 @@ request_peers (void *cls)
rps_peer->pending_rep_tail,
pending_rep);
rps_peer->num_pending_reps++;
- rps_peer->num_pending_reqs--;
-}
-
-static void
-cancel_pending_req (struct PendingRequest *pending_req)
-{
- struct RPSPeer *rps_peer;
-
- rps_peer = pending_req->rps_peer;
- GNUNET_CONTAINER_DLL_remove (rps_peer->pending_req_head,
- rps_peer->pending_req_tail,
- pending_req);
- rps_peer->num_pending_reqs--;
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "Cancelling pending request\n");
- GNUNET_SCHEDULER_cancel (pending_req->request_task);
- GNUNET_free (pending_req);
-}
-
-static void
-cancel_request (struct PendingReply *pending_rep)
-{
- struct RPSPeer *rps_peer;
-
- rps_peer = pending_rep->rps_peer;
- GNUNET_CONTAINER_DLL_remove (rps_peer->pending_rep_head,
- rps_peer->pending_rep_tail,
- pending_rep);
- rps_peer->num_pending_reps--;
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "Cancelling request\n");
- GNUNET_RPS_request_cancel (pending_rep->req_handle);
- GNUNET_free (pending_rep);
}
@@ -2261,12 +2341,6 @@ void write_final_stats (void){
stat_type < STAT_TYPE_MAX;
stat_type++)
{
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "Add to sum (%" PRIu64 ") %" PRIu64 " of stat type %u - %s\n",
- sums[stat_type],
- rps_peers[i].stats[stat_type],
- stat_type,
- stat_type_2_str (stat_type));
sums[stat_type] += rps_peers[i].stats[stat_type];
}
}
@@ -2312,6 +2386,8 @@ post_test_shutdown_ready_cb (void *cls,
{
struct STATcls *stat_cls = (struct STATcls *) cls;
struct RPSPeer *rps_peer = stat_cls->rps_peer;
+
+ rps_peer->h_stat_get[stat_cls->stat_type] = NULL;
if (GNUNET_OK == success)
{
/* set flag that we we got the value */
@@ -2363,6 +2439,7 @@ stat_iterator (void *cls,
{
const struct STATcls *stat_cls = (const struct STATcls *) cls;
struct RPSPeer *rps_peer = (struct RPSPeer *) stat_cls->rps_peer;
+
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Got stat value: %s - %" PRIu64 "\n",
//stat_type_2_str (stat_cls->stat_type),
name,
@@ -2455,12 +2532,13 @@ void post_profiler (struct RPSPeer *rps_peer)
stat_cls->stat_type = stat_type;
rps_peer->file_name_stats =
store_prefix_file_name (rps_peer->peer_id, "stats");
- GNUNET_STATISTICS_get (rps_peer->stats_h,
- "rps",
- stat_type_2_str (stat_type),
- post_test_shutdown_ready_cb,
- stat_iterator,
- (struct STATcls *) stat_cls);
+ rps_peer->h_stat_get[stat_type] = GNUNET_STATISTICS_get (
+ rps_peer->stats_h,
+ "rps",
+ stat_type_2_str (stat_type),
+ post_test_shutdown_ready_cb,
+ stat_iterator,
+ (struct STATcls *) stat_cls);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Requested statistics for %s (peer %" PRIu32 ")\n",
stat_type_2_str (stat_type),
@@ -2555,6 +2633,8 @@ test_run (void *cls,
/* Connect all peers to statistics service */
if (COLLECT_STATISTICS == cur_test_run.have_collect_statistics)
{
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Connecting to statistics service\n");
rps_peers[i].stat_op =
GNUNET_TESTBED_service_connect (NULL,
peers[i],
@@ -2569,11 +2649,12 @@ test_run (void *cls,
if (NULL != churn_task)
GNUNET_SCHEDULER_cancel (churn_task);
- post_test_task = GNUNET_SCHEDULER_add_delayed (timeout, &post_test_op, NULL);
- timeout = GNUNET_TIME_relative_multiply (timeout, 1 + (0.1 * num_peers));
- shutdown_task = GNUNET_SCHEDULER_add_shutdown (shutdown_op, NULL);
- shutdown_task = GNUNET_SCHEDULER_add_delayed (timeout, &shutdown_op, NULL);
-
+ post_test_task = GNUNET_SCHEDULER_add_delayed (duration, &post_test_op, NULL);
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "timeout for shutdown is %lu\n", timeout.rel_value_us/1000000);
+ shutdown_task = GNUNET_SCHEDULER_add_delayed (timeout,
+ &trigger_shutdown,
+ NULL);
+ GNUNET_SCHEDULER_add_shutdown (shutdown_op, NULL);
}
@@ -2609,7 +2690,7 @@ run (void *cls,
if (0 == cur_test_run.num_requests) cur_test_run.num_requests = 5;
//cur_test_run.have_churn = HAVE_CHURN;
cur_test_run.have_churn = HAVE_NO_CHURN;