diff options
author | Schanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de> | 2018-03-06 11:52:56 +0100 |
---|---|---|
committer | Schanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de> | 2018-03-06 11:52:56 +0100 |
commit | f7b82a74cc5d39c55a4a232e0e14e7ab51b83ff6 (patch) | |
tree | f70bed40b3a1de8b03ab83b2b7c6d3411adc45fa /src/gns | |
parent | 8bd2218151fa06cd6209a575e3000b74616c4f02 (diff) | |
download | gnunet-f7b82a74cc5d39c55a4a232e0e14e7ab51b83ff6.tar.gz gnunet-f7b82a74cc5d39c55a4a232e0e14e7ab51b83ff6.zip |
fix proxy and refactor OIDC
Diffstat (limited to 'src/gns')
-rw-r--r-- | src/gns/gnunet-gns-proxy.c | 182 |
1 files changed, 16 insertions, 166 deletions
diff --git a/src/gns/gnunet-gns-proxy.c b/src/gns/gnunet-gns-proxy.c index 73af0e693..5146eb0d7 100644 --- a/src/gns/gnunet-gns-proxy.c +++ b/src/gns/gnunet-gns-proxy.c | |||
@@ -480,12 +480,7 @@ struct Socks5Request | |||
480 | /** | 480 | /** |
481 | * Handle to GNS lookup, during #SOCKS5_RESOLVING phase. | 481 | * Handle to GNS lookup, during #SOCKS5_RESOLVING phase. |
482 | */ | 482 | */ |
483 | struct GNUNET_GNS_LookupRequest *gns_lookup; | 483 | struct GNUNET_GNS_LookupWithTldRequest *gns_lookup; |
484 | |||
485 | /** | ||
486 | * Handle to Ego lookup, during #SOCKS5_RESOLVING phase. | ||
487 | */ | ||
488 | struct GNUNET_IDENTITY_EgoLookup *el; | ||
489 | 484 | ||
490 | /** | 485 | /** |
491 | * Client socket read task | 486 | * Client socket read task |
@@ -533,11 +528,6 @@ struct Socks5Request | |||
533 | char *domain; | 528 | char *domain; |
534 | 529 | ||
535 | /** | 530 | /** |
536 | * the tld | ||
537 | */ | ||
538 | const char *tld; | ||
539 | |||
540 | /** | ||
541 | * DNS Legacy Host Name as given by GNS, NULL if not given. | 531 | * DNS Legacy Host Name as given by GNS, NULL if not given. |
542 | */ | 532 | */ |
543 | char *leho; | 533 | char *leho; |
@@ -775,7 +765,7 @@ cleanup_s5r (struct Socks5Request *s5r) | |||
775 | if (NULL != s5r->wtask) | 765 | if (NULL != s5r->wtask) |
776 | GNUNET_SCHEDULER_cancel (s5r->wtask); | 766 | GNUNET_SCHEDULER_cancel (s5r->wtask); |
777 | if (NULL != s5r->gns_lookup) | 767 | if (NULL != s5r->gns_lookup) |
778 | GNUNET_GNS_lookup_cancel (s5r->gns_lookup); | 768 | GNUNET_GNS_lookup_with_tld_cancel (s5r->gns_lookup); |
779 | if (NULL != s5r->sock) | 769 | if (NULL != s5r->sock) |
780 | { | 770 | { |
781 | if (SOCKS5_SOCKET_WITH_MHD <= s5r->state) | 771 | if (SOCKS5_SOCKET_WITH_MHD <= s5r->state) |
@@ -1098,18 +1088,16 @@ curl_check_hdr (void *buffer, size_t size, size_t nmemb, void *cls) | |||
1098 | if (0 == strcasecmp (cookie_domain, s5r->leho + delta_cdomain)) | 1088 | if (0 == strcasecmp (cookie_domain, s5r->leho + delta_cdomain)) |
1099 | { | 1089 | { |
1100 | offset += sprintf (new_cookie_hdr + offset, | 1090 | offset += sprintf (new_cookie_hdr + offset, |
1101 | " domain=%s.%s;", | 1091 | " domain=%s;", |
1102 | s5r->domain, | 1092 | s5r->domain); |
1103 | s5r->tld); | ||
1104 | continue; | 1093 | continue; |
1105 | } | 1094 | } |
1106 | } | 1095 | } |
1107 | else if (0 == strcmp (cookie_domain, s5r->leho)) | 1096 | else if (0 == strcmp (cookie_domain, s5r->leho)) |
1108 | { | 1097 | { |
1109 | offset += sprintf (new_cookie_hdr + offset, | 1098 | offset += sprintf (new_cookie_hdr + offset, |
1110 | " domain=%s.%s;", | 1099 | " domain=%s;", |
1111 | s5r->domain, | 1100 | s5r->domain); |
1112 | s5r->tld); | ||
1113 | continue; | 1101 | continue; |
1114 | } | 1102 | } |
1115 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | 1103 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, |
@@ -1138,12 +1126,11 @@ curl_check_hdr (void *buffer, size_t size, size_t nmemb, void *cls) | |||
1138 | strlen (leho_host))) | 1126 | strlen (leho_host))) |
1139 | { | 1127 | { |
1140 | GNUNET_asprintf (&new_location, | 1128 | GNUNET_asprintf (&new_location, |
1141 | "%s%s.%s%s", | 1129 | "%s%s%s", |
1142 | (HTTPS_PORT != s5r->port) | 1130 | (HTTPS_PORT != s5r->port) |
1143 | ? "http://" | 1131 | ? "http://" |
1144 | : "https://", | 1132 | : "https://", |
1145 | s5r->domain, | 1133 | s5r->domain, |
1146 | s5r->tld, | ||
1147 | hdr_val + strlen (leho_host)); | 1134 | hdr_val + strlen (leho_host)); |
1148 | hdr_val = new_location; | 1135 | hdr_val = new_location; |
1149 | } | 1136 | } |
@@ -2389,9 +2376,8 @@ setup_data_transfer (struct Socks5Request *s5r) | |||
2389 | { | 2376 | { |
2390 | case HTTPS_PORT: | 2377 | case HTTPS_PORT: |
2391 | GNUNET_asprintf (&domain, | 2378 | GNUNET_asprintf (&domain, |
2392 | "%s.%s", | 2379 | "%s", |
2393 | s5r->domain, | 2380 | s5r->domain); |
2394 | s5r->tld); | ||
2395 | hd = lookup_ssl_httpd (domain); | 2381 | hd = lookup_ssl_httpd (domain); |
2396 | if (NULL == hd) | 2382 | if (NULL == hd) |
2397 | { | 2383 | { |
@@ -2556,6 +2542,7 @@ signal_socks_success (struct Socks5Request *s5r) | |||
2556 | */ | 2542 | */ |
2557 | static void | 2543 | static void |
2558 | handle_gns_result (void *cls, | 2544 | handle_gns_result (void *cls, |
2545 | int tld, | ||
2559 | uint32_t rd_count, | 2546 | uint32_t rd_count, |
2560 | const struct GNUNET_GNSRECORD_Data *rd) | 2547 | const struct GNUNET_GNSRECORD_Data *rd) |
2561 | { | 2548 | { |
@@ -2691,82 +2678,6 @@ clear_from_s5r_rbuf (struct Socks5Request *s5r, | |||
2691 | 2678 | ||
2692 | 2679 | ||
2693 | /** | 2680 | /** |
2694 | * Method called to with the ego we are to use for the lookup, | ||
2695 | * when the ego is determined by a name. | ||
2696 | * | ||
2697 | * @param cls closure (NULL, unused) | ||
2698 | * @param ego ego handle, NULL if not found | ||
2699 | */ | ||
2700 | static void | ||
2701 | identity_zone_cb (void *cls, | ||
2702 | const struct GNUNET_IDENTITY_Ego *ego) | ||
2703 | { | ||
2704 | struct Socks5Request *s5r = cls; | ||
2705 | struct GNUNET_CRYPTO_EcdsaPublicKey pkey; | ||
2706 | |||
2707 | s5r->el = NULL; | ||
2708 | if (NULL == ego) | ||
2709 | { | ||
2710 | signal_socks_failure (s5r, | ||
2711 | SOCKS5_STATUS_GENERAL_FAILURE); | ||
2712 | return; | ||
2713 | |||
2714 | } | ||
2715 | GNUNET_IDENTITY_ego_get_public_key (ego, | ||
2716 | &pkey); | ||
2717 | s5r->gns_lookup = GNUNET_GNS_lookup (gns_handle, | ||
2718 | s5r->domain, | ||
2719 | &pkey, | ||
2720 | GNUNET_DNSPARSER_TYPE_A, | ||
2721 | GNUNET_NO /* only cached */, | ||
2722 | &handle_gns_result, | ||
2723 | s5r); | ||
2724 | |||
2725 | |||
2726 | } | ||
2727 | |||
2728 | /** | ||
2729 | * Obtain TLD from @a name | ||
2730 | * | ||
2731 | * @param name a name | ||
2732 | * @return the part of @a name after the last ".", | ||
2733 | * or @a name if @a name does not contain a "." | ||
2734 | */ | ||
2735 | static const char * | ||
2736 | get_tld (const char *name) | ||
2737 | { | ||
2738 | const char *tld; | ||
2739 | |||
2740 | tld = strrchr (name, | ||
2741 | (unsigned char) '.'); | ||
2742 | if (NULL == tld) | ||
2743 | tld = name; | ||
2744 | else | ||
2745 | tld++; /* skip the '.' */ | ||
2746 | return tld; | ||
2747 | } | ||
2748 | |||
2749 | /** | ||
2750 | * Eat the TLD of the given @a name. | ||
2751 | * | ||
2752 | * @param name a name | ||
2753 | */ | ||
2754 | static void | ||
2755 | eat_tld (char *name) | ||
2756 | { | ||
2757 | char *tld; | ||
2758 | |||
2759 | GNUNET_assert (0 < strlen (name)); | ||
2760 | tld = strrchr (name, | ||
2761 | (unsigned char) '.'); | ||
2762 | if (NULL == tld) | ||
2763 | strcpy (name, | ||
2764 | GNUNET_GNS_MASTERZONE_STR); | ||
2765 | else | ||
2766 | *tld = '\0'; | ||
2767 | } | ||
2768 | |||
2769 | /** | ||
2770 | * Read data from incoming Socks5 connection | 2681 | * Read data from incoming Socks5 connection |
2771 | * | 2682 | * |
2772 | * @param cls the closure with the `struct Socks5Request` | 2683 | * @param cls the closure with the `struct Socks5Request` |
@@ -2781,9 +2692,6 @@ do_s5r_read (void *cls) | |||
2781 | ssize_t rlen; | 2692 | ssize_t rlen; |
2782 | size_t alen; | 2693 | size_t alen; |
2783 | const struct GNUNET_SCHEDULER_TaskContext *tc; | 2694 | const struct GNUNET_SCHEDULER_TaskContext *tc; |
2784 | char *zonestr; | ||
2785 | char *dot_tld; | ||
2786 | struct GNUNET_CRYPTO_EcdsaPublicKey pkey; | ||
2787 | 2695 | ||
2788 | s5r->rtask = NULL; | 2696 | s5r->rtask = NULL; |
2789 | tc = GNUNET_SCHEDULER_get_task_context (); | 2697 | tc = GNUNET_SCHEDULER_get_task_context (); |
@@ -2934,70 +2842,12 @@ do_s5r_read (void *cls) | |||
2934 | ntohs (*port)); | 2842 | ntohs (*port)); |
2935 | s5r->state = SOCKS5_RESOLVING; | 2843 | s5r->state = SOCKS5_RESOLVING; |
2936 | s5r->port = ntohs (*port); | 2844 | s5r->port = ntohs (*port); |
2937 | /* TLD is zkey */ | 2845 | s5r->gns_lookup = GNUNET_GNS_lookup_with_tld (gns_handle, |
2938 | s5r->tld = get_tld (s5r->domain); | 2846 | s5r->domain, |
2939 | if (GNUNET_OK == | 2847 | GNUNET_DNSPARSER_TYPE_A, |
2940 | GNUNET_CRYPTO_ecdsa_public_key_from_string (s5r->tld, | 2848 | GNUNET_NO /* only cached */, |
2941 | strlen (s5r->tld), | 2849 | &handle_gns_result, |
2942 | &pkey)) | 2850 | s5r); |
2943 | { | ||
2944 | eat_tld (s5r->domain); | ||
2945 | s5r->gns_lookup = GNUNET_GNS_lookup (gns_handle, | ||
2946 | s5r->domain, | ||
2947 | &pkey, | ||
2948 | GNUNET_DNSPARSER_TYPE_A, | ||
2949 | GNUNET_NO /* only cached */, | ||
2950 | &handle_gns_result, | ||
2951 | s5r); | ||
2952 | |||
2953 | break; | ||
2954 | } | ||
2955 | /* TLD is mapped in our config */ | ||
2956 | GNUNET_asprintf (&dot_tld, | ||
2957 | ".%s", | ||
2958 | s5r->tld); | ||
2959 | if (GNUNET_OK == | ||
2960 | GNUNET_CONFIGURATION_get_value_string (cfg, | ||
2961 | "gns", | ||
2962 | dot_tld, | ||
2963 | &zonestr)) | ||
2964 | { | ||
2965 | if (GNUNET_OK != | ||
2966 | GNUNET_CRYPTO_ecdsa_public_key_from_string (zonestr, | ||
2967 | strlen (zonestr), | ||
2968 | &pkey)) | ||
2969 | { | ||
2970 | GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, | ||
2971 | "gns", | ||
2972 | dot_tld, | ||
2973 | _("Expected a base32-encoded public zone key\n")); | ||
2974 | GNUNET_free (zonestr); | ||
2975 | GNUNET_free (dot_tld); | ||
2976 | signal_socks_failure (s5r, | ||
2977 | SOCKS5_STATUS_GENERAL_FAILURE); | ||
2978 | return; | ||
2979 | |||
2980 | } | ||
2981 | GNUNET_free (zonestr); | ||
2982 | GNUNET_free (dot_tld); | ||
2983 | eat_tld (s5r->domain); | ||
2984 | s5r->gns_lookup = GNUNET_GNS_lookup (gns_handle, | ||
2985 | s5r->domain, | ||
2986 | &pkey, | ||
2987 | GNUNET_DNSPARSER_TYPE_A, | ||
2988 | GNUNET_NO /* only cached */, | ||
2989 | &handle_gns_result, | ||
2990 | s5r); | ||
2991 | break; | ||
2992 | } | ||
2993 | |||
2994 | /* TLD matches against ego */ | ||
2995 | eat_tld (s5r->domain); | ||
2996 | |||
2997 | s5r->el = GNUNET_IDENTITY_ego_lookup (cfg, | ||
2998 | s5r->tld, | ||
2999 | &identity_zone_cb, | ||
3000 | s5r); | ||
3001 | break; | 2851 | break; |
3002 | } | 2852 | } |
3003 | default: | 2853 | default: |