-add config

author: Martin Schanzenbach <mschanzenbach@posteo.de> 2016-01-09 17:45:50 +0000
committer: Martin Schanzenbach <mschanzenbach@posteo.de> 2016-01-09 17:45:50 +0000
commit: 5d5cd3d00b2f75d7b6e630f9ea9bd354af9a0d5f (patch)
tree: 90ead2eca1b073a7bf78f73a726a79097d6c70da /src/identity-provider
parent: 3941d4252602eb9e6689897a8264380012fdf7e6 (diff)
download: gnunet-5d5cd3d00b2f75d7b6e630f9ea9bd354af9a0d5f.tar.gz
gnunet-5d5cd3d00b2f75d7b6e630f9ea9bd354af9a0d5f.zip
2 files changed, 91 insertions, 52 deletions
diff --git a/src/identity-provider/gnunet-service-identity-provider.c b/src/identity-provider/gnunet-service-identity-provider.c
index 2e914428e..ac4fd0961 100644
--- a/src/identity-provider/gnunet-service-identity-provider.c
+++ b/src/identity-provider/gnunet-service-identity-provider.c
@@ -19,7 +19,7 @@
   */
 /**
 * @author Martin Schanzenbach
- * @file src/identity/gnunet-service-identity-provider.c
+ * @file src/identity-provider/gnunet-service-identity-provider.c
 * @brief Identity Token Service
 *
 */
@@ -53,6 +53,11 @@
 #define MIN_WAIT_TIME GNUNET_TIME_UNIT_MINUTES
 /**
+ * Standard token expiration time
+ */
+#define DEFAULT_TOKEN_EXPIRATION_INTERVAL GNUNET_TIME_UNIT_HOURS
+/**
 * Service state (to detect initial update pass)
 */
 static int state;
@@ -73,6 +78,11 @@ static struct EgoEntry *ego_tail;
 static struct GNUNET_IDENTITY_Handle *identity_handle;
 /**
+ * Token expiration interval
+ */
+static struct GNUNET_TIME_Relative token_expiration_interval;
+/**
 * Namestore handle
 */
 static struct GNUNET_NAMESTORE_Handle *ns_handle;
@@ -144,6 +154,12 @@ static struct GNUNET_STATISTICS_Handle *stats;
 */
 static struct GNUNET_SERVER_NotificationContext *nc;
+/**
+ * Our configuration.
+ */
+static const struct GNUNET_CONFIGURATION_Handle *cfg;
 struct ExchangeHandle
 {
@@ -275,18 +291,12 @@ struct EgoEntry
 };
 /**
- * Our configuration.
+ * Continuation for token store call
+ *
+ * @param cls NULL
+ * @param success error code
+ * @param emsg error message
 */
-  static const struct GNUNET_CONFIGURATION_Handle *cfg;
-  /**
-   * Continuation for token store call
-   *
-   * @param cls NULL
-   * @param success error code
-   * @param emsg error message
-   */
 static void
 store_token_cont (void *cls,
                  int32_t success,
@@ -576,9 +586,6 @@ token_collect (void *cls,
                aud_key,
                &token);
-  //token = GNUNET_GNSRECORD_value_to_string (rd->record_type,
-  //                                          rd->data,
-  //                                          rd->data_size);
  label = GNUNET_strdup (lbl); 
  rd_exp = token_record->expiration_time;
@@ -692,7 +699,7 @@ update_identities(void *cls,
                ">>> Finished. Rescheduling in %d\n",
                min_rel_exp.rel_value_us);
    ns_it = NULL;
-    //finished -> TODO reschedule
+    //finished -> reschedule
    update_task = GNUNET_SCHEDULER_add_delayed (min_rel_exp,
                                                &update_identities,
                                                ego_head);
@@ -866,7 +873,21 @@ create_issue_result_message (const char* ticket)
  return irm;
 }
-void
+static void
+cleanup_issue_handle (struct IssueHandle *handle)
+{
+  if (NULL != handle->attr_map)
+    GNUNET_CONTAINER_multihashmap_destroy (handle->attr_map);
+  if (NULL != handle->scopes)
+    GNUNET_free (handle->scopes);
+  if (NULL != handle->token)
+    token_destroy (handle->token);
+  if (NULL != handle->ticket)
+    ticket_destroy (handle->ticket);
+  GNUNET_free (handle);
+}
+static void
 store_token_issue_cont (void *cls,
                        int32_t success,
                        const char *emsg)
@@ -877,16 +898,19 @@ store_token_issue_cont (void *cls,
  handle->ns_qe = NULL;
  if (GNUNET_SYSERR == success)
  {
-    //TODO err msg
+    cleanup_issue_handle (handle);
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "%s\n",
+                "Unknown Error\n");
+    GNUNET_SCHEDULER_add_now (&do_shutdown, NULL);
    return;
  }
  if (GNUNET_OK != ticket_serialize (handle->ticket,
                                     &handle->iss_key,
                                     &token_ticket_str))
  {
-    GNUNET_CONTAINER_multihashmap_destroy (handle->attr_map);
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "%s\n",
-    ticket_destroy (handle->ticket);
+                "Error serializing ticket\n");
-    GNUNET_free (handle);
+    cleanup_issue_handle (handle);
    GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); 
    return;
  }
@@ -896,11 +920,7 @@ store_token_issue_cont (void *cls,
                                              &irm->header,
                                              GNUNET_NO);
  GNUNET_SERVER_client_set_user_context (handle->client, NULL);
-  GNUNET_CONTAINER_multihashmap_destroy (handle->attr_map);
+  cleanup_issue_handle (handle);
-  GNUNET_free (handle->scopes);
-  token_destroy (handle->token);
-  ticket_destroy (handle->ticket);
-  GNUNET_free (handle);
  GNUNET_free (irm);
  GNUNET_free (token_ticket_str);
 }
@@ -922,7 +942,6 @@ sign_and_return_token (void *cls,
  struct GNUNET_CRYPTO_EcdhePrivateKey *ecdhe_privkey;
  struct IssueHandle *handle = cls;
  struct GNUNET_GNSRECORD_Data token_record[2];
-  struct GNUNET_TIME_Relative etime_rel;
  char *lbl_str;
  char *nonce_str;
  char *enc_token_str;
@@ -946,31 +965,19 @@ sign_and_return_token (void *cls,
                                &lbl_str);
  GNUNET_CRYPTO_ecdsa_key_get_public (&handle->iss_key,
                                      &pub_key);
  handle->ticket = ticket_create (nonce_str,
                                  &pub_key,
                                  lbl_str,
                                  &handle->aud_key);
-  if (GNUNET_OK !=
-      GNUNET_STRINGS_fancy_time_to_relative ("1d", //TODO
-                                             &etime_rel))
-  {
-    ticket_destroy (handle->ticket);
-    GNUNET_free (handle);
-    GNUNET_SCHEDULER_add_now (&do_shutdown, handle);
-    return;
-  }
  time = GNUNET_TIME_absolute_get().abs_value_us;
-  exp_time = time + etime_rel.rel_value_us;
+  exp_time = time + token_expiration_interval.rel_value_us;
  token_add_json (handle->token, "nbf", json_integer (time));
  token_add_json (handle->token, "iat", json_integer (time));
  token_add_json (handle->token, "exp", json_integer (exp_time));
  token_add_attr (handle->token, "nonce", nonce_str);
  //Token in a serialized encrypted format 
  GNUNET_assert (token_serialize (handle->token,
                                  &handle->iss_key,
@@ -996,8 +1003,6 @@ sign_and_return_token (void *cls,
  write_ptr += sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey);
  memcpy (write_ptr, handle->scopes, strlen (handle->scopes) + 1); //with 0-Terminator;
-  GNUNET_free (ecdhe_privkey);
  token_record[1].data = token_metadata;
  token_record[1].data_size = token_metadata_len;
  token_record[1].expiration_time = exp_time;
@@ -1010,8 +1015,9 @@ sign_and_return_token (void *cls,
                                                  lbl_str,
                                                  2,
                                                  token_record,
-                                                       &store_token_issue_cont,
+                                                  &store_token_issue_cont,
                                                  handle);
+  GNUNET_free (ecdhe_privkey);
  GNUNET_free (lbl_str);
  GNUNET_free (nonce_str);
  GNUNET_free (enc_token_str);
@@ -1100,6 +1106,16 @@ attr_collect (void *cls,
 }
 static void
+cleanup_exchange_handle (struct ExchangeHandle *handle)
+{
+  if (NULL != handle->ticket) 
+    ticket_destroy (handle->ticket);
+  if (NULL != handle->token)
+    token_destroy (handle->token);
+  GNUNET_free (handle);
+}
+static void
 process_lookup_result (void *cls, uint32_t rd_count,
                       const struct GNUNET_GNSRECORD_Data *rd)
 {
@@ -1114,8 +1130,7 @@ process_lookup_result (void *cls, uint32_t rd_count,
    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                "Number of tokens %d != 2.",
                rd_count);
-    GNUNET_free (handle->label);
+    cleanup_exchange_handle (handle);
-    GNUNET_free (handle);
    GNUNET_SCHEDULER_add_now (&do_shutdown, handle);
    return;
  }
@@ -1142,11 +1157,10 @@ process_lookup_result (void *cls, uint32_t rd_count,
                                              &erm->header,
                                              GNUNET_NO);
  GNUNET_SERVER_client_set_user_context (handle->client, NULL);
-  ticket_destroy (handle->ticket);
-  token_destroy (handle->token);
+  cleanup_exchange_handle (handle);
  GNUNET_free (record_str);
  GNUNET_free (token_str);
-  GNUNET_free (handle);
  GNUNET_free (erm);
 }
@@ -1184,7 +1198,7 @@ handle_exchange_message (void *cls,
              ticket);
  xchange_handle = GNUNET_malloc (sizeof (struct ExchangeHandle));
  xchange_handle->aud_privkey = em->aud_privkey;
-  
  if (GNUNET_SYSERR == ticket_parse (ticket,
                                     &xchange_handle->aud_privkey,
                                     &xchange_handle->ticket))
@@ -1228,8 +1242,9 @@ handle_issue_message (void *cls,
                      const struct GNUNET_MessageHeader *message)
 {
  const struct GNUNET_IDENTITY_PROVIDER_IssueMessage *im;
-  uint16_t size;
  const char *scopes;
+  uint16_t size;
  char *scopes_tmp;
  char *scope;
  struct GNUNET_HashCode key;
@@ -1282,8 +1297,6 @@ handle_issue_message (void *cls,
                                                               &im->iss_key,
                                                               &attr_collect,
                                                               issue_handle);
 }
 /**
@@ -1329,6 +1342,20 @@ run (void *cls,
  identity_handle = GNUNET_IDENTITY_connect (cfg,
                                             &list_ego,
                                             NULL);
+  
+  if (GNUNET_OK == 
+      GNUNET_CONFIGURATION_get_value_time (cfg,
+                                             "identity-provider",
+                                            "TOKEN_EXPIRATION_INTERVAL",
+                                            &token_expiration_interval))
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+                "Time window for zone iteration: %s\n",
+                GNUNET_STRINGS_relative_time_to_string (token_expiration_interval,
+                                                                     GNUNET_YES));
+  } else {
+    token_expiration_interval = DEFAULT_TOKEN_EXPIRATION_INTERVAL;
+  }
  GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL,
                                &do_shutdown, NULL);
diff --git a/src/identity-provider/identity-provider.conf b/src/identity-provider/identity-provider.conf
new file mode 100644
index 000000000..bac8e69ed
--- /dev/null
+++ b/src/identity-provider/identity-provider.conf
@@ -0,0 +1,12 @@
+[identity-provider]
+AUTOSTART = NO
+USER_SERVICE = YES
+#PORT = 2108
+HOSTNAME = localhost
+BINARY = gnunet-service-identity-provider
+ACCEPT_FROM = 127.0.0.1;
+ACCEPT_FROM6 = ::1;
+UNIXPATH = $GNUNET_USER_RUNTIME_DIR/gnunet-service-identity-provider.sock
+UNIX_MATCH_UID = NO
+UNIX_MATCH_GID = YES
+TOKEN_EXPIRATION_INTERVAL = 30 m
author	Martin Schanzenbach <mschanzenbach@posteo.de>	2016-01-09 17:45:50 +0000
committer	Martin Schanzenbach <mschanzenbach@posteo.de>	2016-01-09 17:45:50 +0000
commit	5d5cd3d00b2f75d7b6e630f9ea9bd354af9a0d5f (patch)
tree	90ead2eca1b073a7bf78f73a726a79097d6c70da /src/identity-provider
parent	3941d4252602eb9e6689897a8264380012fdf7e6 (diff)
download	gnunet-5d5cd3d00b2f75d7b6e630f9ea9bd354af9a0d5f.tar.gz gnunet-5d5cd3d00b2f75d7b6e630f9ea9bd354af9a0d5f.zip

diff --git a/src/identity-provider/gnunet-service-identity-provider.c b/src/identity-provider/gnunet-service-identity-provider.c index 2e914428e..ac4fd0961 100644 --- a/src/identity-provider/gnunet-service-identity-provider.c +++ b/src/identity-provider/gnunet-service-identity-provider.c
@@ -19,7 +19,7 @@
19	*/	19	*/
20	/**	20	/**
21	* @author Martin Schanzenbach	21	* @author Martin Schanzenbach
22	* @file src/identity/gnunet-service-identity-provider.c	22	* @file src/identity-provider/gnunet-service-identity-provider.c
23	* @brief Identity Token Service	23	* @brief Identity Token Service
24	*	24	*
25	*/	25	*/
@@ -53,6 +53,11 @@
53	#define MIN_WAIT_TIME GNUNET_TIME_UNIT_MINUTES	53	#define MIN_WAIT_TIME GNUNET_TIME_UNIT_MINUTES
54		54
55	/**	55	/**
		56	* Standard token expiration time
		57	*/
		58	#define DEFAULT_TOKEN_EXPIRATION_INTERVAL GNUNET_TIME_UNIT_HOURS
		59
		60	/**
56	* Service state (to detect initial update pass)	61	* Service state (to detect initial update pass)
57	*/	62	*/
58	static int state;	63	static int state;
@@ -73,6 +78,11 @@ static struct EgoEntry *ego_tail;
73	static struct GNUNET_IDENTITY_Handle *identity_handle;	78	static struct GNUNET_IDENTITY_Handle *identity_handle;
74		79
75	/**	80	/**
		81	* Token expiration interval
		82	*/
		83	static struct GNUNET_TIME_Relative token_expiration_interval;
		84
		85	/**
76	* Namestore handle	86	* Namestore handle
77	*/	87	*/
78	static struct GNUNET_NAMESTORE_Handle *ns_handle;	88	static struct GNUNET_NAMESTORE_Handle *ns_handle;
@@ -144,6 +154,12 @@ static struct GNUNET_STATISTICS_Handle *stats;
144	*/	154	*/
145	static struct GNUNET_SERVER_NotificationContext *nc;	155	static struct GNUNET_SERVER_NotificationContext *nc;
146		156
		157	/**
		158	* Our configuration.
		159	*/
		160	static const struct GNUNET_CONFIGURATION_Handle *cfg;
		161
		162
147	struct ExchangeHandle	163	struct ExchangeHandle
148	{	164	{
149		165
@@ -275,18 +291,12 @@ struct EgoEntry
275	};	291	};
276		292
277	/**	293	/**
278	* Our configuration.	294	* Continuation for token store call
		295	*
		296	* @param cls NULL
		297	* @param success error code
		298	* @param emsg error message
279	*/	299	*/
280	static const struct GNUNET_CONFIGURATION_Handle *cfg;
281
282
283	/**
284	* Continuation for token store call
285	*
286	* @param cls NULL
287	* @param success error code
288	* @param emsg error message
289	*/
290	static void	300	static void
291	store_token_cont (void *cls,	301	store_token_cont (void *cls,
292	int32_t success,	302	int32_t success,
@@ -576,9 +586,6 @@ token_collect (void *cls,
576	aud_key,	586	aud_key,
577	&token);	587	&token);
578		588
579	//token = GNUNET_GNSRECORD_value_to_string (rd->record_type,
580	// rd->data,
581	// rd->data_size);
582	label = GNUNET_strdup (lbl);	589	label = GNUNET_strdup (lbl);
583	rd_exp = token_record->expiration_time;	590	rd_exp = token_record->expiration_time;
584		591
@@ -692,7 +699,7 @@ update_identities(void *cls,
692	">>> Finished. Rescheduling in %d\n",	699	">>> Finished. Rescheduling in %d\n",
693	min_rel_exp.rel_value_us);	700	min_rel_exp.rel_value_us);
694	ns_it = NULL;	701	ns_it = NULL;
695	//finished -> TODO reschedule	702	//finished -> reschedule
696	update_task = GNUNET_SCHEDULER_add_delayed (min_rel_exp,	703	update_task = GNUNET_SCHEDULER_add_delayed (min_rel_exp,
697	&update_identities,	704	&update_identities,
698	ego_head);	705	ego_head);
@@ -866,7 +873,21 @@ create_issue_result_message (const char* ticket)
866	return irm;	873	return irm;
867	}	874	}
868		875
869	void	876	static void
		877	cleanup_issue_handle (struct IssueHandle *handle)
		878	{
		879	if (NULL != handle->attr_map)
		880	GNUNET_CONTAINER_multihashmap_destroy (handle->attr_map);
		881	if (NULL != handle->scopes)
		882	GNUNET_free (handle->scopes);
		883	if (NULL != handle->token)
		884	token_destroy (handle->token);
		885	if (NULL != handle->ticket)
		886	ticket_destroy (handle->ticket);
		887	GNUNET_free (handle);
		888	}
		889
		890	static void
870	store_token_issue_cont (void *cls,	891	store_token_issue_cont (void *cls,
871	int32_t success,	892	int32_t success,
872	const char *emsg)	893	const char *emsg)
@@ -877,16 +898,19 @@ store_token_issue_cont (void *cls,
877	handle->ns_qe = NULL;	898	handle->ns_qe = NULL;
878	if (GNUNET_SYSERR == success)	899	if (GNUNET_SYSERR == success)
879	{	900	{
880	//TODO err msg	901	cleanup_issue_handle (handle);
		902	GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "%s\n",
		903	"Unknown Error\n");
		904	GNUNET_SCHEDULER_add_now (&do_shutdown, NULL);
881	return;	905	return;
882	}	906	}
883	if (GNUNET_OK != ticket_serialize (handle->ticket,	907	if (GNUNET_OK != ticket_serialize (handle->ticket,
884	&handle->iss_key,	908	&handle->iss_key,
885	&token_ticket_str))	909	&token_ticket_str))
886	{	910	{
887	GNUNET_CONTAINER_multihashmap_destroy (handle->attr_map);	911	GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "%s\n",
888	ticket_destroy (handle->ticket);	912	"Error serializing ticket\n");
889	GNUNET_free (handle);	913	cleanup_issue_handle (handle);
890	GNUNET_SCHEDULER_add_now (&do_shutdown, NULL);	914	GNUNET_SCHEDULER_add_now (&do_shutdown, NULL);
891	return;	915	return;
892	}	916	}
@@ -896,11 +920,7 @@ store_token_issue_cont (void *cls,
896	&irm->header,	920	&irm->header,
897	GNUNET_NO);	921	GNUNET_NO);
898	GNUNET_SERVER_client_set_user_context (handle->client, NULL);	922	GNUNET_SERVER_client_set_user_context (handle->client, NULL);
899	GNUNET_CONTAINER_multihashmap_destroy (handle->attr_map);	923	cleanup_issue_handle (handle);
900	GNUNET_free (handle->scopes);
901	token_destroy (handle->token);
902	ticket_destroy (handle->ticket);
903	GNUNET_free (handle);
904	GNUNET_free (irm);	924	GNUNET_free (irm);
905	GNUNET_free (token_ticket_str);	925	GNUNET_free (token_ticket_str);
906	}	926	}
@@ -922,7 +942,6 @@ sign_and_return_token (void *cls,
922	struct GNUNET_CRYPTO_EcdhePrivateKey *ecdhe_privkey;	942	struct GNUNET_CRYPTO_EcdhePrivateKey *ecdhe_privkey;
923	struct IssueHandle *handle = cls;	943	struct IssueHandle *handle = cls;
924	struct GNUNET_GNSRECORD_Data token_record[2];	944	struct GNUNET_GNSRECORD_Data token_record[2];
925	struct GNUNET_TIME_Relative etime_rel;
926	char *lbl_str;	945	char *lbl_str;
927	char *nonce_str;	946	char *nonce_str;
928	char *enc_token_str;	947	char *enc_token_str;
@@ -946,31 +965,19 @@ sign_and_return_token (void *cls,
946	&lbl_str);	965	&lbl_str);
947	GNUNET_CRYPTO_ecdsa_key_get_public (&handle->iss_key,	966	GNUNET_CRYPTO_ecdsa_key_get_public (&handle->iss_key,
948	&pub_key);	967	&pub_key);
949
950	handle->ticket = ticket_create (nonce_str,	968	handle->ticket = ticket_create (nonce_str,
951	&pub_key,	969	&pub_key,
952	lbl_str,	970	lbl_str,
953	&handle->aud_key);	971	&handle->aud_key);
954		972
955
956	if (GNUNET_OK !=
957	GNUNET_STRINGS_fancy_time_to_relative ("1d", //TODO
958	&etime_rel))
959	{
960	ticket_destroy (handle->ticket);
961	GNUNET_free (handle);
962	GNUNET_SCHEDULER_add_now (&do_shutdown, handle);
963	return;
964	}
965	time = GNUNET_TIME_absolute_get().abs_value_us;	973	time = GNUNET_TIME_absolute_get().abs_value_us;
966	exp_time = time + etime_rel.rel_value_us;	974	exp_time = time + token_expiration_interval.rel_value_us;
967		975
968	token_add_json (handle->token, "nbf", json_integer (time));	976	token_add_json (handle->token, "nbf", json_integer (time));
969	token_add_json (handle->token, "iat", json_integer (time));	977	token_add_json (handle->token, "iat", json_integer (time));
970	token_add_json (handle->token, "exp", json_integer (exp_time));	978	token_add_json (handle->token, "exp", json_integer (exp_time));
971	token_add_attr (handle->token, "nonce", nonce_str);	979	token_add_attr (handle->token, "nonce", nonce_str);
972		980
973
974	//Token in a serialized encrypted format	981	//Token in a serialized encrypted format
975	GNUNET_assert (token_serialize (handle->token,	982	GNUNET_assert (token_serialize (handle->token,
976	&handle->iss_key,	983	&handle->iss_key,
@@ -996,8 +1003,6 @@ sign_and_return_token (void *cls,
996	write_ptr += sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey);	1003	write_ptr += sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey);
997	memcpy (write_ptr, handle->scopes, strlen (handle->scopes) + 1); //with 0-Terminator;	1004	memcpy (write_ptr, handle->scopes, strlen (handle->scopes) + 1); //with 0-Terminator;
998		1005
999	GNUNET_free (ecdhe_privkey);
1000
1001	token_record[1].data = token_metadata;	1006	token_record[1].data = token_metadata;
1002	token_record[1].data_size = token_metadata_len;	1007	token_record[1].data_size = token_metadata_len;
1003	token_record[1].expiration_time = exp_time;	1008	token_record[1].expiration_time = exp_time;
@@ -1010,8 +1015,9 @@ sign_and_return_token (void *cls,
1010	lbl_str,	1015	lbl_str,
1011	2,	1016	2,
1012	token_record,	1017	token_record,
1013	&store_token_issue_cont,	1018	&store_token_issue_cont,
1014	handle);	1019	handle);
		1020	GNUNET_free (ecdhe_privkey);
1015	GNUNET_free (lbl_str);	1021	GNUNET_free (lbl_str);
1016	GNUNET_free (nonce_str);	1022	GNUNET_free (nonce_str);
1017	GNUNET_free (enc_token_str);	1023	GNUNET_free (enc_token_str);
@@ -1100,6 +1106,16 @@ attr_collect (void *cls,
1100	}	1106	}
1101		1107
1102	static void	1108	static void
		1109	cleanup_exchange_handle (struct ExchangeHandle *handle)
		1110	{
		1111	if (NULL != handle->ticket)
		1112	ticket_destroy (handle->ticket);
		1113	if (NULL != handle->token)
		1114	token_destroy (handle->token);
		1115	GNUNET_free (handle);
		1116	}
		1117
		1118	static void
1103	process_lookup_result (void *cls, uint32_t rd_count,	1119	process_lookup_result (void *cls, uint32_t rd_count,
1104	const struct GNUNET_GNSRECORD_Data *rd)	1120	const struct GNUNET_GNSRECORD_Data *rd)
1105	{	1121	{
@@ -1114,8 +1130,7 @@ process_lookup_result (void *cls, uint32_t rd_count,
1114	GNUNET_log (GNUNET_ERROR_TYPE_ERROR,	1130	GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1115	"Number of tokens %d != 2.",	1131	"Number of tokens %d != 2.",
1116	rd_count);	1132	rd_count);
1117	GNUNET_free (handle->label);	1133	cleanup_exchange_handle (handle);
1118	GNUNET_free (handle);
1119	GNUNET_SCHEDULER_add_now (&do_shutdown, handle);	1134	GNUNET_SCHEDULER_add_now (&do_shutdown, handle);
1120	return;	1135	return;
1121	}	1136	}
@@ -1142,11 +1157,10 @@ process_lookup_result (void *cls, uint32_t rd_count,
1142	&erm->header,	1157	&erm->header,
1143	GNUNET_NO);	1158	GNUNET_NO);
1144	GNUNET_SERVER_client_set_user_context (handle->client, NULL);	1159	GNUNET_SERVER_client_set_user_context (handle->client, NULL);
1145	ticket_destroy (handle->ticket);	1160
1146	token_destroy (handle->token);	1161	cleanup_exchange_handle (handle);
1147	GNUNET_free (record_str);	1162	GNUNET_free (record_str);
1148	GNUNET_free (token_str);	1163	GNUNET_free (token_str);
1149	GNUNET_free (handle);
1150	GNUNET_free (erm);	1164	GNUNET_free (erm);
1151		1165
1152	}	1166	}
@@ -1184,7 +1198,7 @@ handle_exchange_message (void *cls,
1184	ticket);	1198	ticket);
1185	xchange_handle = GNUNET_malloc (sizeof (struct ExchangeHandle));	1199	xchange_handle = GNUNET_malloc (sizeof (struct ExchangeHandle));
1186	xchange_handle->aud_privkey = em->aud_privkey;	1200	xchange_handle->aud_privkey = em->aud_privkey;
1187		1201
1188	if (GNUNET_SYSERR == ticket_parse (ticket,	1202	if (GNUNET_SYSERR == ticket_parse (ticket,
1189	&xchange_handle->aud_privkey,	1203	&xchange_handle->aud_privkey,
1190	&xchange_handle->ticket))	1204	&xchange_handle->ticket))
@@ -1228,8 +1242,9 @@ handle_issue_message (void *cls,
1228	const struct GNUNET_MessageHeader *message)	1242	const struct GNUNET_MessageHeader *message)
1229	{	1243	{
1230	const struct GNUNET_IDENTITY_PROVIDER_IssueMessage *im;	1244	const struct GNUNET_IDENTITY_PROVIDER_IssueMessage *im;
1231	uint16_t size;
1232	const char *scopes;	1245	const char *scopes;
		1246
		1247	uint16_t size;
1233	char *scopes_tmp;	1248	char *scopes_tmp;
1234	char *scope;	1249	char *scope;
1235	struct GNUNET_HashCode key;	1250	struct GNUNET_HashCode key;
@@ -1282,8 +1297,6 @@ handle_issue_message (void *cls,
1282	&im->iss_key,	1297	&im->iss_key,
1283	&attr_collect,	1298	&attr_collect,
1284	issue_handle);	1299	issue_handle);
1285
1286
1287	}	1300	}
1288		1301
1289	/**	1302	/**
@@ -1329,6 +1342,20 @@ run (void *cls,
1329	identity_handle = GNUNET_IDENTITY_connect (cfg,	1342	identity_handle = GNUNET_IDENTITY_connect (cfg,
1330	&list_ego,	1343	&list_ego,
1331	NULL);	1344	NULL);
		1345
		1346	if (GNUNET_OK ==
		1347	GNUNET_CONFIGURATION_get_value_time (cfg,
		1348	"identity-provider",
		1349	"TOKEN_EXPIRATION_INTERVAL",
		1350	&token_expiration_interval))
		1351	{
		1352	GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
		1353	"Time window for zone iteration: %s\n",
		1354	GNUNET_STRINGS_relative_time_to_string (token_expiration_interval,
		1355	GNUNET_YES));
		1356	} else {
		1357	token_expiration_interval = DEFAULT_TOKEN_EXPIRATION_INTERVAL;
		1358	}
1332		1359
1333	GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL,	1360	GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL,
1334	&do_shutdown, NULL);	1361	&do_shutdown, NULL);


diff --git a/src/identity-provider/identity-provider.conf b/src/identity-provider/identity-provider.conf new file mode 100644 index 000000000..bac8e69ed --- /dev/null +++ b/src/identity-provider/identity-provider.conf
@@ -0,0 +1,12 @@
		1	[identity-provider]
		2	AUTOSTART = NO
		3	USER_SERVICE = YES
		4	#PORT = 2108
		5	HOSTNAME = localhost
		6	BINARY = gnunet-service-identity-provider
		7	ACCEPT_FROM = 127.0.0.1;
		8	ACCEPT_FROM6 = ::1;
		9	UNIXPATH = $GNUNET_USER_RUNTIME_DIR/gnunet-service-identity-provider.sock
		10	UNIX_MATCH_UID = NO
		11	UNIX_MATCH_GID = YES
		12	TOKEN_EXPIRATION_INTERVAL = 30 m