diff options
author | Martin Schanzenbach <schanzen@gnunet.org> | 2020-12-27 21:43:47 +0900 |
---|---|---|
committer | Martin Schanzenbach <schanzen@gnunet.org> | 2020-12-27 21:43:47 +0900 |
commit | 7b32281b71e450827ff90f00451f5e5e98c0521e (patch) | |
tree | da46c45025d48462e6d9139bf2fe5c407df95c32 /src/reclaim/plugin_rest_openid_connect.c | |
parent | 75a3a90fb765da872383b8f85b2d4087186dc3db (diff) | |
download | gnunet-7b32281b71e450827ff90f00451f5e5e98c0521e.tar.gz gnunet-7b32281b71e450827ff90f00451f5e5e98c0521e.zip |
-hunting memleaks
Diffstat (limited to 'src/reclaim/plugin_rest_openid_connect.c')
-rw-r--r-- | src/reclaim/plugin_rest_openid_connect.c | 40 |
1 files changed, 33 insertions, 7 deletions
diff --git a/src/reclaim/plugin_rest_openid_connect.c b/src/reclaim/plugin_rest_openid_connect.c index 5eb1ff093..0ee61755b 100644 --- a/src/reclaim/plugin_rest_openid_connect.c +++ b/src/reclaim/plugin_rest_openid_connect.c | |||
@@ -610,6 +610,10 @@ cleanup_handle (struct RequestHandle *handle) | |||
610 | GNUNET_free (handle->oidc->response_type); | 610 | GNUNET_free (handle->oidc->response_type); |
611 | GNUNET_free (handle->oidc->scope); | 611 | GNUNET_free (handle->oidc->scope); |
612 | GNUNET_free (handle->oidc->state); | 612 | GNUNET_free (handle->oidc->state); |
613 | if (NULL != handle->oidc->claims) | ||
614 | GNUNET_free (handle->oidc->claims); | ||
615 | if (NULL != handle->oidc->code_challenge) | ||
616 | GNUNET_free (handle->oidc->code_challenge); | ||
613 | GNUNET_free (handle->oidc); | 617 | GNUNET_free (handle->oidc); |
614 | } | 618 | } |
615 | if (NULL!=handle->attr_idtoken_list) | 619 | if (NULL!=handle->attr_idtoken_list) |
@@ -1193,8 +1197,7 @@ attr_in_claims_request (struct RequestHandle *handle, | |||
1193 | return GNUNET_YES; | 1197 | return GNUNET_YES; |
1194 | 1198 | ||
1195 | /** Try claims parameter if not in scope */ | 1199 | /** Try claims parameter if not in scope */ |
1196 | if ((NULL != handle->oidc->claims) && | 1200 | if (NULL != handle->oidc->claims) |
1197 | (GNUNET_YES != ret)) | ||
1198 | { | 1201 | { |
1199 | root = json_loads (handle->oidc->claims, JSON_DECODE_ANY, &error); | 1202 | root = json_loads (handle->oidc->claims, JSON_DECODE_ANY, &error); |
1200 | claims_j = json_object_get (root, claims_parameter); | 1203 | claims_j = json_object_get (root, claims_parameter); |
@@ -1708,8 +1711,6 @@ authorize_endpoint (struct GNUNET_REST_RequestHandle *con_handle, | |||
1708 | handle->ego_entry = ego_tail; | 1711 | handle->ego_entry = ego_tail; |
1709 | } | 1712 | } |
1710 | } | 1713 | } |
1711 | handle->oidc->scope = get_url_parameter_copy (handle, OIDC_SCOPE_KEY); | ||
1712 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Scope: %s\n", handle->oidc->scope); | ||
1713 | if (NULL == handle->tld) | 1714 | if (NULL == handle->tld) |
1714 | GNUNET_CONFIGURATION_iterate_section_values (cfg, "gns", tld_iter, handle); | 1715 | GNUNET_CONFIGURATION_iterate_section_values (cfg, "gns", tld_iter, handle); |
1715 | if (NULL == handle->tld) | 1716 | if (NULL == handle->tld) |
@@ -1872,11 +1873,18 @@ parse_credentials_post_body (struct RequestHandle *handle, | |||
1872 | if (GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains (handle->rest_handle | 1873 | if (GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains (handle->rest_handle |
1873 | ->url_param_map, | 1874 | ->url_param_map, |
1874 | &cache_key)) | 1875 | &cache_key)) |
1876 | { | ||
1877 | GNUNET_free (*client_id); | ||
1878 | *client_id = NULL; | ||
1875 | return GNUNET_SYSERR; | 1879 | return GNUNET_SYSERR; |
1880 | } | ||
1876 | pass = GNUNET_CONTAINER_multihashmap_get (handle->rest_handle->url_param_map, | 1881 | pass = GNUNET_CONTAINER_multihashmap_get (handle->rest_handle->url_param_map, |
1877 | &cache_key); | 1882 | &cache_key); |
1878 | if (NULL == pass) | 1883 | if (NULL == pass) { |
1884 | GNUNET_free (*client_id); | ||
1885 | *client_id = NULL; | ||
1879 | return GNUNET_SYSERR; | 1886 | return GNUNET_SYSERR; |
1887 | } | ||
1880 | *client_secret = strdup (pass); | 1888 | *client_secret = strdup (pass); |
1881 | return GNUNET_OK; | 1889 | return GNUNET_OK; |
1882 | } | 1890 | } |
@@ -1938,12 +1946,16 @@ check_authorization (struct RequestHandle *handle, | |||
1938 | GNUNET_free (expected_pass); | 1946 | GNUNET_free (expected_pass); |
1939 | handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_CLIENT); | 1947 | handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_CLIENT); |
1940 | handle->response_code = MHD_HTTP_UNAUTHORIZED; | 1948 | handle->response_code = MHD_HTTP_UNAUTHORIZED; |
1949 | GNUNET_free (received_cpw); | ||
1950 | GNUNET_free (received_cid); | ||
1941 | return GNUNET_SYSERR; | 1951 | return GNUNET_SYSERR; |
1942 | } | 1952 | } |
1943 | GNUNET_free (expected_pass); | 1953 | GNUNET_free (expected_pass); |
1944 | } | 1954 | } |
1945 | else | 1955 | else |
1946 | { | 1956 | { |
1957 | GNUNET_free (received_cpw); | ||
1958 | GNUNET_free (received_cid); | ||
1947 | handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_SERVER_ERROR); | 1959 | handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_SERVER_ERROR); |
1948 | handle->edesc = GNUNET_strdup ("gnunet configuration failed"); | 1960 | handle->edesc = GNUNET_strdup ("gnunet configuration failed"); |
1949 | handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR; | 1961 | handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR; |
@@ -2102,9 +2114,13 @@ token_endpoint (struct GNUNET_REST_RequestHandle *con_handle, | |||
2102 | handle->edesc = GNUNET_strdup ("invalid code"); | 2114 | handle->edesc = GNUNET_strdup ("invalid code"); |
2103 | handle->response_code = MHD_HTTP_BAD_REQUEST; | 2115 | handle->response_code = MHD_HTTP_BAD_REQUEST; |
2104 | GNUNET_free (code); | 2116 | GNUNET_free (code); |
2117 | if (NULL != code_verifier) | ||
2118 | GNUNET_free (code_verifier); | ||
2105 | GNUNET_SCHEDULER_add_now (&do_error, handle); | 2119 | GNUNET_SCHEDULER_add_now (&do_error, handle); |
2106 | return; | 2120 | return; |
2107 | } | 2121 | } |
2122 | if (NULL != code_verifier) | ||
2123 | GNUNET_free (code_verifier); | ||
2108 | 2124 | ||
2109 | // create jwt | 2125 | // create jwt |
2110 | if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_time (cfg, | 2126 | if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_time (cfg, |
@@ -2116,6 +2132,8 @@ token_endpoint (struct GNUNET_REST_RequestHandle *con_handle, | |||
2116 | handle->edesc = GNUNET_strdup ("gnunet configuration failed"); | 2132 | handle->edesc = GNUNET_strdup ("gnunet configuration failed"); |
2117 | handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR; | 2133 | handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR; |
2118 | GNUNET_free (code); | 2134 | GNUNET_free (code); |
2135 | if (NULL != nonce) | ||
2136 | GNUNET_free (nonce); | ||
2119 | GNUNET_SCHEDULER_add_now (&do_error, handle); | 2137 | GNUNET_SCHEDULER_add_now (&do_error, handle); |
2120 | return; | 2138 | return; |
2121 | } | 2139 | } |
@@ -2131,6 +2149,8 @@ token_endpoint (struct GNUNET_REST_RequestHandle *con_handle, | |||
2131 | handle->edesc = GNUNET_strdup ("No signing secret configured!"); | 2149 | handle->edesc = GNUNET_strdup ("No signing secret configured!"); |
2132 | handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR; | 2150 | handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR; |
2133 | GNUNET_free (code); | 2151 | GNUNET_free (code); |
2152 | if (NULL != nonce) | ||
2153 | GNUNET_free (nonce); | ||
2134 | GNUNET_SCHEDULER_add_now (&do_error, handle); | 2154 | GNUNET_SCHEDULER_add_now (&do_error, handle); |
2135 | return; | 2155 | return; |
2136 | } | 2156 | } |
@@ -2141,6 +2161,9 @@ token_endpoint (struct GNUNET_REST_RequestHandle *con_handle, | |||
2141 | &expiration_time, | 2161 | &expiration_time, |
2142 | (NULL != nonce) ? nonce : NULL, | 2162 | (NULL != nonce) ? nonce : NULL, |
2143 | jwt_secret); | 2163 | jwt_secret); |
2164 | GNUNET_free (jwt_secret); | ||
2165 | if (NULL != nonce) | ||
2166 | GNUNET_free (nonce); | ||
2144 | access_token = OIDC_access_token_new (&ticket); | 2167 | access_token = OIDC_access_token_new (&ticket); |
2145 | /* Store mapping from access token to code so we can later | 2168 | /* Store mapping from access token to code so we can later |
2146 | * fall back on the provided attributes in userinfo | 2169 | * fall back on the provided attributes in userinfo |
@@ -2293,6 +2316,8 @@ consume_timeout (void*cls) | |||
2293 | handle->edesc = GNUNET_strdup ("invalid code"); | 2316 | handle->edesc = GNUNET_strdup ("invalid code"); |
2294 | handle->response_code = MHD_HTTP_BAD_REQUEST; | 2317 | handle->response_code = MHD_HTTP_BAD_REQUEST; |
2295 | GNUNET_free (cached_code); | 2318 | GNUNET_free (cached_code); |
2319 | if (NULL != nonce) | ||
2320 | GNUNET_free (nonce); | ||
2296 | GNUNET_SCHEDULER_add_now (&do_error, handle); | 2321 | GNUNET_SCHEDULER_add_now (&do_error, handle); |
2297 | return; | 2322 | return; |
2298 | } | 2323 | } |
@@ -2337,7 +2362,7 @@ userinfo_endpoint (struct GNUNET_REST_RequestHandle *con_handle, | |||
2337 | const struct EgoEntry *aud_ego; | 2362 | const struct EgoEntry *aud_ego; |
2338 | const struct GNUNET_IDENTITY_PrivateKey *privkey; | 2363 | const struct GNUNET_IDENTITY_PrivateKey *privkey; |
2339 | 2364 | ||
2340 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Getting userinfo\n"); | 2365 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Getting userinfo\n"); |
2341 | GNUNET_CRYPTO_hash (OIDC_AUTHORIZATION_HEADER_KEY, | 2366 | GNUNET_CRYPTO_hash (OIDC_AUTHORIZATION_HEADER_KEY, |
2342 | strlen (OIDC_AUTHORIZATION_HEADER_KEY), | 2367 | strlen (OIDC_AUTHORIZATION_HEADER_KEY), |
2343 | &cache_key); | 2368 | &cache_key); |
@@ -2403,7 +2428,7 @@ userinfo_endpoint (struct GNUNET_REST_RequestHandle *con_handle, | |||
2403 | GNUNET_free (authorization); | 2428 | GNUNET_free (authorization); |
2404 | return; | 2429 | return; |
2405 | } | 2430 | } |
2406 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Consuming ticket\n"); | 2431 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Consuming ticket\n"); |
2407 | privkey = GNUNET_IDENTITY_ego_get_private_key (aud_ego->ego); | 2432 | privkey = GNUNET_IDENTITY_ego_get_private_key (aud_ego->ego); |
2408 | handle->attr_userinfo_list = | 2433 | handle->attr_userinfo_list = |
2409 | GNUNET_new (struct GNUNET_RECLAIM_AttributeList); | 2434 | GNUNET_new (struct GNUNET_RECLAIM_AttributeList); |
@@ -2617,6 +2642,7 @@ oidc_config_endpoint (struct GNUNET_REST_RequestHandle *con_handle, | |||
2617 | oidc_config_str = json_dumps (oidc_config, JSON_INDENT (1)); | 2642 | oidc_config_str = json_dumps (oidc_config, JSON_INDENT (1)); |
2618 | resp = GNUNET_REST_create_response (oidc_config_str); | 2643 | resp = GNUNET_REST_create_response (oidc_config_str); |
2619 | handle->proc (handle->proc_cls, resp, MHD_HTTP_OK); | 2644 | handle->proc (handle->proc_cls, resp, MHD_HTTP_OK); |
2645 | json_decref (oidc_config); | ||
2620 | GNUNET_free (oidc_config_str); | 2646 | GNUNET_free (oidc_config_str); |
2621 | cleanup_handle (handle); | 2647 | cleanup_handle (handle); |
2622 | } | 2648 | } |