diff options
author | Martin Schanzenbach <mschanzenbach@posteo.de> | 2020-05-13 18:00:03 +0200 |
---|---|---|
committer | Martin Schanzenbach <mschanzenbach@posteo.de> | 2020-05-13 18:00:03 +0200 |
commit | 151a0ae35e030d7358b9e9041d8b3ad1838b7349 (patch) | |
tree | c78c9ffba4e21bff8bac21ff369fe8a62cf748a2 /src | |
parent | 6707d15ba0232c1ff3485f5ccb3f3c26a77feba7 (diff) | |
parent | f3a3e4ebe452ed741c7d01384c64cbf224d45c95 (diff) | |
download | gnunet-151a0ae35e030d7358b9e9041d8b3ad1838b7349.tar.gz gnunet-151a0ae35e030d7358b9e9041d8b3ad1838b7349.zip |
Merge branch 'master' of ssh://gnunet.org/gnunet
Diffstat (limited to 'src')
-rw-r--r-- | src/gns/gnunet-gns.c | 2 | ||||
-rw-r--r-- | src/gns/gnunet-service-gns_resolver.c | 3 | ||||
-rw-r--r-- | src/gns/nss/nss_gns_query.c | 57 | ||||
-rw-r--r-- | src/gnsrecord/Makefile.am | 12 | ||||
-rw-r--r-- | src/gnsrecord/gnunet-gnsrecord-tvg.c | 202 | ||||
-rw-r--r-- | src/namestore/plugin_rest_namestore.c | 144 | ||||
-rw-r--r-- | src/reclaim/plugin_rest_openid_connect.c | 238 | ||||
-rw-r--r-- | src/revocation/Makefile.am | 12 | ||||
-rw-r--r-- | src/revocation/gnunet-revocation-tvg.c | 123 |
9 files changed, 658 insertions, 135 deletions
diff --git a/src/gns/gnunet-gns.c b/src/gns/gnunet-gns.c index eb1d4f23f..5cf496808 100644 --- a/src/gns/gnunet-gns.c +++ b/src/gns/gnunet-gns.c | |||
@@ -279,7 +279,7 @@ run (void *cls, | |||
279 | { | 279 | { |
280 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | 280 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, |
281 | _ ("Cannot resolve using GNS: GNUnet peer not running\n")); | 281 | _ ("Cannot resolve using GNS: GNUnet peer not running\n")); |
282 | global_ret = 2; | 282 | global_ret = 5; |
283 | return; | 283 | return; |
284 | } | 284 | } |
285 | to_task = GNUNET_SCHEDULER_add_delayed (timeout, | 285 | to_task = GNUNET_SCHEDULER_add_delayed (timeout, |
diff --git a/src/gns/gnunet-service-gns_resolver.c b/src/gns/gnunet-service-gns_resolver.c index 751cc226e..7d398c168 100644 --- a/src/gns/gnunet-service-gns_resolver.c +++ b/src/gns/gnunet-service-gns_resolver.c | |||
@@ -1763,8 +1763,7 @@ recursive_gns2dns_resolution (struct GNS_ResolverHandle *rh, | |||
1763 | /** | 1763 | /** |
1764 | * Records other than GNS2DNS not allowed | 1764 | * Records other than GNS2DNS not allowed |
1765 | */ | 1765 | */ |
1766 | fail_resolution (rh); | 1766 | return GNUNET_SYSERR; |
1767 | return; | ||
1768 | } | 1767 | } |
1769 | off = 0; | 1768 | off = 0; |
1770 | n = GNUNET_DNSPARSER_parse_name (rd[i].data, | 1769 | n = GNUNET_DNSPARSER_parse_name (rd[i].data, |
diff --git a/src/gns/nss/nss_gns_query.c b/src/gns/nss/nss_gns_query.c index 7f6bef90d..11e46ad7f 100644 --- a/src/gns/nss/nss_gns_query.c +++ b/src/gns/nss/nss_gns_query.c | |||
@@ -60,16 +60,16 @@ gns_resolve_name (int af, const char *name, struct userdata *u) | |||
60 | FILE *p; | 60 | FILE *p; |
61 | char line[128]; | 61 | char line[128]; |
62 | int ret; | 62 | int ret; |
63 | int retry = 0; | ||
63 | int out[2]; | 64 | int out[2]; |
64 | int tried_arm_start = 0; | ||
65 | pid_t pid; | 65 | pid_t pid; |
66 | 66 | ||
67 | if (0 == getuid ()) | 67 | if (0 == getuid ()) |
68 | return -2; /* GNS via NSS is NEVER for root */ | 68 | return -2; /* GNS via NSS is NEVER for root */ |
69 | if (0 != pipe (out)) | ||
70 | return -1; | ||
71 | 69 | ||
72 | query_gns: | 70 | query_gns: |
71 | if (0 != pipe (out)) | ||
72 | return -1; | ||
73 | pid = fork (); | 73 | pid = fork (); |
74 | if (-1 == pid) | 74 | if (-1 == pid) |
75 | return -1; | 75 | return -1; |
@@ -141,56 +141,23 @@ query_gns: | |||
141 | } | 141 | } |
142 | (void) fclose (p); | 142 | (void) fclose (p); |
143 | waitpid (pid, &ret, 0); | 143 | waitpid (pid, &ret, 0); |
144 | |||
145 | if (! WIFEXITED (ret)) | 144 | if (! WIFEXITED (ret)) |
146 | return -1; | 145 | return -1; |
147 | if (4 == WEXITSTATUS (ret)) | 146 | if (4 == WEXITSTATUS (ret)) |
148 | return -2; /* not for GNS */ | 147 | return -2; /* not for GNS */ |
149 | if ((3 == ret) && | 148 | if (5 == WEXITSTATUS (ret)) |
150 | (1 != tried_arm_start)) | 149 | { |
151 | return -3; /* timeout -> try restart */ | 150 | if (1 == retry) |
152 | if ((3 == ret) && | 151 | return -2; /* no go -> service unavailable */ |
153 | (1 == tried_arm_start)) | 152 | retry = 1; |
153 | system("gnunet-arm -s"); | ||
154 | goto query_gns; /* Try again */ | ||
155 | } | ||
156 | if (3 == WEXITSTATUS (ret)) | ||
154 | return -2; /* timeout -> service unavailable */ | 157 | return -2; /* timeout -> service unavailable */ |
155 | if ((2 == WEXITSTATUS (ret)) || (1 == WEXITSTATUS (ret))) | 158 | if ((2 == WEXITSTATUS (ret)) || (1 == WEXITSTATUS (ret))) |
156 | return -2; /* launch failure -> service unavailable */ | 159 | return -2; /* launch failure -> service unavailable */ |
157 | return 0; | 160 | return 0; |
158 | |||
159 | pid = fork (); | ||
160 | if (-1 == pid) | ||
161 | return -1; | ||
162 | if (0 == pid) | ||
163 | { | ||
164 | char *argv[] = { "gnunet-arm", | ||
165 | "-s", /* Raw output for easier parsing */ | ||
166 | NULL }; | ||
167 | |||
168 | (void) close (STDOUT_FILENO); | ||
169 | if ((0 != close (out[0])) || | ||
170 | (STDOUT_FILENO != dup2 (out[1], STDOUT_FILENO))) | ||
171 | _exit (1); | ||
172 | (void) execvp ("gnunet-arm", argv); | ||
173 | _exit (1); | ||
174 | } | ||
175 | (void) close (out[1]); | ||
176 | p = fdopen (out[0], "r"); | ||
177 | if (NULL == p) | ||
178 | { | ||
179 | kwait (pid); | ||
180 | return -1; | ||
181 | } | ||
182 | while (NULL != fgets (line, sizeof(line), p)) | ||
183 | { | ||
184 | /** | ||
185 | * Read output | ||
186 | */ | ||
187 | } | ||
188 | (void) fclose (p); | ||
189 | waitpid (pid, &ret, 0); | ||
190 | tried_arm_start = 1; | ||
191 | goto query_gns; | ||
192 | |||
193 | |||
194 | } | 161 | } |
195 | 162 | ||
196 | 163 | ||
diff --git a/src/gnsrecord/Makefile.am b/src/gnsrecord/Makefile.am index 3da9af9ca..2e6eca7ba 100644 --- a/src/gnsrecord/Makefile.am +++ b/src/gnsrecord/Makefile.am | |||
@@ -12,6 +12,10 @@ if USE_COVERAGE | |||
12 | XLIBS = -lgcov | 12 | XLIBS = -lgcov |
13 | endif | 13 | endif |
14 | 14 | ||
15 | bin_PROGRAMS = \ | ||
16 | gnunet-gnsrecord-tvg | ||
17 | |||
18 | |||
15 | check_PROGRAMS = \ | 19 | check_PROGRAMS = \ |
16 | test_gnsrecord_crypto \ | 20 | test_gnsrecord_crypto \ |
17 | test_gnsrecord_serialization \ | 21 | test_gnsrecord_serialization \ |
@@ -28,6 +32,14 @@ endif | |||
28 | lib_LTLIBRARIES = \ | 32 | lib_LTLIBRARIES = \ |
29 | libgnunetgnsrecord.la | 33 | libgnunetgnsrecord.la |
30 | 34 | ||
35 | gnunet_gnsrecord_tvg_SOURCES = \ | ||
36 | gnunet-gnsrecord-tvg.c | ||
37 | gnunet_gnsrecord_tvg_LDADD = \ | ||
38 | $(top_builddir)/src/util/libgnunetutil.la \ | ||
39 | libgnunetgnsrecord.la \ | ||
40 | $(GN_LIBINTL) | ||
41 | |||
42 | |||
31 | libgnunetgnsrecord_la_SOURCES = \ | 43 | libgnunetgnsrecord_la_SOURCES = \ |
32 | gnsrecord.c \ | 44 | gnsrecord.c \ |
33 | gnsrecord_serialization.c \ | 45 | gnsrecord_serialization.c \ |
diff --git a/src/gnsrecord/gnunet-gnsrecord-tvg.c b/src/gnsrecord/gnunet-gnsrecord-tvg.c new file mode 100644 index 000000000..cf815d629 --- /dev/null +++ b/src/gnsrecord/gnunet-gnsrecord-tvg.c | |||
@@ -0,0 +1,202 @@ | |||
1 | /* | ||
2 | This file is part of GNUnet. | ||
3 | Copyright (C) 2020 GNUnet e.V. | ||
4 | |||
5 | GNUnet is free software: you can redistribute it and/or modify it | ||
6 | under the terms of the GNU Affero General Public License as published | ||
7 | by the Free Software Foundation, either version 3 of the License, | ||
8 | or (at your option) any later version. | ||
9 | |||
10 | GNUnet is distributed in the hope that it will be useful, but | ||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
13 | Affero General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU Affero General Public License | ||
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
17 | |||
18 | SPDX-License-Identifier: AGPL3.0-or-later | ||
19 | */ | ||
20 | |||
21 | /** | ||
22 | * @file util/gnunet-gns-tvg.c | ||
23 | * @brief Generate test vectors for GNS. | ||
24 | * @author Martin Schanzenbach | ||
25 | */ | ||
26 | #include "platform.h" | ||
27 | #include "gnunet_util_lib.h" | ||
28 | #include "gnunet_signatures.h" | ||
29 | #include "gnunet_gns_service.h" | ||
30 | #include "gnunet_gnsrecord_lib.h" | ||
31 | #include "gnunet_dnsparser_lib.h" | ||
32 | #include "gnunet_testing_lib.h" | ||
33 | #include <inttypes.h> | ||
34 | |||
35 | #define TEST_RECORD_LABEL "test" | ||
36 | #define TEST_RECORD_A "1.2.3.4" | ||
37 | #define TEST_RRCOUNT 2 | ||
38 | |||
39 | static void | ||
40 | print_record(const struct GNUNET_GNSRECORD_Data *rd) | ||
41 | { | ||
42 | char *data_enc; | ||
43 | char *string_v; | ||
44 | string_v = GNUNET_GNSRECORD_value_to_string (rd->record_type, | ||
45 | rd->data, | ||
46 | rd->data_size); | ||
47 | fprintf (stdout, | ||
48 | "EXPIRATION: %"PRIu64"\n", rd->expiration_time); | ||
49 | fprintf (stdout, | ||
50 | "DATA_SIZE: %"PRIu64"\n", rd->data_size); | ||
51 | fprintf (stdout, | ||
52 | "TYPE: %d\n", rd->record_type); | ||
53 | fprintf (stdout, | ||
54 | "FLAGS: %d\n", rd->flags); | ||
55 | GNUNET_STRINGS_base64_encode (rd->data, | ||
56 | rd->data_size, | ||
57 | &data_enc); | ||
58 | fprintf (stdout, | ||
59 | "DATA (base64):\n%s\n", | ||
60 | data_enc); | ||
61 | fprintf (stdout, | ||
62 | "DATA (Human readable):\n%s\n\n", string_v); | ||
63 | GNUNET_free (string_v); | ||
64 | |||
65 | GNUNET_free (data_enc); | ||
66 | } | ||
67 | |||
68 | /** | ||
69 | * Main function that will be run. | ||
70 | * | ||
71 | * @param cls closure | ||
72 | * @param args remaining command-line arguments | ||
73 | * @param cfgfile name of the configuration file used (for saving, can be NULL!) | ||
74 | * @param cfg configuration | ||
75 | */ | ||
76 | static void | ||
77 | run (void *cls, | ||
78 | char *const *args, | ||
79 | const char *cfgfile, | ||
80 | const struct GNUNET_CONFIGURATION_Handle *cfg) | ||
81 | { | ||
82 | struct GNUNET_GNSRECORD_Data rd[2]; | ||
83 | struct GNUNET_TIME_Absolute exp_abs = GNUNET_TIME_absolute_get(); | ||
84 | struct GNUNET_GNSRECORD_Block *rrblock; | ||
85 | char *bdata; | ||
86 | struct GNUNET_CRYPTO_EcdsaPrivateKey id_priv; | ||
87 | struct GNUNET_CRYPTO_EcdsaPublicKey id_pub; | ||
88 | struct GNUNET_CRYPTO_EcdsaPrivateKey pkey_data_p; | ||
89 | struct GNUNET_CRYPTO_EcdsaPublicKey pkey_data; | ||
90 | void *data; | ||
91 | size_t data_size; | ||
92 | char *rdata; | ||
93 | size_t rdata_size; | ||
94 | char* data_enc; | ||
95 | |||
96 | GNUNET_CRYPTO_ecdsa_key_create (&id_priv); | ||
97 | GNUNET_CRYPTO_ecdsa_key_get_public (&id_priv, | ||
98 | &id_pub); | ||
99 | GNUNET_STRINGS_base64_encode (&id_priv, | ||
100 | sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey), | ||
101 | &data_enc); | ||
102 | fprintf(stdout, "Zone private key (d):\n%s\n", data_enc); | ||
103 | GNUNET_free (data_enc); | ||
104 | GNUNET_STRINGS_base64_encode (&id_pub, | ||
105 | sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey), | ||
106 | &data_enc); | ||
107 | fprintf(stdout, "Zone public key (zk):\n%s\n", data_enc); | ||
108 | GNUNET_free (data_enc); | ||
109 | |||
110 | |||
111 | GNUNET_CRYPTO_ecdsa_key_create (&pkey_data_p); | ||
112 | GNUNET_CRYPTO_ecdsa_key_get_public (&pkey_data_p, | ||
113 | &pkey_data); | ||
114 | fprintf (stdout, | ||
115 | "Label: %s\nRRCOUNT: %d\n\n", TEST_RECORD_LABEL, TEST_RRCOUNT); | ||
116 | memset (rd, 0, sizeof (struct GNUNET_GNSRECORD_Data) * 2); | ||
117 | GNUNET_assert (GNUNET_OK == GNUNET_GNSRECORD_string_to_value (GNUNET_DNSPARSER_TYPE_A, TEST_RECORD_A, &data, &data_size)); | ||
118 | rd[0].data = data; | ||
119 | rd[0].data_size = data_size; | ||
120 | rd[0].expiration_time = exp_abs.abs_value_us; | ||
121 | rd[0].record_type = GNUNET_DNSPARSER_TYPE_A; | ||
122 | fprintf (stdout, "Record #0\n"); | ||
123 | print_record (&rd[0]); | ||
124 | |||
125 | rd[1].data = &pkey_data; | ||
126 | rd[1].data_size = sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey); | ||
127 | rd[1].expiration_time = exp_abs.abs_value_us; | ||
128 | rd[1].record_type = GNUNET_GNSRECORD_TYPE_PKEY; | ||
129 | rd[1].flags = GNUNET_GNSRECORD_RF_PRIVATE; | ||
130 | fprintf (stdout, "Record #1\n"); | ||
131 | print_record (&rd[1]); | ||
132 | |||
133 | rdata_size = GNUNET_GNSRECORD_records_get_size (2, | ||
134 | rd); | ||
135 | rdata = GNUNET_malloc (rdata_size); | ||
136 | GNUNET_GNSRECORD_records_serialize (2, | ||
137 | rd, | ||
138 | rdata_size, | ||
139 | rdata); | ||
140 | GNUNET_STRINGS_base64_encode (rdata, | ||
141 | rdata_size, | ||
142 | &data_enc); | ||
143 | fprintf(stdout, "RDATA:\n%s\n\n", data_enc); | ||
144 | GNUNET_free (data_enc); | ||
145 | rrblock = GNUNET_GNSRECORD_block_create (&id_priv, | ||
146 | exp_abs, | ||
147 | TEST_RECORD_LABEL, | ||
148 | rd, | ||
149 | TEST_RRCOUNT); | ||
150 | size_t bdata_size = ntohl (rrblock->purpose.size) - | ||
151 | sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) - | ||
152 | sizeof(struct GNUNET_TIME_AbsoluteNBO); | ||
153 | size_t rrblock_size = ntohl (rrblock->purpose.size) + | ||
154 | sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey) + | ||
155 | sizeof(struct GNUNET_CRYPTO_EcdsaSignature); | ||
156 | |||
157 | bdata = (char*)&rrblock[1]; | ||
158 | GNUNET_STRINGS_base64_encode (bdata, | ||
159 | bdata_size, | ||
160 | &data_enc); | ||
161 | fprintf(stdout, "BDATA:\n%s\n\n", data_enc); | ||
162 | GNUNET_free (data_enc); | ||
163 | GNUNET_STRINGS_base64_encode (rrblock, | ||
164 | rrblock_size, | ||
165 | &data_enc); | ||
166 | fprintf(stdout, "RRBLOCK:\n%s\n", data_enc); | ||
167 | GNUNET_free (data_enc); | ||
168 | |||
169 | } | ||
170 | |||
171 | |||
172 | /** | ||
173 | * The main function of the test vector generation tool. | ||
174 | * | ||
175 | * @param argc number of arguments from the command line | ||
176 | * @param argv command line arguments | ||
177 | * @return 0 ok, 1 on error | ||
178 | */ | ||
179 | int | ||
180 | main (int argc, | ||
181 | char *const *argv) | ||
182 | { | ||
183 | const struct GNUNET_GETOPT_CommandLineOption options[] = { | ||
184 | GNUNET_GETOPT_OPTION_END | ||
185 | }; | ||
186 | |||
187 | GNUNET_assert (GNUNET_OK == | ||
188 | GNUNET_log_setup ("gnunet-gns-tvg", | ||
189 | "INFO", | ||
190 | NULL)); | ||
191 | if (GNUNET_OK != | ||
192 | GNUNET_PROGRAM_run (argc, argv, | ||
193 | "gnunet-gns-tvg", | ||
194 | "Generate test vectors for GNS", | ||
195 | options, | ||
196 | &run, NULL)) | ||
197 | return 1; | ||
198 | return 0; | ||
199 | } | ||
200 | |||
201 | |||
202 | /* end of gnunet-gns-tvg.c */ | ||
diff --git a/src/namestore/plugin_rest_namestore.c b/src/namestore/plugin_rest_namestore.c index 4184d93a1..95b9b428f 100644 --- a/src/namestore/plugin_rest_namestore.c +++ b/src/namestore/plugin_rest_namestore.c | |||
@@ -163,7 +163,7 @@ struct RequestHandle | |||
163 | /** | 163 | /** |
164 | * NAMESTORE Operation | 164 | * NAMESTORE Operation |
165 | */ | 165 | */ |
166 | struct GNUNET_NAMESTORE_QueueEntry *add_qe; | 166 | struct GNUNET_NAMESTORE_QueueEntry *ns_qe; |
167 | 167 | ||
168 | /** | 168 | /** |
169 | * Response object | 169 | * Response object |
@@ -292,8 +292,8 @@ cleanup_handle (void *cls) | |||
292 | GNUNET_SCHEDULER_cancel (handle->timeout_task); | 292 | GNUNET_SCHEDULER_cancel (handle->timeout_task); |
293 | if (NULL != handle->list_it) | 293 | if (NULL != handle->list_it) |
294 | GNUNET_NAMESTORE_zone_iteration_stop (handle->list_it); | 294 | GNUNET_NAMESTORE_zone_iteration_stop (handle->list_it); |
295 | if (NULL != handle->add_qe) | 295 | if (NULL != handle->ns_qe) |
296 | GNUNET_NAMESTORE_cancel (handle->add_qe); | 296 | GNUNET_NAMESTORE_cancel (handle->ns_qe); |
297 | if (NULL != handle->identity_handle) | 297 | if (NULL != handle->identity_handle) |
298 | GNUNET_IDENTITY_disconnect (handle->identity_handle); | 298 | GNUNET_IDENTITY_disconnect (handle->identity_handle); |
299 | if (NULL != handle->ns_handle) | 299 | if (NULL != handle->ns_handle) |
@@ -410,7 +410,7 @@ create_finished (void *cls, int32_t success, const char *emsg) | |||
410 | struct RequestHandle *handle = cls; | 410 | struct RequestHandle *handle = cls; |
411 | struct MHD_Response *resp; | 411 | struct MHD_Response *resp; |
412 | 412 | ||
413 | handle->add_qe = NULL; | 413 | handle->ns_qe = NULL; |
414 | if (GNUNET_YES != success) | 414 | if (GNUNET_YES != success) |
415 | { | 415 | { |
416 | if (NULL != emsg) | 416 | if (NULL != emsg) |
@@ -441,7 +441,7 @@ del_finished (void *cls, int32_t success, const char *emsg) | |||
441 | { | 441 | { |
442 | struct RequestHandle *handle = cls; | 442 | struct RequestHandle *handle = cls; |
443 | 443 | ||
444 | handle->add_qe = NULL; | 444 | handle->ns_qe = NULL; |
445 | if (GNUNET_NO == success) | 445 | if (GNUNET_NO == success) |
446 | { | 446 | { |
447 | handle->response_code = MHD_HTTP_NOT_FOUND; | 447 | handle->response_code = MHD_HTTP_NOT_FOUND; |
@@ -525,13 +525,70 @@ namestore_list_iteration (void *cls, | |||
525 | rd_filtered[j].data = rd[i].data; | 525 | rd_filtered[j].data = rd[i].data; |
526 | j++; | 526 | j++; |
527 | } | 527 | } |
528 | record_obj = GNUNET_JSON_from_gnsrecord (rname, | 528 | /** Only add if not empty **/ |
529 | rd_filtered, | 529 | if (j > 0) |
530 | j); | 530 | { |
531 | json_array_append_new (handle->resp_object, record_obj); | 531 | record_obj = GNUNET_JSON_from_gnsrecord (rname, |
532 | rd_filtered, | ||
533 | j); | ||
534 | json_array_append_new (handle->resp_object, record_obj); | ||
535 | } | ||
532 | GNUNET_NAMESTORE_zone_iterator_next (handle->list_it, 1); | 536 | GNUNET_NAMESTORE_zone_iterator_next (handle->list_it, 1); |
533 | } | 537 | } |
534 | 538 | ||
539 | /** | ||
540 | * Handle lookup error | ||
541 | * | ||
542 | * @param cls the request handle | ||
543 | */ | ||
544 | static void | ||
545 | ns_lookup_error_cb (void *cls) | ||
546 | { | ||
547 | struct RequestHandle *handle = cls; | ||
548 | |||
549 | handle->emsg = GNUNET_strdup (GNUNET_REST_NAMESTORE_FAILED); | ||
550 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
551 | } | ||
552 | |||
553 | |||
554 | static void | ||
555 | ns_get_lookup_cb (void *cls, | ||
556 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone, | ||
557 | const char *label, | ||
558 | unsigned int rd_len, | ||
559 | const struct GNUNET_GNSRECORD_Data *rd) | ||
560 | { | ||
561 | struct RequestHandle *handle = cls; | ||
562 | struct GNUNET_GNSRECORD_Data rd_filtered[rd_len]; | ||
563 | json_t *record_obj; | ||
564 | int i = 0; | ||
565 | int j = 0; | ||
566 | |||
567 | handle->ns_qe = NULL; | ||
568 | if (NULL == handle->resp_object) | ||
569 | handle->resp_object = json_array (); | ||
570 | for (i = 0; i < rd_len; i++) | ||
571 | { | ||
572 | if ((GNUNET_GNSRECORD_TYPE_ANY != handle->record_type) && | ||
573 | (rd[i].record_type != handle->record_type)) | ||
574 | continue; /* Apply filter */ | ||
575 | rd_filtered[j] = rd[i]; | ||
576 | rd_filtered[j].data = rd[i].data; | ||
577 | j++; | ||
578 | } | ||
579 | /** Only add if not empty **/ | ||
580 | if (j > 0) | ||
581 | { | ||
582 | record_obj = GNUNET_JSON_from_gnsrecord (label, | ||
583 | rd_filtered, | ||
584 | j); | ||
585 | json_array_append_new (handle->resp_object, record_obj); | ||
586 | } | ||
587 | GNUNET_SCHEDULER_add_now (&namestore_list_finished, handle); | ||
588 | } | ||
589 | |||
590 | |||
591 | |||
535 | 592 | ||
536 | /** | 593 | /** |
537 | * Handle namestore GET request | 594 | * Handle namestore GET request |
@@ -549,6 +606,7 @@ namestore_get (struct GNUNET_REST_RequestHandle *con_handle, | |||
549 | struct EgoEntry *ego_entry; | 606 | struct EgoEntry *ego_entry; |
550 | struct GNUNET_HashCode key; | 607 | struct GNUNET_HashCode key; |
551 | char *egoname; | 608 | char *egoname; |
609 | char *labelname; | ||
552 | char *typename; | 610 | char *typename; |
553 | 611 | ||
554 | egoname = NULL; | 612 | egoname = NULL; |
@@ -585,17 +643,36 @@ namestore_get (struct GNUNET_REST_RequestHandle *con_handle, | |||
585 | &key); | 643 | &key); |
586 | handle->record_type = GNUNET_GNSRECORD_typename_to_number (typename); | 644 | handle->record_type = GNUNET_GNSRECORD_typename_to_number (typename); |
587 | } | 645 | } |
588 | 646 | labelname = &egoname[strlen (ego_entry->identifier)]; | |
589 | handle->list_it = | 647 | // set zone to name if given |
590 | GNUNET_NAMESTORE_zone_iteration_start (handle->ns_handle, | 648 | if (1 >= strlen (labelname)) |
591 | handle->zone_pkey, | 649 | { |
592 | &namestore_iteration_error, | 650 | handle->list_it = |
593 | handle, | 651 | GNUNET_NAMESTORE_zone_iteration_start (handle->ns_handle, |
594 | &namestore_list_iteration, | 652 | handle->zone_pkey, |
595 | handle, | 653 | &namestore_iteration_error, |
596 | &namestore_list_finished, | 654 | handle, |
597 | handle); | 655 | &namestore_list_iteration, |
598 | if (NULL == handle->list_it) | 656 | handle, |
657 | &namestore_list_finished, | ||
658 | handle); | ||
659 | if (NULL == handle->list_it) | ||
660 | { | ||
661 | handle->emsg = GNUNET_strdup (GNUNET_REST_NAMESTORE_FAILED); | ||
662 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
663 | return; | ||
664 | } | ||
665 | return; | ||
666 | } | ||
667 | handle->record_name = GNUNET_strdup (labelname + 1); | ||
668 | handle->ns_qe = GNUNET_NAMESTORE_records_lookup (handle->ns_handle, | ||
669 | handle->zone_pkey, | ||
670 | handle->record_name, | ||
671 | &ns_lookup_error_cb, | ||
672 | handle, | ||
673 | &ns_get_lookup_cb, | ||
674 | handle); | ||
675 | if (NULL == handle->ns_qe) | ||
599 | { | 676 | { |
600 | handle->emsg = GNUNET_strdup (GNUNET_REST_NAMESTORE_FAILED); | 677 | handle->emsg = GNUNET_strdup (GNUNET_REST_NAMESTORE_FAILED); |
601 | GNUNET_SCHEDULER_add_now (&do_error, handle); | 678 | GNUNET_SCHEDULER_add_now (&do_error, handle); |
@@ -604,15 +681,6 @@ namestore_get (struct GNUNET_REST_RequestHandle *con_handle, | |||
604 | } | 681 | } |
605 | 682 | ||
606 | 683 | ||
607 | static void | ||
608 | ns_lookup_error_cb (void *cls) | ||
609 | { | ||
610 | struct RequestHandle *handle = cls; | ||
611 | |||
612 | handle->emsg = GNUNET_strdup (GNUNET_REST_NAMESTORE_FAILED); | ||
613 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
614 | } | ||
615 | |||
616 | 684 | ||
617 | static void | 685 | static void |
618 | ns_lookup_cb (void *cls, | 686 | ns_lookup_cb (void *cls, |
@@ -633,14 +701,14 @@ ns_lookup_cb (void *cls, | |||
633 | } | 701 | } |
634 | for (j = 0; j < handle->rd_count; j++) | 702 | for (j = 0; j < handle->rd_count; j++) |
635 | rd_new[i + j] = handle->rd[j]; | 703 | rd_new[i + j] = handle->rd[j]; |
636 | handle->add_qe = GNUNET_NAMESTORE_records_store (handle->ns_handle, | 704 | handle->ns_qe = GNUNET_NAMESTORE_records_store (handle->ns_handle, |
637 | handle->zone_pkey, | 705 | handle->zone_pkey, |
638 | handle->record_name, | 706 | handle->record_name, |
639 | i + j, | 707 | i + j, |
640 | rd_new, | 708 | rd_new, |
641 | &create_finished, | 709 | &create_finished, |
642 | handle); | 710 | handle); |
643 | if (NULL == handle->add_qe) | 711 | if (NULL == handle->ns_qe) |
644 | { | 712 | { |
645 | handle->emsg = GNUNET_strdup (GNUNET_REST_NAMESTORE_FAILED); | 713 | handle->emsg = GNUNET_strdup (GNUNET_REST_NAMESTORE_FAILED); |
646 | GNUNET_SCHEDULER_add_now (&do_error, handle); | 714 | GNUNET_SCHEDULER_add_now (&do_error, handle); |
@@ -725,14 +793,14 @@ namestore_add_or_update (struct GNUNET_REST_RequestHandle *con_handle, | |||
725 | return; | 793 | return; |
726 | } | 794 | } |
727 | handle->zone_pkey = GNUNET_IDENTITY_ego_get_private_key (ego_entry->ego); | 795 | handle->zone_pkey = GNUNET_IDENTITY_ego_get_private_key (ego_entry->ego); |
728 | handle->add_qe = GNUNET_NAMESTORE_records_lookup (handle->ns_handle, | 796 | handle->ns_qe = GNUNET_NAMESTORE_records_lookup (handle->ns_handle, |
729 | handle->zone_pkey, | 797 | handle->zone_pkey, |
730 | handle->record_name, | 798 | handle->record_name, |
731 | &ns_lookup_error_cb, | 799 | &ns_lookup_error_cb, |
732 | handle, | 800 | handle, |
733 | &ns_lookup_cb, | 801 | &ns_lookup_cb, |
734 | handle); | 802 | handle); |
735 | if (NULL == handle->add_qe) | 803 | if (NULL == handle->ns_qe) |
736 | { | 804 | { |
737 | handle->emsg = GNUNET_strdup (GNUNET_REST_NAMESTORE_FAILED); | 805 | handle->emsg = GNUNET_strdup (GNUNET_REST_NAMESTORE_FAILED); |
738 | GNUNET_SCHEDULER_add_now (&do_error, handle); | 806 | GNUNET_SCHEDULER_add_now (&do_error, handle); |
@@ -826,14 +894,14 @@ namestore_delete (struct GNUNET_REST_RequestHandle *con_handle, | |||
826 | } | 894 | } |
827 | 895 | ||
828 | handle->record_name = GNUNET_strdup (labelname + 1); | 896 | handle->record_name = GNUNET_strdup (labelname + 1); |
829 | handle->add_qe = GNUNET_NAMESTORE_records_store (handle->ns_handle, | 897 | handle->ns_qe = GNUNET_NAMESTORE_records_store (handle->ns_handle, |
830 | handle->zone_pkey, | 898 | handle->zone_pkey, |
831 | handle->record_name, | 899 | handle->record_name, |
832 | 0, | 900 | 0, |
833 | NULL, | 901 | NULL, |
834 | &del_finished, | 902 | &del_finished, |
835 | handle); | 903 | handle); |
836 | if (NULL == handle->add_qe) | 904 | if (NULL == handle->ns_qe) |
837 | { | 905 | { |
838 | handle->emsg = GNUNET_strdup (GNUNET_REST_NAMESTORE_FAILED); | 906 | handle->emsg = GNUNET_strdup (GNUNET_REST_NAMESTORE_FAILED); |
839 | GNUNET_SCHEDULER_add_now (&do_error, handle); | 907 | GNUNET_SCHEDULER_add_now (&do_error, handle); |
diff --git a/src/reclaim/plugin_rest_openid_connect.c b/src/reclaim/plugin_rest_openid_connect.c index ad8e373fe..563bdd749 100644 --- a/src/reclaim/plugin_rest_openid_connect.c +++ b/src/reclaim/plugin_rest_openid_connect.c | |||
@@ -426,9 +426,14 @@ struct RequestHandle | |||
426 | struct GNUNET_NAMESTORE_ZoneIterator *namestore_handle_it; | 426 | struct GNUNET_NAMESTORE_ZoneIterator *namestore_handle_it; |
427 | 427 | ||
428 | /** | 428 | /** |
429 | * Attribute claim list | 429 | * Attribute claim list for id_token |
430 | */ | 430 | */ |
431 | struct GNUNET_RECLAIM_AttributeList *attr_list; | 431 | struct GNUNET_RECLAIM_AttributeList *attr_idtoken_list; |
432 | |||
433 | /** | ||
434 | * Attribute claim list for userinfo | ||
435 | */ | ||
436 | struct GNUNET_RECLAIM_AttributeList *attr_userinfo_list; | ||
432 | 437 | ||
433 | /** | 438 | /** |
434 | * Attestation list | 439 | * Attestation list |
@@ -577,8 +582,10 @@ cleanup_handle (struct RequestHandle *handle) | |||
577 | json_decref (handle->oidc->response); | 582 | json_decref (handle->oidc->response); |
578 | GNUNET_free (handle->oidc); | 583 | GNUNET_free (handle->oidc); |
579 | } | 584 | } |
580 | if (NULL!=handle->attr_list) | 585 | if (NULL!=handle->attr_idtoken_list) |
581 | GNUNET_RECLAIM_attribute_list_destroy (handle->attr_list); | 586 | GNUNET_RECLAIM_attribute_list_destroy (handle->attr_idtoken_list); |
587 | if (NULL!=handle->attr_userinfo_list) | ||
588 | GNUNET_RECLAIM_attribute_list_destroy (handle->attr_userinfo_list); | ||
582 | if (NULL!=handle->attests_list) | 589 | if (NULL!=handle->attests_list) |
583 | GNUNET_RECLAIM_attestation_list_destroy (handle->attests_list); | 590 | GNUNET_RECLAIM_attestation_list_destroy (handle->attests_list); |
584 | 591 | ||
@@ -935,7 +942,7 @@ oidc_ticket_issue_cb (void *cls, const struct GNUNET_RECLAIM_Ticket *ticket) | |||
935 | sizeof(struct GNUNET_RECLAIM_Ticket)); | 942 | sizeof(struct GNUNET_RECLAIM_Ticket)); |
936 | code_string = OIDC_build_authz_code (&handle->priv_key, | 943 | code_string = OIDC_build_authz_code (&handle->priv_key, |
937 | &handle->ticket, | 944 | &handle->ticket, |
938 | handle->attr_list, | 945 | handle->attr_idtoken_list, |
939 | handle->attests_list, | 946 | handle->attests_list, |
940 | handle->oidc->nonce, | 947 | handle->oidc->nonce, |
941 | handle->oidc->code_challenge); | 948 | handle->oidc->code_challenge); |
@@ -970,18 +977,77 @@ oidc_ticket_issue_cb (void *cls, const struct GNUNET_RECLAIM_Ticket *ticket) | |||
970 | } | 977 | } |
971 | 978 | ||
972 | 979 | ||
980 | static struct GNUNET_RECLAIM_AttributeList* | ||
981 | attribute_list_merge (struct GNUNET_RECLAIM_AttributeList *list_a, | ||
982 | struct GNUNET_RECLAIM_AttributeList *list_b) | ||
983 | { | ||
984 | struct GNUNET_RECLAIM_AttributeList *merged_list; | ||
985 | struct GNUNET_RECLAIM_AttributeListEntry *le_a; | ||
986 | struct GNUNET_RECLAIM_AttributeListEntry *le_b; | ||
987 | struct GNUNET_RECLAIM_AttributeListEntry *le_m; | ||
988 | |||
989 | merged_list = GNUNET_new (struct GNUNET_RECLAIM_AttributeList); | ||
990 | for (le_a = list_a->list_head; NULL != le_a; le_a = le_a->next) | ||
991 | { | ||
992 | le_m = GNUNET_new (struct GNUNET_RECLAIM_AttributeListEntry); | ||
993 | le_m->attribute = GNUNET_RECLAIM_attribute_new (le_a->attribute->name, | ||
994 | &le_a->attribute-> | ||
995 | attestation, | ||
996 | le_a->attribute->type, | ||
997 | le_a->attribute->data, | ||
998 | le_a->attribute->data_size); | ||
999 | le_m->attribute->id = le_a->attribute->id; | ||
1000 | le_m->attribute->flag = le_a->attribute->flag; | ||
1001 | le_m->attribute->attestation = le_a->attribute->attestation; | ||
1002 | GNUNET_CONTAINER_DLL_insert (merged_list->list_head, | ||
1003 | merged_list->list_tail, | ||
1004 | le_m); | ||
1005 | } | ||
1006 | le_m = NULL; | ||
1007 | for (le_b = list_b->list_head; NULL != le_b; le_b = le_b->next) | ||
1008 | { | ||
1009 | for (le_m = merged_list->list_head; NULL != le_m; le_m = le_m->next) | ||
1010 | { | ||
1011 | if (GNUNET_YES == GNUNET_RECLAIM_id_is_equal (&le_m->attribute->id, | ||
1012 | &le_b->attribute->id)) | ||
1013 | break; /** Attribute already in list **/ | ||
1014 | } | ||
1015 | if (NULL != le_m) | ||
1016 | continue; /** Attribute already in list **/ | ||
1017 | le_m = GNUNET_new (struct GNUNET_RECLAIM_AttributeListEntry); | ||
1018 | le_m->attribute = GNUNET_RECLAIM_attribute_new (le_b->attribute->name, | ||
1019 | &le_b->attribute-> | ||
1020 | attestation, | ||
1021 | le_b->attribute->type, | ||
1022 | le_b->attribute->data, | ||
1023 | le_b->attribute->data_size); | ||
1024 | le_m->attribute->id = le_b->attribute->id; | ||
1025 | le_m->attribute->flag = le_b->attribute->flag; | ||
1026 | le_m->attribute->attestation = le_b->attribute->attestation; | ||
1027 | GNUNET_CONTAINER_DLL_insert (merged_list->list_head, | ||
1028 | merged_list->list_tail, | ||
1029 | le_m); | ||
1030 | } | ||
1031 | return merged_list; | ||
1032 | } | ||
1033 | |||
1034 | |||
973 | static void | 1035 | static void |
974 | oidc_attest_collect_finished_cb (void *cls) | 1036 | oidc_attest_collect_finished_cb (void *cls) |
975 | { | 1037 | { |
976 | struct RequestHandle *handle = cls; | 1038 | struct RequestHandle *handle = cls; |
1039 | struct GNUNET_RECLAIM_AttributeList *merged_list; | ||
977 | 1040 | ||
978 | handle->attest_it = NULL; | 1041 | handle->attest_it = NULL; |
1042 | merged_list = attribute_list_merge (handle->attr_idtoken_list, | ||
1043 | handle->attr_userinfo_list); | ||
979 | handle->idp_op = GNUNET_RECLAIM_ticket_issue (handle->idp, | 1044 | handle->idp_op = GNUNET_RECLAIM_ticket_issue (handle->idp, |
980 | &handle->priv_key, | 1045 | &handle->priv_key, |
981 | &handle->oidc->client_pkey, | 1046 | &handle->oidc->client_pkey, |
982 | handle->attr_list, | 1047 | merged_list, |
983 | &oidc_ticket_issue_cb, | 1048 | &oidc_ticket_issue_cb, |
984 | handle); | 1049 | handle); |
1050 | GNUNET_RECLAIM_attribute_list_destroy (merged_list); | ||
985 | } | 1051 | } |
986 | 1052 | ||
987 | 1053 | ||
@@ -995,22 +1061,32 @@ oidc_attest_collect (void *cls, | |||
995 | { | 1061 | { |
996 | struct RequestHandle *handle = cls; | 1062 | struct RequestHandle *handle = cls; |
997 | struct GNUNET_RECLAIM_AttributeListEntry *le; | 1063 | struct GNUNET_RECLAIM_AttributeListEntry *le; |
1064 | struct GNUNET_RECLAIM_AttestationListEntry *ale; | ||
998 | 1065 | ||
999 | for (le = handle->attr_list->list_head; NULL != le; le = le->next) | 1066 | for (ale = handle->attests_list->list_head; NULL != ale; ale = ale->next) |
1067 | { | ||
1068 | if (GNUNET_NO == GNUNET_RECLAIM_id_is_equal (&ale->attestation->id, | ||
1069 | &attest->id)) | ||
1070 | continue; | ||
1071 | /** Attestation already in list **/ | ||
1072 | GNUNET_RECLAIM_get_attestations_next (handle->attest_it); | ||
1073 | return; | ||
1074 | } | ||
1075 | |||
1076 | for (le = handle->attr_idtoken_list->list_head; NULL != le; le = le->next) | ||
1000 | { | 1077 | { |
1001 | if (GNUNET_NO == GNUNET_RECLAIM_id_is_equal (&le->attribute->attestation, | 1078 | if (GNUNET_NO == GNUNET_RECLAIM_id_is_equal (&le->attribute->attestation, |
1002 | &attest->id)) | 1079 | &attest->id)) |
1003 | { | 1080 | continue; |
1004 | struct GNUNET_RECLAIM_AttestationListEntry *ale; | 1081 | /** Attestation matches for attribute, add **/ |
1005 | ale = GNUNET_new (struct GNUNET_RECLAIM_AttestationListEntry); | 1082 | ale = GNUNET_new (struct GNUNET_RECLAIM_AttestationListEntry); |
1006 | ale->attestation = GNUNET_RECLAIM_attestation_new (attest->name, | 1083 | ale->attestation = GNUNET_RECLAIM_attestation_new (attest->name, |
1007 | attest->type, | 1084 | attest->type, |
1008 | attest->data, | 1085 | attest->data, |
1009 | attest->data_size); | 1086 | attest->data_size); |
1010 | GNUNET_CONTAINER_DLL_insert (handle->attests_list->list_head, | 1087 | GNUNET_CONTAINER_DLL_insert (handle->attests_list->list_head, |
1011 | handle->attests_list->list_tail, | 1088 | handle->attests_list->list_tail, |
1012 | ale); | 1089 | ale); |
1013 | } | ||
1014 | } | 1090 | } |
1015 | GNUNET_RECLAIM_get_attestations_next (handle->attest_it); | 1091 | GNUNET_RECLAIM_get_attestations_next (handle->attest_it); |
1016 | } | 1092 | } |
@@ -1023,7 +1099,7 @@ oidc_attr_collect_finished_cb (void *cls) | |||
1023 | 1099 | ||
1024 | handle->attr_it = NULL; | 1100 | handle->attr_it = NULL; |
1025 | handle->ticket_it = NULL; | 1101 | handle->ticket_it = NULL; |
1026 | if (NULL == handle->attr_list->list_head) | 1102 | if (NULL == handle->attr_idtoken_list->list_head) |
1027 | { | 1103 | { |
1028 | handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_SCOPE); | 1104 | handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_SCOPE); |
1029 | handle->edesc = GNUNET_strdup ("The requested scope is not available."); | 1105 | handle->edesc = GNUNET_strdup ("The requested scope is not available."); |
@@ -1044,48 +1120,112 @@ oidc_attr_collect_finished_cb (void *cls) | |||
1044 | } | 1120 | } |
1045 | 1121 | ||
1046 | 1122 | ||
1047 | /** | 1123 | static int |
1048 | * Collects all attributes for an ego if in scope parameter | 1124 | attr_in_claims_request (struct RequestHandle *handle, |
1049 | */ | 1125 | const char *attr_name, |
1050 | static void | 1126 | const char *claims_parameter) |
1051 | oidc_attr_collect (void *cls, | ||
1052 | const struct GNUNET_CRYPTO_EcdsaPublicKey *identity, | ||
1053 | const struct GNUNET_RECLAIM_Attribute *attr) | ||
1054 | { | 1127 | { |
1055 | struct RequestHandle *handle = cls; | ||
1056 | struct GNUNET_RECLAIM_AttributeListEntry *le; | ||
1057 | char *scope_variables; | 1128 | char *scope_variables; |
1058 | char *scope_variable; | 1129 | char *scope_variable; |
1059 | char delimiter[] = " "; | 1130 | char delimiter[] = " "; |
1131 | int ret = GNUNET_NO; | ||
1132 | json_t *root; | ||
1133 | json_error_t error; | ||
1134 | json_t *claims_j; | ||
1135 | const char *key; | ||
1136 | json_t *value; | ||
1060 | 1137 | ||
1061 | scope_variables = GNUNET_strdup (handle->oidc->scope); | 1138 | scope_variables = GNUNET_strdup (handle->oidc->scope); |
1062 | scope_variable = strtok (scope_variables, delimiter); | 1139 | scope_variable = strtok (scope_variables, delimiter); |
1063 | while (NULL != scope_variable) | 1140 | while (NULL != scope_variable) |
1064 | { | 1141 | { |
1065 | if (0 == strcmp (attr->name, scope_variable)) | 1142 | if (0 == strcmp (attr_name, scope_variable)) |
1066 | break; | 1143 | break; |
1067 | scope_variable = strtok (NULL, delimiter); | 1144 | scope_variable = strtok (NULL, delimiter); |
1068 | } | 1145 | } |
1069 | if (NULL == scope_variable) | 1146 | if (NULL != scope_variable) |
1147 | ret = GNUNET_YES; | ||
1148 | GNUNET_free (scope_variables); | ||
1149 | |||
1150 | /** Try claims parameter if no in scope */ | ||
1151 | if ((NULL != handle->oidc->claims) && | ||
1152 | (GNUNET_YES != ret)) | ||
1070 | { | 1153 | { |
1071 | GNUNET_RECLAIM_get_attributes_next (handle->attr_it); | 1154 | root = json_loads (handle->oidc->claims, JSON_DECODE_ANY, &error); |
1072 | GNUNET_free (scope_variables); | 1155 | claims_j = json_object_get (root, claims_parameter); |
1073 | // We can ignore this | 1156 | /* obj is a JSON object */ |
1074 | return; | 1157 | if (NULL != claims_j) |
1158 | { | ||
1159 | json_object_foreach (claims_j, key, value) { | ||
1160 | if (0 != strcmp (attr_name, key)) | ||
1161 | continue; | ||
1162 | ret = GNUNET_YES; | ||
1163 | break; | ||
1164 | } | ||
1165 | } | ||
1166 | json_decref (root); | ||
1075 | } | 1167 | } |
1076 | GNUNET_free (scope_variables); | 1168 | return ret; |
1077 | le = GNUNET_new (struct GNUNET_RECLAIM_AttributeListEntry); | 1169 | } |
1078 | le->attribute = GNUNET_RECLAIM_attribute_new (attr->name, | 1170 | |
1079 | &attr->attestation, | 1171 | |
1080 | attr->type, | 1172 | static int |
1081 | attr->data, | 1173 | attr_in_idtoken_request (struct RequestHandle *handle, |
1082 | attr->data_size); | 1174 | const char *attr_name) |
1083 | le->attribute->id = attr->id; | 1175 | { |
1084 | le->attribute->flag = attr->flag; | 1176 | return attr_in_claims_request (handle, attr_name, "id_token"); |
1085 | le->attribute->attestation = attr->attestation; | 1177 | } |
1086 | GNUNET_CONTAINER_DLL_insert (handle->attr_list->list_head, | 1178 | |
1087 | handle->attr_list->list_tail, | 1179 | |
1088 | le); | 1180 | static int |
1181 | attr_in_userinfo_request (struct RequestHandle *handle, | ||
1182 | const char *attr_name) | ||
1183 | { | ||
1184 | return attr_in_claims_request (handle, attr_name, "userinfo"); | ||
1185 | } | ||
1186 | |||
1187 | |||
1188 | /** | ||
1189 | * Collects all attributes for an ego if in scope parameter | ||
1190 | */ | ||
1191 | static void | ||
1192 | oidc_attr_collect (void *cls, | ||
1193 | const struct GNUNET_CRYPTO_EcdsaPublicKey *identity, | ||
1194 | const struct GNUNET_RECLAIM_Attribute *attr) | ||
1195 | { | ||
1196 | struct RequestHandle *handle = cls; | ||
1197 | struct GNUNET_RECLAIM_AttributeListEntry *le; | ||
1198 | if (GNUNET_YES == attr_in_idtoken_request (handle, attr->name)) | ||
1199 | { | ||
1200 | le = GNUNET_new (struct GNUNET_RECLAIM_AttributeListEntry); | ||
1201 | le->attribute = GNUNET_RECLAIM_attribute_new (attr->name, | ||
1202 | &attr->attestation, | ||
1203 | attr->type, | ||
1204 | attr->data, | ||
1205 | attr->data_size); | ||
1206 | le->attribute->id = attr->id; | ||
1207 | le->attribute->flag = attr->flag; | ||
1208 | le->attribute->attestation = attr->attestation; | ||
1209 | GNUNET_CONTAINER_DLL_insert (handle->attr_idtoken_list->list_head, | ||
1210 | handle->attr_idtoken_list->list_tail, | ||
1211 | le); | ||
1212 | } | ||
1213 | if (GNUNET_YES == attr_in_userinfo_request (handle, attr->name)) | ||
1214 | { | ||
1215 | le = GNUNET_new (struct GNUNET_RECLAIM_AttributeListEntry); | ||
1216 | le->attribute = GNUNET_RECLAIM_attribute_new (attr->name, | ||
1217 | &attr->attestation, | ||
1218 | attr->type, | ||
1219 | attr->data, | ||
1220 | attr->data_size); | ||
1221 | le->attribute->id = attr->id; | ||
1222 | le->attribute->flag = attr->flag; | ||
1223 | le->attribute->attestation = attr->attestation; | ||
1224 | GNUNET_CONTAINER_DLL_insert (handle->attr_userinfo_list->list_head, | ||
1225 | handle->attr_userinfo_list->list_tail, | ||
1226 | le); | ||
1227 | } | ||
1228 | |||
1089 | GNUNET_RECLAIM_get_attributes_next (handle->attr_it); | 1229 | GNUNET_RECLAIM_get_attributes_next (handle->attr_it); |
1090 | } | 1230 | } |
1091 | 1231 | ||
@@ -1143,7 +1283,9 @@ code_redirect (void *cls) | |||
1143 | handle->priv_key = | 1283 | handle->priv_key = |
1144 | *GNUNET_IDENTITY_ego_get_private_key (handle->ego_entry->ego); | 1284 | *GNUNET_IDENTITY_ego_get_private_key (handle->ego_entry->ego); |
1145 | handle->idp = GNUNET_RECLAIM_connect (cfg); | 1285 | handle->idp = GNUNET_RECLAIM_connect (cfg); |
1146 | handle->attr_list = | 1286 | handle->attr_idtoken_list = |
1287 | GNUNET_new (struct GNUNET_RECLAIM_AttributeList); | ||
1288 | handle->attr_userinfo_list = | ||
1147 | GNUNET_new (struct GNUNET_RECLAIM_AttributeList); | 1289 | GNUNET_new (struct GNUNET_RECLAIM_AttributeList); |
1148 | handle->attr_it = | 1290 | handle->attr_it = |
1149 | GNUNET_RECLAIM_get_attributes_start (handle->idp, | 1291 | GNUNET_RECLAIM_get_attributes_start (handle->idp, |
diff --git a/src/revocation/Makefile.am b/src/revocation/Makefile.am index b3b2877ca..6efd461c1 100644 --- a/src/revocation/Makefile.am +++ b/src/revocation/Makefile.am | |||
@@ -16,7 +16,8 @@ pkgcfg_DATA = \ | |||
16 | revocation.conf | 16 | revocation.conf |
17 | 17 | ||
18 | bin_PROGRAMS = \ | 18 | bin_PROGRAMS = \ |
19 | gnunet-revocation | 19 | gnunet-revocation \ |
20 | gnunet-revocation-tvg | ||
20 | 21 | ||
21 | 22 | ||
22 | plugin_LTLIBRARIES = \ | 23 | plugin_LTLIBRARIES = \ |
@@ -41,6 +42,15 @@ gnunet_revocation_LDADD = \ | |||
41 | $(top_builddir)/src/util/libgnunetutil.la \ | 42 | $(top_builddir)/src/util/libgnunetutil.la \ |
42 | $(GN_LIBINTL) | 43 | $(GN_LIBINTL) |
43 | 44 | ||
45 | gnunet_revocation_tvg_SOURCES = \ | ||
46 | gnunet-revocation-tvg.c | ||
47 | gnunet_revocation_tvg_LDADD = \ | ||
48 | libgnunetrevocation.la \ | ||
49 | $(top_builddir)/src/identity/libgnunetidentity.la \ | ||
50 | $(top_builddir)/src/util/libgnunetutil.la \ | ||
51 | $(GN_LIBINTL) | ||
52 | |||
53 | |||
44 | lib_LTLIBRARIES = libgnunetrevocation.la | 54 | lib_LTLIBRARIES = libgnunetrevocation.la |
45 | 55 | ||
46 | libgnunetrevocation_la_SOURCES = \ | 56 | libgnunetrevocation_la_SOURCES = \ |
diff --git a/src/revocation/gnunet-revocation-tvg.c b/src/revocation/gnunet-revocation-tvg.c new file mode 100644 index 000000000..23a4bf020 --- /dev/null +++ b/src/revocation/gnunet-revocation-tvg.c | |||
@@ -0,0 +1,123 @@ | |||
1 | /* | ||
2 | This file is part of GNUnet. | ||
3 | Copyright (C) 2020 GNUnet e.V. | ||
4 | |||
5 | GNUnet is free software: you can redistribute it and/or modify it | ||
6 | under the terms of the GNU Affero General Public License as published | ||
7 | by the Free Software Foundation, either version 3 of the License, | ||
8 | or (at your option) any later version. | ||
9 | |||
10 | GNUnet is distributed in the hope that it will be useful, but | ||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
13 | Affero General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU Affero General Public License | ||
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
17 | |||
18 | SPDX-License-Identifier: AGPL3.0-or-later | ||
19 | */ | ||
20 | |||
21 | /** | ||
22 | * @file util/gnunet-revocation-tvg.c | ||
23 | * @brief Generate test vectors for revocation. | ||
24 | * @author Martin Schanzenbach | ||
25 | */ | ||
26 | #include "platform.h" | ||
27 | #include "gnunet_util_lib.h" | ||
28 | #include "gnunet_signatures.h" | ||
29 | #include "gnunet_revocation_service.h" | ||
30 | #include "gnunet_dnsparser_lib.h" | ||
31 | #include "gnunet_testing_lib.h" | ||
32 | #include <inttypes.h> | ||
33 | |||
34 | #define TEST_EPOCHS 2 | ||
35 | #define TEST_DIFFICULTY 5 | ||
36 | |||
37 | /** | ||
38 | * Main function that will be run. | ||
39 | * | ||
40 | * @param cls closure | ||
41 | * @param args remaining command-line arguments | ||
42 | * @param cfgfile name of the configuration file used (for saving, can be NULL!) | ||
43 | * @param cfg configuration | ||
44 | */ | ||
45 | static void | ||
46 | run (void *cls, | ||
47 | char *const *args, | ||
48 | const char *cfgfile, | ||
49 | const struct GNUNET_CONFIGURATION_Handle *cfg) | ||
50 | { | ||
51 | struct GNUNET_CRYPTO_EcdsaPrivateKey id_priv; | ||
52 | struct GNUNET_CRYPTO_EcdsaPublicKey id_pub; | ||
53 | struct GNUNET_REVOCATION_PowP pow; | ||
54 | struct GNUNET_REVOCATION_PowCalculationHandle *ph; | ||
55 | char* data_enc; | ||
56 | |||
57 | GNUNET_CRYPTO_ecdsa_key_create (&id_priv); | ||
58 | GNUNET_CRYPTO_ecdsa_key_get_public (&id_priv, | ||
59 | &id_pub); | ||
60 | GNUNET_STRINGS_base64_encode (&id_priv, | ||
61 | sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey), | ||
62 | &data_enc); | ||
63 | fprintf(stdout, "Zone private key (d):\n%s\n\n", data_enc); | ||
64 | GNUNET_free (data_enc); | ||
65 | GNUNET_STRINGS_base64_encode (&id_pub, | ||
66 | sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey), | ||
67 | &data_enc); | ||
68 | fprintf(stdout, "Zone public key (zk):\n%s\n\n", data_enc); | ||
69 | GNUNET_free (data_enc); | ||
70 | |||
71 | GNUNET_REVOCATION_pow_init (&id_priv, | ||
72 | &pow); | ||
73 | ph = GNUNET_REVOCATION_pow_start (&pow, | ||
74 | TEST_EPOCHS, | ||
75 | TEST_DIFFICULTY); | ||
76 | fprintf (stdout, "Difficulty (%d base difficulty + %d epochs): %d\n\n", | ||
77 | TEST_DIFFICULTY, | ||
78 | TEST_EPOCHS, | ||
79 | TEST_DIFFICULTY + TEST_EPOCHS); | ||
80 | uint64_t pow_passes = 0; | ||
81 | while (GNUNET_YES != GNUNET_REVOCATION_pow_round (ph)) | ||
82 | { | ||
83 | pow_passes++; | ||
84 | } | ||
85 | GNUNET_STRINGS_base64_encode (&pow, | ||
86 | sizeof (struct GNUNET_REVOCATION_PowP), | ||
87 | &data_enc); | ||
88 | fprintf(stdout, "Proof:\n%s\n", data_enc); | ||
89 | GNUNET_free (data_enc); | ||
90 | } | ||
91 | |||
92 | |||
93 | /** | ||
94 | * The main function of the test vector generation tool. | ||
95 | * | ||
96 | * @param argc number of arguments from the command line | ||
97 | * @param argv command line arguments | ||
98 | * @return 0 ok, 1 on error | ||
99 | */ | ||
100 | int | ||
101 | main (int argc, | ||
102 | char *const *argv) | ||
103 | { | ||
104 | const struct GNUNET_GETOPT_CommandLineOption options[] = { | ||
105 | GNUNET_GETOPT_OPTION_END | ||
106 | }; | ||
107 | |||
108 | GNUNET_assert (GNUNET_OK == | ||
109 | GNUNET_log_setup ("gnunet-revocation-tvg", | ||
110 | "INFO", | ||
111 | NULL)); | ||
112 | if (GNUNET_OK != | ||
113 | GNUNET_PROGRAM_run (argc, argv, | ||
114 | "gnunet-revocation-tvg", | ||
115 | "Generate test vectors for revocation", | ||
116 | options, | ||
117 | &run, NULL)) | ||
118 | return 1; | ||
119 | return 0; | ||
120 | } | ||
121 | |||
122 | |||
123 | /* end of gnunet-revocation-tvg.c */ | ||