diff options
author | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2017-10-10 16:01:14 +0200 |
---|---|---|
committer | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2017-10-10 16:01:14 +0200 |
commit | 1cfa320f0cb213aed0a3a04577d065a65f847d49 (patch) | |
tree | caf0db997af48e9599c964cfccc9953ed0baca24 /src | |
parent | df344790f7f2e7c39cfd951ce373c4ec52b6cda7 (diff) | |
download | gnunet-1cfa320f0cb213aed0a3a04577d065a65f847d49.tar.gz gnunet-1cfa320f0cb213aed0a3a04577d065a65f847d49.zip |
-bugfixes, fix memleaks
Diffstat (limited to 'src')
-rw-r--r-- | src/identity-provider/gnunet-idp.c | 29 | ||||
-rw-r--r-- | src/identity-provider/gnunet-service-identity-provider.c | 183 | ||||
-rw-r--r-- | src/identity-provider/identity_attribute.c | 3 | ||||
-rw-r--r-- | src/identity-provider/identity_attribute.h | 5 | ||||
-rw-r--r-- | src/identity-provider/identity_provider_api.c | 15 | ||||
-rw-r--r-- | src/identity-provider/test_idp.conf | 2 | ||||
-rwxr-xr-x | src/identity-provider/test_idp_consume.sh | 6 | ||||
-rwxr-xr-x | src/identity-provider/test_idp_revoke.sh | 41 | ||||
-rw-r--r-- | src/include/gnunet_crypto_lib.h | 3 | ||||
-rw-r--r-- | src/util/crypto_abe.c | 23 |
10 files changed, 211 insertions, 99 deletions
diff --git a/src/identity-provider/gnunet-idp.c b/src/identity-provider/gnunet-idp.c index 6940220d7..0efe6eaa9 100644 --- a/src/identity-provider/gnunet-idp.c +++ b/src/identity-provider/gnunet-idp.c | |||
@@ -32,6 +32,11 @@ | |||
32 | #include "gnunet_signatures.h" | 32 | #include "gnunet_signatures.h" |
33 | 33 | ||
34 | /** | 34 | /** |
35 | * return value | ||
36 | */ | ||
37 | static int ret; | ||
38 | |||
39 | /** | ||
35 | * List attribute flag | 40 | * List attribute flag |
36 | */ | 41 | */ |
37 | static int list; | 42 | static int list; |
@@ -154,10 +159,6 @@ store_attr_cont (void *cls, | |||
154 | if (GNUNET_SYSERR == success) { | 159 | if (GNUNET_SYSERR == success) { |
155 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 160 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
156 | "%s\n", emsg); | 161 | "%s\n", emsg); |
157 | } else { | ||
158 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, | ||
159 | "Successfully added identity attribute %s=%s\n", | ||
160 | attr_name, attr_value); | ||
161 | } | 162 | } |
162 | GNUNET_SCHEDULER_add_now (&do_cleanup, NULL); | 163 | GNUNET_SCHEDULER_add_now (&do_cleanup, NULL); |
163 | } | 164 | } |
@@ -172,6 +173,11 @@ process_attrs (void *cls, | |||
172 | GNUNET_SCHEDULER_add_now (&do_cleanup, NULL); | 173 | GNUNET_SCHEDULER_add_now (&do_cleanup, NULL); |
173 | return; | 174 | return; |
174 | } | 175 | } |
176 | if (NULL == attr) | ||
177 | { | ||
178 | ret = 1; | ||
179 | return; | ||
180 | } | ||
175 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, | 181 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, |
176 | "%s: %s\n", attr->name, (char*)attr->data); | 182 | "%s: %s\n", attr->name, (char*)attr->data); |
177 | } | 183 | } |
@@ -190,11 +196,11 @@ static void | |||
190 | process_rvk (void *cls, int success, const char* msg) | 196 | process_rvk (void *cls, int success, const char* msg) |
191 | { | 197 | { |
192 | if (GNUNET_OK != success) | 198 | if (GNUNET_OK != success) |
199 | { | ||
193 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, | 200 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, |
194 | "Revocation failed.\n"); | 201 | "Revocation failed.\n"); |
195 | else | 202 | ret = 1; |
196 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, | 203 | } |
197 | "Revocation successful.\n"); | ||
198 | GNUNET_SCHEDULER_add_now (&do_cleanup, NULL); | 204 | GNUNET_SCHEDULER_add_now (&do_cleanup, NULL); |
199 | } | 205 | } |
200 | 206 | ||
@@ -335,7 +341,7 @@ run (void *cls, | |||
335 | const char *cfgfile, | 341 | const char *cfgfile, |
336 | const struct GNUNET_CONFIGURATION_Handle *c) | 342 | const struct GNUNET_CONFIGURATION_Handle *c) |
337 | { | 343 | { |
338 | 344 | ret = 0; | |
339 | if (NULL == ego_name) | 345 | if (NULL == ego_name) |
340 | { | 346 | { |
341 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, | 347 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, |
@@ -400,7 +406,8 @@ main(int argc, char *const argv[]) | |||
400 | &revoke_ticket), | 406 | &revoke_ticket), |
401 | GNUNET_GETOPT_OPTION_END | 407 | GNUNET_GETOPT_OPTION_END |
402 | }; | 408 | }; |
403 | return GNUNET_PROGRAM_run (argc, argv, "ct", | 409 | GNUNET_PROGRAM_run (argc, argv, "ct", |
404 | "ct", options, | 410 | "ct", options, |
405 | &run, NULL); | 411 | &run, NULL); |
412 | return ret; | ||
406 | } | 413 | } |
diff --git a/src/identity-provider/gnunet-service-identity-provider.c b/src/identity-provider/gnunet-service-identity-provider.c index 6d99e8467..85291d69a 100644 --- a/src/identity-provider/gnunet-service-identity-provider.c +++ b/src/identity-provider/gnunet-service-identity-provider.c | |||
@@ -903,6 +903,7 @@ serialize_abe_keyinfo2 (const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket, | |||
903 | GNUNET_memcpy (write_ptr, | 903 | GNUNET_memcpy (write_ptr, |
904 | serialized_key, | 904 | serialized_key, |
905 | size); | 905 | size); |
906 | GNUNET_free (serialized_key); | ||
906 | // ECDH keypair E = eG | 907 | // ECDH keypair E = eG |
907 | *ecdh_privkey = GNUNET_CRYPTO_ecdhe_key_create(); | 908 | *ecdh_privkey = GNUNET_CRYPTO_ecdhe_key_create(); |
908 | GNUNET_CRYPTO_ecdhe_key_get_public (*ecdh_privkey, | 909 | GNUNET_CRYPTO_ecdhe_key_get_public (*ecdh_privkey, |
@@ -944,6 +945,7 @@ issue_ticket_after_abe_bootstrap (void *cls, | |||
944 | char *code_record_data; | 945 | char *code_record_data; |
945 | char **attrs; | 946 | char **attrs; |
946 | char *label; | 947 | char *label; |
948 | char *policy; | ||
947 | int attrs_len; | 949 | int attrs_len; |
948 | int i; | 950 | int i; |
949 | size_t code_record_len; | 951 | size_t code_record_len; |
@@ -955,7 +957,13 @@ issue_ticket_after_abe_bootstrap (void *cls, | |||
955 | attrs = GNUNET_malloc ((attrs_len + 1)*sizeof (char*)); | 957 | attrs = GNUNET_malloc ((attrs_len + 1)*sizeof (char*)); |
956 | i = 0; | 958 | i = 0; |
957 | for (le = ih->attrs->list_head; NULL != le; le = le->next) { | 959 | for (le = ih->attrs->list_head; NULL != le; le = le->next) { |
958 | attrs[i] = (char*) le->attribute->name; | 960 | GNUNET_asprintf (&policy, "%s_%lu", |
961 | le->attribute->name, | ||
962 | le->attribute->attribute_version); | ||
963 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
964 | "Adding attribute to key: %s\n", | ||
965 | policy); | ||
966 | attrs[i] = policy; | ||
959 | i++; | 967 | i++; |
960 | } | 968 | } |
961 | attrs[i] = NULL; | 969 | attrs[i] = NULL; |
@@ -984,12 +992,15 @@ issue_ticket_after_abe_bootstrap (void *cls, | |||
984 | code_record, | 992 | code_record, |
985 | &store_ticket_issue_cont, | 993 | &store_ticket_issue_cont, |
986 | ih); | 994 | ih); |
995 | //for (; i > 0; i--) | ||
996 | // GNUNET_free (attrs[i-1]); | ||
987 | GNUNET_free (ecdhe_privkey); | 997 | GNUNET_free (ecdhe_privkey); |
988 | GNUNET_free (label); | 998 | GNUNET_free (label); |
989 | GNUNET_free (attrs); | 999 | GNUNET_free (attrs); |
990 | GNUNET_free (code_record_data); | 1000 | GNUNET_free (code_record_data); |
1001 | GNUNET_CRYPTO_cpabe_delete_key (rp_key, | ||
1002 | GNUNET_YES); | ||
991 | GNUNET_CRYPTO_cpabe_delete_master_key (abe_key); | 1003 | GNUNET_CRYPTO_cpabe_delete_master_key (abe_key); |
992 | GNUNET_CRYPTO_cpabe_delete_key (rp_key); | ||
993 | } | 1004 | } |
994 | 1005 | ||
995 | 1006 | ||
@@ -1107,6 +1118,16 @@ ticket_reissue_proc (void *cls, | |||
1107 | const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket, | 1118 | const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket, |
1108 | const struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs); | 1119 | const struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs); |
1109 | 1120 | ||
1121 | static void | ||
1122 | revocation_reissue_tickets (struct TicketRevocationHandle *rh); | ||
1123 | |||
1124 | |||
1125 | static void reissue_next (void *cls) | ||
1126 | { | ||
1127 | struct TicketRevocationHandle *rh = cls; | ||
1128 | revocation_reissue_tickets (rh); | ||
1129 | } | ||
1130 | |||
1110 | 1131 | ||
1111 | static void | 1132 | static void |
1112 | reissue_ticket_cont (void *cls, | 1133 | reissue_ticket_cont (void *cls, |
@@ -1114,7 +1135,6 @@ reissue_ticket_cont (void *cls, | |||
1114 | const char *emsg) | 1135 | const char *emsg) |
1115 | { | 1136 | { |
1116 | struct TicketRevocationHandle *rh = cls; | 1137 | struct TicketRevocationHandle *rh = cls; |
1117 | int ret; | ||
1118 | 1138 | ||
1119 | rh->ns_qe = NULL; | 1139 | rh->ns_qe = NULL; |
1120 | if (GNUNET_SYSERR == success) | 1140 | if (GNUNET_SYSERR == success) |
@@ -1125,25 +1145,10 @@ reissue_ticket_cont (void *cls, | |||
1125 | cleanup_revoke_ticket_handle (rh); | 1145 | cleanup_revoke_ticket_handle (rh); |
1126 | return; | 1146 | return; |
1127 | } | 1147 | } |
1128 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Continue DB iteration\n"); | ||
1129 | rh->offset++; | 1148 | rh->offset++; |
1130 | GNUNET_assert (GNUNET_SYSERR != (ret = | 1149 | GNUNET_SCHEDULER_add_now (&reissue_next, rh); |
1131 | TKT_database->iterate_tickets (TKT_database->cls, | ||
1132 | &rh->ticket.identity, | ||
1133 | GNUNET_NO, | ||
1134 | rh->offset, | ||
1135 | &ticket_reissue_proc, | ||
1136 | rh))); | ||
1137 | if (GNUNET_NO == ret) | ||
1138 | { | ||
1139 | send_revocation_finished (rh, GNUNET_OK); | ||
1140 | cleanup_revoke_ticket_handle (rh); | ||
1141 | } | ||
1142 | } | 1150 | } |
1143 | 1151 | ||
1144 | static void | ||
1145 | revocation_reissue_tickets (struct TicketRevocationHandle *rh); | ||
1146 | |||
1147 | 1152 | ||
1148 | /** | 1153 | /** |
1149 | * Process ticket from database | 1154 | * Process ticket from database |
@@ -1177,8 +1182,18 @@ ticket_reissue_proc (void *cls, | |||
1177 | { | 1182 | { |
1178 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1183 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
1179 | "Iteration done\n"); | 1184 | "Iteration done\n"); |
1180 | send_revocation_finished (rh, GNUNET_OK); | 1185 | return; |
1181 | cleanup_revoke_ticket_handle (rh); | 1186 | } |
1187 | |||
1188 | if (0 == memcmp (&ticket->audience, | ||
1189 | &rh->ticket.audience, | ||
1190 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey))) | ||
1191 | { | ||
1192 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1193 | "Do not reissue for this identity.!\n"); | ||
1194 | |||
1195 | rh->offset++; | ||
1196 | GNUNET_SCHEDULER_add_now (&reissue_next, rh); | ||
1182 | return; | 1197 | return; |
1183 | } | 1198 | } |
1184 | 1199 | ||
@@ -1196,19 +1211,20 @@ ticket_reissue_proc (void *cls, | |||
1196 | le->attribute->name)) | 1211 | le->attribute->name)) |
1197 | { | 1212 | { |
1198 | reissue_ticket = GNUNET_YES; | 1213 | reissue_ticket = GNUNET_YES; |
1199 | break; | 1214 | le->attribute->attribute_version = le_rollover->attribute->attribute_version; |
1200 | } | 1215 | } |
1201 | } | 1216 | } |
1202 | if (GNUNET_YES == reissue_ticket) | ||
1203 | break; | ||
1204 | } | 1217 | } |
1205 | 1218 | ||
1206 | if (GNUNET_NO == reissue_ticket) | 1219 | if (GNUNET_NO == reissue_ticket) |
1207 | { | 1220 | { |
1208 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1221 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
1209 | "Skipping ticket.\n"); | 1222 | "Skipping ticket.\n"); |
1223 | |||
1210 | rh->offset++; | 1224 | rh->offset++; |
1211 | revocation_reissue_tickets (rh); | 1225 | GNUNET_SCHEDULER_add_now (&reissue_next, rh); |
1226 | |||
1227 | |||
1212 | return; | 1228 | return; |
1213 | } | 1229 | } |
1214 | 1230 | ||
@@ -1222,7 +1238,7 @@ ticket_reissue_proc (void *cls, | |||
1222 | attr_arr = GNUNET_malloc ((attrs_len + 1)*sizeof (char*)); | 1238 | attr_arr = GNUNET_malloc ((attrs_len + 1)*sizeof (char*)); |
1223 | i = 0; | 1239 | i = 0; |
1224 | for (le = attrs->list_head; NULL != le; le = le->next) { | 1240 | for (le = attrs->list_head; NULL != le; le = le->next) { |
1225 | GNUNET_asprintf (&policy, "%s:%lu", | 1241 | GNUNET_asprintf (&policy, "%s_%lu", |
1226 | le->attribute->name, | 1242 | le->attribute->name, |
1227 | le->attribute->attribute_version); | 1243 | le->attribute->attribute_version); |
1228 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1244 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
@@ -1235,7 +1251,7 @@ ticket_reissue_proc (void *cls, | |||
1235 | attr_arr); | 1251 | attr_arr); |
1236 | 1252 | ||
1237 | //TODO review this wireformat | 1253 | //TODO review this wireformat |
1238 | code_record_len = serialize_abe_keyinfo2 (&rh->ticket, | 1254 | code_record_len = serialize_abe_keyinfo2 (ticket, |
1239 | attrs, | 1255 | attrs, |
1240 | rp_key, | 1256 | rp_key, |
1241 | &ecdhe_privkey, | 1257 | &ecdhe_privkey, |
@@ -1256,13 +1272,13 @@ ticket_reissue_proc (void *cls, | |||
1256 | code_record, | 1272 | code_record, |
1257 | &reissue_ticket_cont, | 1273 | &reissue_ticket_cont, |
1258 | rh); | 1274 | rh); |
1259 | for (; i > 0; i--) | 1275 | //for (; i > 0; i--) |
1260 | GNUNET_free (attr_arr[i-1]); | 1276 | // GNUNET_free (attr_arr[i-1]); |
1261 | GNUNET_free (ecdhe_privkey); | 1277 | GNUNET_free (ecdhe_privkey); |
1262 | GNUNET_free (label); | 1278 | GNUNET_free (label); |
1263 | GNUNET_free (attr_arr); | 1279 | GNUNET_free (attr_arr); |
1264 | GNUNET_free (code_record_data); | 1280 | GNUNET_free (code_record_data); |
1265 | GNUNET_CRYPTO_cpabe_delete_key (rp_key); | 1281 | GNUNET_CRYPTO_cpabe_delete_key (rp_key, GNUNET_YES); |
1266 | } | 1282 | } |
1267 | 1283 | ||
1268 | 1284 | ||
@@ -1278,7 +1294,7 @@ revocation_reissue_tickets (struct TicketRevocationHandle *rh) | |||
1278 | int ret; | 1294 | int ret; |
1279 | /* Done, issue new keys */ | 1295 | /* Done, issue new keys */ |
1280 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1296 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
1281 | "Revocation Phase IV: Reissuing Tickets\n"); | 1297 | "Revocation Phase III: Reissuing Tickets\n"); |
1282 | if (GNUNET_SYSERR == (ret = TKT_database->iterate_tickets (TKT_database->cls, | 1298 | if (GNUNET_SYSERR == (ret = TKT_database->iterate_tickets (TKT_database->cls, |
1283 | &rh->ticket.identity, | 1299 | &rh->ticket.identity, |
1284 | GNUNET_NO, | 1300 | GNUNET_NO, |
@@ -1292,8 +1308,8 @@ revocation_reissue_tickets (struct TicketRevocationHandle *rh) | |||
1292 | { | 1308 | { |
1293 | send_revocation_finished (rh, GNUNET_OK); | 1309 | send_revocation_finished (rh, GNUNET_OK); |
1294 | cleanup_revoke_ticket_handle (rh); | 1310 | cleanup_revoke_ticket_handle (rh); |
1311 | return; | ||
1295 | } | 1312 | } |
1296 | |||
1297 | } | 1313 | } |
1298 | 1314 | ||
1299 | /** | 1315 | /** |
@@ -1322,9 +1338,11 @@ reenc_next_attribute (struct TicketRevocationHandle *rh) | |||
1322 | attribute_serialize (rh->attrs->list_head->attribute, | 1338 | attribute_serialize (rh->attrs->list_head->attribute, |
1323 | buf); | 1339 | buf); |
1324 | rh->attrs->list_head->attribute->attribute_version++; | 1340 | rh->attrs->list_head->attribute->attribute_version++; |
1325 | GNUNET_asprintf (&policy, "%s:%lu", | 1341 | GNUNET_asprintf (&policy, "%s_%lu", |
1326 | rh->attrs->list_head->attribute->name, | 1342 | rh->attrs->list_head->attribute->name, |
1327 | rh->attrs->list_head->attribute->attribute_version); | 1343 | rh->attrs->list_head->attribute->attribute_version); |
1344 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1345 | "Encrypting with policy %s\n", policy); | ||
1328 | /** | 1346 | /** |
1329 | * Encrypt the attribute value and store in namestore | 1347 | * Encrypt the attribute value and store in namestore |
1330 | */ | 1348 | */ |
@@ -1388,6 +1406,7 @@ attr_reenc_cont (void *cls, | |||
1388 | GNUNET_CONTAINER_DLL_remove (rh->attrs->list_head, | 1406 | GNUNET_CONTAINER_DLL_remove (rh->attrs->list_head, |
1389 | rh->attrs->list_tail, | 1407 | rh->attrs->list_tail, |
1390 | le); | 1408 | le); |
1409 | GNUNET_assert (NULL != rh->rvk_attrs); | ||
1391 | GNUNET_CONTAINER_DLL_insert (rh->rvk_attrs->list_head, | 1410 | GNUNET_CONTAINER_DLL_insert (rh->rvk_attrs->list_head, |
1392 | rh->rvk_attrs->list_tail, | 1411 | rh->rvk_attrs->list_tail, |
1393 | le); | 1412 | le); |
@@ -1476,13 +1495,9 @@ handle_revoke_ticket_message (void *cls, | |||
1476 | struct TicketRevocationHandle *rh; | 1495 | struct TicketRevocationHandle *rh; |
1477 | struct IdpClient *idp = cls; | 1496 | struct IdpClient *idp = cls; |
1478 | struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket; | 1497 | struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket; |
1479 | size_t attrs_len; | ||
1480 | 1498 | ||
1481 | rh = GNUNET_new (struct TicketRevocationHandle); | 1499 | rh = GNUNET_new (struct TicketRevocationHandle); |
1482 | attrs_len = ntohs (rm->attrs_len); | ||
1483 | ticket = (struct GNUNET_IDENTITY_PROVIDER_Ticket*)&rm[1]; | 1500 | ticket = (struct GNUNET_IDENTITY_PROVIDER_Ticket*)&rm[1]; |
1484 | if (0 < attrs_len) | ||
1485 | rh->rvk_attrs = attribute_list_deserialize ((char*)&ticket[1], attrs_len); | ||
1486 | rh->rvk_attrs = GNUNET_new (struct GNUNET_IDENTITY_PROVIDER_AttributeList); | 1501 | rh->rvk_attrs = GNUNET_new (struct GNUNET_IDENTITY_PROVIDER_AttributeList); |
1487 | rh->ticket = *ticket; | 1502 | rh->ticket = *ticket; |
1488 | rh->r_id = ntohl (rm->id); | 1503 | rh->r_id = ntohl (rm->id); |
@@ -1500,15 +1515,18 @@ handle_revoke_ticket_message (void *cls, | |||
1500 | 1515 | ||
1501 | 1516 | ||
1502 | static void | 1517 | static void |
1503 | cleanup_as_handle (struct AttributeStoreHandle *handle) | 1518 | cleanup_consume_ticket_handle (struct ConsumeTicketHandle *handle) |
1504 | { | 1519 | { |
1505 | if (NULL != handle->attribute) | 1520 | if (NULL != handle->key) |
1506 | GNUNET_free (handle->attribute); | 1521 | GNUNET_CRYPTO_cpabe_delete_key (handle->key, |
1507 | if (NULL != handle->abe_key) | 1522 | GNUNET_YES); |
1508 | GNUNET_CRYPTO_cpabe_delete_master_key (handle->abe_key); | 1523 | if (NULL != handle->attrs) |
1524 | attribute_list_destroy (handle->attrs); | ||
1509 | GNUNET_free (handle); | 1525 | GNUNET_free (handle); |
1510 | } | 1526 | } |
1511 | 1527 | ||
1528 | |||
1529 | |||
1512 | /** | 1530 | /** |
1513 | * Checks a ticket consume message | 1531 | * Checks a ticket consume message |
1514 | * | 1532 | * |
@@ -1544,7 +1562,7 @@ process_parallel_lookup2 (void *cls, uint32_t rd_count, | |||
1544 | struct GNUNET_IDENTITY_PROVIDER_AttributeListEntry *attr_le; | 1562 | struct GNUNET_IDENTITY_PROVIDER_AttributeListEntry *attr_le; |
1545 | char *data; | 1563 | char *data; |
1546 | char *data_tmp; | 1564 | char *data_tmp; |
1547 | size_t attr_len; | 1565 | ssize_t attr_len; |
1548 | size_t attrs_len; | 1566 | size_t attrs_len; |
1549 | 1567 | ||
1550 | GNUNET_CONTAINER_DLL_remove (handle->parallel_lookups_head, | 1568 | GNUNET_CONTAINER_DLL_remove (handle->parallel_lookups_head, |
@@ -1560,14 +1578,17 @@ process_parallel_lookup2 (void *cls, uint32_t rd_count, | |||
1560 | rd->data_size - sizeof (uint32_t), | 1578 | rd->data_size - sizeof (uint32_t), |
1561 | handle->key, | 1579 | handle->key, |
1562 | (void**)&data); | 1580 | (void**)&data); |
1563 | attr_le = GNUNET_new (struct GNUNET_IDENTITY_PROVIDER_AttributeListEntry); | 1581 | if (GNUNET_SYSERR != attr_len) |
1564 | attr_le->attribute = attribute_deserialize (data, | 1582 | { |
1565 | attr_len); | 1583 | attr_le = GNUNET_new (struct GNUNET_IDENTITY_PROVIDER_AttributeListEntry); |
1566 | attr_le->attribute->attribute_version = ntohl(*(uint32_t*)rd->data); | 1584 | attr_le->attribute = attribute_deserialize (data, |
1567 | GNUNET_CONTAINER_DLL_insert (handle->attrs->list_head, | 1585 | attr_len); |
1568 | handle->attrs->list_tail, | 1586 | attr_le->attribute->attribute_version = ntohl(*(uint32_t*)rd->data); |
1569 | attr_le); | 1587 | GNUNET_CONTAINER_DLL_insert (handle->attrs->list_head, |
1570 | GNUNET_free (data); | 1588 | handle->attrs->list_tail, |
1589 | attr_le); | ||
1590 | GNUNET_free (data); | ||
1591 | } | ||
1571 | } | 1592 | } |
1572 | if (NULL != handle->parallel_lookups_head) | 1593 | if (NULL != handle->parallel_lookups_head) |
1573 | return; //Wait for more | 1594 | return; //Wait for more |
@@ -1595,6 +1616,7 @@ process_parallel_lookup2 (void *cls, uint32_t rd_count, | |||
1595 | attribute_list_serialize (handle->attrs, | 1616 | attribute_list_serialize (handle->attrs, |
1596 | data_tmp); | 1617 | data_tmp); |
1597 | GNUNET_MQ_send (handle->client->mq, env); | 1618 | GNUNET_MQ_send (handle->client->mq, env); |
1619 | cleanup_consume_ticket_handle (handle); | ||
1598 | } | 1620 | } |
1599 | 1621 | ||
1600 | void | 1622 | void |
@@ -1625,14 +1647,6 @@ abort_parallel_lookups2 (void *cls) | |||
1625 | 1647 | ||
1626 | } | 1648 | } |
1627 | 1649 | ||
1628 | static void | ||
1629 | cleanup_consume_ticket_handle (struct ConsumeTicketHandle *handle) | ||
1630 | { | ||
1631 | if (NULL != handle->key) | ||
1632 | GNUNET_CRYPTO_cpabe_delete_key (handle->key); | ||
1633 | GNUNET_free (handle); | ||
1634 | } | ||
1635 | |||
1636 | 1650 | ||
1637 | static void | 1651 | static void |
1638 | process_consume_abe_key (void *cls, uint32_t rd_count, | 1652 | process_consume_abe_key (void *cls, uint32_t rd_count, |
@@ -1713,6 +1727,8 @@ process_consume_abe_key (void *cls, uint32_t rd_count, | |||
1713 | parallel_lookup); | 1727 | parallel_lookup); |
1714 | GNUNET_free (lookup_query); | 1728 | GNUNET_free (lookup_query); |
1715 | } | 1729 | } |
1730 | GNUNET_free (scopes); | ||
1731 | GNUNET_free (buf); | ||
1716 | handle->kill_task = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_MINUTES,3), | 1732 | handle->kill_task = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_MINUTES,3), |
1717 | &abort_parallel_lookups2, | 1733 | &abort_parallel_lookups2, |
1718 | handle); | 1734 | handle); |
@@ -1766,6 +1782,16 @@ handle_consume_ticket_message (void *cls, | |||
1766 | } | 1782 | } |
1767 | 1783 | ||
1768 | static void | 1784 | static void |
1785 | cleanup_as_handle (struct AttributeStoreHandle *handle) | ||
1786 | { | ||
1787 | if (NULL != handle->attribute) | ||
1788 | GNUNET_free (handle->attribute); | ||
1789 | if (NULL != handle->abe_key) | ||
1790 | GNUNET_CRYPTO_cpabe_delete_master_key (handle->abe_key); | ||
1791 | GNUNET_free (handle); | ||
1792 | } | ||
1793 | |||
1794 | static void | ||
1769 | attr_store_cont (void *cls, | 1795 | attr_store_cont (void *cls, |
1770 | int32_t success, | 1796 | int32_t success, |
1771 | const char *emsg) | 1797 | const char *emsg) |
@@ -1779,6 +1805,7 @@ attr_store_cont (void *cls, | |||
1779 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 1805 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
1780 | "Failed to store attribute %s\n", | 1806 | "Failed to store attribute %s\n", |
1781 | emsg); | 1807 | emsg); |
1808 | cleanup_as_handle (as_handle); | ||
1782 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); | 1809 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); |
1783 | return; | 1810 | return; |
1784 | } | 1811 | } |
@@ -1816,9 +1843,11 @@ attr_store_task (void *cls) | |||
1816 | buf); | 1843 | buf); |
1817 | 1844 | ||
1818 | GNUNET_asprintf (&policy, | 1845 | GNUNET_asprintf (&policy, |
1819 | "%s:%lu", | 1846 | "%s_%lu", |
1820 | as_handle->attribute->name, | 1847 | as_handle->attribute->name, |
1821 | as_handle->attribute->attribute_version); | 1848 | as_handle->attribute->attribute_version); |
1849 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1850 | "Encrypting with policy %s\n", policy); | ||
1822 | /** | 1851 | /** |
1823 | * Encrypt the attribute value and store in namestore | 1852 | * Encrypt the attribute value and store in namestore |
1824 | */ | 1853 | */ |
@@ -1926,7 +1955,7 @@ static void | |||
1926 | cleanup_iter_handle (struct AttributeIterator *ai) | 1955 | cleanup_iter_handle (struct AttributeIterator *ai) |
1927 | { | 1956 | { |
1928 | if (NULL != ai->abe_key) | 1957 | if (NULL != ai->abe_key) |
1929 | GNUNET_free (ai->abe_key); | 1958 | GNUNET_CRYPTO_cpabe_delete_master_key (ai->abe_key); |
1930 | GNUNET_CONTAINER_DLL_remove (ai->client->op_head, | 1959 | GNUNET_CONTAINER_DLL_remove (ai->client->op_head, |
1931 | ai->client->op_tail, | 1960 | ai->client->op_tail, |
1932 | ai); | 1961 | ai); |
@@ -1936,10 +1965,11 @@ cleanup_iter_handle (struct AttributeIterator *ai) | |||
1936 | static void | 1965 | static void |
1937 | attr_iter_error (void *cls) | 1966 | attr_iter_error (void *cls) |
1938 | { | 1967 | { |
1939 | //struct AttributeIterator *ai = cls; | 1968 | struct AttributeIterator *ai = cls; |
1940 | //TODO | 1969 | //TODO |
1941 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 1970 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
1942 | "Failed to iterate over attributes\n"); | 1971 | "Failed to iterate over attributes\n"); |
1972 | cleanup_iter_handle (ai); | ||
1943 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); | 1973 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); |
1944 | } | 1974 | } |
1945 | 1975 | ||
@@ -1974,6 +2004,7 @@ attr_iter_cb (void *cls, | |||
1974 | char* attrs[2]; | 2004 | char* attrs[2]; |
1975 | char* data_tmp; | 2005 | char* data_tmp; |
1976 | char* policy; | 2006 | char* policy; |
2007 | uint32_t attr_ver; | ||
1977 | 2008 | ||
1978 | if (rd_count != 1) | 2009 | if (rd_count != 1) |
1979 | { | 2010 | { |
@@ -1985,8 +2016,9 @@ attr_iter_cb (void *cls, | |||
1985 | GNUNET_NAMESTORE_zone_iterator_next (ai->ns_it); | 2016 | GNUNET_NAMESTORE_zone_iterator_next (ai->ns_it); |
1986 | return; | 2017 | return; |
1987 | } | 2018 | } |
1988 | GNUNET_asprintf (&policy, "%s:%lu", | 2019 | attr_ver = ntohl(*((uint32_t*)rd->data)); |
1989 | label, *(uint32_t*)rd->data); | 2020 | GNUNET_asprintf (&policy, "%s_%lu", |
2021 | label, attr_ver); | ||
1990 | attrs[0] = policy; | 2022 | attrs[0] = policy; |
1991 | attrs[1] = 0; | 2023 | attrs[1] = 0; |
1992 | key = GNUNET_CRYPTO_cpabe_create_key (ai->abe_key, | 2024 | key = GNUNET_CRYPTO_cpabe_create_key (ai->abe_key, |
@@ -1995,8 +2027,10 @@ attr_iter_cb (void *cls, | |||
1995 | rd->data_size-sizeof (uint32_t), | 2027 | rd->data_size-sizeof (uint32_t), |
1996 | key, | 2028 | key, |
1997 | (void**)&attr_ser); | 2029 | (void**)&attr_ser); |
1998 | GNUNET_CRYPTO_cpabe_delete_key (key); | 2030 | |
1999 | GNUNET_free (policy); | 2031 | GNUNET_CRYPTO_cpabe_delete_key (key, |
2032 | GNUNET_YES); | ||
2033 | //GNUNET_free (policy); | ||
2000 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2034 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2001 | "Found attribute: %s\n", label); | 2035 | "Found attribute: %s\n", label); |
2002 | env = GNUNET_MQ_msg_extra (arm, | 2036 | env = GNUNET_MQ_msg_extra (arm, |
@@ -2012,6 +2046,8 @@ attr_iter_cb (void *cls, | |||
2012 | msg_extra_len); | 2046 | msg_extra_len); |
2013 | GNUNET_MQ_send (ai->client->mq, env); | 2047 | GNUNET_MQ_send (ai->client->mq, env); |
2014 | GNUNET_free (attr_ser); | 2048 | GNUNET_free (attr_ser); |
2049 | GNUNET_CRYPTO_cpabe_delete_master_key (ai->abe_key); | ||
2050 | ai->abe_key = NULL; | ||
2015 | } | 2051 | } |
2016 | 2052 | ||
2017 | 2053 | ||
@@ -2031,6 +2067,16 @@ iterate_after_abe_bootstrap (void *cls, | |||
2031 | ai); | 2067 | ai); |
2032 | } | 2068 | } |
2033 | 2069 | ||
2070 | void | ||
2071 | iterate_next_after_abe_bootstrap (void *cls, | ||
2072 | struct GNUNET_CRYPTO_AbeMasterKey *abe_key) | ||
2073 | { | ||
2074 | struct AttributeIterator *ai = cls; | ||
2075 | ai->abe_key = abe_key; | ||
2076 | GNUNET_NAMESTORE_zone_iterator_next (ai->ns_it); | ||
2077 | } | ||
2078 | |||
2079 | |||
2034 | 2080 | ||
2035 | /** | 2081 | /** |
2036 | * Handles a #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ITERATION_START message | 2082 | * Handles a #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ITERATION_START message |
@@ -2121,7 +2167,10 @@ handle_iteration_next (void *cls, | |||
2121 | GNUNET_SERVICE_client_drop (idp->client); | 2167 | GNUNET_SERVICE_client_drop (idp->client); |
2122 | return; | 2168 | return; |
2123 | } | 2169 | } |
2124 | GNUNET_NAMESTORE_zone_iterator_next (ai->ns_it); | 2170 | bootstrap_abe (&ai->identity, |
2171 | &iterate_next_after_abe_bootstrap, | ||
2172 | ai, | ||
2173 | GNUNET_NO); | ||
2125 | GNUNET_SERVICE_client_continue (idp->client); | 2174 | GNUNET_SERVICE_client_continue (idp->client); |
2126 | } | 2175 | } |
2127 | 2176 | ||
diff --git a/src/identity-provider/identity_attribute.c b/src/identity-provider/identity_attribute.c index a8d2b27e6..c7e833326 100644 --- a/src/identity-provider/identity_attribute.c +++ b/src/identity-provider/identity_attribute.c | |||
@@ -142,6 +142,7 @@ attribute_list_dup (const struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs) | |||
142 | GNUNET_memcpy (result_le->attribute, | 142 | GNUNET_memcpy (result_le->attribute, |
143 | le->attribute, | 143 | le->attribute, |
144 | len); | 144 | len); |
145 | result_le->attribute->name = (const char*)&result_le->attribute[1]; | ||
145 | GNUNET_CONTAINER_DLL_insert (result->list_head, | 146 | GNUNET_CONTAINER_DLL_insert (result->list_head, |
146 | result->list_tail, | 147 | result->list_tail, |
147 | result_le); | 148 | result_le); |
@@ -186,6 +187,7 @@ attribute_serialize (const struct GNUNET_IDENTITY_PROVIDER_Attribute *attr, | |||
186 | 187 | ||
187 | attr_ser = (struct Attribute*)result; | 188 | attr_ser = (struct Attribute*)result; |
188 | attr_ser->attribute_type = htons (attr->attribute_type); | 189 | attr_ser->attribute_type = htons (attr->attribute_type); |
190 | attr_ser->attribute_version = htonl (attr->attribute_version); | ||
189 | name_len = strlen (attr->name); | 191 | name_len = strlen (attr->name); |
190 | attr_ser->name_len = htons (name_len); | 192 | attr_ser->name_len = htons (name_len); |
191 | write_ptr = (char*)&attr_ser[1]; | 193 | write_ptr = (char*)&attr_ser[1]; |
@@ -221,6 +223,7 @@ attribute_deserialize (const char* data, | |||
221 | attr = GNUNET_malloc (sizeof (struct GNUNET_IDENTITY_PROVIDER_Attribute) | 223 | attr = GNUNET_malloc (sizeof (struct GNUNET_IDENTITY_PROVIDER_Attribute) |
222 | + data_len + name_len + 1); | 224 | + data_len + name_len + 1); |
223 | attr->attribute_type = ntohs (attr_ser->attribute_type); | 225 | attr->attribute_type = ntohs (attr_ser->attribute_type); |
226 | attr->attribute_version = ntohl (attr_ser->attribute_version); | ||
224 | attr->data_size = ntohs (attr_ser->data_size); | 227 | attr->data_size = ntohs (attr_ser->data_size); |
225 | 228 | ||
226 | write_ptr = (char*)&attr[1]; | 229 | write_ptr = (char*)&attr[1]; |
diff --git a/src/identity-provider/identity_attribute.h b/src/identity-provider/identity_attribute.h index 8a8da12f1..3e8fadccf 100644 --- a/src/identity-provider/identity_attribute.h +++ b/src/identity-provider/identity_attribute.h | |||
@@ -36,6 +36,11 @@ struct Attribute | |||
36 | uint32_t attribute_type; | 36 | uint32_t attribute_type; |
37 | 37 | ||
38 | /** | 38 | /** |
39 | * Attribute version | ||
40 | */ | ||
41 | uint32_t attribute_version; | ||
42 | |||
43 | /** | ||
39 | * Name length | 44 | * Name length |
40 | */ | 45 | */ |
41 | uint32_t name_len; | 46 | uint32_t name_len; |
diff --git a/src/identity-provider/identity_provider_api.c b/src/identity-provider/identity_provider_api.c index 99faf0ecd..6d28709df 100644 --- a/src/identity-provider/identity_provider_api.c +++ b/src/identity-provider/identity_provider_api.c | |||
@@ -501,12 +501,21 @@ handle_consume_ticket_result (void *cls, | |||
501 | attrs_len); | 501 | attrs_len); |
502 | if (NULL != op->ar_cb) | 502 | if (NULL != op->ar_cb) |
503 | { | 503 | { |
504 | for (le = attrs->list_head; NULL != le; le = le->next) | 504 | if (NULL == attrs) |
505 | { | ||
505 | op->ar_cb (op->cls, | 506 | op->ar_cb (op->cls, |
506 | &msg->identity, | 507 | &msg->identity, |
507 | le->attribute); | 508 | NULL); |
509 | } | ||
510 | else | ||
511 | { | ||
512 | for (le = attrs->list_head; NULL != le; le = le->next) | ||
513 | op->ar_cb (op->cls, | ||
514 | &msg->identity, | ||
515 | le->attribute); | ||
516 | attribute_list_destroy (attrs); | ||
517 | } | ||
508 | } | 518 | } |
509 | attribute_list_destroy (attrs); | ||
510 | op->ar_cb (op->cls, | 519 | op->ar_cb (op->cls, |
511 | NULL, | 520 | NULL, |
512 | NULL); | 521 | NULL); |
diff --git a/src/identity-provider/test_idp.conf b/src/identity-provider/test_idp.conf index 9669bef7e..e5d1c7186 100644 --- a/src/identity-provider/test_idp.conf +++ b/src/identity-provider/test_idp.conf | |||
@@ -15,7 +15,7 @@ PLUGINS = | |||
15 | 15 | ||
16 | [identity-provider] | 16 | [identity-provider] |
17 | AUTOSTART = YES | 17 | AUTOSTART = YES |
18 | PREFIX = valgrind --leak-check=full --track-origins=yes --log-file=/tmp/idplog | 18 | PREFIX = valgrind --leak-check=full --show-leak-kinds=all --track-origins=yes --log-file=/tmp/idplog |
19 | 19 | ||
20 | [gns] | 20 | [gns] |
21 | #PREFIX = valgrind --leak-check=full --track-origins=yes | 21 | #PREFIX = valgrind --leak-check=full --track-origins=yes |
diff --git a/src/identity-provider/test_idp_consume.sh b/src/identity-provider/test_idp_consume.sh index ab437c0e8..e47c13da6 100755 --- a/src/identity-provider/test_idp_consume.sh +++ b/src/identity-provider/test_idp_consume.sh | |||
@@ -29,10 +29,10 @@ gnunet-identity -C testego -c test_idp.conf | |||
29 | gnunet-identity -C rpego -c test_idp.conf | 29 | gnunet-identity -C rpego -c test_idp.conf |
30 | SUBJECT_KEY=$(gnunet-identity -d -c test_idp.conf | grep rpego | awk '{print $3}') | 30 | SUBJECT_KEY=$(gnunet-identity -d -c test_idp.conf | grep rpego | awk '{print $3}') |
31 | TEST_KEY=$(gnunet-identity -d -c test_idp.conf | grep testego | awk '{print $3}') | 31 | TEST_KEY=$(gnunet-identity -d -c test_idp.conf | grep testego | awk '{print $3}') |
32 | gnunet-idp -e testego -a email -V john@doe.gnu -c test_idp.conf > /dev/null 2>&1 | 32 | gnunet-idp -e testego -a email -V john@doe.gnu -c test_idp.conf |
33 | gnunet-idp -e testego -a name -V John -c test_idp.conf > /dev/null 2>&1 | 33 | gnunet-idp -e testego -a name -V John -c test_idp.conf |
34 | TICKET=$(gnunet-idp -e testego -i "email,name" -r $SUBJECT_KEY -c test_idp.conf | awk '{print $1}') | 34 | TICKET=$(gnunet-idp -e testego -i "email,name" -r $SUBJECT_KEY -c test_idp.conf | awk '{print $1}') |
35 | echo "Consuming ticket $TICKET" | 35 | echo "Consuming ticket $TICKET" |
36 | gnunet-idp -e rpego -C $TICKET -c test_idp.conf | 36 | gnunet-idp -e rpego -C $TICKET -c test_idp.conf |
37 | curl http://localhost:7776/idp/tickets/testego | 37 | curl http://localhost:7776/idp/tickets/testego |
38 | #gnunet-arm -e -c test_idp.conf | 38 | gnunet-arm -e -c test_idp.conf |
diff --git a/src/identity-provider/test_idp_revoke.sh b/src/identity-provider/test_idp_revoke.sh index 57872c5b9..d5c2c3f77 100755 --- a/src/identity-provider/test_idp_revoke.sh +++ b/src/identity-provider/test_idp_revoke.sh | |||
@@ -24,14 +24,37 @@ which timeout &> /dev/null && DO_TIMEOUT="timeout 30" | |||
24 | 24 | ||
25 | TEST_ATTR="test" | 25 | TEST_ATTR="test" |
26 | gnunet-arm -s -c test_idp.conf | 26 | gnunet-arm -s -c test_idp.conf |
27 | gnunet-identity -C testego -c test_idp.conf | 27 | gnunet-identity -C alice -c test_idp.conf |
28 | gnunet-identity -C rpego -c test_idp.conf | 28 | gnunet-identity -C bob -c test_idp.conf |
29 | SUBJECT_KEY=$(gnunet-identity -d -c test_idp.conf | grep rpego | awk '{print $3}') | 29 | gnunet-identity -C eve -c test_idp.conf |
30 | TEST_KEY=$(gnunet-identity -d -c test_idp.conf | grep testego | awk '{print $3}') | 30 | ALICE_KEY=$(gnunet-identity -d -c test_idp.conf | grep alice | awk '{print $3}') |
31 | gnunet-idp -e testego -a email -V john@doe.gnu -c test_idp.conf | 31 | BOB_KEY=$(gnunet-identity -d -c test_idp.conf | grep bob | awk '{print $3}') |
32 | gnunet-idp -e testego -a name -V John -c test_idp.conf | 32 | EVE_KEY=$(gnunet-identity -d -c test_idp.conf | grep eve | awk '{print $3}') |
33 | #gnunet-idp -e testego -D -c test_idp.conf | 33 | |
34 | TICKET=$(gnunet-idp -e testego -i "email,name" -r $SUBJECT_KEY -c test_idp.conf | awk '{print $1}') | 34 | gnunet-idp -e alice -a email -V john@doe.gnu -c test_idp.conf |
35 | gnunet-idp -e alice -a name -V John -c test_idp.conf | ||
36 | TICKET_BOB=$(gnunet-idp -e alice -i "email,name" -r $BOB_KEY -c test_idp.conf | awk '{print $1}') | ||
37 | #gnunet-idp -e bob -C $TICKET_BOB -c test_idp.conf | ||
38 | TICKET_EVE=$(gnunet-idp -e alice -i "email" -r $EVE_KEY -c test_idp.conf | awk '{print $1}') | ||
39 | |||
40 | |||
35 | #echo "Consuming $TICKET" | 41 | #echo "Consuming $TICKET" |
36 | gnunet-idp -e testego -R $TICKET -c test_idp.conf | 42 | #gnunet-idp -e eve -C $TICKET_EVE -c test_idp.conf |
43 | gnunet-idp -e alice -R $TICKET_EVE -c test_idp.conf | ||
44 | |||
45 | gnunet-idp -e eve -C $TICKET_EVE -c test_idp.conf > /dev/null 2>&1 | ||
46 | if test $? == 0 | ||
47 | then | ||
48 | echo "Eve can still resolve attributes..." | ||
49 | gnunet-arm -e -c test_idp.conf | ||
50 | exit 1 | ||
51 | fi | ||
52 | gnunet-idp -e bob -C $TICKET_BOB -c test_idp.conf > /dev/null 2>&1 | ||
53 | if test $? != 0 | ||
54 | then | ||
55 | echo "Bob cannot resolve attributes..." | ||
56 | gnunet-arm -e -c test_idp.conf | ||
57 | exit 1 | ||
58 | fi | ||
59 | |||
37 | gnunet-arm -e -c test_idp.conf | 60 | gnunet-arm -e -c test_idp.conf |
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index 78d31a9ec..2b6718557 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h | |||
@@ -2151,7 +2151,8 @@ struct GNUNET_CRYPTO_AbeKey * | |||
2151 | GNUNET_CRYPTO_cpabe_create_key (struct GNUNET_CRYPTO_AbeMasterKey *msk, | 2151 | GNUNET_CRYPTO_cpabe_create_key (struct GNUNET_CRYPTO_AbeMasterKey *msk, |
2152 | char **attrs); | 2152 | char **attrs); |
2153 | void | 2153 | void |
2154 | GNUNET_CRYPTO_cpabe_delete_key (struct GNUNET_CRYPTO_AbeKey *key); | 2154 | GNUNET_CRYPTO_cpabe_delete_key (struct GNUNET_CRYPTO_AbeKey *key, |
2155 | int delete_pub); | ||
2155 | 2156 | ||
2156 | 2157 | ||
2157 | /** | 2158 | /** |
diff --git a/src/util/crypto_abe.c b/src/util/crypto_abe.c index f52cd5213..fcaa826ed 100644 --- a/src/util/crypto_abe.c +++ b/src/util/crypto_abe.c | |||
@@ -159,7 +159,10 @@ GNUNET_CRYPTO_cpabe_create_master_key (void) | |||
159 | void | 159 | void |
160 | GNUNET_CRYPTO_cpabe_delete_master_key (struct GNUNET_CRYPTO_AbeMasterKey *key) | 160 | GNUNET_CRYPTO_cpabe_delete_master_key (struct GNUNET_CRYPTO_AbeMasterKey *key) |
161 | { | 161 | { |
162 | gabe_msk_free (key->msk); //For some reason free of pub implicit? | 162 | gabe_msk_free (key->msk); |
163 | gabe_pub_free (key->pub); | ||
164 | //GNUNET_free (key->msk); | ||
165 | //gabe_msk_free (key->msk); //For some reason free of pub implicit? | ||
163 | GNUNET_free (key); | 166 | GNUNET_free (key); |
164 | } | 167 | } |
165 | 168 | ||
@@ -175,15 +178,19 @@ GNUNET_CRYPTO_cpabe_create_key (struct GNUNET_CRYPTO_AbeMasterKey *key, | |||
175 | prv_key->prv = gabe_keygen(key->pub, key->msk, attrs); | 178 | prv_key->prv = gabe_keygen(key->pub, key->msk, attrs); |
176 | size = gabe_pub_serialize(key->pub, &tmp); | 179 | size = gabe_pub_serialize(key->pub, &tmp); |
177 | prv_key->pub = gabe_pub_unserialize(tmp, size); | 180 | prv_key->pub = gabe_pub_unserialize(tmp, size); |
181 | GNUNET_free (tmp); | ||
178 | GNUNET_assert (NULL != prv_key->prv); | 182 | GNUNET_assert (NULL != prv_key->prv); |
179 | return prv_key; | 183 | return prv_key; |
180 | } | 184 | } |
181 | 185 | ||
182 | void | 186 | void |
183 | GNUNET_CRYPTO_cpabe_delete_key (struct GNUNET_CRYPTO_AbeKey *key) | 187 | GNUNET_CRYPTO_cpabe_delete_key (struct GNUNET_CRYPTO_AbeKey *key, |
188 | int delete_pub) | ||
184 | { | 189 | { |
185 | //Memory management in gabe is buggy | 190 | //Memory management in gabe is buggy |
186 | //gabe_prv_free (prv); | 191 | gabe_prv_free (key->prv); |
192 | if (GNUNET_YES == delete_pub) | ||
193 | gabe_pub_free (key->pub); | ||
187 | GNUNET_free (key); | 194 | GNUNET_free (key); |
188 | } | 195 | } |
189 | 196 | ||
@@ -266,6 +273,7 @@ GNUNET_CRYPTO_cpabe_encrypt (const void *block, | |||
266 | cph_buf_len = gabe_cph_serialize(cph, | 273 | cph_buf_len = gabe_cph_serialize(cph, |
267 | &cph_buf); | 274 | &cph_buf); |
268 | gabe_cph_free(cph); | 275 | gabe_cph_free(cph); |
276 | GNUNET_free (cph); | ||
269 | plt = GNUNET_memdup (block, size); | 277 | plt = GNUNET_memdup (block, size); |
270 | aes_buf_len = aes_128_cbc_encrypt(plt, size, m, &aes_buf); | 278 | aes_buf_len = aes_128_cbc_encrypt(plt, size, m, &aes_buf); |
271 | GNUNET_free (plt); | 279 | GNUNET_free (plt); |
@@ -293,14 +301,21 @@ GNUNET_CRYPTO_cpabe_decrypt (const void *block, | |||
293 | read_cpabe(block, &cph_buf, &cph_buf_size, &aes_buf, &aes_buf_size); | 301 | read_cpabe(block, &cph_buf, &cph_buf_size, &aes_buf, &aes_buf_size); |
294 | cph = gabe_cph_unserialize(key->pub, cph_buf, cph_buf_size); | 302 | cph = gabe_cph_unserialize(key->pub, cph_buf, cph_buf_size); |
295 | if( !gabe_dec(key->pub, key->prv, cph, m) ) { | 303 | if( !gabe_dec(key->pub, key->prv, cph, m) ) { |
296 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 304 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
297 | "%s\n", gabe_error()); | 305 | "%s\n", gabe_error()); |
306 | GNUNET_free (aes_buf); | ||
307 | GNUNET_free (cph_buf); | ||
298 | gabe_cph_free(cph); | 308 | gabe_cph_free(cph); |
309 | GNUNET_free (cph); | ||
310 | element_clear (m); | ||
299 | return GNUNET_SYSERR; | 311 | return GNUNET_SYSERR; |
300 | } | 312 | } |
301 | gabe_cph_free(cph); | 313 | gabe_cph_free(cph); |
314 | GNUNET_free (cph); | ||
302 | plt_len = aes_128_cbc_decrypt(aes_buf, aes_buf_size, m, (char**)result); | 315 | plt_len = aes_128_cbc_decrypt(aes_buf, aes_buf_size, m, (char**)result); |
316 | GNUNET_free (cph_buf); | ||
303 | GNUNET_free (aes_buf); | 317 | GNUNET_free (aes_buf); |
318 | element_clear (m); | ||
304 | //freeing is buggy in gabe | 319 | //freeing is buggy in gabe |
305 | //gabe_prv_free (prv); | 320 | //gabe_prv_free (prv); |
306 | //gabe_pub_free (pub); | 321 | //gabe_pub_free (pub); |