diff options
author | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2017-10-06 10:14:10 +0200 |
---|---|---|
committer | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2017-10-06 10:14:10 +0200 |
commit | 7807374c7247af1d139ff70b4af047c227229a6e (patch) | |
tree | b3cce2927701c84a9f1e558dd395d7cff9170440 /src | |
parent | fc76f42d3f8df9fc88648ad052f46c7ddf518879 (diff) | |
download | gnunet-7807374c7247af1d139ff70b4af047c227229a6e.tar.gz gnunet-7807374c7247af1d139ff70b4af047c227229a6e.zip |
-do not persist sensitive data
Diffstat (limited to 'src')
-rw-r--r-- | src/identity-provider/gnunet-service-identity-provider.c | 25 | ||||
-rw-r--r-- | src/identity-provider/plugin_identity_provider_sqlite.c | 44 | ||||
-rw-r--r-- | src/include/gnunet_identity_provider_plugin.h | 8 |
3 files changed, 15 insertions, 62 deletions
diff --git a/src/identity-provider/gnunet-service-identity-provider.c b/src/identity-provider/gnunet-service-identity-provider.c index 3dcb2792e..8960ea162 100644 --- a/src/identity-provider/gnunet-service-identity-provider.c +++ b/src/identity-provider/gnunet-service-identity-provider.c | |||
@@ -1765,8 +1765,7 @@ cleanup_ticket_issue_handle (struct TicketIssueHandle *handle) | |||
1765 | static void | 1765 | static void |
1766 | send_ticket_result (struct IdpClient *client, | 1766 | send_ticket_result (struct IdpClient *client, |
1767 | uint32_t r_id, | 1767 | uint32_t r_id, |
1768 | const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket, | 1768 | const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket) |
1769 | const struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs) | ||
1770 | { | 1769 | { |
1771 | struct TicketResultMessage *irm; | 1770 | struct TicketResultMessage *irm; |
1772 | struct GNUNET_MQ_Envelope *env; | 1771 | struct GNUNET_MQ_Envelope *env; |
@@ -1774,8 +1773,7 @@ send_ticket_result (struct IdpClient *client, | |||
1774 | 1773 | ||
1775 | /* store ticket in DB */ | 1774 | /* store ticket in DB */ |
1776 | if (GNUNET_OK != TKT_database->store_ticket (TKT_database->cls, | 1775 | if (GNUNET_OK != TKT_database->store_ticket (TKT_database->cls, |
1777 | ticket, | 1776 | ticket)) |
1778 | attrs)) | ||
1779 | { | 1777 | { |
1780 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 1778 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
1781 | "Unable to store ticket after issue\n"); | 1779 | "Unable to store ticket after issue\n"); |
@@ -1810,8 +1808,7 @@ store_ticket_issue_cont (void *cls, | |||
1810 | } | 1808 | } |
1811 | send_ticket_result (handle->client, | 1809 | send_ticket_result (handle->client, |
1812 | handle->r_id, | 1810 | handle->r_id, |
1813 | &handle->ticket, | 1811 | &handle->ticket); |
1814 | handle->attrs); | ||
1815 | cleanup_ticket_issue_handle (handle); | 1812 | cleanup_ticket_issue_handle (handle); |
1816 | } | 1813 | } |
1817 | 1814 | ||
@@ -2083,8 +2080,7 @@ process_parallel_lookup2 (void *cls, uint32_t rd_count, | |||
2083 | 2080 | ||
2084 | /* Store ticket in DB */ | 2081 | /* Store ticket in DB */ |
2085 | if (GNUNET_OK != TKT_database->store_ticket (TKT_database->cls, | 2082 | if (GNUNET_OK != TKT_database->store_ticket (TKT_database->cls, |
2086 | &handle->ticket, | 2083 | &handle->ticket)) |
2087 | handle->attrs)) | ||
2088 | { | 2084 | { |
2089 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 2085 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
2090 | "Unable to store ticket after consume\n"); | 2086 | "Unable to store ticket after consume\n"); |
@@ -2664,8 +2660,7 @@ struct TicketIterationProcResult | |||
2664 | */ | 2660 | */ |
2665 | static void | 2661 | static void |
2666 | ticket_iterate_proc (void *cls, | 2662 | ticket_iterate_proc (void *cls, |
2667 | const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket, | 2663 | const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket) |
2668 | const struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs) | ||
2669 | { | 2664 | { |
2670 | struct TicketIterationProcResult *proc = cls; | 2665 | struct TicketIterationProcResult *proc = cls; |
2671 | 2666 | ||
@@ -2676,18 +2671,10 @@ ticket_iterate_proc (void *cls, | |||
2676 | proc->res_iteration_finished = IT_SUCCESS_NOT_MORE_RESULTS_AVAILABLE; | 2671 | proc->res_iteration_finished = IT_SUCCESS_NOT_MORE_RESULTS_AVAILABLE; |
2677 | return; | 2672 | return; |
2678 | } | 2673 | } |
2679 | if ((NULL == ticket) || (NULL == attrs)) | ||
2680 | { | ||
2681 | /* error */ | ||
2682 | proc->res_iteration_finished = IT_START; | ||
2683 | GNUNET_break (0); | ||
2684 | return; | ||
2685 | } | ||
2686 | proc->res_iteration_finished = IT_SUCCESS_MORE_AVAILABLE; | 2674 | proc->res_iteration_finished = IT_SUCCESS_MORE_AVAILABLE; |
2687 | send_ticket_result (proc->ti->client, | 2675 | send_ticket_result (proc->ti->client, |
2688 | proc->ti->r_id, | 2676 | proc->ti->r_id, |
2689 | ticket, | 2677 | ticket); |
2690 | attrs); | ||
2691 | 2678 | ||
2692 | } | 2679 | } |
2693 | 2680 | ||
diff --git a/src/identity-provider/plugin_identity_provider_sqlite.c b/src/identity-provider/plugin_identity_provider_sqlite.c index 464ea29cb..7a19ba827 100644 --- a/src/identity-provider/plugin_identity_provider_sqlite.c +++ b/src/identity-provider/plugin_identity_provider_sqlite.c | |||
@@ -27,7 +27,6 @@ | |||
27 | #include "platform.h" | 27 | #include "platform.h" |
28 | #include "gnunet_identity_provider_service.h" | 28 | #include "gnunet_identity_provider_service.h" |
29 | #include "gnunet_identity_provider_plugin.h" | 29 | #include "gnunet_identity_provider_plugin.h" |
30 | #include "identity_attribute.h" | ||
31 | #include "gnunet_sq_lib.h" | 30 | #include "gnunet_sq_lib.h" |
32 | #include <sqlite3.h> | 31 | #include <sqlite3.h> |
33 | 32 | ||
@@ -253,8 +252,7 @@ database_setup (struct Plugin *plugin) | |||
253 | "CREATE TABLE identity001tickets (" | 252 | "CREATE TABLE identity001tickets (" |
254 | " identity BLOB NOT NULL DEFAULT ''," | 253 | " identity BLOB NOT NULL DEFAULT ''," |
255 | " audience BLOB NOT NULL DEFAULT ''," | 254 | " audience BLOB NOT NULL DEFAULT ''," |
256 | " rnd INT8 NOT NULL DEFAULT ''," | 255 | " rnd INT8 NOT NULL DEFAULT ''" |
257 | " attributes BLOB NOT NULL DEFAULT ''" | ||
258 | ")", | 256 | ")", |
259 | NULL, NULL, NULL) != SQLITE_OK)) | 257 | NULL, NULL, NULL) != SQLITE_OK)) |
260 | { | 258 | { |
@@ -269,8 +267,8 @@ database_setup (struct Plugin *plugin) | |||
269 | 267 | ||
270 | if ( (SQLITE_OK != | 268 | if ( (SQLITE_OK != |
271 | sq_prepare (plugin->dbh, | 269 | sq_prepare (plugin->dbh, |
272 | "INSERT INTO identity001tickets (identity, audience, rnd, attributes)" | 270 | "INSERT INTO identity001tickets (identity, audience, rnd)" |
273 | " VALUES (?, ?, ?, ?)", | 271 | " VALUES (?, ?, ?)", |
274 | &plugin->store_ticket)) || | 272 | &plugin->store_ticket)) || |
275 | (SQLITE_OK != | 273 | (SQLITE_OK != |
276 | sq_prepare (plugin->dbh, | 274 | sq_prepare (plugin->dbh, |
@@ -278,13 +276,13 @@ database_setup (struct Plugin *plugin) | |||
278 | &plugin->delete_ticket)) || | 276 | &plugin->delete_ticket)) || |
279 | (SQLITE_OK != | 277 | (SQLITE_OK != |
280 | sq_prepare (plugin->dbh, | 278 | sq_prepare (plugin->dbh, |
281 | "SELECT identity,audience,rnd,attributes" | 279 | "SELECT identity,audience,rnd" |
282 | " FROM identity001tickets WHERE identity=?" | 280 | " FROM identity001tickets WHERE identity=?" |
283 | " ORDER BY rnd LIMIT 1 OFFSET ?", | 281 | " ORDER BY rnd LIMIT 1 OFFSET ?", |
284 | &plugin->iterate_tickets)) || | 282 | &plugin->iterate_tickets)) || |
285 | (SQLITE_OK != | 283 | (SQLITE_OK != |
286 | sq_prepare (plugin->dbh, | 284 | sq_prepare (plugin->dbh, |
287 | "SELECT identity,audience,rnd,attributes" | 285 | "SELECT identity,audience,rnd" |
288 | " FROM identity001tickets WHERE audience=?" | 286 | " FROM identity001tickets WHERE audience=?" |
289 | " ORDER BY rnd LIMIT 1 OFFSET ?", | 287 | " ORDER BY rnd LIMIT 1 OFFSET ?", |
290 | &plugin->iterate_tickets_by_audience)) ) | 288 | &plugin->iterate_tickets_by_audience)) ) |
@@ -356,25 +354,14 @@ database_shutdown (struct Plugin *plugin) | |||
356 | * | 354 | * |
357 | * @param cls closure (internal context for the plugin) | 355 | * @param cls closure (internal context for the plugin) |
358 | * @param ticket the ticket to persist | 356 | * @param ticket the ticket to persist |
359 | * @param attrs attributes to persist | ||
360 | * @return #GNUNET_OK on success, else #GNUNET_SYSERR | 357 | * @return #GNUNET_OK on success, else #GNUNET_SYSERR |
361 | */ | 358 | */ |
362 | static int | 359 | static int |
363 | identity_provider_sqlite_store_ticket (void *cls, | 360 | identity_provider_sqlite_store_ticket (void *cls, |
364 | const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket, | 361 | const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket) |
365 | const struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs) | ||
366 | { | 362 | { |
367 | struct Plugin *plugin = cls; | 363 | struct Plugin *plugin = cls; |
368 | int n; | 364 | int n; |
369 | size_t attrs_size; | ||
370 | char *attrs_serialized; | ||
371 | |||
372 | attrs_size = attribute_list_serialize_get_size (attrs); | ||
373 | |||
374 | attrs_serialized = GNUNET_malloc (attrs_size); | ||
375 | |||
376 | attribute_list_serialize (attrs, | ||
377 | attrs_serialized); | ||
378 | 365 | ||
379 | { | 366 | { |
380 | /* First delete duplicates */ | 367 | /* First delete duplicates */ |
@@ -402,7 +389,6 @@ identity_provider_sqlite_store_ticket (void *cls, | |||
402 | GNUNET_SQ_query_param_auto_from_type (&ticket->identity), | 389 | GNUNET_SQ_query_param_auto_from_type (&ticket->identity), |
403 | GNUNET_SQ_query_param_auto_from_type (&ticket->audience), | 390 | GNUNET_SQ_query_param_auto_from_type (&ticket->audience), |
404 | GNUNET_SQ_query_param_uint64 (&ticket->rnd), | 391 | GNUNET_SQ_query_param_uint64 (&ticket->rnd), |
405 | GNUNET_SQ_query_param_fixed_size (attrs_serialized, attrs_size), | ||
406 | GNUNET_SQ_query_param_end | 392 | GNUNET_SQ_query_param_end |
407 | }; | 393 | }; |
408 | 394 | ||
@@ -517,8 +503,6 @@ get_ticket_and_call_iterator (struct Plugin *plugin, | |||
517 | void *iter_cls) | 503 | void *iter_cls) |
518 | { | 504 | { |
519 | struct GNUNET_IDENTITY_PROVIDER_Ticket2 ticket; | 505 | struct GNUNET_IDENTITY_PROVIDER_Ticket2 ticket; |
520 | size_t attrs_size; | ||
521 | void *attrs_serialized; | ||
522 | int ret; | 506 | int ret; |
523 | int sret; | 507 | int sret; |
524 | 508 | ||
@@ -529,7 +513,6 @@ get_ticket_and_call_iterator (struct Plugin *plugin, | |||
529 | GNUNET_SQ_result_spec_auto_from_type (&ticket.identity), | 513 | GNUNET_SQ_result_spec_auto_from_type (&ticket.identity), |
530 | GNUNET_SQ_result_spec_auto_from_type (&ticket.audience), | 514 | GNUNET_SQ_result_spec_auto_from_type (&ticket.audience), |
531 | GNUNET_SQ_result_spec_uint64 (&ticket.rnd), | 515 | GNUNET_SQ_result_spec_uint64 (&ticket.rnd), |
532 | GNUNET_SQ_result_spec_variable_size (&attrs_serialized, &attrs_size), | ||
533 | GNUNET_SQ_result_spec_end | 516 | GNUNET_SQ_result_spec_end |
534 | 517 | ||
535 | }; | 518 | }; |
@@ -542,23 +525,10 @@ get_ticket_and_call_iterator (struct Plugin *plugin, | |||
542 | } | 525 | } |
543 | else | 526 | else |
544 | { | 527 | { |
545 | struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs; | ||
546 | |||
547 | attrs = attribute_list_deserialize (attrs_serialized, attrs_size); | ||
548 | |||
549 | if (NULL == attrs) | ||
550 | { | ||
551 | GNUNET_break (0); | ||
552 | ret = GNUNET_SYSERR; | ||
553 | } | ||
554 | else | ||
555 | { | ||
556 | if (NULL != iter) | 528 | if (NULL != iter) |
557 | iter (iter_cls, | 529 | iter (iter_cls, |
558 | &ticket, | 530 | &ticket); |
559 | attrs); | ||
560 | ret = GNUNET_YES; | 531 | ret = GNUNET_YES; |
561 | } | ||
562 | } | 532 | } |
563 | GNUNET_SQ_cleanup_result (rs); | 533 | GNUNET_SQ_cleanup_result (rs); |
564 | } | 534 | } |
diff --git a/src/include/gnunet_identity_provider_plugin.h b/src/include/gnunet_identity_provider_plugin.h index 5867a5b80..9e779bde7 100644 --- a/src/include/gnunet_identity_provider_plugin.h +++ b/src/include/gnunet_identity_provider_plugin.h | |||
@@ -48,11 +48,9 @@ extern "C" | |||
48 | * | 48 | * |
49 | * @param cls closure | 49 | * @param cls closure |
50 | * @param ticket the ticket | 50 | * @param ticket the ticket |
51 | * @prarm attrs the attributes | ||
52 | */ | 51 | */ |
53 | typedef void (*GNUNET_IDENTITY_PROVIDER_TicketIterator) (void *cls, | 52 | typedef void (*GNUNET_IDENTITY_PROVIDER_TicketIterator) (void *cls, |
54 | const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket, | 53 | const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket); |
55 | const struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs); | ||
56 | 54 | ||
57 | 55 | ||
58 | /** | 56 | /** |
@@ -71,12 +69,10 @@ struct GNUNET_IDENTITY_PROVIDER_PluginFunctions | |||
71 | * | 69 | * |
72 | * @param cls closure (internal context for the plugin) | 70 | * @param cls closure (internal context for the plugin) |
73 | * @param ticket the ticket to store | 71 | * @param ticket the ticket to store |
74 | * @param attrs the attributes shared with the ticket | ||
75 | * @return #GNUNET_OK on success, else #GNUNET_SYSERR | 72 | * @return #GNUNET_OK on success, else #GNUNET_SYSERR |
76 | */ | 73 | */ |
77 | int (*store_ticket) (void *cls, | 74 | int (*store_ticket) (void *cls, |
78 | const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket, | 75 | const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket); |
79 | const struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs); | ||
80 | 76 | ||
81 | /** | 77 | /** |
82 | * Delete a ticket from the database. | 78 | * Delete a ticket from the database. |