diff options
| author | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2017-10-06 10:14:10 +0200 |
|---|---|---|
| committer | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2017-10-06 10:14:10 +0200 |
| commit | 7807374c7247af1d139ff70b4af047c227229a6e (patch) | |
| tree | b3cce2927701c84a9f1e558dd395d7cff9170440 /src | |
| parent | fc76f42d3f8df9fc88648ad052f46c7ddf518879 (diff) | |
| download | gnunet-7807374c7247af1d139ff70b4af047c227229a6e.tar.gz gnunet-7807374c7247af1d139ff70b4af047c227229a6e.zip | |
-do not persist sensitive data
Diffstat (limited to 'src')
| -rw-r--r-- | src/identity-provider/gnunet-service-identity-provider.c | 25 | ||||
| -rw-r--r-- | src/identity-provider/plugin_identity_provider_sqlite.c | 44 | ||||
| -rw-r--r-- | src/include/gnunet_identity_provider_plugin.h | 8 |
3 files changed, 15 insertions, 62 deletions
diff --git a/src/identity-provider/gnunet-service-identity-provider.c b/src/identity-provider/gnunet-service-identity-provider.c index 3dcb2792e..8960ea162 100644 --- a/src/identity-provider/gnunet-service-identity-provider.c +++ b/src/identity-provider/gnunet-service-identity-provider.c | |||
| @@ -1765,8 +1765,7 @@ cleanup_ticket_issue_handle (struct TicketIssueHandle *handle) | |||
| 1765 | static void | 1765 | static void |
| 1766 | send_ticket_result (struct IdpClient *client, | 1766 | send_ticket_result (struct IdpClient *client, |
| 1767 | uint32_t r_id, | 1767 | uint32_t r_id, |
| 1768 | const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket, | 1768 | const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket) |
| 1769 | const struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs) | ||
| 1770 | { | 1769 | { |
| 1771 | struct TicketResultMessage *irm; | 1770 | struct TicketResultMessage *irm; |
| 1772 | struct GNUNET_MQ_Envelope *env; | 1771 | struct GNUNET_MQ_Envelope *env; |
| @@ -1774,8 +1773,7 @@ send_ticket_result (struct IdpClient *client, | |||
| 1774 | 1773 | ||
| 1775 | /* store ticket in DB */ | 1774 | /* store ticket in DB */ |
| 1776 | if (GNUNET_OK != TKT_database->store_ticket (TKT_database->cls, | 1775 | if (GNUNET_OK != TKT_database->store_ticket (TKT_database->cls, |
| 1777 | ticket, | 1776 | ticket)) |
| 1778 | attrs)) | ||
| 1779 | { | 1777 | { |
| 1780 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 1778 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
| 1781 | "Unable to store ticket after issue\n"); | 1779 | "Unable to store ticket after issue\n"); |
| @@ -1810,8 +1808,7 @@ store_ticket_issue_cont (void *cls, | |||
| 1810 | } | 1808 | } |
| 1811 | send_ticket_result (handle->client, | 1809 | send_ticket_result (handle->client, |
| 1812 | handle->r_id, | 1810 | handle->r_id, |
| 1813 | &handle->ticket, | 1811 | &handle->ticket); |
| 1814 | handle->attrs); | ||
| 1815 | cleanup_ticket_issue_handle (handle); | 1812 | cleanup_ticket_issue_handle (handle); |
| 1816 | } | 1813 | } |
| 1817 | 1814 | ||
| @@ -2083,8 +2080,7 @@ process_parallel_lookup2 (void *cls, uint32_t rd_count, | |||
| 2083 | 2080 | ||
| 2084 | /* Store ticket in DB */ | 2081 | /* Store ticket in DB */ |
| 2085 | if (GNUNET_OK != TKT_database->store_ticket (TKT_database->cls, | 2082 | if (GNUNET_OK != TKT_database->store_ticket (TKT_database->cls, |
| 2086 | &handle->ticket, | 2083 | &handle->ticket)) |
| 2087 | handle->attrs)) | ||
| 2088 | { | 2084 | { |
| 2089 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 2085 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
| 2090 | "Unable to store ticket after consume\n"); | 2086 | "Unable to store ticket after consume\n"); |
| @@ -2664,8 +2660,7 @@ struct TicketIterationProcResult | |||
| 2664 | */ | 2660 | */ |
| 2665 | static void | 2661 | static void |
| 2666 | ticket_iterate_proc (void *cls, | 2662 | ticket_iterate_proc (void *cls, |
| 2667 | const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket, | 2663 | const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket) |
| 2668 | const struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs) | ||
| 2669 | { | 2664 | { |
| 2670 | struct TicketIterationProcResult *proc = cls; | 2665 | struct TicketIterationProcResult *proc = cls; |
| 2671 | 2666 | ||
| @@ -2676,18 +2671,10 @@ ticket_iterate_proc (void *cls, | |||
| 2676 | proc->res_iteration_finished = IT_SUCCESS_NOT_MORE_RESULTS_AVAILABLE; | 2671 | proc->res_iteration_finished = IT_SUCCESS_NOT_MORE_RESULTS_AVAILABLE; |
| 2677 | return; | 2672 | return; |
| 2678 | } | 2673 | } |
| 2679 | if ((NULL == ticket) || (NULL == attrs)) | ||
| 2680 | { | ||
| 2681 | /* error */ | ||
| 2682 | proc->res_iteration_finished = IT_START; | ||
| 2683 | GNUNET_break (0); | ||
| 2684 | return; | ||
| 2685 | } | ||
| 2686 | proc->res_iteration_finished = IT_SUCCESS_MORE_AVAILABLE; | 2674 | proc->res_iteration_finished = IT_SUCCESS_MORE_AVAILABLE; |
| 2687 | send_ticket_result (proc->ti->client, | 2675 | send_ticket_result (proc->ti->client, |
| 2688 | proc->ti->r_id, | 2676 | proc->ti->r_id, |
| 2689 | ticket, | 2677 | ticket); |
| 2690 | attrs); | ||
| 2691 | 2678 | ||
| 2692 | } | 2679 | } |
| 2693 | 2680 | ||
diff --git a/src/identity-provider/plugin_identity_provider_sqlite.c b/src/identity-provider/plugin_identity_provider_sqlite.c index 464ea29cb..7a19ba827 100644 --- a/src/identity-provider/plugin_identity_provider_sqlite.c +++ b/src/identity-provider/plugin_identity_provider_sqlite.c | |||
| @@ -27,7 +27,6 @@ | |||
| 27 | #include "platform.h" | 27 | #include "platform.h" |
| 28 | #include "gnunet_identity_provider_service.h" | 28 | #include "gnunet_identity_provider_service.h" |
| 29 | #include "gnunet_identity_provider_plugin.h" | 29 | #include "gnunet_identity_provider_plugin.h" |
| 30 | #include "identity_attribute.h" | ||
| 31 | #include "gnunet_sq_lib.h" | 30 | #include "gnunet_sq_lib.h" |
| 32 | #include <sqlite3.h> | 31 | #include <sqlite3.h> |
| 33 | 32 | ||
| @@ -253,8 +252,7 @@ database_setup (struct Plugin *plugin) | |||
| 253 | "CREATE TABLE identity001tickets (" | 252 | "CREATE TABLE identity001tickets (" |
| 254 | " identity BLOB NOT NULL DEFAULT ''," | 253 | " identity BLOB NOT NULL DEFAULT ''," |
| 255 | " audience BLOB NOT NULL DEFAULT ''," | 254 | " audience BLOB NOT NULL DEFAULT ''," |
| 256 | " rnd INT8 NOT NULL DEFAULT ''," | 255 | " rnd INT8 NOT NULL DEFAULT ''" |
| 257 | " attributes BLOB NOT NULL DEFAULT ''" | ||
| 258 | ")", | 256 | ")", |
| 259 | NULL, NULL, NULL) != SQLITE_OK)) | 257 | NULL, NULL, NULL) != SQLITE_OK)) |
| 260 | { | 258 | { |
| @@ -269,8 +267,8 @@ database_setup (struct Plugin *plugin) | |||
| 269 | 267 | ||
| 270 | if ( (SQLITE_OK != | 268 | if ( (SQLITE_OK != |
| 271 | sq_prepare (plugin->dbh, | 269 | sq_prepare (plugin->dbh, |
| 272 | "INSERT INTO identity001tickets (identity, audience, rnd, attributes)" | 270 | "INSERT INTO identity001tickets (identity, audience, rnd)" |
| 273 | " VALUES (?, ?, ?, ?)", | 271 | " VALUES (?, ?, ?)", |
| 274 | &plugin->store_ticket)) || | 272 | &plugin->store_ticket)) || |
| 275 | (SQLITE_OK != | 273 | (SQLITE_OK != |
| 276 | sq_prepare (plugin->dbh, | 274 | sq_prepare (plugin->dbh, |
| @@ -278,13 +276,13 @@ database_setup (struct Plugin *plugin) | |||
| 278 | &plugin->delete_ticket)) || | 276 | &plugin->delete_ticket)) || |
| 279 | (SQLITE_OK != | 277 | (SQLITE_OK != |
| 280 | sq_prepare (plugin->dbh, | 278 | sq_prepare (plugin->dbh, |
| 281 | "SELECT identity,audience,rnd,attributes" | 279 | "SELECT identity,audience,rnd" |
| 282 | " FROM identity001tickets WHERE identity=?" | 280 | " FROM identity001tickets WHERE identity=?" |
| 283 | " ORDER BY rnd LIMIT 1 OFFSET ?", | 281 | " ORDER BY rnd LIMIT 1 OFFSET ?", |
| 284 | &plugin->iterate_tickets)) || | 282 | &plugin->iterate_tickets)) || |
| 285 | (SQLITE_OK != | 283 | (SQLITE_OK != |
| 286 | sq_prepare (plugin->dbh, | 284 | sq_prepare (plugin->dbh, |
| 287 | "SELECT identity,audience,rnd,attributes" | 285 | "SELECT identity,audience,rnd" |
| 288 | " FROM identity001tickets WHERE audience=?" | 286 | " FROM identity001tickets WHERE audience=?" |
| 289 | " ORDER BY rnd LIMIT 1 OFFSET ?", | 287 | " ORDER BY rnd LIMIT 1 OFFSET ?", |
| 290 | &plugin->iterate_tickets_by_audience)) ) | 288 | &plugin->iterate_tickets_by_audience)) ) |
| @@ -356,25 +354,14 @@ database_shutdown (struct Plugin *plugin) | |||
| 356 | * | 354 | * |
| 357 | * @param cls closure (internal context for the plugin) | 355 | * @param cls closure (internal context for the plugin) |
| 358 | * @param ticket the ticket to persist | 356 | * @param ticket the ticket to persist |
| 359 | * @param attrs attributes to persist | ||
| 360 | * @return #GNUNET_OK on success, else #GNUNET_SYSERR | 357 | * @return #GNUNET_OK on success, else #GNUNET_SYSERR |
| 361 | */ | 358 | */ |
| 362 | static int | 359 | static int |
| 363 | identity_provider_sqlite_store_ticket (void *cls, | 360 | identity_provider_sqlite_store_ticket (void *cls, |
| 364 | const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket, | 361 | const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket) |
| 365 | const struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs) | ||
| 366 | { | 362 | { |
| 367 | struct Plugin *plugin = cls; | 363 | struct Plugin *plugin = cls; |
| 368 | int n; | 364 | int n; |
| 369 | size_t attrs_size; | ||
| 370 | char *attrs_serialized; | ||
| 371 | |||
| 372 | attrs_size = attribute_list_serialize_get_size (attrs); | ||
| 373 | |||
| 374 | attrs_serialized = GNUNET_malloc (attrs_size); | ||
| 375 | |||
| 376 | attribute_list_serialize (attrs, | ||
| 377 | attrs_serialized); | ||
| 378 | 365 | ||
| 379 | { | 366 | { |
| 380 | /* First delete duplicates */ | 367 | /* First delete duplicates */ |
| @@ -402,7 +389,6 @@ identity_provider_sqlite_store_ticket (void *cls, | |||
| 402 | GNUNET_SQ_query_param_auto_from_type (&ticket->identity), | 389 | GNUNET_SQ_query_param_auto_from_type (&ticket->identity), |
| 403 | GNUNET_SQ_query_param_auto_from_type (&ticket->audience), | 390 | GNUNET_SQ_query_param_auto_from_type (&ticket->audience), |
| 404 | GNUNET_SQ_query_param_uint64 (&ticket->rnd), | 391 | GNUNET_SQ_query_param_uint64 (&ticket->rnd), |
| 405 | GNUNET_SQ_query_param_fixed_size (attrs_serialized, attrs_size), | ||
| 406 | GNUNET_SQ_query_param_end | 392 | GNUNET_SQ_query_param_end |
| 407 | }; | 393 | }; |
| 408 | 394 | ||
| @@ -517,8 +503,6 @@ get_ticket_and_call_iterator (struct Plugin *plugin, | |||
| 517 | void *iter_cls) | 503 | void *iter_cls) |
| 518 | { | 504 | { |
| 519 | struct GNUNET_IDENTITY_PROVIDER_Ticket2 ticket; | 505 | struct GNUNET_IDENTITY_PROVIDER_Ticket2 ticket; |
| 520 | size_t attrs_size; | ||
| 521 | void *attrs_serialized; | ||
| 522 | int ret; | 506 | int ret; |
| 523 | int sret; | 507 | int sret; |
| 524 | 508 | ||
| @@ -529,7 +513,6 @@ get_ticket_and_call_iterator (struct Plugin *plugin, | |||
| 529 | GNUNET_SQ_result_spec_auto_from_type (&ticket.identity), | 513 | GNUNET_SQ_result_spec_auto_from_type (&ticket.identity), |
| 530 | GNUNET_SQ_result_spec_auto_from_type (&ticket.audience), | 514 | GNUNET_SQ_result_spec_auto_from_type (&ticket.audience), |
| 531 | GNUNET_SQ_result_spec_uint64 (&ticket.rnd), | 515 | GNUNET_SQ_result_spec_uint64 (&ticket.rnd), |
| 532 | GNUNET_SQ_result_spec_variable_size (&attrs_serialized, &attrs_size), | ||
| 533 | GNUNET_SQ_result_spec_end | 516 | GNUNET_SQ_result_spec_end |
| 534 | 517 | ||
| 535 | }; | 518 | }; |
| @@ -542,23 +525,10 @@ get_ticket_and_call_iterator (struct Plugin *plugin, | |||
| 542 | } | 525 | } |
| 543 | else | 526 | else |
| 544 | { | 527 | { |
| 545 | struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs; | ||
| 546 | |||
| 547 | attrs = attribute_list_deserialize (attrs_serialized, attrs_size); | ||
| 548 | |||
| 549 | if (NULL == attrs) | ||
| 550 | { | ||
| 551 | GNUNET_break (0); | ||
| 552 | ret = GNUNET_SYSERR; | ||
| 553 | } | ||
| 554 | else | ||
| 555 | { | ||
| 556 | if (NULL != iter) | 528 | if (NULL != iter) |
| 557 | iter (iter_cls, | 529 | iter (iter_cls, |
| 558 | &ticket, | 530 | &ticket); |
| 559 | attrs); | ||
| 560 | ret = GNUNET_YES; | 531 | ret = GNUNET_YES; |
| 561 | } | ||
| 562 | } | 532 | } |
| 563 | GNUNET_SQ_cleanup_result (rs); | 533 | GNUNET_SQ_cleanup_result (rs); |
| 564 | } | 534 | } |
diff --git a/src/include/gnunet_identity_provider_plugin.h b/src/include/gnunet_identity_provider_plugin.h index 5867a5b80..9e779bde7 100644 --- a/src/include/gnunet_identity_provider_plugin.h +++ b/src/include/gnunet_identity_provider_plugin.h | |||
| @@ -48,11 +48,9 @@ extern "C" | |||
| 48 | * | 48 | * |
| 49 | * @param cls closure | 49 | * @param cls closure |
| 50 | * @param ticket the ticket | 50 | * @param ticket the ticket |
| 51 | * @prarm attrs the attributes | ||
| 52 | */ | 51 | */ |
| 53 | typedef void (*GNUNET_IDENTITY_PROVIDER_TicketIterator) (void *cls, | 52 | typedef void (*GNUNET_IDENTITY_PROVIDER_TicketIterator) (void *cls, |
| 54 | const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket, | 53 | const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket); |
| 55 | const struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs); | ||
| 56 | 54 | ||
| 57 | 55 | ||
| 58 | /** | 56 | /** |
| @@ -71,12 +69,10 @@ struct GNUNET_IDENTITY_PROVIDER_PluginFunctions | |||
| 71 | * | 69 | * |
| 72 | * @param cls closure (internal context for the plugin) | 70 | * @param cls closure (internal context for the plugin) |
| 73 | * @param ticket the ticket to store | 71 | * @param ticket the ticket to store |
| 74 | * @param attrs the attributes shared with the ticket | ||
| 75 | * @return #GNUNET_OK on success, else #GNUNET_SYSERR | 72 | * @return #GNUNET_OK on success, else #GNUNET_SYSERR |
| 76 | */ | 73 | */ |
| 77 | int (*store_ticket) (void *cls, | 74 | int (*store_ticket) (void *cls, |
| 78 | const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket, | 75 | const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket); |
| 79 | const struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs); | ||
| 80 | 76 | ||
| 81 | /** | 77 | /** |
| 82 | * Delete a ticket from the database. | 78 | * Delete a ticket from the database. |