summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/credential/credential.h16
-rw-r--r--src/credential/credential_api.c153
-rw-r--r--src/credential/gnunet-credential.c26
-rw-r--r--src/credential/gnunet-service-credential.c227
-rw-r--r--src/credential/plugin_gnsrecord_credential.c48
-rw-r--r--src/include/gnunet_credential_service.h25
-rw-r--r--src/include/gnunet_gnsrecord_lib.h4
-rw-r--r--src/include/gnunet_protocols.h4
8 files changed, 257 insertions, 246 deletions
diff --git a/src/credential/credential.h b/src/credential/credential.h
index 597c34a3d..2acaf73a5 100644
--- a/src/credential/credential.h
+++ b/src/credential/credential.h
@@ -30,12 +30,12 @@
GNUNET_NETWORK_STRUCT_BEGIN
/**
- * Message from client to Credential service to lookup credentials.
+ * Message from client to Credential service to verify attributes.
*/
-struct LookupMessage
+struct VerifyMessage
{
/**
- * Header of type #GNUNET_MESSAGE_TYPE_CREDENTIAL_LOOKUP
+ * Header of type #GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY
*/
struct GNUNET_MessageHeader header;
@@ -54,7 +54,7 @@ struct LookupMessage
*/
uint32_t id GNUNET_PACKED;
- /* Followed by the zero-terminated credential to look up */
+ /* Followed by the zero-terminated attributes to look up */
};
@@ -62,10 +62,10 @@ struct LookupMessage
/**
* Message from CREDENTIAL service to client: new results.
*/
-struct LookupResultMessage
+struct VerifyResultMessage
{
/**
- * Header of type #GNUNET_MESSAGE_TYPE_CREDENTIAL_LOOKUP_RESULT
+ * Header of type #GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT
*/
struct GNUNET_MessageHeader header;
@@ -78,9 +78,9 @@ struct LookupResultMessage
/**
* The number of credentials in the response
*/
- uint32_t cd_count GNUNET_PACKED;
+ uint32_t ad_count GNUNET_PACKED;
- /* followed by cd_count GNUNET_CREDENTIAL_RecordData structs*/
+ /* followed by ad_count GNUNET_CREDENTIAL_RecordData structs*/
};
diff --git a/src/credential/credential_api.c b/src/credential/credential_api.c
index 1efe2d089..4864d54d0 100644
--- a/src/credential/credential_api.c
+++ b/src/credential/credential_api.c
@@ -36,20 +36,20 @@
#define LOG(kind,...) GNUNET_log_from (kind, "credential-api",__VA_ARGS__)
/**
- * Handle to a lookup request
+ * Handle to a verify request
*/
-struct GNUNET_CREDENTIAL_LookupRequest
+struct GNUNET_CREDENTIAL_VerifyRequest
{
/**
* DLL
*/
- struct GNUNET_CREDENTIAL_LookupRequest *next;
+ struct GNUNET_CREDENTIAL_VerifyRequest *next;
/**
* DLL
*/
- struct GNUNET_CREDENTIAL_LookupRequest *prev;
+ struct GNUNET_CREDENTIAL_VerifyRequest *prev;
/**
* handle to credential service
@@ -57,12 +57,12 @@ struct GNUNET_CREDENTIAL_LookupRequest
struct GNUNET_CREDENTIAL_Handle *credential_handle;
/**
- * processor to call on lookup result
+ * processor to call on verify result
*/
- GNUNET_CREDENTIAL_LookupResultProcessor lookup_proc;
+ GNUNET_CREDENTIAL_VerifyResultProcessor verify_proc;
/**
- * @e lookup_proc closure
+ * @e verify_proc closure
*/
void *proc_cls;
@@ -96,14 +96,14 @@ struct GNUNET_CREDENTIAL_Handle
struct GNUNET_MQ_Handle *mq;
/**
- * Head of linked list of active lookup requests.
+ * Head of linked list of active verify requests.
*/
- struct GNUNET_CREDENTIAL_LookupRequest *lookup_head;
+ struct GNUNET_CREDENTIAL_VerifyRequest *verify_head;
/**
- * Tail of linked list of active lookup requests.
+ * Tail of linked list of active verify requests.
*/
- struct GNUNET_CREDENTIAL_LookupRequest *lookup_tail;
+ struct GNUNET_CREDENTIAL_VerifyRequest *verify_tail;
/**
* Reconnect task
@@ -192,7 +192,7 @@ mq_error_handler (void *cls,
*/
static int
check_result (void *cls,
- const struct LookupResultMessage *lookup_msg)
+ const struct VerifyResultMessage *vr_msg)
{
//TODO
return GNUNET_OK;
@@ -207,30 +207,30 @@ check_result (void *cls,
*/
static void
handle_result (void *cls,
- const struct LookupResultMessage *lookup_msg)
+ const struct VerifyResultMessage *vr_msg)
{
struct GNUNET_CREDENTIAL_Handle *handle = cls;
- uint32_t cd_count = ntohl (lookup_msg->cd_count);
- struct GNUNET_CREDENTIAL_RecordData cd[cd_count];
- uint32_t r_id = ntohl (lookup_msg->id);
- struct GNUNET_CREDENTIAL_LookupRequest *lr;
- GNUNET_CREDENTIAL_LookupResultProcessor proc;
+ uint32_t ad_count = ntohl (vr_msg->ad_count);
+ struct GNUNET_CREDENTIAL_RecordData ad[ad_count];
+ uint32_t r_id = ntohl (vr_msg->id);
+ struct GNUNET_CREDENTIAL_VerifyRequest *vr;
+ GNUNET_CREDENTIAL_VerifyResultProcessor proc;
void *proc_cls;
LOG (GNUNET_ERROR_TYPE_DEBUG,
- "Received lookup reply from CREDENTIAL service (%u credentials)\n",
- (unsigned int) cd_count);
- for (lr = handle->lookup_head; NULL != lr; lr = lr->next)
- if (lr->r_id == r_id)
+ "Received verify reply from CREDENTIAL service (%u credentials)\n",
+ (unsigned int) ad_count);
+ for (vr = handle->verify_head; NULL != vr; vr = vr->next)
+ if (vr->r_id == r_id)
break;
- if (NULL == lr)
+ if (NULL == vr)
return;
- proc = lr->lookup_proc;
- proc_cls = lr->proc_cls;
- GNUNET_CONTAINER_DLL_remove (handle->lookup_head,
- handle->lookup_tail,
- lr);
- GNUNET_free (lr);
+ proc = vr->verify_proc;
+ proc_cls = vr->proc_cls;
+ GNUNET_CONTAINER_DLL_remove (handle->verify_head,
+ handle->verify_tail,
+ vr);
+ GNUNET_free (vr);
/**
GNUNET_assert (GNUNET_OK ==
GNUNET_CREDENTIAL_records_deserialize (mlen,
@@ -240,8 +240,8 @@ handle_result (void *cls,
*/
proc (proc_cls,
NULL,
- cd_count,
- cd); // TODO
+ ad_count,
+ ad); // TODO
}
@@ -255,12 +255,12 @@ reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
{
struct GNUNET_MQ_MessageHandler handlers[] = {
GNUNET_MQ_hd_var_size (result,
- GNUNET_MESSAGE_TYPE_CREDENTIAL_LOOKUP_RESULT,
- struct LookupResultMessage,
+ GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT,
+ struct VerifyResultMessage,
NULL),
GNUNET_MQ_handler_end ()
};
- struct GNUNET_CREDENTIAL_LookupRequest *lh;
+ struct GNUNET_CREDENTIAL_VerifyRequest *vr;
GNUNET_assert (NULL == handle->mq);
LOG (GNUNET_ERROR_TYPE_DEBUG,
@@ -272,9 +272,9 @@ reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
handle);
if (NULL == handle->mq)
return;
- for (lh = handle->lookup_head; NULL != lh; lh = lh->next)
+ for (vr = handle->verify_head; NULL != vr; vr = vr->next)
GNUNET_MQ_send_copy (handle->mq,
- lh->env);
+ vr->env);
}
@@ -319,31 +319,31 @@ GNUNET_CREDENTIAL_disconnect (struct GNUNET_CREDENTIAL_Handle *handle)
GNUNET_SCHEDULER_cancel (handle->reconnect_task);
handle->reconnect_task = NULL;
}
- GNUNET_assert (NULL == handle->lookup_head);
+ GNUNET_assert (NULL == handle->verify_head);
GNUNET_free (handle);
}
/**
- * Cancel pending lookup request
+ * Cancel pending verify request
*
- * @param lr the lookup request to cancel
+ * @param lr the verify request to cancel
*/
void
-GNUNET_CREDENTIAL_lookup_cancel (struct GNUNET_CREDENTIAL_LookupRequest *lr)
+GNUNET_CREDENTIAL_verify_cancel (struct GNUNET_CREDENTIAL_VerifyRequest *vr)
{
- struct GNUNET_CREDENTIAL_Handle *handle = lr->credential_handle;
+ struct GNUNET_CREDENTIAL_Handle *handle = vr->credential_handle;
- GNUNET_CONTAINER_DLL_remove (handle->lookup_head,
- handle->lookup_tail,
- lr);
- GNUNET_MQ_discard (lr->env);
- GNUNET_free (lr);
+ GNUNET_CONTAINER_DLL_remove (handle->verify_head,
+ handle->verify_tail,
+ vr);
+ GNUNET_MQ_discard (vr->env);
+ GNUNET_free (vr);
}
/**
- * Perform an asynchronous lookup operation for a credential.
+ * Perform an asynchronous verify operation for a credential.
*
* @param handle handle to the Credential service
* @param credential the credential to look up
@@ -352,58 +352,57 @@ GNUNET_CREDENTIAL_lookup_cancel (struct GNUNET_CREDENTIAL_LookupRequest *lr)
* @param proc_cls closure for processor
* @return handle to the queued request
*/
-struct GNUNET_CREDENTIAL_LookupRequest*
-GNUNET_CREDENTIAL_lookup (struct GNUNET_CREDENTIAL_Handle *handle,
- const char *credential,
- const struct GNUNET_IDENTITY_Ego *subject,
+struct GNUNET_CREDENTIAL_VerifyRequest*
+GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
+ const char *issuer_attribute,
+ const char *subject_attribute,
const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
uint32_t credential_flags,
- uint32_t max_delegation_depth,
- GNUNET_CREDENTIAL_LookupResultProcessor proc,
+ GNUNET_CREDENTIAL_VerifyResultProcessor proc,
void *proc_cls)
{
/* IPC to shorten credential names, return shorten_handle */
- struct LookupMessage *lookup_msg;
- struct GNUNET_CREDENTIAL_LookupRequest *lr;
+ struct VerifyMessage *v_msg;
+ struct GNUNET_CREDENTIAL_VerifyRequest *vr;
size_t nlen;
- if (NULL == credential)
+ if (NULL == issuer_attribute)
{
GNUNET_break (0);
return NULL;
}
//DEBUG LOG
LOG (GNUNET_ERROR_TYPE_DEBUG,
- "Trying to lookup `%s' in CREDENTIAL\n",
- credential);
- nlen = strlen (credential) + 1;
- if (nlen >= GNUNET_SERVER_MAX_MESSAGE_SIZE - sizeof (*lr))
+ "Trying to verify `%s' in CREDENTIAL\n",
+ issuer_attribute);
+ nlen = strlen (issuer_attribute) + 1;
+ if (nlen >= GNUNET_SERVER_MAX_MESSAGE_SIZE - sizeof (*vr))
{
GNUNET_break (0);
return NULL;
}
- lr = GNUNET_new (struct GNUNET_CREDENTIAL_LookupRequest);
- lr->credential_handle = handle;
- lr->lookup_proc = proc;
- lr->proc_cls = proc_cls;
- lr->r_id = handle->r_id_gen++;
- lr->env = GNUNET_MQ_msg_extra (lookup_msg,
+ vr = GNUNET_new (struct GNUNET_CREDENTIAL_VerifyRequest);
+ vr->credential_handle = handle;
+ vr->verify_proc = proc;
+ vr->proc_cls = proc_cls;
+ vr->r_id = handle->r_id_gen++;
+ vr->env = GNUNET_MQ_msg_extra (v_msg,
nlen,
- GNUNET_MESSAGE_TYPE_CREDENTIAL_LOOKUP);
- lookup_msg->id = htonl (lr->r_id);
- lookup_msg->subject_key = *subject_key;
- lookup_msg->issuer_key = *issuer_key;
- GNUNET_memcpy (&lookup_msg[1],
- credential,
+ GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY);
+ v_msg->id = htonl (vr->r_id);
+ v_msg->subject_key = *subject_key;
+ v_msg->issuer_key = *issuer_key;
+ GNUNET_memcpy (&v_msg[1],
+ subject_attribute,
nlen);
- GNUNET_CONTAINER_DLL_insert (handle->lookup_head,
- handle->lookup_tail,
- lr);
+ GNUNET_CONTAINER_DLL_insert (handle->verify_head,
+ handle->verify_tail,
+ vr);
if (NULL != handle->mq)
GNUNET_MQ_send_copy (handle->mq,
- lr->env);
- return lr;
+ vr->env);
+ return vr;
}
diff --git a/src/credential/gnunet-credential.c b/src/credential/gnunet-credential.c
index 363ed03fc..94a4b3899 100644
--- a/src/credential/gnunet-credential.c
+++ b/src/credential/gnunet-credential.c
@@ -48,9 +48,9 @@ static struct GNUNET_TIME_Relative timeout;
static char *lookup_credential;
/**
- * Handle to lookup request
+ * Handle to verify request
*/
-static struct GNUNET_CREDENTIAL_LookupRequest *lookup_request;
+static struct GNUNET_CREDENTIAL_VerifyRequest *verify_request;
/**
* Lookup an ego with the identity service.
@@ -87,11 +87,6 @@ static char *issuer_key;
*/
static int credential_flags;
-/*
- * Maximum delegation depth
- */
-static int max_delegation_depth;
-
/**
@@ -118,10 +113,10 @@ do_shutdown (void *cls)
GNUNET_IDENTITY_cancel (id_op);
id_op = NULL;
}
- if (NULL != lookup_request)
+ if (NULL != verify_request)
{
- GNUNET_CREDENTIAL_lookup_cancel (lookup_request);
- lookup_request = NULL;
+ GNUNET_CREDENTIAL_verify_cancel (verify_request);
+ verify_request = NULL;
}
if (NULL != identity)
{
@@ -162,14 +157,14 @@ do_timeout (void *cls)
* @param cd array of @a cd_count records with the results
*/
static void
-handle_lookup_result (void *cls,
+handle_verify_result (void *cls,
struct GNUNET_IDENTITY_Ego *issuer,
uint16_t issuer_len,
const struct GNUNET_CREDENTIAL_RecordData *data)
{
- lookup_request = NULL;
+ verify_request = NULL;
if (0 == issuer_len)
printf ("No results.\n");
else
@@ -223,14 +218,13 @@ lookup_credentials (struct GNUNET_IDENTITY_Ego *ego)
return;
}
- lookup_request = GNUNET_CREDENTIAL_lookup(credential,
+ verify_request = GNUNET_CREDENTIAL_verify(credential,
+ "",
lookup_credential,
- ego,
&subject_pkey,
&issuer_pkey,
credential_flags,
- max_delegation_depth,
- &handle_lookup_result,
+ &handle_verify_result,
NULL);
return;
}
diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c
index de0592637..114041be1 100644
--- a/src/credential/gnunet-service-credential.c
+++ b/src/credential/gnunet-service-credential.c
@@ -45,17 +45,17 @@
/**
* DLL for record
*/
-struct CredentialRecordEntry
+struct AttributeRecordEntry
{
/**
* DLL
*/
- struct CredentialRecordEntry *next;
+ struct AttributeRecordEntry *next;
/**
* DLL
*/
- struct CredentialRecordEntry *prev;
+ struct AttributeRecordEntry *prev;
/**
@@ -67,18 +67,18 @@ struct CredentialRecordEntry
/**
* Handle to a lookup operation from api
*/
-struct ClientLookupHandle
+struct VerifyRequestHandle
{
/**
* We keep these in a DLL.
*/
- struct ClientLookupHandle *next;
+ struct VerifyRequestHandle *next;
/**
* We keep these in a DLL.
*/
- struct ClientLookupHandle *prev;
+ struct VerifyRequestHandle *prev;
/**
* Handle to the requesting client
@@ -91,19 +91,24 @@ struct ClientLookupHandle
struct GNUNET_GNS_LookupRequest *lookup_request;
/**
- * Authority public key
+ * Issuer public key
*/
struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
/**
- * Credential Chain
+ * Subject public key
*/
- struct CredentialRecordEntry *cred_chain_head;
+ struct GNUNET_CRYPTO_EcdsaPublicKey subject_key;
/**
- * Credential Chain
+ * Attribute Chain
*/
- struct CredentialRecordEntry *cred_chain_tail;
+ struct AttributeRecordEntry *attr_chain_head;
+
+ /**
+ * Attribute Chain
+ */
+ struct AttributeRecordEntry *attr_chain_tail;
/**
* request id
@@ -116,12 +121,12 @@ struct ClientLookupHandle
/**
* Head of the DLL.
*/
-static struct ClientLookupHandle *clh_head;
+static struct VerifyRequestHandle *vrh_head;
/**
* Tail of the DLL.
*/
-static struct ClientLookupHandle *clh_tail;
+static struct VerifyRequestHandle *vrh_tail;
/**
* Handle to the statistics service
@@ -144,17 +149,17 @@ static struct GNUNET_GNS_Handle *gns;
static void
shutdown_task (void *cls)
{
- struct ClientLookupHandle *clh;
+ struct VerifyRequestHandle *vrh;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Shutting down!\n");
- while (NULL != (clh = clh_head))
+ while (NULL != (vrh = vrh_head))
{
//CREDENTIAL_resolver_lookup_cancel (clh->lookup);
- GNUNET_CONTAINER_DLL_remove (clh_head,
- clh_tail,
- clh);
- GNUNET_free (clh);
+ GNUNET_CONTAINER_DLL_remove (vrh_head,
+ vrh_tail,
+ vrh);
+ GNUNET_free (vrh);
}
@@ -168,28 +173,38 @@ shutdown_task (void *cls)
}
/**
- * Checks a #GNUNET_MESSAGE_TYPE_CREDENTIAL_LOOKUP message
+ * Checks a #GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY message
*
* @param cls client sending the message
- * @param l_msg message of type `struct LookupMessage`
- * @return #GNUNET_OK if @a l_msg is well-formed
+ * @param v_msg message of type `struct VerifyMessage`
+ * @return #GNUNET_OK if @a v_msg is well-formed
*/
static int
-check_lookup (void *cls,
- const struct LookupMessage *l_msg)
+check_verify (void *cls,
+ const struct VerifyMessage *v_msg)
{
size_t msg_size;
- const char* cred;
+ size_t attr_len;
+ const char* s_attr;
+ const char* i_attr;
- msg_size = ntohs (l_msg->header.size);
- if (msg_size < sizeof (struct LookupMessage))
+ msg_size = ntohs (v_msg->header.size);
+ if (msg_size < sizeof (struct VerifyMessage))
+ {
+ GNUNET_break (0);
+ return GNUNET_SYSERR;
+ }
+ i_attr = (const char *) &v_msg[1];
+ if ( ('\0' != i_attr[v_msg->header.size - sizeof (struct VerifyMessage) - 1]) ||
+ (strlen (i_attr) > GNUNET_CREDENTIAL_MAX_LENGTH) )
{
GNUNET_break (0);
return GNUNET_SYSERR;
}
- cred = (const char *) &l_msg[1];
- if ( ('\0' != cred[l_msg->header.size - sizeof (struct LookupMessage) - 1]) ||
- (strlen (cred) > GNUNET_CREDENTIAL_MAX_LENGTH) )
+ attr_len = strlen (i_attr);
+ s_attr = ((const char *) &v_msg[1]) + attr_len + 1;
+ if ( ('\0' != s_attr[v_msg->header.size - sizeof (struct VerifyMessage) - 1]) ||
+ (strlen (s_attr) > GNUNET_CREDENTIAL_MAX_LENGTH) )
{
GNUNET_break (0);
return GNUNET_SYSERR;
@@ -199,7 +214,7 @@ check_lookup (void *cls,
/**
- * Reply to client with the result from our lookup.
+ * Result from GNS lookup.
*
* @param cls the closure (our client lookup handle)
* @param rd_count the number of records in @a rd
@@ -210,139 +225,147 @@ send_lookup_response (void* cls,
uint32_t rd_count,
const struct GNUNET_GNSRECORD_Data *rd)
{
- struct ClientLookupHandle *clh = cls;
+ struct VerifyRequestHandle *vrh = cls;
size_t len;
int i;
- int cred_record_count;
+ int attr_record_count;
struct GNUNET_MQ_Envelope *env;
- struct LookupResultMessage *rmsg;
- const struct GNUNET_CREDENTIAL_RecordData *crd;
- struct CredentialRecordEntry *cr_entry;
+ struct VerifyResultMessage *rmsg;
+ const struct GNUNET_CREDENTIAL_RecordData *ard;
+ struct AttributeRecordEntry *ar_entry;
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "Sending LOOKUP_RESULT message with %u results\n",
- (unsigned int) rd_count);
-
- cred_record_count = 0;
+ attr_record_count = 0;
for (i=0; i < rd_count; i++)
{
- if (GNUNET_GNSRECORD_TYPE_CREDENTIAL != rd[i].record_type)
+ if (GNUNET_GNSRECORD_TYPE_ATTRIBUTE != rd[i].record_type)
continue;
- cred_record_count++;
- crd = rd[i].data;
+ attr_record_count++;
+ ard = rd[i].data;
/**
- * TODO: Check for:
- * - First time we come here subject must be subject prvided by client
- * - After that is has to be the prev issuer
- * - Terminate condition: issuer is clh->authority_key
- *
- * In any case:
- * Append crd to result list of RecordData
+ * TODO:
+ * Check if we have already found our credential here
+ * If so return success
+ * Else
+ * Save all found attributes/issues and prepare forward
+ * resolution of issuer attribute
*/
- cr_entry = GNUNET_new (struct CredentialRecordEntry);
- cr_entry->record_data = *crd;
- GNUNET_CONTAINER_DLL_insert_tail (clh->cred_chain_head,
- clh->cred_chain_tail,
- cr_entry);
+ ar_entry = GNUNET_new (struct AttributeRecordEntry);
+ ar_entry->record_data = *ard;
+ GNUNET_CONTAINER_DLL_insert_tail (vrh->attr_chain_head,
+ vrh->attr_chain_tail,
+ ar_entry);
}
/**
* Get serialized record data size
*/
- len = cred_record_count * sizeof (struct GNUNET_CREDENTIAL_RecordData);
-
+ len = attr_record_count * sizeof (struct GNUNET_CREDENTIAL_RecordData);
+
/**
* Prepare a lookup result response message for the client
*/
env = GNUNET_MQ_msg_extra (rmsg,
len,
- GNUNET_MESSAGE_TYPE_CREDENTIAL_LOOKUP_RESULT);
+ GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT);
//Assign id so that client can find associated request
- rmsg->id = clh->request_id;
- rmsg->cd_count = htonl (cred_record_count);
-
+ rmsg->id = vrh->request_id;
+ rmsg->ad_count = htonl (attr_record_count);
+
/**
* Get serialized record data
* Append at the end of rmsg
*/
i = 0;
struct GNUNET_CREDENTIAL_RecordData *tmp_record = (struct GNUNET_CREDENTIAL_RecordData*) &rmsg[1];
- for (cr_entry = clh->cred_chain_head; NULL != cr_entry; cr_entry = cr_entry->next)
+ for (ar_entry = vrh->attr_chain_head; NULL != ar_entry; ar_entry = ar_entry->next)
{
memcpy (tmp_record,
- &cr_entry->record_data,
+ &ar_entry->record_data,
sizeof (struct GNUNET_CREDENTIAL_RecordData));
tmp_record++;
}
- GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq(clh->client),
+ GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq(vrh->client),
env);
- GNUNET_CONTAINER_DLL_remove (clh_head, clh_tail, clh);
-
+ GNUNET_CONTAINER_DLL_remove (vrh_head, vrh_tail, vrh);
+
/**
* TODO:
* - Free DLL
* - Refactor into cleanup_handle() function for this
*/
- GNUNET_free (clh);
+ GNUNET_free (vrh);
GNUNET_STATISTICS_update (statistics,
- "Completed lookups", 1,
+ "Completed verifications", 1,
GNUNET_NO);
GNUNET_STATISTICS_update (statistics,
- "Records resolved",
+ "Attributes resolved",
rd_count,
GNUNET_NO);
}
/**
- * Handle lookup requests from client
+ * Handle attribute verification requests from client
*
* @param cls the closure
* @param client the client
* @param message the message
*/
static void
-handle_lookup (void *cls,
- const struct LookupMessage *l_msg)
+handle_verify (void *cls,
+ const struct VerifyMessage *v_msg)
{
- char credential[GNUNET_CREDENTIAL_MAX_LENGTH + 1];
- struct ClientLookupHandle *clh;
+ char issuer_attribute[GNUNET_CREDENTIAL_MAX_LENGTH + 1];
+ char subject_attribute[GNUNET_CREDENTIAL_MAX_LENGTH + 1];
+ size_t issuer_attribute_len;
+ struct VerifyRequestHandle *vrh;
struct GNUNET_SERVICE_Client *client = cls;
- char *credentialptr = credential;
+ char *attrptr = issuer_attribute;
const char *utf_in;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "Received LOOKUP message\n");
-
- utf_in = (const char *) &l_msg[1];
- GNUNET_STRINGS_utf8_tolower (utf_in, credentialptr);
- clh = GNUNET_new (struct ClientLookupHandle);
- GNUNET_CONTAINER_DLL_insert (clh_head, clh_tail, clh);
- clh->client = client;
- clh->request_id = l_msg->id;
- clh->issuer_key = l_msg->issuer_key;
-
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "Sending LOOKUP_RESULT message with >%u results\n",
- 0);
-
- if (NULL == credential)
+ "Received VERIFY message\n");
+
+ utf_in = (const char *) &v_msg[1];
+ GNUNET_STRINGS_utf8_tolower (utf_in, attrptr);
+ issuer_attribute_len = strlen (utf_in);
+ utf_in = (const char *) (&v_msg[1] + issuer_attribute_len + 1);
+ attrptr = subject_attribute;
+ GNUNET_STRINGS_utf8_tolower (utf_in, attrptr);
+ vrh = GNUNET_new (struct VerifyRequestHandle);
+ GNUNET_CONTAINER_DLL_insert (vrh_head, vrh_tail, vrh);
+ vrh->client = client;
+ vrh->request_id = v_msg->id;
+ vrh->issuer_key = v_msg->issuer_key;
+ vrh->subject_key = v_msg->subject_key;
+
+ if (NULL == subject_attribute)
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- "No credential provided\n");
- send_lookup_response (clh, 0, NULL);
+ "No subject attribute provided!\n");
+ send_lookup_response (vrh, 0, NULL);
return;
}
- clh->lookup_request = GNUNET_GNS_lookup (gns,
- credential,
- &l_msg->subject_key, //subject_pkey,
- GNUNET_GNSRECORD_TYPE_CREDENTIAL,
- GNUNET_GNS_LO_DEFAULT, //TODO configurable? credential.conf
+ if (NULL == issuer_attribute)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "No issuer attribute provided!\n");
+ send_lookup_response (vrh, 0, NULL);
+ return;
+ }
+ /**
+ * First, get attribute from subject
+ */
+ vrh->lookup_request = GNUNET_GNS_lookup (gns,
+ subject_attribute,
+ &v_msg->subject_key, //subject_pkey,
+ GNUNET_GNSRECORD_TYPE_ATTRIBUTE,
+ GNUNET_GNS_LO_DEFAULT,
NULL, //shorten_key, always NULL
&send_lookup_response,
- clh);
+ vrh);
}
@@ -416,9 +439,9 @@ GNUNET_SERVICE_MAIN
&client_connect_cb,
&client_disconnect_cb,
NULL,
- GNUNET_MQ_hd_var_size (lookup,
- GNUNET_MESSAGE_TYPE_CREDENTIAL_LOOKUP,
- struct LookupMessage,
+ GNUNET_MQ_hd_var_size (verify,
+ GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY,
+ struct VerifyMessage,
NULL),
GNUNET_MQ_handler_end());
diff --git a/src/credential/plugin_gnsrecord_credential.c b/src/credential/plugin_gnsrecord_credential.c
index 6ae3b8980..3ff00737b 100644
--- a/src/credential/plugin_gnsrecord_credential.c
+++ b/src/credential/plugin_gnsrecord_credential.c
@@ -58,7 +58,6 @@ credential_value_to_string (void *cls,
char *subject_pkey;
char *issuer_pkey;
uint32_t cf; // Credential flags
- uint32_t mdd; // Max delegation depth
if (data_size < sizeof (struct GNUNET_CREDENTIAL_RecordData))
return NULL; /* malformed */
memcpy (&cred,
@@ -68,14 +67,12 @@ credential_value_to_string (void *cls,
subject_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred.subject_key);
issuer_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred.issuer_key);
cf = ntohl (cred.credential_flags);
- mdd = ntohl (cred.max_delegation_depth);
GNUNET_asprintf (&cred_str,
- "%s %s %u %u %s",
+ "%s %s %u %s",
subject_pkey,
issuer_pkey,
(unsigned int) cf,
- (unsigned int) mdd,
&cdata[sizeof (cred)]);
GNUNET_free (subject_pkey);
GNUNET_free (issuer_pkey);
@@ -112,26 +109,24 @@ credential_string_to_value (void *cls,
return GNUNET_SYSERR;
switch (type)
{
- case GNUNET_GNSRECORD_TYPE_CREDENTIAL:
- {
- struct GNUNET_CREDENTIAL_RecordData *cred;
- unsigned int cf; // credential flags
- unsigned int mdd; // max delegation depth
+ case GNUNET_GNSRECORD_TYPE_CREDENTIAL:
+ {
+ struct GNUNET_CREDENTIAL_RecordData *cred;
+ unsigned int cf; // credential flags
- size_t enclen = (sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8;
+ size_t enclen = (sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8;
if (enclen % 5 > 0)
enclen += 5 - enclen % 5;
enclen /= 5; /* 260/5 = 52 */
- char subject_pkey[enclen + 1];
- char issuer_pkey[enclen + 1];
- char name[253 + 1];
+ char subject_pkey[enclen + 1];
+ char issuer_pkey[enclen + 1];
+ char name[253 + 1];
- if (5 != SSCANF (s,
- "%52s %52s %u %u %253s",
+ if (5 != SSCANF (s,
+ "%52s %52s %u %253s",
subject_pkey,
issuer_pkey,
&cf,
- &mdd,
name))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
@@ -148,18 +143,17 @@ credential_string_to_value (void *cls,
strlen (issuer_pkey),
&cred->issuer_key);
cred->credential_flags = htonl (cf);
- cred->max_delegation_depth = htonl (mdd);
GNUNET_memcpy (&cred[1],
name,
strlen (name));
- *data = GNUNET_strdup (s);
- *data_size = strlen (s);
- return GNUNET_OK;
- }
- default:
- return GNUNET_SYSERR;
+ *data = GNUNET_strdup (s);
+ *data_size = strlen (s);
+ return GNUNET_OK;
+ }
+ default:
+ return GNUNET_SYSERR;
}
}
@@ -186,13 +180,13 @@ static struct {
*/
static uint32_t
credential_typename_to_number (void *cls,
- const char *gns_typename)
+ const char *gns_typename)
{
unsigned int i;
i=0;
while ( (name_map[i].name != NULL) &&
- (0 != strcasecmp (gns_typename, name_map[i].name)) )
+ (0 != strcasecmp (gns_typename, name_map[i].name)) )
i++;
return name_map[i].number;
}
@@ -207,13 +201,13 @@ credential_typename_to_number (void *cls,
*/
static const char *
credential_number_to_typename (void *cls,
- uint32_t type)
+ uint32_t type)
{
unsigned int i;
i=0;
while ( (name_map[i].name != NULL) &&
- (type != name_map[i].number) )
+ (type != name_map[i].number) )
i++;
return name_map[i].name;
}
diff --git a/src/include/gnunet_credential_service.h b/src/include/gnunet_credential_service.h
index 55deb786e..739e6fe95 100644
--- a/src/include/gnunet_credential_service.h
+++ b/src/include/gnunet_credential_service.h
@@ -87,7 +87,6 @@ struct GNUNET_CREDENTIAL_RecordData {
uint32_t credential_flags GNUNET_PACKED;
- uint32_t max_delegation_depth GNUNET_PACKED;
};
GNUNET_NETWORK_STRUCT_END
@@ -121,7 +120,7 @@ GNUNET_CREDENTIAL_disconnect (struct GNUNET_CREDENTIAL_Handle *handle);
* @param issuer_len length of issuer chain
* @param rd the records in reply
*/
-typedef void (*GNUNET_CREDENTIAL_LookupResultProcessor) (void *cls,
+typedef void (*GNUNET_CREDENTIAL_VerifyResultProcessor) (void *cls,
struct GNUNET_IDENTITY_Ego *issuer,
uint16_t issuer_len,
const struct GNUNET_CREDENTIAL_RecordData *data);
@@ -137,17 +136,15 @@ typedef void (*GNUNET_CREDENTIAL_LookupResultProcessor) (void *cls,
* @param proc_cls closure for processor
* @return handle to the queued request
*/
-struct GNUNET_CREDENTIAL_LookupRequest *
-GNUNET_CREDENTIAL_lookup (struct GNUNET_CREDENTIAL_Handle *handle,
- const char *credential,
- const struct GNUNET_IDENTITY_Ego *subject,
- const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
- const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
- uint32_t credential_flags,
- uint32_t max_delegation_depth,
- GNUNET_CREDENTIAL_LookupResultProcessor proc,
- void *proc_cls);
-
+struct GNUNET_CREDENTIAL_VerifyRequest*
+GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
+ const char *issuer_attribute,
+ const char *subject_attribute,
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
+ uint32_t credential_flags,
+ GNUNET_CREDENTIAL_VerifyResultProcessor proc,
+ void *proc_cls);
/**
* Issue a credential to an identity
@@ -194,7 +191,7 @@ GNUNET_CREDENTIAL_remove (struct GNUNET_CREDENTIAL_Handle *handle,
* @param lr the lookup request to cancel
*/
void
-GNUNET_CREDENTIAL_lookup_cancel (struct GNUNET_CREDENTIAL_LookupRequest *lr);
+GNUNET_CREDENTIAL_verify_cancel (struct GNUNET_CREDENTIAL_VerifyRequest *vr);
#if 0 /* keep Emacsens' auto-indent happy */
diff --git a/src/include/gnunet_gnsrecord_lib.h b/src/include/gnunet_gnsrecord_lib.h
index 7e0a1a9e9..4f96d50d5 100644
--- a/src/include/gnunet_gnsrecord_lib.h
+++ b/src/include/gnunet_gnsrecord_lib.h
@@ -118,6 +118,10 @@ extern "C"
*/
#define GNUNET_GNSRECORD_TYPE_REVERSE 65548
+/**
+ * Record type for reverse lookups
+ */
+#define GNUNET_GNSRECORD_TYPE_ATTRIBUTE 65549
/**
diff --git a/src/include/gnunet_protocols.h b/src/include/gnunet_protocols.h
index 3e16350c1..c11792054 100644
--- a/src/include/gnunet_protocols.h
+++ b/src/include/gnunet_protocols.h
@@ -2612,9 +2612,9 @@ extern "C"
*
* CREDENTIAL MESSAGE TYPES
*/
-#define GNUNET_MESSAGE_TYPE_CREDENTIAL_LOOKUP 971
+#define GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY 971
-#define GNUNET_MESSAGE_TYPE_CREDENTIAL_LOOKUP_RESULT 972
+#define GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT 972
/******************************************************************************/