diff options
Diffstat (limited to 'src/credential/gnunet-service-credential.c')
-rw-r--r-- | src/credential/gnunet-service-credential.c | 227 |
1 files changed, 125 insertions, 102 deletions
diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c index de0592637..114041be1 100644 --- a/src/credential/gnunet-service-credential.c +++ b/src/credential/gnunet-service-credential.c | |||
@@ -45,17 +45,17 @@ | |||
45 | /** | 45 | /** |
46 | * DLL for record | 46 | * DLL for record |
47 | */ | 47 | */ |
48 | struct CredentialRecordEntry | 48 | struct AttributeRecordEntry |
49 | { | 49 | { |
50 | /** | 50 | /** |
51 | * DLL | 51 | * DLL |
52 | */ | 52 | */ |
53 | struct CredentialRecordEntry *next; | 53 | struct AttributeRecordEntry *next; |
54 | 54 | ||
55 | /** | 55 | /** |
56 | * DLL | 56 | * DLL |
57 | */ | 57 | */ |
58 | struct CredentialRecordEntry *prev; | 58 | struct AttributeRecordEntry *prev; |
59 | 59 | ||
60 | 60 | ||
61 | /** | 61 | /** |
@@ -67,18 +67,18 @@ struct CredentialRecordEntry | |||
67 | /** | 67 | /** |
68 | * Handle to a lookup operation from api | 68 | * Handle to a lookup operation from api |
69 | */ | 69 | */ |
70 | struct ClientLookupHandle | 70 | struct VerifyRequestHandle |
71 | { | 71 | { |
72 | 72 | ||
73 | /** | 73 | /** |
74 | * We keep these in a DLL. | 74 | * We keep these in a DLL. |
75 | */ | 75 | */ |
76 | struct ClientLookupHandle *next; | 76 | struct VerifyRequestHandle *next; |
77 | 77 | ||
78 | /** | 78 | /** |
79 | * We keep these in a DLL. | 79 | * We keep these in a DLL. |
80 | */ | 80 | */ |
81 | struct ClientLookupHandle *prev; | 81 | struct VerifyRequestHandle *prev; |
82 | 82 | ||
83 | /** | 83 | /** |
84 | * Handle to the requesting client | 84 | * Handle to the requesting client |
@@ -91,19 +91,24 @@ struct ClientLookupHandle | |||
91 | struct GNUNET_GNS_LookupRequest *lookup_request; | 91 | struct GNUNET_GNS_LookupRequest *lookup_request; |
92 | 92 | ||
93 | /** | 93 | /** |
94 | * Authority public key | 94 | * Issuer public key |
95 | */ | 95 | */ |
96 | struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key; | 96 | struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key; |
97 | 97 | ||
98 | /** | 98 | /** |
99 | * Credential Chain | 99 | * Subject public key |
100 | */ | 100 | */ |
101 | struct CredentialRecordEntry *cred_chain_head; | 101 | struct GNUNET_CRYPTO_EcdsaPublicKey subject_key; |
102 | 102 | ||
103 | /** | 103 | /** |
104 | * Credential Chain | 104 | * Attribute Chain |
105 | */ | 105 | */ |
106 | struct CredentialRecordEntry *cred_chain_tail; | 106 | struct AttributeRecordEntry *attr_chain_head; |
107 | |||
108 | /** | ||
109 | * Attribute Chain | ||
110 | */ | ||
111 | struct AttributeRecordEntry *attr_chain_tail; | ||
107 | 112 | ||
108 | /** | 113 | /** |
109 | * request id | 114 | * request id |
@@ -116,12 +121,12 @@ struct ClientLookupHandle | |||
116 | /** | 121 | /** |
117 | * Head of the DLL. | 122 | * Head of the DLL. |
118 | */ | 123 | */ |
119 | static struct ClientLookupHandle *clh_head; | 124 | static struct VerifyRequestHandle *vrh_head; |
120 | 125 | ||
121 | /** | 126 | /** |
122 | * Tail of the DLL. | 127 | * Tail of the DLL. |
123 | */ | 128 | */ |
124 | static struct ClientLookupHandle *clh_tail; | 129 | static struct VerifyRequestHandle *vrh_tail; |
125 | 130 | ||
126 | /** | 131 | /** |
127 | * Handle to the statistics service | 132 | * Handle to the statistics service |
@@ -144,17 +149,17 @@ static struct GNUNET_GNS_Handle *gns; | |||
144 | static void | 149 | static void |
145 | shutdown_task (void *cls) | 150 | shutdown_task (void *cls) |
146 | { | 151 | { |
147 | struct ClientLookupHandle *clh; | 152 | struct VerifyRequestHandle *vrh; |
148 | 153 | ||
149 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 154 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
150 | "Shutting down!\n"); | 155 | "Shutting down!\n"); |
151 | while (NULL != (clh = clh_head)) | 156 | while (NULL != (vrh = vrh_head)) |
152 | { | 157 | { |
153 | //CREDENTIAL_resolver_lookup_cancel (clh->lookup); | 158 | //CREDENTIAL_resolver_lookup_cancel (clh->lookup); |
154 | GNUNET_CONTAINER_DLL_remove (clh_head, | 159 | GNUNET_CONTAINER_DLL_remove (vrh_head, |
155 | clh_tail, | 160 | vrh_tail, |
156 | clh); | 161 | vrh); |
157 | GNUNET_free (clh); | 162 | GNUNET_free (vrh); |
158 | } | 163 | } |
159 | 164 | ||
160 | 165 | ||
@@ -168,28 +173,38 @@ shutdown_task (void *cls) | |||
168 | } | 173 | } |
169 | 174 | ||
170 | /** | 175 | /** |
171 | * Checks a #GNUNET_MESSAGE_TYPE_CREDENTIAL_LOOKUP message | 176 | * Checks a #GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY message |
172 | * | 177 | * |
173 | * @param cls client sending the message | 178 | * @param cls client sending the message |
174 | * @param l_msg message of type `struct LookupMessage` | 179 | * @param v_msg message of type `struct VerifyMessage` |
175 | * @return #GNUNET_OK if @a l_msg is well-formed | 180 | * @return #GNUNET_OK if @a v_msg is well-formed |
176 | */ | 181 | */ |
177 | static int | 182 | static int |
178 | check_lookup (void *cls, | 183 | check_verify (void *cls, |
179 | const struct LookupMessage *l_msg) | 184 | const struct VerifyMessage *v_msg) |
180 | { | 185 | { |
181 | size_t msg_size; | 186 | size_t msg_size; |
182 | const char* cred; | 187 | size_t attr_len; |
188 | const char* s_attr; | ||
189 | const char* i_attr; | ||
183 | 190 | ||
184 | msg_size = ntohs (l_msg->header.size); | 191 | msg_size = ntohs (v_msg->header.size); |
185 | if (msg_size < sizeof (struct LookupMessage)) | 192 | if (msg_size < sizeof (struct VerifyMessage)) |
193 | { | ||
194 | GNUNET_break (0); | ||
195 | return GNUNET_SYSERR; | ||
196 | } | ||
197 | i_attr = (const char *) &v_msg[1]; | ||
198 | if ( ('\0' != i_attr[v_msg->header.size - sizeof (struct VerifyMessage) - 1]) || | ||
199 | (strlen (i_attr) > GNUNET_CREDENTIAL_MAX_LENGTH) ) | ||
186 | { | 200 | { |
187 | GNUNET_break (0); | 201 | GNUNET_break (0); |
188 | return GNUNET_SYSERR; | 202 | return GNUNET_SYSERR; |
189 | } | 203 | } |
190 | cred = (const char *) &l_msg[1]; | 204 | attr_len = strlen (i_attr); |
191 | if ( ('\0' != cred[l_msg->header.size - sizeof (struct LookupMessage) - 1]) || | 205 | s_attr = ((const char *) &v_msg[1]) + attr_len + 1; |
192 | (strlen (cred) > GNUNET_CREDENTIAL_MAX_LENGTH) ) | 206 | if ( ('\0' != s_attr[v_msg->header.size - sizeof (struct VerifyMessage) - 1]) || |
207 | (strlen (s_attr) > GNUNET_CREDENTIAL_MAX_LENGTH) ) | ||
193 | { | 208 | { |
194 | GNUNET_break (0); | 209 | GNUNET_break (0); |
195 | return GNUNET_SYSERR; | 210 | return GNUNET_SYSERR; |
@@ -199,7 +214,7 @@ check_lookup (void *cls, | |||
199 | 214 | ||
200 | 215 | ||
201 | /** | 216 | /** |
202 | * Reply to client with the result from our lookup. | 217 | * Result from GNS lookup. |
203 | * | 218 | * |
204 | * @param cls the closure (our client lookup handle) | 219 | * @param cls the closure (our client lookup handle) |
205 | * @param rd_count the number of records in @a rd | 220 | * @param rd_count the number of records in @a rd |
@@ -210,139 +225,147 @@ send_lookup_response (void* cls, | |||
210 | uint32_t rd_count, | 225 | uint32_t rd_count, |
211 | const struct GNUNET_GNSRECORD_Data *rd) | 226 | const struct GNUNET_GNSRECORD_Data *rd) |
212 | { | 227 | { |
213 | struct ClientLookupHandle *clh = cls; | 228 | struct VerifyRequestHandle *vrh = cls; |
214 | size_t len; | 229 | size_t len; |
215 | int i; | 230 | int i; |
216 | int cred_record_count; | 231 | int attr_record_count; |
217 | struct GNUNET_MQ_Envelope *env; | 232 | struct GNUNET_MQ_Envelope *env; |
218 | struct LookupResultMessage *rmsg; | 233 | struct VerifyResultMessage *rmsg; |
219 | const struct GNUNET_CREDENTIAL_RecordData *crd; | 234 | const struct GNUNET_CREDENTIAL_RecordData *ard; |
220 | struct CredentialRecordEntry *cr_entry; | 235 | struct AttributeRecordEntry *ar_entry; |
221 | 236 | ||
222 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 237 | attr_record_count = 0; |
223 | "Sending LOOKUP_RESULT message with %u results\n", | ||
224 | (unsigned int) rd_count); | ||
225 | |||
226 | cred_record_count = 0; | ||
227 | for (i=0; i < rd_count; i++) | 238 | for (i=0; i < rd_count; i++) |
228 | { | 239 | { |
229 | if (GNUNET_GNSRECORD_TYPE_CREDENTIAL != rd[i].record_type) | 240 | if (GNUNET_GNSRECORD_TYPE_ATTRIBUTE != rd[i].record_type) |
230 | continue; | 241 | continue; |
231 | cred_record_count++; | 242 | attr_record_count++; |
232 | crd = rd[i].data; | 243 | ard = rd[i].data; |
233 | /** | 244 | /** |
234 | * TODO: Check for: | 245 | * TODO: |
235 | * - First time we come here subject must be subject prvided by client | 246 | * Check if we have already found our credential here |
236 | * - After that is has to be the prev issuer | 247 | * If so return success |
237 | * - Terminate condition: issuer is clh->authority_key | 248 | * Else |
238 | * | 249 | * Save all found attributes/issues and prepare forward |
239 | * In any case: | 250 | * resolution of issuer attribute |
240 | * Append crd to result list of RecordData | ||
241 | */ | 251 | */ |
242 | cr_entry = GNUNET_new (struct CredentialRecordEntry); | 252 | ar_entry = GNUNET_new (struct AttributeRecordEntry); |
243 | cr_entry->record_data = *crd; | 253 | ar_entry->record_data = *ard; |
244 | GNUNET_CONTAINER_DLL_insert_tail (clh->cred_chain_head, | 254 | GNUNET_CONTAINER_DLL_insert_tail (vrh->attr_chain_head, |
245 | clh->cred_chain_tail, | 255 | vrh->attr_chain_tail, |
246 | cr_entry); | 256 | ar_entry); |
247 | 257 | ||
248 | } | 258 | } |
249 | 259 | ||
250 | /** | 260 | /** |
251 | * Get serialized record data size | 261 | * Get serialized record data size |
252 | */ | 262 | */ |
253 | len = cred_record_count * sizeof (struct GNUNET_CREDENTIAL_RecordData); | 263 | len = attr_record_count * sizeof (struct GNUNET_CREDENTIAL_RecordData); |
254 | 264 | ||
255 | /** | 265 | /** |
256 | * Prepare a lookup result response message for the client | 266 | * Prepare a lookup result response message for the client |
257 | */ | 267 | */ |
258 | env = GNUNET_MQ_msg_extra (rmsg, | 268 | env = GNUNET_MQ_msg_extra (rmsg, |
259 | len, | 269 | len, |
260 | GNUNET_MESSAGE_TYPE_CREDENTIAL_LOOKUP_RESULT); | 270 | GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT); |
261 | //Assign id so that client can find associated request | 271 | //Assign id so that client can find associated request |
262 | rmsg->id = clh->request_id; | 272 | rmsg->id = vrh->request_id; |
263 | rmsg->cd_count = htonl (cred_record_count); | 273 | rmsg->ad_count = htonl (attr_record_count); |
264 | 274 | ||
265 | /** | 275 | /** |
266 | * Get serialized record data | 276 | * Get serialized record data |
267 | * Append at the end of rmsg | 277 | * Append at the end of rmsg |
268 | */ | 278 | */ |
269 | i = 0; | 279 | i = 0; |
270 | struct GNUNET_CREDENTIAL_RecordData *tmp_record = (struct GNUNET_CREDENTIAL_RecordData*) &rmsg[1]; | 280 | struct GNUNET_CREDENTIAL_RecordData *tmp_record = (struct GNUNET_CREDENTIAL_RecordData*) &rmsg[1]; |
271 | for (cr_entry = clh->cred_chain_head; NULL != cr_entry; cr_entry = cr_entry->next) | 281 | for (ar_entry = vrh->attr_chain_head; NULL != ar_entry; ar_entry = ar_entry->next) |
272 | { | 282 | { |
273 | memcpy (tmp_record, | 283 | memcpy (tmp_record, |
274 | &cr_entry->record_data, | 284 | &ar_entry->record_data, |
275 | sizeof (struct GNUNET_CREDENTIAL_RecordData)); | 285 | sizeof (struct GNUNET_CREDENTIAL_RecordData)); |
276 | tmp_record++; | 286 | tmp_record++; |
277 | } | 287 | } |
278 | GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq(clh->client), | 288 | GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq(vrh->client), |
279 | env); | 289 | env); |
280 | 290 | ||
281 | GNUNET_CONTAINER_DLL_remove (clh_head, clh_tail, clh); | 291 | GNUNET_CONTAINER_DLL_remove (vrh_head, vrh_tail, vrh); |
282 | 292 | ||
283 | /** | 293 | /** |
284 | * TODO: | 294 | * TODO: |
285 | * - Free DLL | 295 | * - Free DLL |
286 | * - Refactor into cleanup_handle() function for this | 296 | * - Refactor into cleanup_handle() function for this |
287 | */ | 297 | */ |
288 | GNUNET_free (clh); | 298 | GNUNET_free (vrh); |
289 | 299 | ||
290 | GNUNET_STATISTICS_update (statistics, | 300 | GNUNET_STATISTICS_update (statistics, |
291 | "Completed lookups", 1, | 301 | "Completed verifications", 1, |
292 | GNUNET_NO); | 302 | GNUNET_NO); |
293 | GNUNET_STATISTICS_update (statistics, | 303 | GNUNET_STATISTICS_update (statistics, |
294 | "Records resolved", | 304 | "Attributes resolved", |
295 | rd_count, | 305 | rd_count, |
296 | GNUNET_NO); | 306 | GNUNET_NO); |
297 | } | 307 | } |
298 | 308 | ||
299 | /** | 309 | /** |
300 | * Handle lookup requests from client | 310 | * Handle attribute verification requests from client |
301 | * | 311 | * |
302 | * @param cls the closure | 312 | * @param cls the closure |
303 | * @param client the client | 313 | * @param client the client |
304 | * @param message the message | 314 | * @param message the message |
305 | */ | 315 | */ |
306 | static void | 316 | static void |
307 | handle_lookup (void *cls, | 317 | handle_verify (void *cls, |
308 | const struct LookupMessage *l_msg) | 318 | const struct VerifyMessage *v_msg) |
309 | { | 319 | { |
310 | char credential[GNUNET_CREDENTIAL_MAX_LENGTH + 1]; | 320 | char issuer_attribute[GNUNET_CREDENTIAL_MAX_LENGTH + 1]; |
311 | struct ClientLookupHandle *clh; | 321 | char subject_attribute[GNUNET_CREDENTIAL_MAX_LENGTH + 1]; |
322 | size_t issuer_attribute_len; | ||
323 | struct VerifyRequestHandle *vrh; | ||
312 | struct GNUNET_SERVICE_Client *client = cls; | 324 | struct GNUNET_SERVICE_Client *client = cls; |
313 | char *credentialptr = credential; | 325 | char *attrptr = issuer_attribute; |
314 | const char *utf_in; | 326 | const char *utf_in; |
315 | 327 | ||
316 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 328 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
317 | "Received LOOKUP message\n"); | 329 | "Received VERIFY message\n"); |
318 | 330 | ||
319 | utf_in = (const char *) &l_msg[1]; | 331 | utf_in = (const char *) &v_msg[1]; |
320 | GNUNET_STRINGS_utf8_tolower (utf_in, credentialptr); | 332 | GNUNET_STRINGS_utf8_tolower (utf_in, attrptr); |
321 | clh = GNUNET_new (struct ClientLookupHandle); | 333 | issuer_attribute_len = strlen (utf_in); |
322 | GNUNET_CONTAINER_DLL_insert (clh_head, clh_tail, clh); | 334 | utf_in = (const char *) (&v_msg[1] + issuer_attribute_len + 1); |
323 | clh->client = client; | 335 | attrptr = subject_attribute; |
324 | clh->request_id = l_msg->id; | 336 | GNUNET_STRINGS_utf8_tolower (utf_in, attrptr); |
325 | clh->issuer_key = l_msg->issuer_key; | 337 | vrh = GNUNET_new (struct VerifyRequestHandle); |
326 | 338 | GNUNET_CONTAINER_DLL_insert (vrh_head, vrh_tail, vrh); | |
327 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 339 | vrh->client = client; |
328 | "Sending LOOKUP_RESULT message with >%u results\n", | 340 | vrh->request_id = v_msg->id; |
329 | 0); | 341 | vrh->issuer_key = v_msg->issuer_key; |
330 | 342 | vrh->subject_key = v_msg->subject_key; | |
331 | if (NULL == credential) | 343 | |
344 | if (NULL == subject_attribute) | ||
332 | { | 345 | { |
333 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 346 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
334 | "No credential provided\n"); | 347 | "No subject attribute provided!\n"); |
335 | send_lookup_response (clh, 0, NULL); | 348 | send_lookup_response (vrh, 0, NULL); |
336 | return; | 349 | return; |
337 | } | 350 | } |
338 | clh->lookup_request = GNUNET_GNS_lookup (gns, | 351 | if (NULL == issuer_attribute) |
339 | credential, | 352 | { |
340 | &l_msg->subject_key, //subject_pkey, | 353 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
341 | GNUNET_GNSRECORD_TYPE_CREDENTIAL, | 354 | "No issuer attribute provided!\n"); |
342 | GNUNET_GNS_LO_DEFAULT, //TODO configurable? credential.conf | 355 | send_lookup_response (vrh, 0, NULL); |
356 | return; | ||
357 | } | ||
358 | /** | ||
359 | * First, get attribute from subject | ||
360 | */ | ||
361 | vrh->lookup_request = GNUNET_GNS_lookup (gns, | ||
362 | subject_attribute, | ||
363 | &v_msg->subject_key, //subject_pkey, | ||
364 | GNUNET_GNSRECORD_TYPE_ATTRIBUTE, | ||
365 | GNUNET_GNS_LO_DEFAULT, | ||
343 | NULL, //shorten_key, always NULL | 366 | NULL, //shorten_key, always NULL |
344 | &send_lookup_response, | 367 | &send_lookup_response, |
345 | clh); | 368 | vrh); |
346 | } | 369 | } |
347 | 370 | ||
348 | 371 | ||
@@ -416,9 +439,9 @@ GNUNET_SERVICE_MAIN | |||
416 | &client_connect_cb, | 439 | &client_connect_cb, |
417 | &client_disconnect_cb, | 440 | &client_disconnect_cb, |
418 | NULL, | 441 | NULL, |
419 | GNUNET_MQ_hd_var_size (lookup, | 442 | GNUNET_MQ_hd_var_size (verify, |
420 | GNUNET_MESSAGE_TYPE_CREDENTIAL_LOOKUP, | 443 | GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY, |
421 | struct LookupMessage, | 444 | struct VerifyMessage, |
422 | NULL), | 445 | NULL), |
423 | GNUNET_MQ_handler_end()); | 446 | GNUNET_MQ_handler_end()); |
424 | 447 | ||