diff options
Diffstat (limited to 'src/identity-provider/gnunet-service-identity-provider.c')
-rw-r--r-- | src/identity-provider/gnunet-service-identity-provider.c | 67 |
1 files changed, 31 insertions, 36 deletions
diff --git a/src/identity-provider/gnunet-service-identity-provider.c b/src/identity-provider/gnunet-service-identity-provider.c index 3328035e6..59e678b24 100644 --- a/src/identity-provider/gnunet-service-identity-provider.c +++ b/src/identity-provider/gnunet-service-identity-provider.c | |||
@@ -182,7 +182,7 @@ struct ExchangeHandle | |||
182 | * LookupRequest | 182 | * LookupRequest |
183 | */ | 183 | */ |
184 | struct GNUNET_GNS_LookupRequest *lookup_request; | 184 | struct GNUNET_GNS_LookupRequest *lookup_request; |
185 | 185 | ||
186 | /** | 186 | /** |
187 | * Audience Key | 187 | * Audience Key |
188 | */ | 188 | */ |
@@ -324,11 +324,9 @@ store_token_cont (void *cls, | |||
324 | * removes deleted attributes and expiration times. | 324 | * removes deleted attributes and expiration times. |
325 | * | 325 | * |
326 | * @param cls the ego entry | 326 | * @param cls the ego entry |
327 | * @param tc task context | ||
328 | */ | 327 | */ |
329 | static void | 328 | static void |
330 | handle_token_update (void *cls, | 329 | handle_token_update (void *cls) |
331 | const struct GNUNET_SCHEDULER_TaskContext *tc) | ||
332 | { | 330 | { |
333 | char *token_metadata; | 331 | char *token_metadata; |
334 | char *write_ptr; | 332 | char *write_ptr; |
@@ -428,13 +426,13 @@ handle_token_update (void *cls, | |||
428 | attr->name, | 426 | attr->name, |
429 | attr->val_head->value); | 427 | attr->val_head->value); |
430 | } | 428 | } |
431 | else | 429 | else |
432 | { | 430 | { |
433 | GNUNET_CRYPTO_hash (attr->name, | 431 | GNUNET_CRYPTO_hash (attr->name, |
434 | strlen (attr->name), | 432 | strlen (attr->name), |
435 | &key_hash); | 433 | &key_hash); |
436 | //Check if attr still exists. omit of not | 434 | //Check if attr still exists. omit of not |
437 | if (GNUNET_NO != | 435 | if (GNUNET_NO != |
438 | GNUNET_CONTAINER_multihashmap_contains (ego_entry->attr_map, | 436 | GNUNET_CONTAINER_multihashmap_contains (ego_entry->attr_map, |
439 | &key_hash)) | 437 | &key_hash)) |
440 | { | 438 | { |
@@ -497,8 +495,7 @@ handle_token_update (void *cls, | |||
497 | } | 495 | } |
498 | 496 | ||
499 | static void | 497 | static void |
500 | update_identities(void *cls, | 498 | update_identities(void *cls); |
501 | const struct GNUNET_SCHEDULER_TaskContext *tc); | ||
502 | 499 | ||
503 | /** | 500 | /** |
504 | * | 501 | * |
@@ -568,7 +565,7 @@ token_collect (void *cls, | |||
568 | GNUNET_CONTAINER_multihashmap_clear (ego_entry->attr_map); | 565 | GNUNET_CONTAINER_multihashmap_clear (ego_entry->attr_map); |
569 | update_task = GNUNET_SCHEDULER_add_now (&update_identities, | 566 | update_task = GNUNET_SCHEDULER_add_now (&update_identities, |
570 | ego_entry->next); | 567 | ego_entry->next); |
571 | return; | 568 | return; |
572 | } | 569 | } |
573 | 570 | ||
574 | //There should be only a single record for a token under a label | 571 | //There should be only a single record for a token under a label |
@@ -607,7 +604,7 @@ token_collect (void *cls, | |||
607 | aud_key, | 604 | aud_key, |
608 | &token); | 605 | &token); |
609 | 606 | ||
610 | label = GNUNET_strdup (lbl); | 607 | label = GNUNET_strdup (lbl); |
611 | rd_exp = token_record->expiration_time; | 608 | rd_exp = token_record->expiration_time; |
612 | 609 | ||
613 | GNUNET_SCHEDULER_add_now (&handle_token_update, ego_entry); | 610 | GNUNET_SCHEDULER_add_now (&handle_token_update, ego_entry); |
@@ -711,12 +708,9 @@ attribute_collect (void *cls, | |||
711 | * dirty, first update the attributes. | 708 | * dirty, first update the attributes. |
712 | * | 709 | * |
713 | * @param cls the ego to update | 710 | * @param cls the ego to update |
714 | * param tc task context | ||
715 | * | ||
716 | */ | 711 | */ |
717 | static void | 712 | static void |
718 | update_identities(void *cls, | 713 | update_identities(void *cls) |
719 | const struct GNUNET_SCHEDULER_TaskContext *tc) | ||
720 | { | 714 | { |
721 | struct EgoEntry *next_ego = cls; | 715 | struct EgoEntry *next_ego = cls; |
722 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key; | 716 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key; |
@@ -866,8 +860,7 @@ cleanup() | |||
866 | * @param tc task context | 860 | * @param tc task context |
867 | */ | 861 | */ |
868 | static void | 862 | static void |
869 | do_shutdown (void *cls, | 863 | do_shutdown (void *cls) |
870 | const struct GNUNET_SCHEDULER_TaskContext *tc) | ||
871 | { | 864 | { |
872 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | 865 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, |
873 | "Shutting down...\n"); | 866 | "Shutting down...\n"); |
@@ -882,10 +875,10 @@ create_exchange_result_message (const char* token, | |||
882 | { | 875 | { |
883 | struct GNUNET_IDENTITY_PROVIDER_ExchangeResultMessage *erm; | 876 | struct GNUNET_IDENTITY_PROVIDER_ExchangeResultMessage *erm; |
884 | uint16_t token_len = strlen (token) + 1; | 877 | uint16_t token_len = strlen (token) + 1; |
885 | erm = GNUNET_malloc (sizeof (struct GNUNET_IDENTITY_PROVIDER_ExchangeResultMessage) | 878 | erm = GNUNET_malloc (sizeof (struct GNUNET_IDENTITY_PROVIDER_ExchangeResultMessage) |
886 | + token_len); | 879 | + token_len); |
887 | erm->header.type = htons (GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_EXCHANGE_RESULT); | 880 | erm->header.type = htons (GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_EXCHANGE_RESULT); |
888 | erm->header.size = htons (sizeof (struct GNUNET_IDENTITY_PROVIDER_ExchangeResultMessage) | 881 | erm->header.size = htons (sizeof (struct GNUNET_IDENTITY_PROVIDER_ExchangeResultMessage) |
889 | + token_len); | 882 | + token_len); |
890 | erm->ticket_nonce = htonl (ticket_nonce); | 883 | erm->ticket_nonce = htonl (ticket_nonce); |
891 | memcpy (&erm[1], token, token_len); | 884 | memcpy (&erm[1], token, token_len); |
@@ -901,12 +894,12 @@ create_issue_result_message (const char* label, | |||
901 | struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage *irm; | 894 | struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage *irm; |
902 | char *tmp_str; | 895 | char *tmp_str; |
903 | 896 | ||
904 | irm = GNUNET_malloc (sizeof (struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage) | 897 | irm = GNUNET_malloc (sizeof (struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage) |
905 | + strlen (label) + 1 | 898 | + strlen (label) + 1 |
906 | + strlen (ticket) + 1 | 899 | + strlen (ticket) + 1 |
907 | + strlen (token) + 1); | 900 | + strlen (token) + 1); |
908 | irm->header.type = htons (GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ISSUE_RESULT); | 901 | irm->header.type = htons (GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ISSUE_RESULT); |
909 | irm->header.size = htons (sizeof (struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage) | 902 | irm->header.size = htons (sizeof (struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage) |
910 | + strlen (label) + 1 | 903 | + strlen (label) + 1 |
911 | + strlen (ticket) + 1 | 904 | + strlen (ticket) + 1 |
912 | + strlen (token) + 1); | 905 | + strlen (token) + 1); |
@@ -957,7 +950,7 @@ store_token_issue_cont (void *cls, | |||
957 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "%s\n", | 950 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "%s\n", |
958 | "Error serializing ticket\n"); | 951 | "Error serializing ticket\n"); |
959 | cleanup_issue_handle (handle); | 952 | cleanup_issue_handle (handle); |
960 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); | 953 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); |
961 | return; | 954 | return; |
962 | } | 955 | } |
963 | if (GNUNET_OK != token_to_string (handle->token, | 956 | if (GNUNET_OK != token_to_string (handle->token, |
@@ -968,7 +961,7 @@ store_token_issue_cont (void *cls, | |||
968 | "Error serializing token\n"); | 961 | "Error serializing token\n"); |
969 | GNUNET_free (ticket_str); | 962 | GNUNET_free (ticket_str); |
970 | cleanup_issue_handle (handle); | 963 | cleanup_issue_handle (handle); |
971 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); | 964 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); |
972 | return; | 965 | return; |
973 | } | 966 | } |
974 | irm = create_issue_result_message (handle->label, ticket_str, token_str); | 967 | irm = create_issue_result_message (handle->label, ticket_str, token_str); |
@@ -983,8 +976,12 @@ store_token_issue_cont (void *cls, | |||
983 | GNUNET_free (token_str); | 976 | GNUNET_free (token_str); |
984 | } | 977 | } |
985 | 978 | ||
979 | |||
986 | /** | 980 | /** |
987 | * Build a GNUid token for identity | 981 | * Build a GNUid token for identity |
982 | * | ||
983 | * FIXME: doxygen is very wrong here! | ||
984 | * | ||
988 | * @param handle the handle | 985 | * @param handle the handle |
989 | * @param ego_entry the ego to build the token for | 986 | * @param ego_entry the ego to build the token for |
990 | * @param name name of the ego | 987 | * @param name name of the ego |
@@ -993,8 +990,7 @@ store_token_issue_cont (void *cls, | |||
993 | * @return identifier string of token (label) | 990 | * @return identifier string of token (label) |
994 | */ | 991 | */ |
995 | static void | 992 | static void |
996 | sign_and_return_token (void *cls, | 993 | sign_and_return_token (void *cls) |
997 | const struct GNUNET_SCHEDULER_TaskContext *tc) | ||
998 | { | 994 | { |
999 | struct GNUNET_CRYPTO_EcdsaPublicKey pub_key; | 995 | struct GNUNET_CRYPTO_EcdsaPublicKey pub_key; |
1000 | struct GNUNET_CRYPTO_EcdhePrivateKey *ecdhe_privkey; | 996 | struct GNUNET_CRYPTO_EcdhePrivateKey *ecdhe_privkey; |
@@ -1008,7 +1004,7 @@ sign_and_return_token (void *cls, | |||
1008 | uint64_t exp_time; | 1004 | uint64_t exp_time; |
1009 | size_t token_metadata_len; | 1005 | size_t token_metadata_len; |
1010 | 1006 | ||
1011 | //Remote nonce | 1007 | //Remote nonce |
1012 | nonce_str = NULL; | 1008 | nonce_str = NULL; |
1013 | GNUNET_asprintf (&nonce_str, "%lu", handle->nonce); | 1009 | GNUNET_asprintf (&nonce_str, "%lu", handle->nonce); |
1014 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Request nonce: %s\n", nonce_str); | 1010 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Request nonce: %s\n", nonce_str); |
@@ -1028,7 +1024,7 @@ sign_and_return_token (void *cls, | |||
1028 | token_add_attr_int (handle->token, "exp", exp_time); | 1024 | token_add_attr_int (handle->token, "exp", exp_time); |
1029 | token_add_attr (handle->token, "nonce", nonce_str); | 1025 | token_add_attr (handle->token, "nonce", nonce_str); |
1030 | 1026 | ||
1031 | //Token in a serialized encrypted format | 1027 | //Token in a serialized encrypted format |
1032 | GNUNET_assert (token_serialize (handle->token, | 1028 | GNUNET_assert (token_serialize (handle->token, |
1033 | &handle->iss_key, | 1029 | &handle->iss_key, |
1034 | &ecdhe_privkey, | 1030 | &ecdhe_privkey, |
@@ -1150,7 +1146,7 @@ attr_collect (void *cls, | |||
1150 | static void | 1146 | static void |
1151 | cleanup_exchange_handle (struct ExchangeHandle *handle) | 1147 | cleanup_exchange_handle (struct ExchangeHandle *handle) |
1152 | { | 1148 | { |
1153 | if (NULL != handle->ticket) | 1149 | if (NULL != handle->ticket) |
1154 | ticket_destroy (handle->ticket); | 1150 | ticket_destroy (handle->ticket); |
1155 | if (NULL != handle->token) | 1151 | if (NULL != handle->token) |
1156 | token_destroy (handle->token); | 1152 | token_destroy (handle->token); |
@@ -1177,7 +1173,7 @@ process_lookup_result (void *cls, uint32_t rd_count, | |||
1177 | return; | 1173 | return; |
1178 | } | 1174 | } |
1179 | 1175 | ||
1180 | record_str = | 1176 | record_str = |
1181 | GNUNET_GNSRECORD_value_to_string (GNUNET_GNSRECORD_TYPE_ID_TOKEN, | 1177 | GNUNET_GNSRECORD_value_to_string (GNUNET_GNSRECORD_TYPE_ID_TOKEN, |
1182 | rd->data, | 1178 | rd->data, |
1183 | rd->data_size); | 1179 | rd->data_size); |
@@ -1307,7 +1303,7 @@ find_existing_token (void *cls, | |||
1307 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1303 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
1308 | ">>> No existing token found\n"); | 1304 | ">>> No existing token found\n"); |
1309 | //Label | 1305 | //Label |
1310 | rnd_key = | 1306 | rnd_key = |
1311 | GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_STRONG, | 1307 | GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_STRONG, |
1312 | UINT64_MAX); | 1308 | UINT64_MAX); |
1313 | GNUNET_STRINGS_base64_encode ((char*)&rnd_key, | 1309 | GNUNET_STRINGS_base64_encode ((char*)&rnd_key, |
@@ -1318,7 +1314,7 @@ find_existing_token (void *cls, | |||
1318 | &handle->iss_key, | 1314 | &handle->iss_key, |
1319 | &attr_collect, | 1315 | &attr_collect, |
1320 | handle); | 1316 | handle); |
1321 | return; | 1317 | return; |
1322 | } | 1318 | } |
1323 | 1319 | ||
1324 | //There should be only a single record for a token under a label | 1320 | //There should be only a single record for a token under a label |
@@ -1340,7 +1336,7 @@ find_existing_token (void *cls, | |||
1340 | return; | 1336 | return; |
1341 | } | 1337 | } |
1342 | ecdhe_privkey = *((struct GNUNET_CRYPTO_EcdhePrivateKey *)token_metadata_record->data); | 1338 | ecdhe_privkey = *((struct GNUNET_CRYPTO_EcdhePrivateKey *)token_metadata_record->data); |
1343 | aud_key = | 1339 | aud_key = |
1344 | (struct GNUNET_CRYPTO_EcdsaPublicKey *)(token_metadata_record->data+sizeof(struct GNUNET_CRYPTO_EcdhePrivateKey)); | 1340 | (struct GNUNET_CRYPTO_EcdsaPublicKey *)(token_metadata_record->data+sizeof(struct GNUNET_CRYPTO_EcdhePrivateKey)); |
1345 | tmp_scopes = GNUNET_strdup ((char*) aud_key+sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); | 1341 | tmp_scopes = GNUNET_strdup ((char*) aud_key+sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); |
1346 | 1342 | ||
@@ -1435,12 +1431,11 @@ handle_issue_message (void *cls, | |||
1435 | } | 1431 | } |
1436 | im = (const struct GNUNET_IDENTITY_PROVIDER_IssueMessage *) message; | 1432 | im = (const struct GNUNET_IDENTITY_PROVIDER_IssueMessage *) message; |
1437 | scopes = (const char *) &im[1]; | 1433 | scopes = (const char *) &im[1]; |
1438 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1439 | "Received ISSUE of `%s' from client\n", | ||
1440 | scope); | ||
1441 | issue_handle = GNUNET_malloc (sizeof (struct IssueHandle)); | 1434 | issue_handle = GNUNET_malloc (sizeof (struct IssueHandle)); |
1442 | issue_handle->attr_map = GNUNET_CONTAINER_multihashmap_create (5, | 1435 | issue_handle->attr_map = GNUNET_CONTAINER_multihashmap_create (5, |
1443 | GNUNET_NO); | 1436 | GNUNET_NO); |
1437 | /* FIXME: check that scopes is 0-termianted, Out-of-bounds access | ||
1438 | possible here!!! */ | ||
1444 | scopes_tmp = GNUNET_strdup (scopes); | 1439 | scopes_tmp = GNUNET_strdup (scopes); |
1445 | scope = strtok(scopes_tmp, ","); | 1440 | scope = strtok(scopes_tmp, ","); |
1446 | for (; NULL != scope; scope = strtok (NULL, ",")) | 1441 | for (; NULL != scope; scope = strtok (NULL, ",")) |
@@ -1484,7 +1479,7 @@ handle_issue_message (void *cls, | |||
1484 | * @param c configuration | 1479 | * @param c configuration |
1485 | */ | 1480 | */ |
1486 | static void | 1481 | static void |
1487 | run (void *cls, | 1482 | run (void *cls, |
1488 | struct GNUNET_SERVER_Handle *server, | 1483 | struct GNUNET_SERVER_Handle *server, |
1489 | const struct GNUNET_CONFIGURATION_Handle *c) | 1484 | const struct GNUNET_CONFIGURATION_Handle *c) |
1490 | { | 1485 | { |
@@ -1519,7 +1514,7 @@ run (void *cls, | |||
1519 | &list_ego, | 1514 | &list_ego, |
1520 | NULL); | 1515 | NULL); |
1521 | 1516 | ||
1522 | if (GNUNET_OK == | 1517 | if (GNUNET_OK == |
1523 | GNUNET_CONFIGURATION_get_value_time (cfg, | 1518 | GNUNET_CONFIGURATION_get_value_time (cfg, |
1524 | "identity-provider", | 1519 | "identity-provider", |
1525 | "TOKEN_EXPIRATION_INTERVAL", | 1520 | "TOKEN_EXPIRATION_INTERVAL", |