[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnunet] branch master updated: RECLAIM: Various fixes (cov
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnunet] branch master updated: RECLAIM: Various fixes (coverity) |
Date: |
Mon, 03 Jun 2019 21:23:33 +0200 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository gnunet.
The following commit(s) were added to refs/heads/master by this push:
new a00a49bf5 RECLAIM: Various fixes (coverity)
a00a49bf5 is described below
commit a00a49bf58c502ab860adaa6b01541c0e7e3e645
Author: Schanzenbach, Martin <address@hidden>
AuthorDate: Mon Jun 3 21:22:50 2019 +0200
RECLAIM: Various fixes (coverity)
---
src/reclaim-attribute/reclaim_attribute.c | 8 +-
src/reclaim/gnunet-reclaim.c | 11 +-
src/reclaim/gnunet-service-reclaim.c | 12 +-
src/reclaim/gnunet-service-reclaim_tickets.c | 343 ++++++++++++++++++---------
src/reclaim/json_reclaim.c | 106 ++++++---
src/reclaim/plugin_rest_openid_connect.c | 97 +++++---
6 files changed, 390 insertions(+), 187 deletions(-)
diff --git a/src/reclaim-attribute/reclaim_attribute.c
b/src/reclaim-attribute/reclaim_attribute.c
index b9465bef7..96e61d431 100644
--- a/src/reclaim-attribute/reclaim_attribute.c
+++ b/src/reclaim-attribute/reclaim_attribute.c
@@ -495,12 +495,18 @@ GNUNET_RECLAIM_ATTRIBUTE_deserialize (const char *data,
size_t data_size)
attr_ser = (struct Attribute *) data;
data_len = ntohs (attr_ser->data_size);
name_len = ntohs (attr_ser->name_len);
+ if (data_size < sizeof (struct Attribute) + data_len + name_len)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Buffer too small to deserialize\n");
+ return NULL;
+ }
attr = GNUNET_malloc (sizeof (struct GNUNET_RECLAIM_ATTRIBUTE_Claim) +
data_len + name_len + 1);
attr->type = ntohs (attr_ser->attribute_type);
attr->version = ntohl (attr_ser->attribute_version);
attr->id = GNUNET_ntohll (attr_ser->attribute_id);
- attr->data_size = ntohs (attr_ser->data_size);
+ attr->data_size = data_len;
write_ptr = (char *) &attr[1];
GNUNET_memcpy (write_ptr, &attr_ser[1], name_len);
diff --git a/src/reclaim/gnunet-reclaim.c b/src/reclaim/gnunet-reclaim.c
index 4b4b73008..fcb7b9bc6 100644
--- a/src/reclaim/gnunet-reclaim.c
+++ b/src/reclaim/gnunet-reclaim.c
@@ -267,6 +267,8 @@ ticket_iter (void *cls, const struct GNUNET_RECLAIM_Ticket
*ticket)
ref = GNUNET_STRINGS_data_to_string_alloc (&ticket->rnd, sizeof (uint64_t));
fprintf (stdout, "Ticket ID: %s | Audience: %s\n", ref, aud);
+ GNUNET_free (aud);
+ GNUNET_free (ref);
GNUNET_RECLAIM_ticket_iteration_next (ticket_iterator);
}
@@ -448,8 +450,13 @@ start_process ()
return;
}
- if (NULL != rp)
- GNUNET_CRYPTO_ecdsa_public_key_from_string (rp, strlen (rp), &rp_key);
+ if ((NULL != rp) &&
+ GNUNET_OK != GNUNET_CRYPTO_ecdsa_public_key_from_string (rp, strlen
(rp), &rp_key))
+ {
+ fprintf (stderr, "%s is not a public key!\n", rp);
+ cleanup_task = GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
+ return;
+ }
if (NULL != consume_ticket)
GNUNET_STRINGS_string_to_data (consume_ticket, strlen (consume_ticket),
&ticket,
diff --git a/src/reclaim/gnunet-service-reclaim.c
b/src/reclaim/gnunet-service-reclaim.c
index ffc67c5ae..322063fd9 100644
--- a/src/reclaim/gnunet-service-reclaim.c
+++ b/src/reclaim/gnunet-service-reclaim.c
@@ -947,6 +947,7 @@ attr_store_task (void *cls)
&attr_store_cont,
ash);
GNUNET_free (buf);
+ GNUNET_free (label);
}
@@ -1126,10 +1127,17 @@ update_tickets (void *cls)
le);
struct GNUNET_GNSRECORD_Data rd[le->rd_count];
struct GNUNET_GNSRECORD_Data rd_new[le->rd_count - 1];
- GNUNET_GNSRECORD_records_deserialize (le->data_size,
+ if (GNUNET_OK != GNUNET_GNSRECORD_records_deserialize (le->data_size,
le->data,
le->rd_count,
- rd);
+ rd))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Unable to deserialize record data!\n");
+ send_delete_response (adh, GNUNET_SYSERR);
+ cleanup_adh (adh);
+ return;
+ }
int j = 0;
for (int i = 0; i < le->rd_count; i++) {
if ((GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR_REF == rd[i].record_type)
diff --git a/src/reclaim/gnunet-service-reclaim_tickets.c
b/src/reclaim/gnunet-service-reclaim_tickets.c
index d20a4e3bf..9a595447d 100644
--- a/src/reclaim/gnunet-service-reclaim_tickets.c
+++ b/src/reclaim/gnunet-service-reclaim_tickets.c
@@ -312,7 +312,7 @@ move_attrs (struct RECLAIM_TICKETS_RevokeHandle *rh);
static void
move_attrs_cont (void *cls)
{
- move_attrs ((struct RECLAIM_TICKETS_RevokeHandle *)cls);
+ move_attrs ((struct RECLAIM_TICKETS_RevokeHandle *) cls);
}
/**
@@ -329,13 +329,16 @@ cleanup_rvk (struct RECLAIM_TICKETS_RevokeHandle *rh)
GNUNET_NAMESTORE_cancel (rh->ns_qe);
if (NULL != rh->ns_it)
GNUNET_NAMESTORE_zone_iteration_stop (rh->ns_it);
- while (NULL != (ae = rh->attrs_head)) {
+ while (NULL != (ae = rh->attrs_head))
+ {
GNUNET_CONTAINER_DLL_remove (rh->attrs_head, rh->attrs_tail, ae);
GNUNET_free (ae);
}
- while (NULL != (le = rh->tickets_to_update_head)) {
+ while (NULL != (le = rh->tickets_to_update_head))
+ {
GNUNET_CONTAINER_DLL_remove (rh->tickets_to_update_head,
- rh->tickets_to_update_head, le);
+ rh->tickets_to_update_head,
+ le);
if (NULL != le->data)
GNUNET_free (le->data);
if (NULL != le->label)
@@ -350,8 +353,10 @@ del_attr_finished (void *cls, int32_t success, const char
*emsg)
{
struct RECLAIM_TICKETS_RevokeHandle *rvk = cls;
rvk->ns_qe = NULL;
- if (GNUNET_SYSERR == success) {
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Error removing attribute: %s\n",
+ if (GNUNET_SYSERR == success)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Error removing attribute: %s\n",
emsg);
rvk->cb (rvk->cb_cls, GNUNET_SYSERR);
cleanup_rvk (rvk);
@@ -367,7 +372,8 @@ move_attr_finished (void *cls, int32_t success, const char
*emsg)
struct RECLAIM_TICKETS_RevokeHandle *rvk = cls;
char *label;
rvk->ns_qe = NULL;
- if (GNUNET_SYSERR == success) {
+ if (GNUNET_SYSERR == success)
+ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Error moving attribute: %s\n", emsg);
rvk->cb (rvk->cb_cls, GNUNET_SYSERR);
cleanup_rvk (rvk);
@@ -375,15 +381,24 @@ move_attr_finished (void *cls, int32_t success, const
char *emsg)
}
label = GNUNET_STRINGS_data_to_string_alloc (&rvk->move_attr->old_id,
sizeof (uint64_t));
+ GNUNET_assert (NULL != label);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Removing attribute %s\n", label);
- rvk->ns_qe = GNUNET_NAMESTORE_records_store (nsh, &rvk->identity, label, 0,
- NULL, &del_attr_finished, rvk);
+ rvk->ns_qe = GNUNET_NAMESTORE_records_store (nsh,
+ &rvk->identity,
+ label,
+ 0,
+ NULL,
+ &del_attr_finished,
+ rvk);
+ GNUNET_free (label);
}
static void
-rvk_move_attr_cb (void *cls, const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone,
- const char *label, unsigned int rd_count,
+rvk_move_attr_cb (void *cls,
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone,
+ const char *label,
+ unsigned int rd_count,
const struct GNUNET_GNSRECORD_Data *rd)
{
struct RECLAIM_TICKETS_RevokeHandle *rvk = cls;
@@ -393,9 +408,11 @@ rvk_move_attr_cb (void *cls, const struct
GNUNET_CRYPTO_EcdsaPrivateKey *zone,
char *new_label;
char *attr_data;
rvk->ns_qe = NULL;
- if (0 == rd_count) {
+ if (0 == rd_count)
+ {
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
- "The attribute %s no longer exists!\n", label);
+ "The attribute %s no longer exists!\n",
+ label);
le = rvk->move_attr;
rvk->move_attr = le->next;
GNUNET_CONTAINER_DLL_remove (rvk->attrs_head, rvk->attrs_tail, le);
@@ -409,7 +426,8 @@ rvk_move_attr_cb (void *cls, const struct
GNUNET_CRYPTO_EcdsaPrivateKey *zone,
new_rd = *rd;
claim = GNUNET_RECLAIM_ATTRIBUTE_deserialize (rd->data, rd->data_size);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "Attribute to update: Name=%s, ID=%" PRIu64 "\n", claim->name,
+ "Attribute to update: Name=%s, ID=%" PRIu64 "\n",
+ claim->name,
claim->id);
claim->id = rvk->move_attr->new_id;
new_rd.data_size = GNUNET_RECLAIM_ATTRIBUTE_serialize_get_size (claim);
@@ -419,8 +437,13 @@ rvk_move_attr_cb (void *cls, const struct
GNUNET_CRYPTO_EcdsaPrivateKey *zone,
new_label = GNUNET_STRINGS_data_to_string_alloc (&rvk->move_attr->new_id,
sizeof (uint64_t));
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding attribute %s\n", new_label);
- rvk->ns_qe = GNUNET_NAMESTORE_records_store (
- nsh, &rvk->identity, new_label,
1, &new_rd, &move_attr_finished, rvk);
+ rvk->ns_qe = GNUNET_NAMESTORE_records_store (nsh,
+ &rvk->identity,
+ new_label,
+ 1,
+ &new_rd,
+ &move_attr_finished,
+ rvk);
GNUNET_free (new_label);
GNUNET_free (claim);
GNUNET_free (attr_data);
@@ -428,8 +451,10 @@ rvk_move_attr_cb (void *cls, const struct
GNUNET_CRYPTO_EcdsaPrivateKey *zone,
static void
-rvk_ticket_update (void *cls, const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone,
- const char *label, unsigned int rd_count,
+rvk_ticket_update (void *cls,
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone,
+ const char *label,
+ unsigned int rd_count,
const struct GNUNET_GNSRECORD_Data *rd)
{
struct RECLAIM_TICKETS_RevokeHandle *rvk = cls;
@@ -438,10 +463,12 @@ rvk_ticket_update (void *cls, const struct
GNUNET_CRYPTO_EcdsaPrivateKey *zone,
int has_changed = GNUNET_NO;
/** Let everything point to the old record **/
- for (int i = 0; i < rd_count; i++) {
+ for (int i = 0; i < rd_count; i++)
+ {
if (GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR_REF != rd[i].record_type)
continue;
- for (ae = rvk->attrs_head; NULL != ae; ae = ae->next) {
+ for (ae = rvk->attrs_head; NULL != ae; ae = ae->next)
+ {
if (0 != memcmp (rd[i].data, &ae->old_id, sizeof (uint64_t)))
continue;
has_changed = GNUNET_YES;
@@ -450,7 +477,8 @@ rvk_ticket_update (void *cls, const struct
GNUNET_CRYPTO_EcdsaPrivateKey *zone,
if (GNUNET_YES == has_changed)
break;
}
- if (GNUNET_YES == has_changed) {
+ if (GNUNET_YES == has_changed)
+ {
le = GNUNET_new (struct TicketRecordsEntry);
le->data_size = GNUNET_GNSRECORD_records_get_size (rd_count, rd);
le->data = GNUNET_malloc (le->data_size);
@@ -458,7 +486,8 @@ rvk_ticket_update (void *cls, const struct
GNUNET_CRYPTO_EcdsaPrivateKey *zone,
le->label = GNUNET_strdup (label);
GNUNET_GNSRECORD_records_serialize (rd_count, rd, le->data_size, le->data);
GNUNET_CONTAINER_DLL_insert (rvk->tickets_to_update_head,
- rvk->tickets_to_update_tail, le);
+ rvk->tickets_to_update_tail,
+ le);
}
GNUNET_NAMESTORE_zone_iterator_next (rvk->ns_it, 1);
}
@@ -482,7 +511,8 @@ process_tickets (void *cls)
struct RECLAIM_TICKETS_RevokeHandle *rvk = cls;
struct TicketRecordsEntry *le;
struct RevokedAttributeEntry *ae;
- if (NULL == rvk->tickets_to_update_head) {
+ if (NULL == rvk->tickets_to_update_head)
+ {
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Finished updatding tickets, success\n");
rvk->cb (rvk->cb_cls, GNUNET_OK);
@@ -491,21 +521,38 @@ process_tickets (void *cls)
}
le = rvk->tickets_to_update_head;
GNUNET_CONTAINER_DLL_remove (rvk->tickets_to_update_head,
- rvk->tickets_to_update_tail, le);
+ rvk->tickets_to_update_tail,
+ le);
struct GNUNET_GNSRECORD_Data rd[le->rd_count];
- GNUNET_GNSRECORD_records_deserialize (le->data_size, le->data, le->rd_count,
- rd);
- for (int i = 0; i < le->rd_count; i++) {
+ if (GNUNET_OK != GNUNET_GNSRECORD_records_deserialize (le->data_size,
+ le->data,
+ le->rd_count,
+ rd))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Unable to deserialize ticket record(s)\n");
+ rvk->cb (rvk->cb_cls, GNUNET_SYSERR);
+ cleanup_rvk (rvk);
+ return;
+ }
+ for (int i = 0; i < le->rd_count; i++)
+ {
if (GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR_REF != rd[i].record_type)
continue;
- for (ae = rvk->attrs_head; NULL != ae; ae = ae->next) {
+ for (ae = rvk->attrs_head; NULL != ae; ae = ae->next)
+ {
if (0 != memcmp (rd[i].data, &ae->old_id, sizeof (uint64_t)))
continue;
rd[i].data = &ae->new_id;
}
}
- rvk->ns_qe = GNUNET_NAMESTORE_records_store (
- nsh, &rvk->identity, le->label,
le->rd_count, rd, &ticket_processed, rvk);
+ rvk->ns_qe = GNUNET_NAMESTORE_records_store (nsh,
+ &rvk->identity,
+ le->label,
+ le->rd_count,
+ rd,
+ &ticket_processed,
+ rvk);
GNUNET_free (le->label);
GNUNET_free (le->data);
GNUNET_free (le);
@@ -551,19 +598,31 @@ move_attrs (struct RECLAIM_TICKETS_RevokeHandle *rvk)
{
char *label;
- if (NULL == rvk->move_attr) {
+ if (NULL == rvk->move_attr)
+ {
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Finished moving attributes\n");
- rvk->ns_it = GNUNET_NAMESTORE_zone_iteration_start (
- nsh, &rvk->identity,
&rvk_ns_iter_err, rvk, &rvk_ticket_update, rvk,
-
&rvk_ticket_update_finished, rvk);
+ rvk->ns_it =
+ GNUNET_NAMESTORE_zone_iteration_start (nsh,
+ &rvk->identity,
+ &rvk_ns_iter_err,
+ rvk,
+ &rvk_ticket_update,
+ rvk,
+ &rvk_ticket_update_finished,
+ rvk);
return;
}
label = GNUNET_STRINGS_data_to_string_alloc (&rvk->move_attr->old_id,
sizeof (uint64_t));
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Moving attribute %s\n", label);
- rvk->ns_qe = GNUNET_NAMESTORE_records_lookup (
- nsh, &rvk->identity, label,
&rvk_ns_err, rvk, &rvk_move_attr_cb, rvk);
+ rvk->ns_qe = GNUNET_NAMESTORE_records_lookup (nsh,
+ &rvk->identity,
+ label,
+ &rvk_ns_err,
+ rvk,
+ &rvk_move_attr_cb,
+ rvk);
GNUNET_free (label);
}
@@ -573,14 +632,16 @@ remove_ticket_cont (void *cls, int32_t success, const
char *emsg)
{
struct RECLAIM_TICKETS_RevokeHandle *rvk = cls;
rvk->ns_qe = NULL;
- if (GNUNET_SYSERR == success) {
+ if (GNUNET_SYSERR == success)
+ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "%s\n", emsg);
rvk->cb (rvk->cb_cls, GNUNET_SYSERR);
cleanup_rvk (rvk);
return;
}
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Deleted ticket\n");
- if (0 == rvk->ticket_attrs) {
+ if (0 == rvk->ticket_attrs)
+ {
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"No attributes to move... strange\n");
rvk->cb (rvk->cb_cls, GNUNET_OK);
@@ -593,26 +654,34 @@ remove_ticket_cont (void *cls, int32_t success, const
char *emsg)
static void
-revoke_attrs_cb (void *cls, const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone,
- const char *label, unsigned int rd_count,
+revoke_attrs_cb (void *cls,
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone,
+ const char *label,
+ unsigned int rd_count,
const struct GNUNET_GNSRECORD_Data *rd)
{
struct RECLAIM_TICKETS_RevokeHandle *rvk = cls;
struct RevokedAttributeEntry *le;
rvk->ns_qe = NULL;
- for (int i = 0; i < rd_count; i++) {
+ for (int i = 0; i < rd_count; i++)
+ {
if (GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR_REF != rd[i].record_type)
continue;
le = GNUNET_new (struct RevokedAttributeEntry);
- le->old_id = *((uint64_t *)rd[i].data);
+ le->old_id = *((uint64_t *) rd[i].data);
GNUNET_CONTAINER_DLL_insert (rvk->attrs_head, rvk->attrs_tail, le);
rvk->ticket_attrs++;
}
/** Now, remove ticket **/
- rvk->ns_qe = GNUNET_NAMESTORE_records_store (nsh, &rvk->identity, label, 0,
- NULL, &remove_ticket_cont, rvk);
+ rvk->ns_qe = GNUNET_NAMESTORE_records_store (nsh,
+ &rvk->identity,
+ label,
+ 0,
+ NULL,
+ &remove_ticket_cont,
+ rvk);
}
@@ -628,7 +697,8 @@ rvk_attrs_err_cb (void *cls)
struct RECLAIM_TICKETS_RevokeHandle *
RECLAIM_TICKETS_revoke (const struct GNUNET_RECLAIM_Ticket *ticket,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity,
- RECLAIM_TICKETS_RevokeCallback cb, void *cb_cls)
+ RECLAIM_TICKETS_RevokeCallback cb,
+ void *cb_cls)
{
struct RECLAIM_TICKETS_RevokeHandle *rvk;
char *label;
@@ -641,9 +711,14 @@ RECLAIM_TICKETS_revoke (const struct GNUNET_RECLAIM_Ticket
*ticket,
GNUNET_CRYPTO_ecdsa_key_get_public (&rvk->identity, &rvk->ticket.identity);
/** Get shared attributes **/
label = GNUNET_STRINGS_data_to_string_alloc (&ticket->rnd, sizeof
(uint64_t));
-
- rvk->ns_qe = GNUNET_NAMESTORE_records_lookup (
- nsh, identity, label,
&rvk_attrs_err_cb, rvk, &revoke_attrs_cb, rvk);
+ GNUNET_assert (NULL != label);
+ rvk->ns_qe = GNUNET_NAMESTORE_records_lookup (nsh,
+ identity,
+ label,
+ &rvk_attrs_err_cb,
+ rvk,
+ &revoke_attrs_cb,
+ rvk);
return rvk;
}
@@ -669,12 +744,14 @@ cleanup_cth (struct RECLAIM_TICKETS_ConsumeHandle *cth)
GNUNET_GNS_lookup_cancel (cth->lookup_request);
if (NULL != cth->kill_task)
GNUNET_SCHEDULER_cancel (cth->kill_task);
- while (NULL != (lu = cth->parallel_lookups_head)) {
+ while (NULL != (lu = cth->parallel_lookups_head))
+ {
if (NULL != lu->lookup_request)
GNUNET_GNS_lookup_cancel (lu->lookup_request);
GNUNET_free_non_null (lu->label);
GNUNET_CONTAINER_DLL_remove (cth->parallel_lookups_head,
- cth->parallel_lookups_tail, lu);
+ cth->parallel_lookups_tail,
+ lu);
GNUNET_free (lu);
}
@@ -685,23 +762,27 @@ cleanup_cth (struct RECLAIM_TICKETS_ConsumeHandle *cth)
static void
-process_parallel_lookup_result (void *cls, uint32_t rd_count,
+process_parallel_lookup_result (void *cls,
+ uint32_t rd_count,
const struct GNUNET_GNSRECORD_Data *rd)
{
struct ParallelLookup *parallel_lookup = cls;
struct RECLAIM_TICKETS_ConsumeHandle *cth = parallel_lookup->handle;
struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *attr_le;
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parallel lookup finished (count=%u)\n",
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Parallel lookup finished (count=%u)\n",
rd_count);
GNUNET_CONTAINER_DLL_remove (cth->parallel_lookups_head,
- cth->parallel_lookups_tail, parallel_lookup);
+ cth->parallel_lookups_tail,
+ parallel_lookup);
GNUNET_free (parallel_lookup->label);
- GNUNET_STATISTICS_update (
- stats, "attribute_lookup_time_total",
- GNUNET_TIME_absolute_get_duration
(parallel_lookup->lookup_start_time)
- .rel_value_us,
+ GNUNET_STATISTICS_update (stats,
+ "attribute_lookup_time_total",
+ GNUNET_TIME_absolute_get_duration (
+ parallel_lookup->lookup_start_time)
+ .rel_value_us,
GNUNET_YES);
GNUNET_STATISTICS_update (stats, "attribute_lookups_count", 1, GNUNET_YES);
@@ -709,11 +790,13 @@ process_parallel_lookup_result (void *cls, uint32_t
rd_count,
GNUNET_free (parallel_lookup);
if (1 != rd_count)
GNUNET_break (0); // TODO
- if (rd->record_type == GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR) {
+ if (rd->record_type == GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR)
+ {
attr_le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
attr_le->claim =
GNUNET_RECLAIM_ATTRIBUTE_deserialize (rd->data, rd->data_size);
- GNUNET_CONTAINER_DLL_insert (cth->attrs->list_head, cth->attrs->list_tail,
+ GNUNET_CONTAINER_DLL_insert (cth->attrs->list_head,
+ cth->attrs->list_tail,
attr_le);
}
if (NULL != cth->parallel_lookups_head)
@@ -733,12 +816,14 @@ abort_parallel_lookups (void *cls)
struct ParallelLookup *tmp;
cth->kill_task = NULL;
- for (lu = cth->parallel_lookups_head; NULL != lu;) {
+ for (lu = cth->parallel_lookups_head; NULL != lu;)
+ {
GNUNET_GNS_lookup_cancel (lu->lookup_request);
GNUNET_free (lu->label);
tmp = lu->next;
GNUNET_CONTAINER_DLL_remove (cth->parallel_lookups_head,
- cth->parallel_lookups_tail, lu);
+ cth->parallel_lookups_tail,
+ lu);
GNUNET_free (lu);
lu = tmp;
}
@@ -747,7 +832,8 @@ abort_parallel_lookups (void *cls)
static void
-lookup_authz_cb (void *cls, uint32_t rd_count,
+lookup_authz_cb (void *cls,
+ uint32_t rd_count,
const struct GNUNET_GNSRECORD_Data *rd)
{
struct RECLAIM_TICKETS_ConsumeHandle *cth = cls;
@@ -756,14 +842,19 @@ lookup_authz_cb (void *cls, uint32_t rd_count,
cth->lookup_request = NULL;
- GNUNET_STATISTICS_update (
- stats, "reclaim_authz_lookup_time_total",
- GNUNET_TIME_absolute_get_duration
(cth->lookup_start_time).rel_value_us,
+ GNUNET_STATISTICS_update (stats,
+ "reclaim_authz_lookup_time_total",
+ GNUNET_TIME_absolute_get_duration (
+ cth->lookup_start_time)
+ .rel_value_us,
GNUNET_YES);
- GNUNET_STATISTICS_update (stats, "reclaim_authz_lookups_count", 1,
+ GNUNET_STATISTICS_update (stats,
+ "reclaim_authz_lookups_count",
+ 1,
GNUNET_YES);
- for (int i = 0; i < rd_count; i++) {
+ for (int i = 0; i < rd_count; i++)
+ {
if (GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR_REF != rd[i].record_type)
continue;
lbl = GNUNET_STRINGS_data_to_string_alloc (rd[i].data, rd[i].data_size);
@@ -772,17 +863,24 @@ lookup_authz_cb (void *cls, uint32_t rd_count,
parallel_lookup->handle = cth;
parallel_lookup->label = lbl;
parallel_lookup->lookup_start_time = GNUNET_TIME_absolute_get ();
- parallel_lookup->lookup_request = GNUNET_GNS_lookup (
- gns, lbl,
&cth->ticket.identity, GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR,
-
GNUNET_GNS_LO_DEFAULT, &process_parallel_lookup_result,
- parallel_lookup);
+ parallel_lookup->lookup_request =
+ GNUNET_GNS_lookup (gns,
+ lbl,
+ &cth->ticket.identity,
+ GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR,
+ GNUNET_GNS_LO_DEFAULT,
+ &process_parallel_lookup_result,
+ parallel_lookup);
GNUNET_CONTAINER_DLL_insert (cth->parallel_lookups_head,
- cth->parallel_lookups_tail, parallel_lookup);
+ cth->parallel_lookups_tail,
+ parallel_lookup);
}
- if (NULL != cth->parallel_lookups_head) {
+ if (NULL != cth->parallel_lookups_head)
+ {
cth->kill_task = GNUNET_SCHEDULER_add_delayed (
-
GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 3),
- &abort_parallel_lookups,
cth);
+ GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 3),
+ &abort_parallel_lookups,
+ cth);
return;
}
cth->cb (cth->cb_cls, &cth->ticket.identity, cth->attrs, GNUNET_OK, NULL);
@@ -793,7 +891,8 @@ lookup_authz_cb (void *cls, uint32_t rd_count,
struct RECLAIM_TICKETS_ConsumeHandle *
RECLAIM_TICKETS_consume (const struct GNUNET_CRYPTO_EcdsaPrivateKey *id,
const struct GNUNET_RECLAIM_Ticket *ticket,
- RECLAIM_TICKETS_ConsumeCallback cb, void *cb_cls)
+ RECLAIM_TICKETS_ConsumeCallback cb,
+ void *cb_cls)
{
struct RECLAIM_TICKETS_ConsumeHandle *cth;
char *label;
@@ -807,12 +906,18 @@ RECLAIM_TICKETS_consume (const struct
GNUNET_CRYPTO_EcdsaPrivateKey *id,
cth->cb_cls = cb_cls;
label =
GNUNET_STRINGS_data_to_string_alloc (&cth->ticket.rnd, sizeof (uint64_t));
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Looking for AuthZ info under %s\n",
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Looking for AuthZ info under %s\n",
label);
cth->lookup_start_time = GNUNET_TIME_absolute_get ();
- cth->lookup_request = GNUNET_GNS_lookup (
- gns, label, &cth->ticket.identity,
GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR_REF,
- GNUNET_GNS_LO_DEFAULT,
&lookup_authz_cb, cth);
+ cth->lookup_request =
+ GNUNET_GNS_lookup (gns,
+ label,
+ &cth->ticket.identity,
+ GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR_REF,
+ GNUNET_GNS_LO_DEFAULT,
+ &lookup_authz_cb,
+ cth);
GNUNET_free (label);
return cth;
}
@@ -848,8 +953,11 @@ store_ticket_issue_cont (void *cls, int32_t success, const
char *emsg)
struct TicketIssueHandle *handle = cls;
handle->ns_qe = NULL;
- if (GNUNET_SYSERR == success) {
- handle->cb (handle->cb_cls, &handle->ticket, GNUNET_SYSERR,
+ if (GNUNET_SYSERR == success)
+ {
+ handle->cb (handle->cb_cls,
+ &handle->ticket,
+ GNUNET_SYSERR,
"Error storing AuthZ ticket in GNS");
return;
}
@@ -873,7 +981,8 @@ issue_ticket (struct TicketIssueHandle *ih)
attrs_record =
GNUNET_malloc (list_len * sizeof (struct GNUNET_GNSRECORD_Data));
i = 0;
- for (le = ih->attrs->list_head; NULL != le; le = le->next) {
+ for (le = ih->attrs->list_head; NULL != le; le = le->next)
+ {
attrs_record[i].data = &le->claim->id;
attrs_record[i].data_size = sizeof (le->claim->id);
//FIXME: Should this be the attribute expiration time or ticket refresh
intv
@@ -892,9 +1001,13 @@ issue_ticket (struct TicketIssueHandle *ih)
label =
GNUNET_STRINGS_data_to_string_alloc (&ih->ticket.rnd, sizeof (uint64_t));
// Publish record
- ih->ns_qe = GNUNET_NAMESTORE_records_store (nsh, &ih->identity, label,
- list_len, attrs_record,
- &store_ticket_issue_cont, ih);
+ ih->ns_qe = GNUNET_NAMESTORE_records_store (nsh,
+ &ih->identity,
+ label,
+ list_len,
+ attrs_record,
+ &store_ticket_issue_cont,
+ ih);
GNUNET_free (attrs_record);
GNUNET_free (label);
}
@@ -904,7 +1017,8 @@ void
RECLAIM_TICKETS_issue (const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity,
const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs,
const struct GNUNET_CRYPTO_EcdsaPublicKey *audience,
- RECLAIM_TICKETS_TicketResult cb, void *cb_cls)
+ RECLAIM_TICKETS_TicketResult cb,
+ void *cb_cls)
{
struct TicketIssueHandle *tih;
tih = GNUNET_new (struct TicketIssueHandle);
@@ -933,16 +1047,19 @@ cleanup_iter (struct RECLAIM_TICKETS_Iterator *iter)
static void
-collect_tickets_cb (void *cls, const struct GNUNET_CRYPTO_EcdsaPrivateKey
*zone,
- const char *label, unsigned int rd_count,
+collect_tickets_cb (void *cls,
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone,
+ const char *label,
+ unsigned int rd_count,
const struct GNUNET_GNSRECORD_Data *rd)
{
struct RECLAIM_TICKETS_Iterator *iter = cls;
- for (int i = 0; i < rd_count; i++) {
+ for (int i = 0; i < rd_count; i++)
+ {
if (GNUNET_GNSRECORD_TYPE_RECLAIM_TICKET != rd[i].record_type)
continue;
- iter->cb (iter->cb_cls, (struct GNUNET_RECLAIM_Ticket *)rd[i].data);
+ iter->cb (iter->cb_cls, (struct GNUNET_RECLAIM_Ticket *) rd[i].data);
return;
}
GNUNET_NAMESTORE_zone_iterator_next (iter->ns_it, 1);
@@ -986,17 +1103,24 @@ RECLAIM_TICKETS_iteration_stop (struct
RECLAIM_TICKETS_Iterator *iter)
struct RECLAIM_TICKETS_Iterator *
RECLAIM_TICKETS_iteration_start (
- const struct GNUNET_CRYPTO_EcdsaPrivateKey
*identity,
- RECLAIM_TICKETS_TicketIter cb, void *cb_cls)
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity,
+ RECLAIM_TICKETS_TicketIter cb,
+ void *cb_cls)
{
struct RECLAIM_TICKETS_Iterator *iter;
iter = GNUNET_new (struct RECLAIM_TICKETS_Iterator);
iter->cb = cb;
iter->cb_cls = cb_cls;
- iter->ns_it = GNUNET_NAMESTORE_zone_iteration_start (
- nsh, identity,
&collect_tickets_error_cb, iter, &collect_tickets_cb, iter,
-
&collect_tickets_finished_cb, iter);
+ iter->ns_it =
+ GNUNET_NAMESTORE_zone_iteration_start (nsh,
+ identity,
+ &collect_tickets_error_cb,
+ iter,
+ &collect_tickets_cb,
+ iter,
+ &collect_tickets_finished_cb,
+ iter);
return iter;
}
@@ -1005,28 +1129,32 @@ int
RECLAIM_TICKETS_init (const struct GNUNET_CONFIGURATION_Handle *c)
{
// Get ticket expiration time (relative) from config
- if (GNUNET_OK
- == GNUNET_CONFIGURATION_get_value_time (c,
- "reclaim",
- "TICKET_REFRESH_INTERVAL",
- &ticket_refresh_interval)) {
- GNUNET_log (
- GNUNET_ERROR_TYPE_DEBUG,
+ if (GNUNET_OK ==
+ GNUNET_CONFIGURATION_get_value_time (c,
+ "reclaim",
+ "TICKET_REFRESH_INTERVAL",
+ &ticket_refresh_interval))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Configured refresh interval for tickets: %s\n",
GNUNET_STRINGS_relative_time_to_string
(ticket_refresh_interval,
GNUNET_YES));
- } else {
+ }
+ else
+ {
ticket_refresh_interval = DEFAULT_TICKET_REFRESH_INTERVAL;
}
// Connect to identity and namestore services
nsh = GNUNET_NAMESTORE_connect (c);
- if (NULL == nsh) {
+ if (NULL == nsh)
+ {
GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR,
"error connecting to namestore");
return GNUNET_SYSERR;
}
gns = GNUNET_GNS_connect (c);
- if (NULL == gns) {
+ if (NULL == gns)
+ {
GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "error connecting to gns");
return GNUNET_SYSERR;
}
@@ -1043,7 +1171,8 @@ RECLAIM_TICKETS_deinit (void)
if (NULL != gns)
GNUNET_GNS_disconnect (gns);
gns = NULL;
- if (NULL != stats) {
+ if (NULL != stats)
+ {
GNUNET_STATISTICS_destroy (stats, GNUNET_NO);
stats = NULL;
}
diff --git a/src/reclaim/json_reclaim.c b/src/reclaim/json_reclaim.c
index 3ba4300bb..222cf1dbf 100644
--- a/src/reclaim/json_reclaim.c
+++ b/src/reclaim/json_reclaim.c
@@ -55,24 +55,37 @@ parse_attr (void *cls, json_t *root, struct
GNUNET_JSON_Specification *spec)
GNUNET_assert (NULL != root);
- if (!json_is_object (root)) {
+ if (! json_is_object (root))
+ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Error json is not array nor object!\n");
return GNUNET_SYSERR;
}
// interpret single attribute
- unpack_state =
- json_unpack (root, "{s:s, s?s, s:s, s:s!}", "name", &name_str, "id",
- &id_str, "type", &type_str, "value", &val_str);
+ unpack_state = json_unpack (root,
+ "{s:s, s?s, s:s, s:s!}",
+ "name",
+ &name_str,
+ "id",
+ &id_str,
+ "type",
+ &type_str,
+ "value",
+ &val_str);
if ((0 != unpack_state) || (NULL == name_str) || (NULL == val_str) ||
- (NULL == type_str)) {
+ (NULL == type_str))
+ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Error json object has a wrong format!\n");
return GNUNET_SYSERR;
}
type = GNUNET_RECLAIM_ATTRIBUTE_typename_to_number (type_str);
- if (GNUNET_SYSERR == (GNUNET_RECLAIM_ATTRIBUTE_string_to_value (
- type,
val_str, (void **)&data, &data_size))) {
+ if (GNUNET_SYSERR ==
+ (GNUNET_RECLAIM_ATTRIBUTE_string_to_value (type,
+ val_str,
+ (void **) &data,
+ &data_size)))
+ {
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Attribute value invalid!\n");
return GNUNET_SYSERR;
}
@@ -80,10 +93,12 @@ parse_attr (void *cls, json_t *root, struct
GNUNET_JSON_Specification *spec)
if ((NULL == id_str) || (0 == strlen (id_str)))
attr->id = 0;
else
- GNUNET_STRINGS_string_to_data (id_str, strlen (id_str), &attr->id,
+ GNUNET_STRINGS_string_to_data (id_str,
+ strlen (id_str),
+ &attr->id,
sizeof (uint64_t));
- *(struct GNUNET_RECLAIM_ATTRIBUTE_Claim **)spec->ptr = attr;
+ *(struct GNUNET_RECLAIM_ATTRIBUTE_Claim **) spec->ptr = attr;
return GNUNET_OK;
}
@@ -97,8 +112,9 @@ static void
clean_attr (void *cls, struct GNUNET_JSON_Specification *spec)
{
struct GNUNET_RECLAIM_ATTRIBUTE_Claim **attr;
- attr = (struct GNUNET_RECLAIM_ATTRIBUTE_Claim **)spec->ptr;
- if (NULL != *attr) {
+ attr = (struct GNUNET_RECLAIM_ATTRIBUTE_Claim **) spec->ptr;
+ if (NULL != *attr)
+ {
GNUNET_free (*attr);
*attr = NULL;
}
@@ -114,12 +130,12 @@ struct GNUNET_JSON_Specification
GNUNET_RECLAIM_JSON_spec_claim (struct GNUNET_RECLAIM_ATTRIBUTE_Claim **attr)
{
struct GNUNET_JSON_Specification ret = {.parser = &parse_attr,
- .cleaner = &clean_attr,
- .cls = NULL,
- .field = NULL,
- .ptr = attr,
- .ptr_size = 0,
- .size_ptr = NULL};
+ .cleaner = &clean_attr,
+ .cls = NULL,
+ .field = NULL,
+ .ptr = attr,
+ .ptr_size = 0,
+ .size_ptr = NULL};
*attr = NULL;
return ret;
}
@@ -142,44 +158,61 @@ parse_ticket (void *cls, json_t *root, struct
GNUNET_JSON_Specification *spec)
GNUNET_assert (NULL != root);
- if (!json_is_object (root)) {
+ if (! json_is_object (root))
+ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Error json is not array nor object!\n");
return GNUNET_SYSERR;
}
// interpret single ticket
- unpack_state = json_unpack (root, "{s:s, s:s, s:s!}", "rnd", &rnd_str,
- "audience", &aud_str, "identity", &id_str);
- if (0 != unpack_state) {
+ unpack_state = json_unpack (root,
+ "{s:s, s:s, s:s!}",
+ "rnd",
+ &rnd_str,
+ "audience",
+ &aud_str,
+ "identity",
+ &id_str);
+ if (0 != unpack_state)
+ {
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Error json object has a wrong format!\n");
return GNUNET_SYSERR;
}
ticket = GNUNET_new (struct GNUNET_RECLAIM_Ticket);
- if (GNUNET_OK != GNUNET_STRINGS_string_to_data (rnd_str, strlen (rnd_str),
+ if (GNUNET_OK != GNUNET_STRINGS_string_to_data (rnd_str,
+ strlen (rnd_str),
&ticket->rnd,
- sizeof (uint64_t))) {
+ sizeof (uint64_t)))
+ {
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Rnd invalid\n");
GNUNET_free (ticket);
return GNUNET_SYSERR;
}
- GNUNET_STRINGS_string_to_data (id_str, strlen (id_str), &ticket->identity,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
+ if (GNUNET_OK !=
+ GNUNET_STRINGS_string_to_data (id_str,
+ strlen (id_str),
+ &ticket->identity,
+ sizeof (
+ struct GNUNET_CRYPTO_EcdsaPublicKey)))
{
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Identity invalid\n");
GNUNET_free (ticket);
return GNUNET_SYSERR;
}
- GNUNET_STRINGS_string_to_data (aud_str, strlen (aud_str), &ticket->audience,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
+ if (GNUNET_OK !=
+ GNUNET_STRINGS_string_to_data (aud_str,
+ strlen (aud_str),
+ &ticket->audience,
+ sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
{
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Audience invalid\n");
GNUNET_free (ticket);
return GNUNET_SYSERR;
}
- *(struct GNUNET_RECLAIM_Ticket **)spec->ptr = ticket;
+ *(struct GNUNET_RECLAIM_Ticket **) spec->ptr = ticket;
return GNUNET_OK;
}
@@ -193,8 +226,9 @@ static void
clean_ticket (void *cls, struct GNUNET_JSON_Specification *spec)
{
struct GNUNET_RECLAIM_Ticket **ticket;
- ticket = (struct GNUNET_RECLAIM_Ticket **)spec->ptr;
- if (NULL != *ticket) {
+ ticket = (struct GNUNET_RECLAIM_Ticket **) spec->ptr;
+ if (NULL != *ticket)
+ {
GNUNET_free (*ticket);
*ticket = NULL;
}
@@ -210,12 +244,12 @@ struct GNUNET_JSON_Specification
GNUNET_RECLAIM_JSON_spec_ticket (struct GNUNET_RECLAIM_Ticket **ticket)
{
struct GNUNET_JSON_Specification ret = {.parser = &parse_ticket,
- .cleaner = &clean_ticket,
- .cls = NULL,
- .field = NULL,
- .ptr = ticket,
- .ptr_size = 0,
- .size_ptr = NULL};
+ .cleaner = &clean_ticket,
+ .cls = NULL,
+ .field = NULL,
+ .ptr = ticket,
+ .ptr_size = 0,
+ .size_ptr = NULL};
*ticket = NULL;
return ret;
}
diff --git a/src/reclaim/plugin_rest_openid_connect.c
b/src/reclaim/plugin_rest_openid_connect.c
index 93e5ac864..e8561aed4 100644
--- a/src/reclaim/plugin_rest_openid_connect.c
+++ b/src/reclaim/plugin_rest_openid_connect.c
@@ -209,12 +209,12 @@
* OIDC ignored parameter array
*/
static char *OIDC_ignored_parameter_array[] = {"display",
- "prompt",
- "ui_locales",
- "response_mode",
- "id_token_hint",
- "login_hint",
- "acr_values"};
+ "prompt",
+ "ui_locales",
+ "response_mode",
+ "id_token_hint",
+ "login_hint",
+ "acr_values"};
/**
* OIDC Hash map that keeps track of issued cookies
@@ -724,7 +724,7 @@ cookie_identity_interpretation (struct RequestHandle
*handle)
strlen (OIDC_COOKIE_HEADER_KEY),
&cache_key);
if (GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains (handle->rest_handle
- ->header_param_map,
+
->header_param_map,
&cache_key))
{
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "No cookie found\n");
@@ -772,9 +772,9 @@ cookie_identity_interpretation (struct RequestHandle
*handle)
GNUNET_CONTAINER_multihashmap_contains (OIDC_cookie_jar_map, &cache_key))
{
GNUNET_log (
- GNUNET_ERROR_TYPE_WARNING,
- "Found cookie `%s', but no corresponding expiration entry
present...\n",
- token);
+ GNUNET_ERROR_TYPE_WARNING,
+ "Found cookie `%s', but no corresponding expiration entry present...\n",
+ token);
GNUNET_free (cookies);
return;
}
@@ -793,6 +793,7 @@ cookie_identity_interpretation (struct RequestHandle
*handle)
value = strtok (token, OIDC_COOKIE_HEADER_INFORMATION_KEY);
GNUNET_assert (NULL != value);
handle->oidc->login_identity = GNUNET_strdup (value);
+ GNUNET_free (cookies);
}
/**
@@ -1020,10 +1021,10 @@ code_redirect (void *cls)
{
if (GNUNET_OK !=
GNUNET_CRYPTO_ecdsa_public_key_from_string (handle->oidc
- ->login_identity,
+ ->login_identity,
strlen (
- handle->oidc
-
->login_identity),
+ handle->oidc
+ ->login_identity),
&pubkey))
{
handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_COOKIE);
@@ -1134,18 +1135,31 @@ lookup_redirect_uri_result (void *cls,
if (NULL == strstr (tmp, handle->oidc->client_id))
{
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "Redirect uri %s does not contain client_id %s",
+ "Redirect uri %s does not contain client_id %s\n",
tmp,
handle->oidc->client_id);
}
else
{
-
pos = strrchr (tmp, (unsigned char) '.');
+ if (NULL == pos)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "Redirect uri %s contains client_id but is malformed\n",
+ tmp);
+ continue;
+ }
*pos = '\0';
handle->redirect_prefix = GNUNET_strdup (tmp);
tmp_key_str = pos + 1;
pos = strchr (tmp_key_str, (unsigned char) '/');
+ if (NULL == pos)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "Redirect uri %s contains client_id but is malformed\n",
+ tmp);
+ continue;
+ }
*pos = '\0';
handle->redirect_suffix = GNUNET_strdup (pos + 1);
@@ -1191,7 +1205,7 @@ get_url_parameter_copy (const struct RequestHandle
*handle, const char *key)
char *value;
GNUNET_CRYPTO_hash (key, strlen (key), &hc);
if (GNUNET_YES != GNUNET_CONTAINER_multihashmap_contains (handle->rest_handle
- ->url_param_map,
+ ->url_param_map,
&hc))
return NULL;
value =
@@ -1264,7 +1278,7 @@ build_authz_response (void *cls)
&cache_key);
if (GNUNET_YES ==
GNUNET_CONTAINER_multihashmap_contains (handle->rest_handle
- ->url_param_map,
+ ->url_param_map,
&cache_key))
{
handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_ACCESS_DENIED);
@@ -1370,7 +1384,7 @@ authorize_endpoint (struct GNUNET_REST_RequestHandle
*con_handle,
if (GNUNET_OK !=
GNUNET_CRYPTO_ecdsa_public_key_from_string (handle->oidc->client_id,
strlen (
-
handle->oidc->client_id),
+ handle->oidc->client_id),
&handle->oidc->client_pkey))
{
handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_UNAUTHORIZED_CLIENT);
@@ -1455,8 +1469,8 @@ login_cont (struct GNUNET_REST_RequestHandle *con_handle,
{
current_time = GNUNET_new (struct GNUNET_TIME_Absolute);
*current_time = GNUNET_TIME_relative_to_absolute (
-
GNUNET_TIME_relative_multiply (GNUNET_TIME_relative_get_second_ (),
-
OIDC_COOKIE_EXPIRATION));
+ GNUNET_TIME_relative_multiply (GNUNET_TIME_relative_get_second_ (),
+ OIDC_COOKIE_EXPIRATION));
last_time =
GNUNET_CONTAINER_multihashmap_get (OIDC_cookie_jar_map, &cache_key);
GNUNET_free_non_null (last_time);
@@ -1488,7 +1502,7 @@ check_authorization (struct RequestHandle *handle,
strlen (OIDC_AUTHORIZATION_HEADER_KEY),
&cache_key);
if (GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains (handle->rest_handle
- ->header_param_map,
+
->header_param_map,
&cache_key))
{
handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_CLIENT);
@@ -1502,7 +1516,7 @@ check_authorization (struct RequestHandle *handle,
// split header in "Basic" and [content]
credentials = strtok (authorization, " ");
- if (0 != strcmp ("Basic", credentials))
+ if ((NULL == credentials) || (0 != strcmp ("Basic", credentials)))
{
handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_CLIENT);
handle->response_code = MHD_HTTP_UNAUTHORIZED;
@@ -1568,8 +1582,7 @@ check_authorization (struct RequestHandle *handle,
}
// check client_id
- for (handle->ego_entry = handle->ego_head;
- NULL != handle->ego_entry;
+ for (handle->ego_entry = handle->ego_head; NULL != handle->ego_entry;
handle->ego_entry = handle->ego_entry->next)
{
if (0 == strcmp (handle->ego_entry->keystring, client_id))
@@ -1619,11 +1632,12 @@ persist_access_token (const struct RequestHandle
*handle,
GNUNET_CRYPTO_hash (access_token, strlen (access_token), &hc);
ticketbuf = GNUNET_new (struct GNUNET_RECLAIM_Ticket);
*ticketbuf = *ticket;
- GNUNET_CONTAINER_multihashmap_put (
- OIDC_access_token_map,
- &hc,
- ticketbuf,
-
GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY);
+ GNUNET_assert (GNUNET_SYSERR !=
+ GNUNET_CONTAINER_multihashmap_put (
+ OIDC_access_token_map,
+ &hc,
+ ticketbuf,
+ GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY));
}
/**
@@ -1690,10 +1704,11 @@ token_endpoint (struct GNUNET_REST_RequestHandle
*con_handle,
{
handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_UNSUPPORTED_GRANT_TYPE);
handle->response_code = MHD_HTTP_BAD_REQUEST;
+ GNUNET_free (grant_type);
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
-
+ GNUNET_free (grant_type);
// REQUIRED code
code = get_url_parameter_copy (handle, OIDC_CODE_KEY);
if (NULL == code)
@@ -1710,7 +1725,9 @@ token_endpoint (struct GNUNET_REST_RequestHandle
*con_handle,
handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_REQUEST);
handle->edesc = GNUNET_strdup ("Unknown client");
handle->response_code = MHD_HTTP_BAD_REQUEST;
+ GNUNET_free (code);
GNUNET_SCHEDULER_add_now (&do_error, handle);
+ return;
}
privkey = GNUNET_IDENTITY_ego_get_private_key (ego_entry->ego);
// decode code
@@ -1719,9 +1736,11 @@ token_endpoint (struct GNUNET_REST_RequestHandle
*con_handle,
handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_REQUEST);
handle->edesc = GNUNET_strdup ("invalid code");
handle->response_code = MHD_HTTP_BAD_REQUEST;
+ GNUNET_free (code);
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
+ GNUNET_free (code);
// create jwt
if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_time (cfg,
@@ -1826,7 +1845,7 @@ userinfo_endpoint (struct GNUNET_REST_RequestHandle
*con_handle,
strlen (OIDC_AUTHORIZATION_HEADER_KEY),
&cache_key);
if (GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains (handle->rest_handle
- ->header_param_map,
+
->header_param_map,
&cache_key))
{
handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_TOKEN);
@@ -1915,16 +1934,16 @@ init_cont (struct RequestHandle *handle)
{
struct GNUNET_REST_RequestHandlerError err;
static const struct GNUNET_REST_RequestHandler handlers[] =
- {{MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_AUTHORIZE, &authorize_endpoint},
- {MHD_HTTP_METHOD_POST,
+ {{MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_AUTHORIZE, &authorize_endpoint},
+ {MHD_HTTP_METHOD_POST,
GNUNET_REST_API_NS_AUTHORIZE,
&authorize_endpoint}, // url-encoded
- {MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_LOGIN, &login_cont},
- {MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_TOKEN, &token_endpoint},
- {MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_USERINFO, &userinfo_endpoint},
- {MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_USERINFO, &userinfo_endpoint},
- {MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_OIDC, &options_cont},
- GNUNET_REST_HANDLER_END};
+ {MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_LOGIN, &login_cont},
+ {MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_TOKEN, &token_endpoint},
+ {MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_USERINFO, &userinfo_endpoint},
+ {MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_USERINFO, &userinfo_endpoint},
+ {MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_OIDC, &options_cont},
+ GNUNET_REST_HANDLER_END};
if (GNUNET_NO ==
GNUNET_REST_handle_request (handle->rest_handle, handlers, &err, handle))
--
To stop receiving notification emails like this one, please contact
address@hidden
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [gnunet] branch master updated: RECLAIM: Various fixes (coverity),
gnunet <=