[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: fix mime-type confusion in 'ins
From: |
gnunet |
Subject: |
[taler-anastasis] branch master updated: fix mime-type confusion in 'instructions' of challenge |
Date: |
Sun, 04 Apr 2021 14:41:36 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new a0e65bd fix mime-type confusion in 'instructions' of challenge
a0e65bd is described below
commit a0e65bd3771cb0d26596b43456bf2058f709b076
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Sun Apr 4 14:41:34 2021 +0200
fix mime-type confusion in 'instructions' of challenge
---
src/include/anastasis.h | 20 +++++--
src/include/anastasis_service.h | 15 ++++-
src/lib/anastasis_recovery.c | 8 ++-
src/reducer/anastasis_api_recovery_redux.c | 79 +++++++++++++++++++++++---
src/restclient/anastasis_api_keyshare_lookup.c | 67 +++++++++++++---------
src/testing/testing_api_cmd_keyshare_lookup.c | 5 +-
src/testing/testing_cmd_challenge_answer.c | 12 +++-
7 files changed, 157 insertions(+), 49 deletions(-)
diff --git a/src/include/anastasis.h b/src/include/anastasis.h
index 4b837b4..5184a9d 100644
--- a/src/include/anastasis.h
+++ b/src/include/anastasis.h
@@ -164,17 +164,27 @@ struct ANASTASIS_ChallengeStartResponse
struct
{
+ /**
+ * Response with server-side instructions for the user.
+ */
+ const void *body;
+
+ /**
+ * Mime type of the data in @e body.
+ */
+ const char *content_type;
+
+ /**
+ * Number of bytes in @e body
+ */
+ size_t body_size;
+
/**
* HTTP status returned by the server. #MHD_HTTP_ALREADY_REPORTED
* if the server did already send the challenge to the user,
* #MHD_HTTP_FORBIDDEN if the answer was wrong (or missing).
*/
unsigned int http_status;
-
- /**
- * Response with server-side instructions for the user.
- */
- const char *instructions;
} open_challenge;
diff --git a/src/include/anastasis_service.h b/src/include/anastasis_service.h
index a39a2d4..618f9ed 100644
--- a/src/include/anastasis_service.h
+++ b/src/include/anastasis_service.h
@@ -507,7 +507,6 @@ struct ANASTASIS_KeyShareDownloadDetails
struct
{
-
/**
* HTTP status returned by the server. #MHD_HTTP_ALREADY_REPORTED
* if the server did already send the challenge to the user,
@@ -516,9 +515,19 @@ struct ANASTASIS_KeyShareDownloadDetails
unsigned int http_status;
/**
- * Response with server-side instructions for the user
+ * Response with server-side reply containing instructions for the user
+ */
+ const char *body;
+
+ /**
+ * Content-type: mime type of @e body, NULL if server did not provide
any.
+ */
+ const char *content_type;
+
+ /**
+ * Number of bytes in @e body.
*/
- const char *instructions;
+ size_t body_size;
} open_challenge;
diff --git a/src/lib/anastasis_recovery.c b/src/lib/anastasis_recovery.c
index 7018959..cc8a8f7 100644
--- a/src/lib/anastasis_recovery.c
+++ b/src/lib/anastasis_recovery.c
@@ -268,8 +268,12 @@ keyshare_lookup_cb (void *cls,
struct ANASTASIS_ChallengeStartResponse csr = {
.cs = ANASTASIS_CHALLENGE_STATUS_INSTRUCTIONS,
.challenge = c,
- .details.open_challenge.instructions
- = dd->details.open_challenge.instructions,
+ .details.open_challenge.body
+ = dd->details.open_challenge.body,
+ .details.open_challenge.content_type
+ = dd->details.open_challenge.content_type,
+ .details.open_challenge.body_size
+ = dd->details.open_challenge.body_size,
.details.open_challenge.http_status
= dd->details.open_challenge.http_status
};
diff --git a/src/reducer/anastasis_api_recovery_redux.c
b/src/reducer/anastasis_api_recovery_redux.c
index 6d13707..5ab977d 100644
--- a/src/reducer/anastasis_api_recovery_redux.c
+++ b/src/reducer/anastasis_api_recovery_redux.c
@@ -450,15 +450,78 @@ answer_feedback_cb (
case ANASTASIS_CHALLENGE_STATUS_INSTRUCTIONS:
{
json_t *instructions;
+ json_t *val;
+ const char *mime;
- instructions = json_pack ("{s:s, s:s, s:I}",
- "state",
- "instructions",
- "instructions",
- csr->details.open_challenge.instructions,
- "http_status",
- (json_int_t) csr->details.open_challenge.
- http_status);
+ mime = csr->details.open_challenge.content_type;
+ if (NULL != mime)
+ {
+ if ( (0 == strcasecmp (mime,
+ "text/plain")) ||
+ (0 == strcasecmp (mime,
+ "text/utf8")) )
+ {
+ char *s = GNUNET_strndup (csr->details.open_challenge.body,
+ csr->details.open_challenge.body_size);
+
+ instructions = json_pack (
+ "{s:s, s:s, s:I}",
+ "state",
+ "hint",
+ "hint",
+ s,
+ "http_status",
+ (json_int_t) csr->details.open_challenge.http_status);
+ GNUNET_free (s);
+ }
+ else if (0 == strcasecmp (mime,
+ "application/json"))
+ {
+ json_t *body;
+
+ body = json_loadb (csr->details.open_challenge.body,
+ csr->details.open_challenge.body_size,
+ JSON_REJECT_DUPLICATES,
+ NULL);
+ if (NULL == body)
+ {
+ GNUNET_break_op (0);
+ mime = NULL;
+ }
+ else
+ {
+ instructions = json_pack (
+ "{s:s, s:o, s:I}",
+ "state",
+ "details",
+ "details",
+ body,
+ "http_status",
+ (json_int_t) csr->details.open_challenge.http_status);
+ }
+ }
+ else
+ {
+ /* unexpected / unsupported mime type */
+ mime = NULL;
+ }
+ }
+ if (NULL == mime)
+ {
+ val = GNUNET_JSON_from_data (csr->details.open_challenge.body,
+ csr->details.open_challenge.body_size);
+ GNUNET_assert (NULL != val);
+ instructions = json_pack (
+ "{s:s, s:o, s:I, s:s?}",
+ "state",
+ "body",
+ "body",
+ val,
+ "http_status",
+ (json_int_t) csr->details.open_challenge.http_status,
+ "mime_type",
+ mime);
+ }
GNUNET_assert (NULL != instructions);
GNUNET_assert (0 ==
json_object_set_new (feedback,
diff --git a/src/restclient/anastasis_api_keyshare_lookup.c
b/src/restclient/anastasis_api_keyshare_lookup.c
index f044686..a2e4316 100644
--- a/src/restclient/anastasis_api_keyshare_lookup.c
+++ b/src/restclient/anastasis_api_keyshare_lookup.c
@@ -89,6 +89,11 @@ struct ANASTASIS_KeyShareLookupOperation
* Location URI we received from the service, or NULL.
*/
char *location;
+
+ /**
+ * Content type of the body.
+ */
+ char *content_type;
};
@@ -105,6 +110,7 @@ ANASTASIS_keyshare_lookup_cancel (
GNUNET_free (kslo->pay_uri);
GNUNET_free (kslo->display_url);
GNUNET_free (kslo->url);
+ GNUNET_free (kslo->content_type);
GNUNET_free (kslo);
}
@@ -208,16 +214,13 @@ handle_keyshare_lookup_finished (void *cls,
case MHD_HTTP_FORBIDDEN:
/* Nothing really to verify, authentication required/failed */
{
- char *instructions;
-
- instructions = GNUNET_strndup (data,
- data_size);
kdd.status = ANASTASIS_KSD_INVALID_ANSWER;
- kdd.details.open_challenge.instructions = instructions;
+ kdd.details.open_challenge.body = data;
+ kdd.details.open_challenge.body_size = data_size;
+ kdd.details.open_challenge.content_type = kslo->content_type;
kdd.details.open_challenge.http_status = response_code;
kslo->cb (kslo->cb_cls,
&kdd);
- GNUNET_free (instructions);
}
ANASTASIS_keyshare_lookup_cancel (kslo);
return;
@@ -262,6 +265,28 @@ handle_keyshare_lookup_finished (void *cls,
}
+/**
+ * Patch value in @a val, replacing new line with '\0'.
+ *
+ * @param[in,out] 0-terminated string to replace '\n'/'\r' with '\0' in.
+ */
+static void
+patch_value (char *val)
+{
+ size_t len;
+
+ /* found location URI we care about! */
+ len = strlen (val);
+ while ( (len > 0) &&
+ ( ('\n' == val[len - 1]) ||
+ ('\r' == val[len - 1]) ) )
+ {
+ len--;
+ val[len] = '\0';
+ }
+}
+
+
/**
* Handle HTTP header received by curl.
*
@@ -307,36 +332,26 @@ handle_header (char *buffer,
if (0 == strcasecmp (hdr_type,
ANASTASIS_HTTP_HEADER_TALER))
{
- size_t len;
-
/* found payment URI we care about! */
GNUNET_free (kslo->pay_uri);
kslo->pay_uri = GNUNET_strdup (hdr_val);
- len = strlen (kslo->pay_uri);
- while ( (len > 0) &&
- ( ('\n' == kslo->pay_uri[len - 1]) ||
- ('\r' == kslo->pay_uri[len - 1]) ) )
- {
- len--;
- kslo->pay_uri[len] = '\0';
- }
+ patch_value (kslo->pay_uri);
}
if (0 == strcasecmp (hdr_type,
MHD_HTTP_HEADER_LOCATION))
{
- size_t len;
-
/* found location URI we care about! */
GNUNET_free (kslo->location);
kslo->location = GNUNET_strdup (hdr_val);
- len = strlen (kslo->location);
- while ( (len > 0) &&
- ( ('\n' == kslo->location[len - 1]) ||
- ('\r' == kslo->location[len - 1]) ) )
- {
- len--;
- kslo->location[len] = '\0';
- }
+ patch_value (kslo->location);
+ }
+ if (0 == strcasecmp (hdr_type,
+ MHD_HTTP_HEADER_CONTENT_TYPE))
+ {
+ /* found location URI we care about! */
+ GNUNET_free (kslo->content_type);
+ kslo->content_type = GNUNET_strdup (hdr_val);
+ patch_value (kslo->content_type);
}
GNUNET_free (ndup);
return total;
diff --git a/src/testing/testing_api_cmd_keyshare_lookup.c
b/src/testing/testing_api_cmd_keyshare_lookup.c
index 6b09b56..895d321 100644
--- a/src/testing/testing_api_cmd_keyshare_lookup.c
+++ b/src/testing/testing_api_cmd_keyshare_lookup.c
@@ -188,8 +188,9 @@ keyshare_lookup_cb (void *cls,
}
else
{
- ksls->instructions = GNUNET_strdup (
- dd->details.open_challenge.instructions);
+ ksls->instructions = GNUNET_strndup (
+ dd->details.open_challenge.body,
+ dd->details.open_challenge.body_size);
}
break;
case ANASTASIS_KSD_REDIRECT_FOR_AUTHENTICATION:
diff --git a/src/testing/testing_cmd_challenge_answer.c
b/src/testing/testing_cmd_challenge_answer.c
index 296eae8..881cf7b 100644
--- a/src/testing/testing_cmd_challenge_answer.c
+++ b/src/testing/testing_cmd_challenge_answer.c
@@ -110,14 +110,18 @@ challenge_answer_cb (void *af_cls,
case ANASTASIS_CHALLENGE_STATUS_INSTRUCTIONS:
{
FILE *file;
+ char *fn;
- file = fopen (csr->details.open_challenge.instructions,
+ fn = GNUNET_strndup (csr->details.open_challenge.body,
+ csr->details.open_challenge.body_size);
+ file = fopen (fn,
"r");
if (NULL == file)
{
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
"open",
- csr->details.open_challenge.instructions);
+ fn);
+ GNUNET_free (fn);
TALER_TESTING_interpreter_fail (cs->is);
return;
}
@@ -127,13 +131,15 @@ challenge_answer_cb (void *af_cls,
{
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
"fscanf",
- csr->details.open_challenge.instructions);
+ fn);
TALER_TESTING_interpreter_fail (cs->is);
fclose (file);
+ GNUNET_free (fn);
return;
}
TALER_TESTING_interpreter_next (cs->is);
GNUNET_break (0 == fclose (file));
+ GNUNET_free (fn);
return;
}
case ANASTASIS_CHALLENGE_STATUS_PAYMENT_REQUIRED:
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: fix mime-type confusion in 'instructions' of challenge,
gnunet <=