diff options
| -rw-r--r-- | src/identity-provider/Makefile.am | 13 | ||||
| -rw-r--r-- | src/identity-provider/gnunet-service-identity-provider.c | 9 | ||||
| -rw-r--r-- | src/identity-provider/identity_provider.h | 15 | ||||
| -rw-r--r-- | src/identity-provider/identity_provider_api.c | 127 | ||||
| -rw-r--r-- | src/identity-provider/plugin_rest_identity_token.c | 2 | ||||
| -rw-r--r-- | src/include/gnunet_identity_provider_service.h | 2 |
6 files changed, 72 insertions, 96 deletions
diff --git a/src/identity-provider/Makefile.am b/src/identity-provider/Makefile.am index edd9844c1c..75858947a4 100644 --- a/src/identity-provider/Makefile.am +++ b/src/identity-provider/Makefile.am @@ -20,7 +20,8 @@ pkgcfg_DATA = \ identity-token.conf plugin_LTLIBRARIES = \ - libgnunet_plugin_rest_identity_token.la + libgnunet_plugin_rest_identity_token.la \ + libgnunetidentityprovider.la bin_PROGRAMS = \ gnunet-identity-token @@ -40,6 +41,16 @@ gnunet_service_identity_provider_LDADD = \ $(GN_LIBINTL) \ -ljansson +libgnunetidentityprovider_la_SOURCES = \ + identity_provider_api.c \ + identity_provider.h +libgnunetidentityprovider_la_LIBADD = \ + $(top_builddir)/src/util/libgnunetutil.la \ + $(GN_LIBINTL) $(XLIB) +libgnunetidentityprovider_la_LDFLAGS = \ + $(GN_LIB_LDFLAGS) $(WINFLAGS) \ + -version-info 0:0:0 + libgnunet_plugin_rest_identity_token_la_SOURCES = \ plugin_rest_identity_token.c libgnunet_plugin_rest_identity_token_la_LIBADD = \ diff --git a/src/identity-provider/gnunet-service-identity-provider.c b/src/identity-provider/gnunet-service-identity-provider.c index 6cb8bf72f7..85471e6574 100644 --- a/src/identity-provider/gnunet-service-identity-provider.c +++ b/src/identity-provider/gnunet-service-identity-provider.c @@ -903,7 +903,6 @@ static void sign_and_return_token (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc) { - const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key; struct GNUNET_CRYPTO_EcdsaPublicKey pub_key; struct GNUNET_CRYPTO_EcdsaPublicKey aud_pkey; struct GNUNET_CRYPTO_EcdhePrivateKey *ecdhe_privkey; @@ -914,7 +913,6 @@ sign_and_return_token (void *cls, char *nonce_str; char *enc_token_str; char *token_metadata; - char *scopes; char* write_ptr; uint64_t time; uint64_t exp_time; @@ -980,7 +978,7 @@ sign_and_return_token (void *cls, write_ptr += sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey); memcpy (write_ptr, &handle->aud_key, sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); write_ptr += sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey); - memcpy (write_ptr, scopes, strlen (scopes) + 1); //with 0-Terminator; + memcpy (write_ptr, handle->scopes, strlen (handle->scopes) + 1); //with 0-Terminator; GNUNET_free (ecdhe_privkey); @@ -992,7 +990,7 @@ sign_and_return_token (void *cls, //Persist token handle->ns_qe = GNUNET_NAMESTORE_records_store (ns_handle, - priv_key, + &handle->iss_key, lbl_str, 2, token_record, @@ -1207,7 +1205,6 @@ handle_issue_message (void *cls, const char *scopes; char *scopes_tmp; char *scope; - char *attr_list_tmp; struct GNUNET_HashCode key; struct IssueHandle *issue_handle; @@ -1227,7 +1224,7 @@ handle_issue_message (void *cls, issue_handle->attr_map = GNUNET_CONTAINER_multihashmap_create (5, GNUNET_NO); scopes_tmp = GNUNET_strdup (scopes); - scope = strtok(attr_list_tmp, ","); + scope = strtok(scopes_tmp, ","); for (; NULL != scope; scope = strtok (NULL, ",")) { GNUNET_CRYPTO_hash (scope, diff --git a/src/identity-provider/identity_provider.h b/src/identity-provider/identity_provider.h index 63e3621172..12b96a51c0 100644 --- a/src/identity-provider/identity_provider.h +++ b/src/identity-provider/identity_provider.h @@ -41,7 +41,7 @@ struct GNUNET_IDENTITY_PROVIDER_Token /** * The JWT representation of the identity token */ - char *data; + const char *data; }; /** @@ -52,7 +52,7 @@ struct GNUNET_IDENTITY_PROVIDER_Ticket /** * The Base64 representation of the ticket */ - char *data; + const char *data; }; /** @@ -143,17 +143,6 @@ struct GNUNET_IDENTITY_PROVIDER_ExchangeMessage */ struct GNUNET_CRYPTO_EcdsaPrivateKey aud_privkey; - - /** - * Number of bytes in ticket string including 0-termination, in NBO. - */ - uint16_t name_len GNUNET_PACKED; - - /** - * Always zero. - */ - uint16_t reserved GNUNET_PACKED; - /* followed by 0-terminated ticket string */ }; diff --git a/src/identity-provider/identity_provider_api.c b/src/identity-provider/identity_provider_api.c index c22151534c..a1d95c2b8e 100644 --- a/src/identity-provider/identity_provider_api.c +++ b/src/identity-provider/identity_provider_api.c @@ -97,11 +97,6 @@ struct GNUNET_IDENTITY_PROVIDER_Handle struct GNUNET_CLIENT_Connection *client; /** - * Function to call when we receive updates. - */ - GNUNET_IDENTITY_PROVIDER_Callback cb; - - /** * Closure for 'cb'. */ void *cb_cls; @@ -156,7 +151,7 @@ reconnect (void *cls, * @param h transport service to reconnect */ static void -reschedule_connect (struct GNUNET_IDENTITY_Handle *h) +reschedule_connect (struct GNUNET_IDENTITY_PROVIDER_Handle *h) { GNUNET_assert (h->reconnect_task == NULL); @@ -196,12 +191,9 @@ message_handler (void *cls, struct GNUNET_IDENTITY_PROVIDER_Token token; struct GNUNET_IDENTITY_PROVIDER_Ticket ticket; const struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage *irm; - const struct GNUNET_IDENTITY_ExchangeResultMessage *erm; - struct GNUNET_CRYPTO_EcdsaPublicKey pub; - struct GNUNET_HashCode id; + const struct GNUNET_IDENTITY_PROVIDER_ExchangeResultMessage *erm; const char *str; uint16_t size; - uint16_t name_len; if (NULL == msg) { @@ -215,22 +207,22 @@ message_handler (void *cls, switch (ntohs (msg->type)) { case GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ISSUE_RESULT: - if (size < sizeof (struct GNUNET_IDENTITY_IssueResultMessage)) + if (size < sizeof (struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage)) { GNUNET_break (0); reschedule_connect (h); return; } - irm = (const struct GNUNET_IDENTITY_IssueResultMessage *) msg; + irm = (const struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage *) msg; str = (const char *) &irm[1]; - if ( (size > sizeof (struct GNUNET_IDENTITY_IssueResultMessage)) && - ('\0' != str[size - sizeof (struct GNUNET_IDENTITY_IssueResultMessage) - 1]) ) + if ( (size > sizeof (struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage)) && + ('\0' != str[size - sizeof (struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage) - 1]) ) { GNUNET_break (0); reschedule_connect (h); return; } - if (size == sizeof (struct GNUNET_IDENTITY_IssueResultMessage)) + if (size == sizeof (struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage)) str = NULL; op = h->op_head; @@ -239,28 +231,28 @@ message_handler (void *cls, op); GNUNET_CLIENT_receive (h->client, &message_handler, h, GNUNET_TIME_UNIT_FOREVER_REL); - ticket->data = str; + ticket.data = str; if (NULL != op->iss_cb) op->iss_cb (op->cls, &ticket); GNUNET_free (op); break; case GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_EXCHANGE_RESULT: - if (size < sizeof (struct GNUNET_IDENTITY_ExchangeResultMessage)) + if (size < sizeof (struct GNUNET_IDENTITY_PROVIDER_ExchangeResultMessage)) { GNUNET_break (0); reschedule_connect (h); return; } - erm = (const struct GNUNET_IDENTITY_ExchangeResultMessage *) msg; + erm = (const struct GNUNET_IDENTITY_PROVIDER_ExchangeResultMessage *) msg; str = (const char *) &erm[1]; - if ( (size > sizeof (struct GNUNET_IDENTITY_ExchangeResultMessage)) && - ('\0' != str[size - sizeof (struct GNUNET_IDENTITY_ExchangeResultMessage) - 1]) ) + if ( (size > sizeof (struct GNUNET_IDENTITY_PROVIDER_ExchangeResultMessage)) && + ('\0' != str[size - sizeof (struct GNUNET_IDENTITY_PROVIDER_ExchangeResultMessage) - 1]) ) { GNUNET_break (0); reschedule_connect (h); return; } - if (size == sizeof (struct GNUNET_IDENTITY_ExchangeResultMessage)) + if (size == sizeof (struct GNUNET_IDENTITY_PROVIDER_ExchangeResultMessage)) str = NULL; op = h->op_head; @@ -269,9 +261,9 @@ message_handler (void *cls, op); GNUNET_CLIENT_receive (h->client, &message_handler, h, GNUNET_TIME_UNIT_FOREVER_REL); - token->data = str; + token.data = str; if (NULL != op->ex_cb) - op->ex_cb (op->cls, token); + op->ex_cb (op->cls, &token); GNUNET_free (op); break; @@ -322,8 +314,8 @@ send_next_message (void *cls, "Sending message of type %d to identity provider service\n", ntohs (op->msg->type)); memcpy (buf, op->msg, ret); - if ( (NULL == op->cont) && - (NULL == op->cb) ) + if ( (NULL == op->iss_cb) && + (NULL == op->ex_cb) ) { GNUNET_CONTAINER_DLL_remove (h->op_head, h->op_tail, @@ -375,9 +367,7 @@ transmit_next (struct GNUNET_IDENTITY_PROVIDER_Handle *h) static void reconnect (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc) { - struct GNUNET_IDENTITY_Handle *h = cls; - struct GNUNET_IDENTITY_Operation *op; - struct GNUNET_MessageHeader msg; + struct GNUNET_IDENTITY_PROVIDER_Handle *h = cls; h->reconnect_task = NULL; LOG (GNUNET_ERROR_TYPE_DEBUG, @@ -385,20 +375,6 @@ reconnect (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc) GNUNET_assert (NULL == h->client); h->client = GNUNET_CLIENT_connect ("identity-provider", h->cfg); GNUNET_assert (NULL != h->client); - if ( (NULL == h->op_head) || - (GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_START != ntohs (h->op_head->msg->type)) ) - { - op = GNUNET_malloc (sizeof (struct GNUNET_IDENTITY_PROVIDER_Operation) + - sizeof (struct GNUNET_MessageHeader)); - op->h = h; - op->msg = (const struct GNUNET_MessageHeader *) &op[1]; - msg.size = htons (sizeof (msg)); - msg.type = htons (GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_START); - memcpy (&op[1], &msg, sizeof (msg)); - GNUNET_CONTAINER_DLL_insert (h->op_head, - h->op_tail, - op); - } transmit_next (h); GNUNET_assert (NULL != h->th); } @@ -417,9 +393,6 @@ GNUNET_IDENTITY_PROVIDER_connect (const struct GNUNET_CONFIGURATION_Handle *cfg) h = GNUNET_new (struct GNUNET_IDENTITY_PROVIDER_Handle); h->cfg = cfg; - h->cb = cb; - h->cb_cls = cb_cls; - h->egos = GNUNET_CONTAINER_multihashmap_create (16, GNUNET_YES); h->reconnect_delay = GNUNET_TIME_UNIT_ZERO; h->reconnect_task = GNUNET_SCHEDULER_add_now (&reconnect, h); return h; @@ -440,7 +413,8 @@ GNUNET_IDENTITY_PROVIDER_issue_token (struct GNUNET_IDENTITY_PROVIDER_Handle *id const struct GNUNET_CRYPTO_EcdsaPrivateKey *iss_key, const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key, const char* scopes, - const struct GNUNET_TIME_Absolute exp, + struct GNUNET_TIME_Absolute expiration, + uint64_t nonce, GNUNET_IDENTITY_PROVIDER_IssueCallback cb, void *cb_cls) { @@ -455,18 +429,19 @@ GNUNET_IDENTITY_PROVIDER_issue_token (struct GNUNET_IDENTITY_PROVIDER_Handle *id return NULL; } op = GNUNET_malloc (sizeof (struct GNUNET_IDENTITY_PROVIDER_Operation) + - sizeof (struct GNUNET_IDENTITY_IssueMessage) + + sizeof (struct GNUNET_IDENTITY_PROVIDER_IssueMessage) + slen); op->h = id; - op->cb = cb; + op->iss_cb = cb; op->cls = cb_cls; - im = (struct GNUNET_IDENTITY_GetDefaultMessage *) &op[1]; + im = (struct GNUNET_IDENTITY_PROVIDER_IssueMessage *) &op[1]; im->header.type = htons (GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ISSUE); im->header.size = htons (sizeof (struct GNUNET_IDENTITY_PROVIDER_IssueMessage) + slen); im->iss_key = *iss_key; - im->aud_key = *aud_ley; - im->exp = exp.abs_value_ul; + im->aud_key = *aud_key; + im->nonce = htonl (nonce); + im->expiration = GNUNET_TIME_absolute_hton (expiration); memcpy (&im[1], scopes, slen); op->msg = &im->header; GNUNET_CONTAINER_DLL_insert_tail (id->op_head, @@ -488,36 +463,41 @@ GNUNET_IDENTITY_PROVIDER_issue_token (struct GNUNET_IDENTITY_PROVIDER_Handle *id * @return handle to abort the operation */ struct GNUNET_IDENTITY_PROVIDER_Operation * -GNUNET_IDENTITY_PROVIDER_exchange_ticket (struct GNUNET_IDENTITY_Handle *id, - const char *ticket, - GNUNET_IDENTITY_PROVIDER_ExchangeCallback cont, - void *cont_cls) +GNUNET_IDENTITY_PROVIDER_exchange_ticket (struct GNUNET_IDENTITY_PROVIDER_Handle *id, + const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket, + const struct GNUNET_CRYPTO_EcdsaPrivateKey *aud_privkey, + GNUNET_IDENTITY_PROVIDER_ExchangeCallback cont, + void *cont_cls) { struct GNUNET_IDENTITY_PROVIDER_Operation *op; struct GNUNET_IDENTITY_PROVIDER_ExchangeMessage *em; size_t slen; + char *ticket_str; - slen = strlen (ticket) + 1; - if (slen >= GNUNET_SERVER_MAX_MESSAGE_SIZE - sizeof (struct GNUNET_IDENTITY_ExchangeMessage)) + ticket_str = GNUNET_IDENTITY_PROVIDER_ticket_to_string (ticket); + + slen = strlen (ticket_str) + 1; + if (slen >= GNUNET_SERVER_MAX_MESSAGE_SIZE - sizeof (struct GNUNET_IDENTITY_PROVIDER_ExchangeMessage)) { GNUNET_break (0); return NULL; } op = GNUNET_malloc (sizeof (struct GNUNET_IDENTITY_PROVIDER_Operation) + - sizeof (struct GNUNET_IDENTITY_ExchangeMessage) + - slen); + sizeof (struct GNUNET_IDENTITY_PROVIDER_ExchangeMessage) + + slen); op->h = id; - op->cont = cont; + op->ex_cb = cont; op->cls = cont_cls; - em = (struct GNUNET_IDENTITY_ExchangeMessage *) &op[1]; + em = (struct GNUNET_IDENTITY_PROVIDER_ExchangeMessage *) &op[1]; em->header.type = htons (GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_EXCHANGE); - em->header.size = htons (sizeof (struct GNUNET_IDENTITY_ExchangeMessage) + - slen); - memcpy (&em[1], ticket, slen); + em->header.size = htons (sizeof (struct GNUNET_IDENTITY_PROVIDER_ExchangeMessage) + + slen); + em->aud_privkey = *aud_privkey; + memcpy (&em[1], ticket_str, slen); op->msg = &em->header; GNUNET_CONTAINER_DLL_insert_tail (id->op_head, - id->op_tail, - op); + id->op_tail, + op); if (NULL == id->th) transmit_next (id); return op; @@ -535,7 +515,7 @@ GNUNET_IDENTITY_PROVIDER_exchange_ticket (struct GNUNET_IDENTITY_Handle *id, void GNUNET_IDENTITY_PROVIDER_cancel (struct GNUNET_IDENTITY_PROVIDER_Operation *op) { - struct GNUNET_IDENTITY_Handle *h = op->h; + struct GNUNET_IDENTITY_PROVIDER_Handle *h = op->h; if ( (h->op_head != op) || (NULL == h->client) ) @@ -544,8 +524,8 @@ GNUNET_IDENTITY_PROVIDER_cancel (struct GNUNET_IDENTITY_PROVIDER_Operation *op) GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Client aborted non-head operation, simply removing it\n"); GNUNET_CONTAINER_DLL_remove (h->op_head, - h->op_tail, - op); + h->op_tail, + op); GNUNET_free (op); return; } @@ -557,8 +537,8 @@ GNUNET_IDENTITY_PROVIDER_cancel (struct GNUNET_IDENTITY_PROVIDER_Operation *op) GNUNET_CLIENT_notify_transmit_ready_cancel (h->th); h->th = NULL; GNUNET_CONTAINER_DLL_remove (h->op_head, - h->op_tail, - op); + h->op_tail, + op); GNUNET_free (op); transmit_next (h); return; @@ -594,10 +574,9 @@ GNUNET_IDENTITY_PROVIDER_disconnect (struct GNUNET_IDENTITY_PROVIDER_Handle *h) } while (NULL != (op = h->op_head)) { - GNUNET_break (NULL == op->cont); GNUNET_CONTAINER_DLL_remove (h->op_head, - h->op_tail, - op); + h->op_tail, + op); GNUNET_free (op); } if (NULL != h->client) diff --git a/src/identity-provider/plugin_rest_identity_token.c b/src/identity-provider/plugin_rest_identity_token.c index fedee8b0e5..6ae15cdecb 100644 --- a/src/identity-provider/plugin_rest_identity_token.c +++ b/src/identity-provider/plugin_rest_identity_token.c @@ -619,7 +619,7 @@ issue_token_cont (struct RestConnectionDataHandle *con, priv_key, aud_key, scopes, - &exp_time, + exp_time, nonce, &token_creat_cont, handle); diff --git a/src/include/gnunet_identity_provider_service.h b/src/include/gnunet_identity_provider_service.h index 283c1b40ca..9bee9ce2a9 100644 --- a/src/include/gnunet_identity_provider_service.h +++ b/src/include/gnunet_identity_provider_service.h @@ -128,7 +128,7 @@ GNUNET_IDENTITY_PROVIDER_issue_token (struct GNUNET_IDENTITY_PROVIDER_Handle *id const struct GNUNET_CRYPTO_EcdsaPrivateKey *iss_key, const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key, const char* scope, - struct GNUNET_TIME_Absolute *expiration, + struct GNUNET_TIME_Absolute expiration, uint64_t nonce, GNUNET_IDENTITY_PROVIDER_IssueCallback cb, void *cb_cls); |