| author | Michael Krelin <hacker@klever.net> | 2008-02-08 22:16:15 (UTC) |
|---|---|---|
| committer | Michael Krelin <hacker@klever.net> | 2008-02-08 22:16:15 (UTC) |
| commit | 16667a21c3052c89218d3e56098f0fc29dca2f1a (patch) (side-by-side diff) | |
| tree | 7154633a771b96da02cc4c980167b7ad92b6d27e | |
| parent | f2ba7be73a62d115f293f5d690efabcafd5fcf4f (diff) | |
| download | libopkele-16667a21c3052c89218d3e56098f0fc29dca2f1a.zip libopkele-16667a21c3052c89218d3e56098f0fc29dca2f1a.tar.gz libopkele-16667a21c3052c89218d3e56098f0fc29dca2f1a.tar.bz2 | |
minor fixes and making compiler a bit happier
Signed-off-by: Michael Krelin <hacker@klever.net>
| -rw-r--r-- | include/opkele/basic_op.h | 2 | ||||
| -rw-r--r-- | include/opkele/expat.h | 16 | ||||
| -rw-r--r-- | include/opkele/iterator.h | 19 | ||||
| -rw-r--r-- | include/opkele/types.h | 1 | ||||
| -rw-r--r-- | lib/basic_op.cc | 29 | ||||
| -rw-r--r-- | lib/basic_rp.cc | 10 | ||||
| -rw-r--r-- | lib/discovery.cc | 2 | ||||
| -rw-r--r-- | lib/expat.cc | 1 | ||||
| -rw-r--r-- | lib/extension.cc | 2 | ||||
| -rw-r--r-- | lib/openid_message.cc | 32 | ||||
| -rw-r--r-- | lib/prequeue_rp.cc | 4 | ||||
| -rw-r--r-- | lib/sreg.cc | 6 | ||||
| -rw-r--r-- | lib/verify_op.cc | 4 | ||||
| -rw-r--r-- | test/OP.cc | 16 | ||||
| -rw-r--r-- | test/RP.cc | 6 | ||||
| -rw-r--r-- | test/kingate_openid_message.h | 4 |
16 files changed, 77 insertions, 77 deletions
diff --git a/include/opkele/basic_op.h b/include/opkele/basic_op.h index 0326508..12306dd 100644 --- a/include/opkele/basic_op.h +++ b/include/opkele/basic_op.h @@ -37,24 +37,26 @@ namespace opkele { * Claimed identifier */ string claimed_id; /** * The OP-Local identifier */ string identity; /** * The invalidate handle for the reply request */ string invalidate_handle; + virtual ~basic_OP() { } + void reset_vars(); /** * @name Request information access * Setting and retrieval of the information pertaining to the request being processed * @{ */ /** * Check if the RP expects us to get back to them. * @return true if RP supplied return_to URL */ bool has_return_to() const; diff --git a/include/opkele/expat.h b/include/opkele/expat.h index 60c41ac..3ab1630 100644 --- a/include/opkele/expat.h +++ b/include/opkele/expat.h @@ -17,47 +17,47 @@ namespace opkele { virtual ~expat_t() throw(); expat_t& operator=(XML_Parser x); operator const XML_Parser(void) const { return _x; } operator XML_Parser(void) { return _x; } inline bool parse(const char *s,int len,bool final=false) { assert(_x); return XML_Parse(_x,s,len,final); } - virtual void start_element(const XML_Char *n,const XML_Char **a) { } - virtual void end_element(const XML_Char *n) { } + virtual void start_element(const XML_Char * /* n */,const XML_Char ** /* a */) { } + virtual void end_element(const XML_Char * /* n */) { } void set_element_handler(); - virtual void character_data(const XML_Char *s,int l) { } + virtual void character_data(const XML_Char * /* s */,int /* l */) { } void set_character_data_handler(); - virtual void processing_instruction(const XML_Char *t,const XML_Char *d) { } + virtual void processing_instruction(const XML_Char * /* t */,const XML_Char * /* d */) { } void set_processing_instruction_handler(); - virtual void comment(const XML_Char *d) { } + virtual void comment(const XML_Char * /* d */) { } void set_comment_handler(); virtual void start_cdata_section() { } virtual void end_cdata_section() { } void set_cdata_section_handler(); - virtual void default_handler(const XML_Char *s,int l) { } + virtual void default_handler(const XML_Char * /* s */,int /* l */) { } void set_default_handler(); void set_default_handler_expand(); - virtual void start_namespace_decl(const XML_Char *p,const XML_Char *u) { } - virtual void end_namespace_decl(const XML_Char *p) { } + virtual void start_namespace_decl(const XML_Char * /* p */,const XML_Char * /* u */) { } + virtual void end_namespace_decl(const XML_Char * /* p */) { } void set_namespace_decl_handler(); inline enum XML_Error get_error_code() { assert(_x); return XML_GetErrorCode(_x); } static inline const XML_LChar *error_string(XML_Error c) { return XML_ErrorString(c); } inline long get_current_byte_index() { assert(_x); return XML_GetCurrentByteIndex(_x); } inline int get_current_line_number() { assert(_x); return XML_GetCurrentLineNumber(_x); } inline int get_current_column_number() { diff --git a/include/opkele/iterator.h b/include/opkele/iterator.h index 812a786..28c1c83 100644 --- a/include/opkele/iterator.h +++ b/include/opkele/iterator.h @@ -17,50 +17,49 @@ namespace opkele { virtual basic_output_iterator_proxy_impl<T>* dup() const = 0; basic_output_iterator_proxy_impl<T>& operator*() { return *this; }; virtual basic_output_iterator_proxy_impl<T>& operator=(const T& x) = 0; }; template<typename IT,typename T=typename IT::value_type> class output_iterator_proxy_impl : public basic_output_iterator_proxy_impl<T> { public: IT i; - output_iterator_proxy_impl(const IT& i) : i(i) { } + output_iterator_proxy_impl(const IT& _i) : i(_i) { } basic_output_iterator_proxy_impl<T>* dup() const { return new output_iterator_proxy_impl<IT,T>(i); } basic_output_iterator_proxy_impl<T>& operator=(const T& x) { - (*i) = x; - } + (*i) = x; return *this; } }; template<typename T> class output_iterator_proxy : public iterator<output_iterator_tag,T,void,T*,T&> { public: basic_output_iterator_proxy_impl<T> *I; template<typename IT> output_iterator_proxy(const IT& i) : I(new output_iterator_proxy_impl<IT,T>(i)) { } output_iterator_proxy(const output_iterator_proxy<T>& x) : I(x.I->dup()) { } ~output_iterator_proxy() { delete I; } output_iterator_proxy& operator=(const output_iterator_proxy<T>& x) { delete I; I = x.I->dup(); } output_iterator_proxy& operator*() { return *this; } output_iterator_proxy& operator=(const T& x) { - (**I) = x; } + (**I) = x; return *this; } output_iterator_proxy& operator++() { return *this; } output_iterator_proxy& operator++(int) { return *this; } }; template <typename T,typename TR=T&,typename TP=T*> class basic_forward_iterator_proxy_impl : public iterator<forward_iterator_tag,T,void,TP,TR> { public: virtual ~basic_forward_iterator_proxy_impl() { } virtual basic_forward_iterator_proxy_impl<T,TR,TP>* dup() const = 0; @@ -68,25 +67,25 @@ namespace opkele { virtual bool operator!=(const basic_forward_iterator_proxy_impl<T,TR,TP>& x) const { return !((*this)==x); } virtual TR operator*() const = 0; virtual TP operator->() const = 0; virtual void advance() = 0; }; template <typename IT> class forward_iterator_proxy_impl : public basic_forward_iterator_proxy_impl<typename IT::value_type,typename IT::reference,typename IT::pointer> { public: IT i; - forward_iterator_proxy_impl(const IT& i) : i(i) { } + forward_iterator_proxy_impl(const IT& _i) : i(_i) { } virtual basic_forward_iterator_proxy_impl<typename IT::value_type,typename IT::reference,typename IT::pointer>* dup() const { return new forward_iterator_proxy_impl<IT>(i); } virtual bool operator==(const basic_forward_iterator_proxy_impl<typename IT::value_type,typename IT::reference,typename IT::pointer>& x) const { return i==static_cast<const forward_iterator_proxy_impl<IT>*>(&x)->i; } virtual bool operator!=(const basic_forward_iterator_proxy_impl<typename IT::value_type,typename IT::reference,typename IT::pointer>& x) const { return i!=static_cast<const forward_iterator_proxy_impl<IT>*>(&x)->i; } virtual typename IT::reference operator*() const { return *i; } virtual typename IT::pointer operator->() const { return i.operator->(); } virtual void advance() { ++i; } }; @@ -127,26 +126,26 @@ namespace opkele { class basic_filterator : public iterator< typename IT::iterator_category, typename IT::value_type, typename IT::difference_type, typename IT::pointer, typename IT::reference> { public: IT it; IT ei; bool empty; basic_filterator() : empty(true) { } - basic_filterator(const IT& bi,const IT& ei) - : it(bi), ei(ei) { empty = (bi==ei); } + basic_filterator(const IT& _bi,const IT& _ei) + : it(_bi), ei(_ei) { empty = (it==ei); } basic_filterator(const basic_filterator<IT>& x) : it(x.it), ei(x.ei), empty(x.empty) { } virtual ~basic_filterator() { } bool operator==(const basic_filterator<IT>& x) const { return empty?x.empty:(it==x.it); } bool operator!=(const basic_filterator<IT>& x) const { return empty!=x.empty || it!=x.it; } typename IT::reference operator*() const { assert(!empty); return *it; } @@ -176,27 +175,27 @@ namespace opkele { template<typename IT,typename T=typename IT::value_type::first_type,typename TR=T&,typename TP=T*> class map_keys_iterator : public iterator< typename IT::iterator_category, T,void,TP,TR> { public: typedef map_keys_iterator<IT,T,TR,TP> self_type; IT it; IT ei; bool empty; map_keys_iterator() : empty(true) { } - map_keys_iterator(const IT& bi, - const IT& ei) - : it(bi), ei(ei) { empty = (bi==ei); } + map_keys_iterator(const IT& _bi, + const IT& _ei) + : it(_bi), ei(_ei) { empty = (it==ei); } map_keys_iterator(const self_type& x) : it(x.it), ei(x.ei), empty(x.empty) { } bool operator==(const self_type& x) const { return empty?x.empty:(it==x.it); } bool operator!=(const self_type& x) const { return empty!=x.empty || it!=x.it; } TR operator*() const { assert(!empty); return it->first; } TP operator->() const { diff --git a/include/opkele/types.h b/include/opkele/types.h index 6ab51ef..a3b657d 100644 --- a/include/opkele/types.h +++ b/include/opkele/types.h @@ -117,24 +117,25 @@ namespace opkele { * the shared_ptr<> for association_t object type */ typedef tr1mem::shared_ptr<association_t> assoc_t; class basic_openid_message { public: typedef list<string> fields_t; typedef util::forward_iterator_proxy< string,const string&,const string* > fields_iterator; basic_openid_message() { } + virtual ~basic_openid_message() { } basic_openid_message(const basic_openid_message& x); void copy_to(basic_openid_message& x) const; virtual bool has_field(const string& n) const = 0; virtual const string& get_field(const string& n) const = 0; virtual bool has_ns(const string& uri) const; virtual string get_ns(const string& uri) const; virtual fields_iterator fields_begin() const = 0; virtual fields_iterator fields_end() const = 0; diff --git a/lib/basic_op.cc b/lib/basic_op.cc index 18446dc..2d82147 100644 --- a/lib/basic_op.cc +++ b/lib/basic_op.cc @@ -57,27 +57,24 @@ namespace opkele { void basic_OP::set_claimed_id(const string& c) { claimed_id = c; } basic_openid_message& basic_OP::associate( basic_openid_message& oum, const basic_openid_message& inm) try { assert(inm.get_field("mode")=="associate"); util::dh_t dh; util::bignum_t c_pub; unsigned char key_digest[SHA256_DIGEST_LENGTH]; size_t d_len = 0; - enum { - sess_cleartext, sess_dh_sha1, sess_dh_sha256 - } st = sess_cleartext; string sts = inm.get_field("session_type"); string ats = inm.get_field("assoc_type"); if(sts=="DH-SHA1" || sts=="DH-SHA256") { if(!(dh = DH_new())) throw exception_openssl(OPKELE_CP_ "failed to DH_new()"); c_pub = util::base64_to_bignum(inm.get_field("dh_consumer_public")); try { dh->p = util::base64_to_bignum(inm.get_field("dh_modulus")); }catch(failed_lookup&) { dh->p = util::dec_to_bignum(data::_default_p); } try { dh->g = util::base64_to_bignum(inm.get_field("dh_gen")); }catch(failed_lookup&) { dh->g = util::dec_to_bignum(data::_default_g); } @@ -89,64 +86,64 @@ namespace opkele { if(cklen<0) throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()"); if(cklen && (*ckptr)&0x80) { (*(--ckptr)) = 0; ++cklen; } if(sts=="DH-SHA1") { SHA1(ckptr,cklen,key_digest); d_len = SHA_DIGEST_LENGTH; }else if(sts=="DH-SHA256") { SHA256(ckptr,cklen,key_digest); d_len = SHA256_DIGEST_LENGTH; }else throw internal_error(OPKELE_CP_ "I thought I knew the session type"); }else throw unsupported(OPKELE_CP_ "Unsupported session_type"); - assoc_t assoc; + assoc_t a; if(ats=="HMAC-SHA1") - assoc = alloc_assoc(ats,SHA_DIGEST_LENGTH,true); + a = alloc_assoc(ats,SHA_DIGEST_LENGTH,true); else if(ats=="HMAC-SHA256") - assoc = alloc_assoc(ats,SHA256_DIGEST_LENGTH,true); + a = alloc_assoc(ats,SHA256_DIGEST_LENGTH,true); else throw unsupported(OPKELE_CP_ "Unsupported assoc_type"); oum.reset_fields(); oum.set_field("ns",OIURI_OPENID20); - oum.set_field("assoc_type",assoc->assoc_type()); - oum.set_field("assoc_handle",assoc->handle()); + oum.set_field("assoc_type",a->assoc_type()); + oum.set_field("assoc_handle",a->handle()); oum.set_field("expires_in",util::long_to_string(assoc->expires_in())); - secret_t secret = assoc->secret(); + secret_t secret = a->secret(); if(sts=="DH-SHA1" || sts=="DH-SHA256") { if(d_len != secret.size()) throw bad_input(OPKELE_CP_ "Association secret and session MAC are not of the same size"); oum.set_field("session_type",sts); oum.set_field("dh_server_public",util::bignum_to_base64(dh->pub_key)); string b64; secret.enxor_to_base64(key_digest,b64); oum.set_field("enc_mac_key",b64); }else /* TODO: support cleartext over encrypted connection */ throw unsupported(OPKELE_CP_ "Unsupported session type"); return oum; } catch(unsupported& u) { oum.reset_fields(); oum.set_field("ns",OIURI_OPENID20); oum.set_field("error",u.what()); oum.set_field("error_code","unsupported-type"); oum.set_field("session_type","DH-SHA256"); oum.set_field("assoc_type","HMAC-SHA256"); return oum; } void basic_OP::checkid_(const basic_openid_message& inm, extension_t *ext) { reset_vars(); - string mode = inm.get_field("mode"); - if(mode=="checkid_setup") + string modestr = inm.get_field("mode"); + if(modestr=="checkid_setup") mode = mode_checkid_setup; - else if(mode=="checkid_immediate") + else if(modestr=="checkid_immediate") mode = mode_checkid_immediate; else throw bad_input(OPKELE_CP_ "Invalid checkid_* mode"); try { assoc = retrieve_assoc(invalidate_handle=inm.get_field("assoc_handle")); invalidate_handle.clear(); }catch(failed_lookup&) { } try { openid2 = (inm.get_field("ns")==OIURI_OPENID20); }catch(failed_lookup&) { openid2 = false; } try { return_to = inm.get_field("return_to"); @@ -229,32 +226,32 @@ namespace opkele { om.set_field("sig",util::base64_signature(assoc,om)); return om; } basic_openid_message& basic_OP::cancel(basic_openid_message& om) { assert(!return_to.empty()); om.set_field("ns",OIURI_OPENID20); om.set_field("mode","cancel"); return om; } basic_openid_message& basic_OP::error(basic_openid_message& om, - const string& error,const string& contact, + const string& err,const string& contact, const string& reference ) { assert(!return_to.empty()); om.set_field("ns",OIURI_OPENID20); om.set_field("mode","error"); - om.set_field("error",error); - om.set_field("contact",contact); - om.set_field("reference",reference); + om.set_field("error",err); + if(!contact.empty()) om.set_field("contact",contact); + if(!reference.empty()) om.set_field("reference",reference); return om; } basic_openid_message& basic_OP::setup_needed( basic_openid_message& oum,const basic_openid_message& inm) { assert(mode==mode_checkid_immediate); assert(!return_to.empty()); if(openid2) { oum.set_field("ns",OIURI_OPENID20); oum.set_field("mode","setup_needed"); }else{ oum.set_field("mode","id_res"); diff --git a/lib/basic_rp.cc b/lib/basic_rp.cc index bd45d99..a0ad130 100644 --- a/lib/basic_rp.cc +++ b/lib/basic_rp.cc @@ -1,12 +1,13 @@ +#include <cassert> #include <openssl/sha.h> #include <openssl/hmac.h> #include <opkele/basic_rp.h> #include <opkele/exception.h> #include <opkele/uris.h> #include <opkele/data.h> #include <opkele/util.h> #include <opkele/curl.h> namespace opkele { static void dh_get_secret( @@ -16,25 +17,26 @@ namespace opkele { size_t d_len, unsigned char *(*d_fun)(const unsigned char*,size_t,unsigned char*), size_t exp_s_len) try { if(om.get_field("assoc_type")!=exp_assoc || om.get_field("session_type")!=exp_sess) throw bad_input(OPKELE_CP_ "Unexpected associate response"); util::bignum_t s_pub = util::base64_to_bignum(om.get_field("dh_server_public")); vector<unsigned char> ck(DH_size(dh)+1); unsigned char *ckptr = &(ck.front())+1; int cklen = DH_compute_key(ckptr,s_pub,dh); if(cklen<0) throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()"); if(cklen && (*ckptr)&0x80) { (*(--ckptr))=0; ++cklen; } - unsigned char key_digest[d_len]; + assert(d_len<=SHA256_DIGEST_LENGTH); + unsigned char key_digest[SHA256_DIGEST_LENGTH]; secret.enxor_from_base64((*d_fun)(ckptr,cklen,key_digest),om.get_field("enc_mac_key")); if(secret.size()!=exp_s_len) throw bad_input(OPKELE_CP_ "Secret length isn't consistent with association type"); }catch(opkele::failed_lookup& ofl) { throw bad_input(OPKELE_CP_ "Incoherent response from OP"); } OPKELE_RETHROW static void direct_request(basic_openid_message& oum,const basic_openid_message& inm,const string& OP) { util::curl_pick_t curl = util::curl_pick_t::easy_init(); if(!curl) throw exception_curl(OPKELE_CP_ "failed to initialize curl"); string request = inm.query_string(); @@ -69,34 +71,34 @@ namespace opkele { req.set_field("dh_consumer_public",util::bignum_to_base64(dh->pub_key)); openid_message_t res; req.set_field("assoc_type","HMAC-SHA256"); req.set_field("session_type","DH-SHA256"); secret_t secret; int expires_in; try { direct_request(res,req,OP); dh_get_secret( secret, res, "HMAC-SHA256", "DH-SHA256", dh, SHA256_DIGEST_LENGTH, SHA256, SHA256_DIGEST_LENGTH ); expires_in = util::string_to_long(res.get_field("expires_in")); - }catch(exception& e) { + }catch(exception&) { try { req.set_field("assoc_type","HMAC-SHA1"); req.set_field("session_type","DH-SHA1"); direct_request(res,req,OP); dh_get_secret( secret, res, "HMAC-SHA1", "DH-SHA1", dh, SHA_DIGEST_LENGTH, SHA1, SHA_DIGEST_LENGTH ); expires_in = util::string_to_long(res.get_field("expires_in")); - }catch(bad_input& e) { + }catch(bad_input&) { throw dumb_RP(OPKELE_CP_ "OP failed to supply an association"); } } return store_assoc( OP, res.get_field("assoc_handle"), res.get_field("assoc_type"), secret, expires_in ); } basic_openid_message& basic_RP::checkid_( basic_openid_message& rv, mode_t mode, @@ -225,25 +227,25 @@ namespace opkele { check_authentication(OP,om); }catch(failed_check_authentication& fca) { throw id_res_failed(OPKELE_CP_ "failed to check_authentication()"); } OPKELE_RETHROW } signed_part_message_proxy signeds(om); if(o2) { check_nonce(om.get_field("op_endpoint"), om.get_field("response_nonce")); static const char *mustsign[] = { "op_endpoint", "return_to", "response_nonce", "assoc_handle", "claimed_id", "identity" }; - for(int ms=0;ms<(sizeof(mustsign)/sizeof(*mustsign));++ms) { + for(size_t ms=0;ms<(sizeof(mustsign)/sizeof(*mustsign));++ms) { if(om.has_field(mustsign[ms]) && !signeds.has_field(mustsign[ms])) throw bad_input(OPKELE_CP_ string("Field '")+mustsign[ms]+"' is not signed against the specs"); } if( ( (om.has_field("claimed_id")?1:0) ^ (om.has_field("identity")?1:0) )&1 ) throw bad_input(OPKELE_CP_ "claimed_id and identity must be either both present or both absent"); string turl = util::rfc_3986_normalize_uri(get_this_url()); util::strip_uri_fragment_part(turl); diff --git a/lib/discovery.cc b/lib/discovery.cc index 6f58339..6f9926c 100644 --- a/lib/discovery.cc +++ b/lib/discovery.cc @@ -321,25 +321,25 @@ namespace opkele { } return bytes; } size_t header(void *p,size_t s,size_t nm) { size_t bytes = s*nm; const char *h = (const char*)p; const char *colon = (const char*)memchr(p,':',bytes); const char *space = (const char*)memchr(p,' ',bytes); if(space && ( (!colon) || space<colon ) ) { xrds_location.clear(); http_content_type.clear(); }else if(colon) { const char *hv = ++colon; - int hnl = colon-h; + size_t hnl = colon-h; int rb; for(rb = bytes-hnl-1;rb>0 && isspace(*hv);++hv,--rb); while(rb>0 && isspace(hv[rb-1])) --rb; if(rb) { if( (hnl>=sizeof(XRDS_HEADER)) && !strncasecmp(h,XRDS_HEADER":", sizeof(XRDS_HEADER)) ) { xrds_location.assign(hv,rb); }else if( (hnl>=sizeof(CT_HEADER)) && !strncasecmp(h,CT_HEADER":", sizeof(CT_HEADER)) ) { const char *sc = (const char*)memchr( diff --git a/lib/expat.cc b/lib/expat.cc index fa6fdde..c4dab7e 100644 --- a/lib/expat.cc +++ b/lib/expat.cc @@ -4,24 +4,25 @@ namespace opkele { namespace util { expat_t::~expat_t() throw() { if(_x) XML_ParserFree(_x); } expat_t& expat_t::operator=(XML_Parser x) { if(_x) XML_ParserFree(_x); _x = x; + return *this; } static void _start_element(void* ud,const XML_Char *n,const XML_Char **a) { ((expat_t*)ud)->start_element(n,a); } static void _end_element(void *ud,const XML_Char *n) { ((expat_t*)ud)->end_element(n); } void expat_t::set_element_handler() { assert(_x); XML_SetElementHandler(_x,_start_element,_end_element); diff --git a/lib/extension.cc b/lib/extension.cc index f7aaea5..0f121ca 100644 --- a/lib/extension.cc +++ b/lib/extension.cc @@ -2,25 +2,25 @@ #include <opkele/extension.h> namespace opkele { void extension_t::rp_checkid_hook(basic_openid_message&) { throw not_implemented(OPKELE_CP_ "RP checkid_* hook not implemented"); } void extension_t::rp_id_res_hook(const basic_openid_message&, const basic_openid_message&) { throw not_implemented(OPKELE_CP_ "RP id_res hook not implemented"); } void extension_t::op_checkid_hook(const basic_openid_message&) { throw not_implemented(OPKELE_CP_ "OP checkid_* hook not implemented"); } - void extension_t::op_id_res_hook(basic_openid_message& om) { + void extension_t::op_id_res_hook(basic_openid_message&) { throw not_implemented(OPKELE_CP_ "OP id_res hook not implemented"); } void extension_t::checkid_hook(basic_openid_message&) { throw not_implemented(OPKELE_CP_ "deprecated consumer checkid_* hook not implemented"); } void extension_t::id_res_hook(const basic_openid_message&, const basic_openid_message&) { throw not_implemented(OPKELE_CP_ "deprecated consumer id_res hook not implemented"); } void extension_t::checkid_hook(const basic_openid_message&,basic_openid_message&) { throw not_implemented(OPKELE_CP_ "deprecated server checkid hook not implemented"); } } diff --git a/lib/openid_message.cc b/lib/openid_message.cc index fdb4b04..521ea85 100644 --- a/lib/openid_message.cc +++ b/lib/openid_message.cc @@ -6,48 +6,48 @@ #include "config.h" namespace opkele { using std::input_iterator_tag; using std::unary_function; struct __om_copier : public unary_function<const string&,void> { public: const basic_openid_message& from; basic_openid_message& to; - __om_copier(basic_openid_message& to,const basic_openid_message& from) - : from(from), to(to) { + __om_copier(basic_openid_message& t,const basic_openid_message& f) + : from(f), to(t) { to.reset_fields(); } result_type operator()(argument_type f) { to.set_field(f,from.get_field(f)); } }; basic_openid_message::basic_openid_message(const basic_openid_message& x) { x.copy_to(*this); } void basic_openid_message::copy_to(basic_openid_message& x) const { for_each(fields_begin(),fields_end(), __om_copier(x,*this) ); } struct __om_ns_finder : public unary_function<const string&,bool> { public: const basic_openid_message& om; const string& uri; - __om_ns_finder(const basic_openid_message& om, - const string& uri) : om(om), uri(uri) { } + __om_ns_finder(const basic_openid_message& m, + const string& u) : om(m), uri(u) { } result_type operator()(argument_type f) { return (!strncmp(f.c_str(),"ns.",sizeof("ns.")-1)) && om.get_field(f)==uri ; } }; bool basic_openid_message::has_ns(const string& uri) const { fields_iterator ei = fields_end(); fields_iterator i = find_if(fields_begin(),fields_end(), __om_ns_finder(*this,uri)); @@ -56,34 +56,34 @@ namespace opkele { string basic_openid_message::get_ns(const string& uri) const { fields_iterator ei = fields_end(); fields_iterator i = find_if(fields_begin(),fields_end(), __om_ns_finder(*this,uri)); if(i==ei) throw failed_lookup(OPKELE_CP_ string("failed to find namespace ")+uri); return i->substr(3); } struct __om_query_builder : public unary_function<const string&,void> { public: const basic_openid_message& om; - string& rv; bool first; + string& rv; - __om_query_builder(string& rv,const basic_openid_message& om) - : om(om), first(true), rv(rv) { + __om_query_builder(string& r,const basic_openid_message& m) + : om(m), first(true), rv(r) { for_each(om.fields_begin(),om.fields_end(),*this); } - __om_query_builder(string& rv,const basic_openid_message& om,const string& url) - : om(om), first(true), rv(rv) { - rv = url; + __om_query_builder(string& r,const basic_openid_message& m,const string& u) + : om(m), first(true), rv(r) { + rv = u; if(rv.find('?')==string::npos) rv += '?'; else first = false; for_each(om.fields_begin(),om.fields_end(),*this); } result_type operator()(argument_type f) { if(first) first = false; else rv += '&'; @@ -96,28 +96,28 @@ namespace opkele { string basic_openid_message::append_query(const string& url) const { string rv; return __om_query_builder(rv,*this,url).rv; } string basic_openid_message::query_string() const { string rv; return __om_query_builder(rv,*this).rv; } void basic_openid_message::reset_fields() { throw not_implemented(OPKELE_CP_ "reset_fields() not implemented"); } - void basic_openid_message::set_field(const string& n,const string& v) { + void basic_openid_message::set_field(const string&,const string&) { throw not_implemented(OPKELE_CP_ "set_field() not implemented"); } - void basic_openid_message::reset_field(const string& n) { + void basic_openid_message::reset_field(const string&) { throw not_implemented(OPKELE_CP_ "reset_field() not implemented"); } void basic_openid_message::from_keyvalues(const string& kv) { reset_fields(); string::size_type p = 0; while(true) { string::size_type co = kv.find(':',p); if(co==string::npos) break; #ifndef POSTELS_LAW string::size_type nl = kv.find('\n',co+1); @@ -138,43 +138,43 @@ namespace opkele { if(nolb==string::npos) break; p = nolb; #endif /* POSTELS_LAW */ } } struct __om_kv_outputter : public unary_function<const string&,void> { public: const basic_openid_message& om; ostream& os; - __om_kv_outputter(const basic_openid_message& om,ostream& os) - : om(om), os(os) { } + __om_kv_outputter(const basic_openid_message& m,ostream& s) + : om(m), os(s) { } result_type operator()(argument_type f) { os << f << ':' << om.get_field(f) << '\n'; } }; void basic_openid_message::to_keyvalues(ostream& o) const { for_each(fields_begin(),fields_end(),__om_kv_outputter(*this,o)); } struct __om_html_outputter : public unary_function<const string&,void> { public: const basic_openid_message& om; ostream& os; - __om_html_outputter(const basic_openid_message& om,ostream& os) - : om(om), os(os) { } + __om_html_outputter(const basic_openid_message& m,ostream& s) + : om(m), os(s) { } result_type operator()(argument_type f) { os << "<input type=\"hidden\"" " name=\"" << util::attr_escape(f) << "\"" " value=\"" << util::attr_escape(om.get_field(f)) << "\" />"; } }; void basic_openid_message::to_htmlhiddens(ostream& o) const { for_each(fields_begin(),fields_end(),__om_html_outputter(*this,o)); } diff --git a/lib/prequeue_rp.cc b/lib/prequeue_rp.cc index e242f87..3aa960f 100644 --- a/lib/prequeue_rp.cc +++ b/lib/prequeue_rp.cc @@ -46,36 +46,36 @@ namespace opkele { try { idiscover(OP_verifier(OP,identity),claimed_id); throw id_res_unauthorized(OPKELE_CP_ "OP is not authorized to make an assertion regarding the identity"); }catch(__OP_verifier_good_input& ovgi) { } } class endpoint_queuer : public iterator<output_iterator_tag,openid_endpoint_t,void> { public: prequeue_RP& rp; - endpoint_queuer(prequeue_RP& rp) : rp(rp) { } + endpoint_queuer(prequeue_RP& r) : rp(r) { } endpoint_queuer& operator*() { return *this; } endpoint_queuer& operator=(const openid_endpoint_t& oep) { rp.queue_endpoint(oep); return *this; } endpoint_queuer& operator++() { return *this; } endpoint_queuer& operator++(int) { return *this; } }; void prequeue_RP::initiate(const string& usi) { begin_queueing(); set_normalized_id( idiscover(endpoint_queuer(*this),usi) ); end_queueing(); } - void prequeue_RP::set_normalized_id(const string& nid) { + void prequeue_RP::set_normalized_id(const string&) { } const string prequeue_RP::get_normalized_id() const { throw not_implemented(OPKELE_CP_ "get_normalized_id() is not implemented"); } } diff --git a/lib/sreg.cc b/lib/sreg.cc index b40cd45..0bd4d2e 100644 --- a/lib/sreg.cc +++ b/lib/sreg.cc @@ -46,30 +46,28 @@ namespace opkele { if(!policy_url.empty()) om.set_field(pfx+".policy_url",policy_url); } void sreg_t::checkid_hook(basic_openid_message& om) { rp_checkid_hook(om); } void sreg_t::rp_id_res_hook(const basic_openid_message& om, const basic_openid_message& sp) { clear(); string pfx; try { pfx = om.find_ns(OIURI_SREG11,"sreg"); - }catch(failed_lookup& fl) { + }catch(failed_lookup&) { try { pfx = om.find_ns(OIURI_SREG10,"sreg"); - }catch(failed_lookup& fl) { - return; - } + }catch(failed_lookup&) { return; } } pfx += '.'; for(fields_iterator f=fields_BEGIN;f<fields_END;++f) { string fn = pfx; fn+=f->fieldname; if(!sp.has_field(fn)) continue; has_fields |= f->fieldbit; response[f->fieldbit]=sp.get_field(fn); } } void sreg_t::id_res_hook(const basic_openid_message& om, const basic_openid_message& sp) { diff --git a/lib/verify_op.cc b/lib/verify_op.cc index ab21b4f..c493c12 100644 --- a/lib/verify_op.cc +++ b/lib/verify_op.cc @@ -6,39 +6,39 @@ namespace opkele { using std::output_iterator_tag; class __RP_verifier_good_input : public exception { public: __RP_verifier_good_input(OPKELE_E_PARS) : exception(OPKELE_E_CONS) { } }; class RP_verifier : public iterator<output_iterator_tag,openid_endpoint_t,void> { public: - int seen; const string& return_to; + int seen; RP_verifier(const string& rt) : return_to(rt), seen(0) { } RP_verifier& operator*() { return *this; } RP_verifier& operator=(const openid_endpoint_t& oep) { if(util::uri_matches_realm(return_to,oep.uri)) throw __RP_verifier_good_input(OPKELE_CP_ "Found matching realm"); return *this; } RP_verifier& operator++() { ++seen; return *this; } - RP_verifier& operator++(int) { +seen; return *this; } + RP_verifier& operator++(int) { ++seen; return *this; } }; void verify_OP::verify_return_to() { basic_OP::verify_return_to(); try { RP_verifier rpv(return_to); string drealm = realm; string::size_type csss = drealm.find("://*."); if(csss==4 || csss==5) drealm.replace(csss+3,1,"www"); const char *rtt[] = { STURI_OPENID20_RT, 0 }; yadiscover(rpv,drealm,rtt,false); @@ -50,26 +50,26 @@ class opdb_t : public sqlite3_t { }else sqlite3_free_table(resp); } }; class example_op_t : public opkele::verify_OP { public: kingate::cgi_gateway& gw; opdb_t db; kingate::cookie htc; - example_op_t(kingate::cgi_gateway& gw) - : gw(gw) { + example_op_t(kingate::cgi_gateway& g) + : gw(g) { try { htc = gw.cookies.get_cookie("htop_session"); sqlite3_mem_t<char*> S = sqlite3_mprintf( "SELECT 1 FROM ht_sessions WHERE hts_id=%Q", htc.get_value().c_str()); sqlite3_table_t T; int nr,nc; db.get_table(S,T,&nr,&nc); if(nr<1) throw kingate::exception_notfound(CODEPOINT,"forcing cookie generation"); }catch(kingate::exception_notfound& kenf) { uuid_t uuid; uuid_generate(uuid); htc = kingate::cookie("htop_session",opkele::util::encode_base64(uuid,sizeof(uuid))); @@ -191,25 +191,25 @@ class example_op_t : public opkele::verify_OP { " SET n_itime=datetime('now')" " WHERE n_once=%Q", nonce.c_str()); db.exec(S); } const string get_op_endpoint() const { return get_self_url(gw); } }; -int main(int argc,char *argv[]) { +int main(int,char **) { try { kingate::plaincgi_interface ci; kingate::cgi_gateway gw(ci); string op; try { op = gw.get_param("op"); }catch(kingate::exception_notfound&) { } string message; if(op=="set_password") { example_op_t OP(gw); string password = gw.get_param("password"); sqlite3_mem_t<char*> Sget = sqlite3_mprintf("SELECT s_password FROM setup LIMIT 1"); sqlite3_table_t T; int nr,nc; @@ -235,26 +235,26 @@ int main(int argc,char *argv[]) { if(password!=T.get(1,0,nc)) throw opkele::exception(OPKELE_CP_ "wrong password"); OP.set_authorized(true); op.clear(); message = "logged in"; OP.cookie_header(cout); }else if(op=="logout") { example_op_t OP(gw); OP.set_authorized(false); op.clear(); message = "logged out"; } - string om; - try { om = gw.get_param("openid.mode"); }catch(kingate::exception_notfound&) { } + string omode; + try { omode = gw.get_param("openid.mode"); }catch(kingate::exception_notfound&) { } if(op=="xrds") { cout << "Content-type: application/xrds+xml\n\n" "<?xml version='1.0' encoding='utf-8'?>" "<xrds:XRDS xmlns:xrds='xri://$xrds' xmlns='xri://$xrd*($v*2.0)'>" "<XRD>" "<Service>" "<Type>" STURI_OPENID20 "</Type>" "<URI>" << get_self_url(gw) << "</URI>" "</Service>"; if(gw.has_param("idsel")){ cout << @@ -286,32 +286,32 @@ int main(int argc,char *argv[]) { sreg.setup_response(); cout << "Status: 302 Going back to RP with id_res\n" "Location: " << OP.id_res(om,sreg).append_query(OP.get_return_to()) << "\n\n"; }else{ cout << "Status: 302 Going back to RP with cancel\n" "Location: " << OP.cancel(om).append_query(OP.get_return_to()) << "\n\n"; } om.to_keyvalues(clog); - }else if(om=="associate") { + }else if(omode=="associate") { kingate_openid_message_t inm(gw); opkele::openid_message_t oum; example_op_t OP(gw); OP.associate(oum,inm); cout << "Content-type: text/plain\n\n"; oum.to_keyvalues(cout); - }else if(om=="checkid_setup") { + }else if(omode=="checkid_setup") { kingate_openid_message_t inm(gw); example_op_t OP(gw); OP.checkid_(inm,0); OP.cookie_header(cout) << "Content-type: text/html\n" "\n" "<html>" "<head>" "<title>test OP: confirm authentication</title>" "</head>" "<body>" @@ -327,25 +327,25 @@ int main(int argc,char *argv[]) { } cout << "<form method='post'>"; inm.to_htmlhiddens(cout); cout << "<input type='hidden' name='hts_id'" " value='" << opkele::util::attr_escape(OP.htc.get_value()) << "'/>" "<input type='submit' name='op' value='id_res'/>" "<input type='submit' name='op' value='cancel'/>" "</form>" "</body>" "</html>"; - }else if(om=="check_authentication") { + }else if(omode=="check_authentication") { kingate_openid_message_t inm(gw); example_op_t OP(gw); opkele::openid_message_t oum; OP.check_authentication(oum,inm); cout << "Content-type: text/plain\n\n"; oum.to_keyvalues(cout); oum.to_keyvalues(clog); }else{ example_op_t OP(gw); string idsel; if(gw.has_param("idsel")) idsel = "&idsel=idsel"; @@ -49,26 +49,26 @@ class rpdb_t : public sqlite3_t { } }; class example_rp_t : public opkele::prequeue_RP { public: mutable rpdb_t db; kingate::cookie htc; long as_id; int ordinal; kingate::cgi_gateway& gw; - example_rp_t(kingate::cgi_gateway& gw) - : ordinal(0), have_eqtop(false), gw(gw), as_id(-1) { + example_rp_t(kingate::cgi_gateway& g) + : as_id(-1), ordinal(0), gw(g), have_eqtop(false) { try { htc = gw.cookies.get_cookie("ht_session"); as_id = opkele::util::string_to_long(gw.get_param("asid")); }catch(kingate::exception_notfound& kenf) { uuid_t uuid; uuid_generate(uuid); htc = kingate::cookie("ht_session",util::encode_base64(uuid,sizeof(uuid))); sqlite3_mem_t<char*> S = sqlite3_mprintf( "INSERT INTO ht_sessions (hts_id) VALUES (%Q)", htc.get_value().c_str()); db.exec(S); } } @@ -342,25 +342,25 @@ class example_rp_t : public opkele::prequeue_RP { as_id = sqlite3_last_insert_rowid(db); DOUT_("Allocated authentication session id "<<as_id); assert(as_id>=0); } #ifdef DUMB_RP virtual assoc_t associate(const string& OP) { DUMBTHROW; } #endif }; -int main(int argc,char *argv[]) { +int main(int,char **) { try { kingate::plaincgi_interface ci; kingate::cgi_gateway gw(ci); string op; try { op = gw.get_param("op"); }catch(kingate::exception_notfound&) { } if(op=="initiate") { example_rp_t rp(gw); string usi = gw.get_param("openid_identity"); rp.initiate(usi); opkele::sreg_t sreg(opkele::sreg_t::fields_NONE,opkele::sreg_t::fields_ALL); opkele::openid_message_t cm; string loc; diff --git a/test/kingate_openid_message.h b/test/kingate_openid_message.h index 37dcdfa..7029ff7 100644 --- a/test/kingate_openid_message.h +++ b/test/kingate_openid_message.h @@ -48,26 +48,26 @@ class join_iterator : public iterator< join_iterator<IT> operator++(int) { join_iterator<IT> rv(*this); ++(*this); return rv; } }; template<typename IT> class cut_prefix_filterator : public opkele::util::basic_filterator<IT> { public: string pfx; mutable string tmp; cut_prefix_filterator() { } - cut_prefix_filterator(const IT& bi,const IT&ei,const string& pfx) - : opkele::util::basic_filterator<IT>(bi,ei), pfx(pfx) { + cut_prefix_filterator(const IT& _bi,const IT&_ei,const string& p) + : opkele::util::basic_filterator<IT>(_bi,_ei), pfx(p) { this->prepare(); } bool is_interesting() const { return pfx.length()==0 || !strncmp(this->it->c_str(),pfx.c_str(),pfx.length()); } typename IT::reference operator*() const { assert(!this->empty); tmp = *this->it; tmp.erase(0,pfx.length()); return tmp; } typename IT::pointer operator->() const { |