summaryrefslogtreecommitdiffabout
authorMichael Krelin <hacker@klever.net>2007-09-22 20:56:57 (UTC)
committer Michael Krelin <hacker@klever.net>2007-09-22 20:56:57 (UTC)
commit5cb71518360f865cd4448a083b5d481e6f356a3e (patch) (side-by-side diff)
tree4faeab2b1a1a14c589745be714be18471879e781
parent5cfe3f2743c2b2eb2689090516a4e667fd8ca29a (diff)
downloadlibopkele-5cb71518360f865cd4448a083b5d481e6f356a3e.zip
libopkele-5cb71518360f865cd4448a083b5d481e6f356a3e.tar.gz
libopkele-5cb71518360f865cd4448a083b5d481e6f356a3e.tar.bz2
got rid of all pcre wrappers altogether
although all claims against pcre++ make absolutely no sense. But for now I'll live with no wrappers at all. I may reconsider it when implementing more sophisticated discovery mechanisms for upcoming extensions. Signed-off-by: Michael Krelin <hacker@klever.net>
Diffstat (more/less context) (show whitespace changes)
-rw-r--r--configure.ac45
-rw-r--r--include/opkele/exception.h9
-rw-r--r--lib/Makefile.am4
-rw-r--r--lib/consumer.cc124
-rw-r--r--libopkele.pc.in2
5 files changed, 79 insertions, 105 deletions
diff --git a/configure.ac b/configure.ac
index 00c6bc4..53e22ba 100644
--- a/configure.ac
+++ b/configure.ac
@@ -8,125 +8,84 @@ AC_PROG_CXX
AC_PROG_CC
AC_PROG_LIBTOOL
AC_HEADER_STDC
AC_PATH_PROG([XSLTPROC],[xsltproc],[true])
AC_WITH_PKGCONFIG
PKG_CHECK_MODULES([OPENSSL],[openssl],,[
AC_MSG_ERROR([no openssl library found. get one from http://www.openssl.org/])
])
WANT_KONFORKA="yes"
AC_ARG_ENABLE([konforka],
AC_HELP_STRING([--disable-konforka],[do not use konforka library (default: use if found)]),
[
test "${enableval}" = "no" && WANT_KONFORKA="no"
]
)
if test "${WANT_KONFORKA}" = "yes" ; then
PKG_CHECK_MODULES([KONFORKA],[konforka],[
AC_SUBST([KONFORKA_CFLAGS])
AC_SUBST([KONFORKA_LIBS])
AC_DEFINE([HAVE_KONFORKA],,[defined in presence of konforka library])
AC_DEFINE([OPKELE_HAVE_KONFORKA],,[defined in presence of konforka library])
AC_SUBST([KONFORKA_KONFORKA],[konforka])
],[true])
fi
WANT_DOXYGEN="yes"
AC_ARG_ENABLE([doxygen],
AC_HELP_STRING([--disable-doxygen],[do not generate documentation]),
[
test "${enableval}" = "no" && WANT_DOXYGEN="no"
]
)
if test "${WANT_DOXYGEN}" = "yes" ; then
AC_WITH_DOXYGEN
AC_WITH_DOT
else
AM_CONDITIONAL([HAVE_DOXYGEN],[false])
AM_CONDITIONAL([HAVE_DOT],[false])
fi
LIBCURL_CHECK_CONFIG(,,,[
AC_MSG_ERROR([no required libcurl library. get one from http://curl.haxx.se/])
])
-want_pcre_impl=""
-AC_ARG_WITH([pcre-bindings],
- AC_HELP_STRING([--with-pcre-bindings=(pcrepp|none|libpcrecpp)],[Specify which pcre c++ bindings to use. 'pcrepp' stands for quite sensible library, found at http://www.daemon.de/PCRE/, 'libcrecpp' makes use of crappy bindings by google and 'none' disables internal implementation of OP discovery]),
- [
- case "$withval" in
- pcrepp) want_pcre_impl="pcrepp" ;;
- libpcrecpp) want_pcre_impl="libpcrecpp" ;;
- none) want_pcre_impl="none";;
- *) AC_MSG_ERROR([I'm not sure I understand what do you want for a pcre c++ bindings]) ;;
- esac
- ]
-)
-
-found_pcre_impl=""
-
-if test -z "$want_pcre_impl" -o "$want_pcre_impl" = "pcrepp" ; then
- AC_WITH_PCRE([
- AC_WITH_PCREPP([
- found_pcre_impl=pcrepp
+PKG_CHECK_MODULES([PCRE],[libpcre],,[
+ AC_MSG_ERROR([no libpcre found, go get it at http://www.pcre.org/])
])
- ],[
- AC_MSG_ERROR([no pcre library found. get one at http://www.pcre.org/])
- ]
- )
- test "$want_pcre_impl,$found_pcre_impl" = "pcrepp," && AC_MSG_ERROR([no pcre++ library found. get one at http://www.daemon.de/PCRE])
-fi
-
-if test "$found_pcre_impl,$want_pcre_impl" = "," -o "$want_pcre_impl" = "libpcrecpp" ; then
- test -z "$want_pcre_impl" || AC_MSG_NOTICE([You want to use crappy libpcre c++ bindings])
- PKG_CHECK_MODULES([LIBPCRECPP],[libpcrecpp],[
- found_pcre_impl=libpcrecpp
- CXXFLAGS="$CXXFLAGS $LIBPCRECPP_CFLAGS"
- LIBS="$LIBS $LIBPCRECPP_LIBS"
- ],[
- test -z "$want_pcre_impl" || AC_MSG_ERROR([no libpcre c++ bindings found. why would you want it if you don't have it installed?])
- ]
- )
-fi
-test "$want_pcre_impl,$found_pcre_impl" = "," && AC_MSG_ERROR([no pcre c++ bindings found, use --with-pcre-bindings=none to disable code that makes use of it])
-
-case "$found_pcre_impl" in
- pcrepp) AC_DEFINE([USE_PCREPP],,[defined if pcre++ is to be used]) ;;
- libpcrecpp) AC_DEFINE([USE_LIBPCRECPP],,[defined if crappy google bindings are to be used]) ;;
-esac
curl_ssl_verify_host="true"
AC_ARG_ENABLE([ssl-verify-host],
AC_HELP_STRING([--disable-ssl-verify-host],[disable cURL cert/host relationships verification]),
[ test "${enableval}" = "no" && curl_ssl_verify_host="false" ]
)
${curl_ssl_verify_host} || AC_DEFINE([DISABLE_CURL_SSL_VERIFYHOST],,[defined if cURL is not to verify cert/host])
curl_ssl_verify_peer="true"
AC_ARG_ENABLE([ssl-verify-peer],
AC_HELP_STRING([--disable-ssl-verify-peer],[disable cURL cert validity verification]),
[ test "${enableval}" = "no" && curl_ssl_verify_peer="false" ]
)
${curl_ssl_verify_peer} || AC_DEFINE([DISABLE_CURL_SSL_VERIFYPEER],,[defined if cURL is not to verify cert validity])
postels_law=true
AC_ARG_ENABLE([postels-law],
AC_HELP_STRING([--disable-postels-law],[Be strict, do not adhere to Postel's Law ("be conservative in what you do, be liberal in what you accept from others", RFC 793)]),
[ test "${enableval}" = "no" && postels_law=false ]
)
$postels_law && AC_DEFINE([POSTELS_LAW],,[defined if we want to adhere to Postel's Law])
AC_DEFINE_UNQUOTED([OPKELE_SRC_DIR],["$PWD"],[source directory])
AC_CONFIG_FILES([
Makefile
libopkele.pc
Doxyfile
include/Makefile
lib/Makefile
test/Makefile
])
AC_OUTPUT
diff --git a/include/opkele/exception.h b/include/opkele/exception.h
index 0150e6b..753a818 100644
--- a/include/opkele/exception.h
+++ b/include/opkele/exception.h
@@ -167,51 +167,60 @@ namespace opkele {
public:
id_res_mismatch(OPKELE_E_PARS)
: id_res_failed(OPKELE_E_CONS) { }
};
/**
* openssl malfunction occured
*/
class exception_openssl : public exception {
public:
unsigned long _error;
string _ssl_string;
exception_openssl(OPKELE_E_PARS);
~exception_openssl() throw() { }
};
/**
* network operation related error occured
*/
class exception_network : public exception {
public:
exception_network(OPKELE_E_PARS)
: exception(OPKELE_E_CONS) { }
};
/**
* network operation related error occured, specifically, related to
* libcurl
*/
class exception_curl : public exception_network {
public:
CURLcode _error;
string _curl_string;
exception_curl(OPKELE_E_PARS);
exception_curl(OPKELE_E_PARS,CURLcode e);
~exception_curl() throw() { }
};
/**
* not implemented (think pure virtual) member function executed, signfies
* programmer error
*/
class not_implemented : public exception {
public:
not_implemented(OPKELE_E_PARS)
: exception(OPKELE_E_CONS) { }
};
+ /**
+ * internal error, indicates internal libopkele problem
+ */
+ class internal_error : public exception {
+ public:
+ internal_error(OPKELE_E_PARS)
+ : exception(OPKELE_E_CONS) { }
+ };
+
}
#endif /* __OPKELE_EXCEPTION_H */
diff --git a/lib/Makefile.am b/lib/Makefile.am
index a68faf6..b008a52 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -1,27 +1,27 @@
lib_LTLIBRARIES = libopkele.la
INCLUDES = \
-I${top_srcdir}/include/ \
${KONFORKA_CFLAGS} \
${OPENSSL_CFLAGS} \
${LIBCURL_CPPFLAGS} \
- ${PCREPP_CFLAGS}
+ ${PCRE_CFLAGS}
libopkele_la_LIBADD = \
${LIBCURL} \
- ${PCREPP_LIBS} \
+ ${PCRE_LIBS} \
${OPENSSL_LIBS} \
${KONFORKA_LIBS}
libopkele_la_SOURCES = \
params.cc \
util.cc \
server.cc \
secret.cc \
data.cc \
consumer.cc \
exception.cc \
extension.cc \
sreg.cc \
extension_chain.cc
libopkele_la_LDFLAGS = \
-version-info 2:0:0
diff --git a/lib/consumer.cc b/lib/consumer.cc
index ff5da91..df95b64 100644
--- a/lib/consumer.cc
+++ b/lib/consumer.cc
@@ -1,73 +1,111 @@
#include <algorithm>
#include <cassert>
#include <opkele/util.h>
#include <opkele/exception.h>
#include <opkele/data.h>
#include <opkele/consumer.h>
#include <openssl/sha.h>
#include <openssl/hmac.h>
#include <curl/curl.h>
#include <iostream>
#include "config.h"
-#if defined(USE_LIBPCRECPP)
-# include <pcrecpp.h>
-#elif defined(USE_PCREPP)
-# include <pcre++.h>
-#else
- /* internal implementation won't be built */
-#endif
+#include <pcre.h>
namespace opkele {
using namespace std;
+ class pcre_matches_t {
+ public:
+ int *_ov;
+ int _s;
+
+ pcre_matches_t() : _ov(0), _s(0) { }
+ pcre_matches_t(int s) : _ov(0), _s(s) {
+ if(_s&1) ++_s;
+ _s += _s>>1;
+ _ov = new int[_s];
+ }
+ ~pcre_matches_t() throw() { if(_ov) delete[] _ov; }
+
+ int begin(int i) const { return _ov[i<<1]; }
+ int end(int i) const { return _ov[(i<<1)+1]; }
+ int length(int i) const { int t=i<<1; return _ov[t+1]-_ov[t]; }
+ };
+
+ class pcre_t {
+ public:
+ pcre *_p;
+
+ pcre_t() : _p(0) { }
+ pcre_t(pcre *p) : _p(p) { }
+ pcre_t(const char *re,int opts) : _p(0) {
+ static const char *errptr; static int erroffset;
+ _p = pcre_compile(re,opts,&errptr,&erroffset,NULL);
+ if(!_p)
+ throw internal_error(OPKELE_CP_ string("Failed to compile regexp: ")+errptr);
+ }
+ ~pcre_t() throw() { if(_p) (*pcre_free)(_p); }
+
+ pcre_t& operator=(pcre *p) { if(_p) (*pcre_free)(_p); _p=p; return *this; }
+
+ operator const pcre*(void) const { return _p; }
+ operator pcre*(void) { return _p; }
+
+ int exec(const string& s,pcre_matches_t& m) {
+ if(!_p)
+ throw internal_error(OPKELE_CP_ "Trying to execute absent regexp");
+ return pcre_exec(_p,NULL,s.c_str(),s.length(),0,0,m._ov,m._s);
+ }
+ };
+
class curl_t {
public:
CURL *_c;
curl_t() : _c(0) { }
curl_t(CURL *c) : _c(c) { }
~curl_t() throw() { if(_c) curl_easy_cleanup(_c); }
curl_t& operator=(CURL *c) { if(_c) curl_easy_cleanup(_c); _c=c; return *this; }
operator const CURL*(void) const { return _c; }
operator CURL*(void) { return _c; }
};
static CURLcode curl_misc_sets(CURL* c) {
CURLcode r;
(r=curl_easy_setopt(c,CURLOPT_FOLLOWLOCATION,1))
|| (r=curl_easy_setopt(c,CURLOPT_MAXREDIRS,5))
|| (r=curl_easy_setopt(c,CURLOPT_DNS_CACHE_TIMEOUT,120))
|| (r=curl_easy_setopt(c,CURLOPT_DNS_USE_GLOBAL_CACHE,1))
|| (r=curl_easy_setopt(c,CURLOPT_USERAGENT,PACKAGE_NAME"/"PACKAGE_VERSION))
|| (r=curl_easy_setopt(c,CURLOPT_TIMEOUT,20))
#ifdef DISABLE_CURL_SSL_VERIFYHOST
|| (r=curl_easy_setopt(c,CURLOPT_SSL_VERIFYHOST,0))
#endif
#ifdef DISABLE_CURL_SSL_VERIFYPEER
|| (r=curl_easy_setopt(c,CURLOPT_SSL_VERIFYPEER,0))
#endif
;
return r;
}
static size_t _curl_tostring(void *ptr,size_t size,size_t nmemb,void *stream) {
string *str = (string*)stream;
size_t bytes = size*nmemb;
size_t get = min(16384-str->length(),bytes);
str->append((const char*)ptr,get);
return get;
}
assoc_t consumer_t::associate(const string& server) {
util::dh_t dh = DH_new();
if(!dh)
throw exception_openssl(OPKELE_CP_ "failed to DH_new()");
dh->p = util::dec_to_bignum(data::_default_p);
dh->g = util::dec_to_bignum(data::_default_g);
if(!DH_generate_key(dh))
throw exception_openssl(OPKELE_CP_ "failed to DH_generate_key()");
@@ -223,175 +261,143 @@ namespace opkele {
}catch(failed_check_authentication& fca) {
throw id_res_failed(OPKELE_CP_ "failed to check_authentication()");
}
}
if(ext) ext->id_res_hook(pin,ps,identity);
}
void consumer_t::check_authentication(const string& server,const params_t& p) {
string request = "openid.mode=check_authentication";
for(params_t::const_iterator i=p.begin();i!=p.end();++i) {
if(i->first!="openid.mode") {
request += '&';
request += i->first;
request += '=';
request += util::url_encode(i->second);
}
}
curl_t curl = curl_easy_init();
if(!curl)
throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");
string response;
CURLcode r;
(r=curl_misc_sets(curl))
|| (r=curl_easy_setopt(curl,CURLOPT_URL,server.c_str()))
|| (r=curl_easy_setopt(curl,CURLOPT_POST,1))
|| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDS,request.data()))
|| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,request.length()))
|| (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))
|| (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response))
;
if(r)
throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);
if(r=curl_easy_perform(curl))
throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);
params_t pp; pp.parse_keyvalues(response);
if(pp.has_param("invalidate_handle"))
invalidate_assoc(server,pp.get_param("invalidate_handle"));
if(pp.has_param("is_valid")) {
if(pp.get_param("is_valid")=="true")
return;
}else if(pp.has_param("lifetime")) {
if(util::string_to_long(pp.get_param("lifetime")))
return;
}
throw failed_check_authentication(OPKELE_CP_ "failed to verify response");
}
void consumer_t::retrieve_links(const string& url,string& server,string& delegate) {
-#if defined(USE_LIBPCRECPP) || defined(USE_PCREPP)
server.erase();
delegate.erase();
curl_t curl = curl_easy_init();
if(!curl)
throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");
string html;
CURLcode r;
(r=curl_misc_sets(curl))
|| (r=curl_easy_setopt(curl,CURLOPT_URL,url.c_str()))
|| (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))
|| (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&html))
;
if(r)
throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);
r = curl_easy_perform(curl);
if(r && r!=CURLE_WRITE_ERROR)
throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);
- // strip out everything past body
- static const char *re_hdre = "<\\s*head[^>]*>",
+ static const char *re_bre = "<\\s*body\\b", *re_hdre = "<\\s*head[^>]*>",
*re_lre = "<\\s*link\\b([^>]+)>",
*re_rre = "\\brel\\s*=\\s*['\"]\\s*([^'\"\\s]+)\\s*['\"]",
*re_hre = "\\bhref\\s*=\\s*['\"]\\s*([^'\"\\s]+)\\s*['\"]";
-#if defined(USE_LIBPCRECPP)
- static pcrecpp::RE_Options ro(PCRE_CASELESS|PCRE_DOTALL);
- static pcrecpp::RE
- bre("<body\\b.*",ro), hdre(re_hdre,ro),
- lre(re_lre,ro), rre(re_rre), hre(re_hre,ro);
- bre.Replace("",&html);
- pcrecpp::StringPiece hpiece(html);
- if(!hdre.FindAndConsume(&hpiece))
- throw bad_input(OPKELE_CP_ "failed to find head");
- string attrs;
- while(lre.FindAndConsume(&hpiece,&attrs)) {
- pcrecpp::StringPiece rel, href;
- if(!(rre.PartialMatch(attrs,&rel) && hre.PartialMatch(attrs,&href)))
+ pcre_matches_t m1(3), m2(3);
+ pcre_t bre(re_bre,PCRE_CASELESS);
+ if(bre.exec(html,m1)>0)
+ html.erase(m1.begin(0));
+ pcre_t hdre(re_hdre,PCRE_CASELESS);
+ if(hdre.exec(html,m1)<=0)
+ throw bad_input(OPKELE_CP_ "failed to find <head>");
+ html.erase(0,m1.end(0)+1);
+ pcre_t lre(re_lre,PCRE_CASELESS), rre(re_rre,PCRE_CASELESS), hre(re_hre,PCRE_CASELESS);
+ while(lre.exec(html,m1)>=2) {
+ string attrs(html,m1.begin(1),m1.length(1));
+ html.erase(0,m1.end(0)+1);
+ if(!( rre.exec(attrs,m1)>=2 && hre.exec(attrs,m2)>=2 ))
continue;
+ string rel(attrs,m1.begin(1),m1.length(1));
+ string href(attrs,m2.begin(1),m2.length(1));
if(rel=="openid.server") {
- href.CopyToString(&server);
- if(!delegate.empty())
- break;
+ server = href;
+ if(!delegate.empty()) break;
}else if(rel=="openid.delegate") {
- href.CopyToString(&delegate);
- if(!server.empty())
- break;
- }
+ delegate = href;
+ if(!server.empty()) break;
}
-#elif defined(USE_PCREPP)
- pcrepp::Pcre bre("<body\\b",PCRE_CASELESS);
- if(bre.search(html))
- html.erase(bre.get_match_start());
- pcrepp::Pcre hdre(re_hdre,PCRE_CASELESS);
- if(!hdre.search(html))
- throw bad_input(OPKELE_CP_ "failed to find head");
- html.erase(0,hdre.get_match_end()+1);
- pcrepp::Pcre lre(re_lre,PCRE_CASELESS), rre(re_rre,PCRE_CASELESS), hre(re_hre,PCRE_CASELESS);
- while(lre.search(html)) {
- string attrs = lre[0];
- html.erase(0,lre.get_match_end()+1);
- if(!(rre.search(attrs)&&hre.search(attrs)))
- continue;
- if(rre[0]=="openid.server") {
- server = hre[0];
- if(!delegate.empty())
- break;
- }else if(rre[0]=="openid.delegate") {
- delegate = hre[0];
- if(!server.empty())
- break;
}
- }
-#else
- #error "I must have gone crazy"
-#endif
if(server.empty())
throw failed_assertion(OPKELE_CP_ "The location has no openid.server declaration");
-#else /* none of the RE bindings enabled */
- throw not_implemented(OPKELE_CP_ "No internal implementation of retrieve_links were provided at compile-time");
-#endif
}
assoc_t consumer_t::find_assoc(const string& server) {
throw failed_lookup(OPKELE_CP_ "no find_assoc() provided");
}
string consumer_t::normalize(const string& url) {
string rv = url;
// strip leading and trailing spaces
string::size_type i = rv.find_first_not_of(" \t\r\n");
if(i==string::npos)
throw bad_input(OPKELE_CP_ "empty URL");
if(i)
rv.erase(0,i);
i = rv.find_last_not_of(" \t\r\n");
assert(i!=string::npos);
if(i<(rv.length()-1))
rv.erase(i+1);
// add missing http://
i = rv.find("://");
if(i==string::npos) { // primitive. but do we need more?
rv.insert(0,"http://");
i = sizeof("http://")-1;
}else{
i += sizeof("://")-1;
}
string::size_type qm = rv.find('?',i);
string::size_type sl = rv.find('/',i);
if(qm!=string::npos) {
if(sl==string::npos || sl>qm)
rv.insert(qm,1,'/');
}else{
if(sl==string::npos)
rv += '/';
}
return rv;
}
string consumer_t::canonicalize(const string& url) {
string rv = normalize(url);
curl_t curl = curl_easy_init();
if(!curl)
throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");
string html;
CURLcode r;
(r=curl_misc_sets(curl))
|| (r=curl_easy_setopt(curl,CURLOPT_URL,rv.c_str()))
|| (r=curl_easy_setopt(curl,CURLOPT_NOBODY,1))
diff --git a/libopkele.pc.in b/libopkele.pc.in
index 286720e..5f8684b 100644
--- a/libopkele.pc.in
+++ b/libopkele.pc.in
@@ -1,11 +1,11 @@
prefix=@prefix@
exec_prefix=@exec_prefix@
libdir=@libdir@
includedir=@includedir@
Name: libopkele
Description: C++ implementation of OpenID protocol
Version: @VERSION@
-Requires: openssl @KONFORKA_KONFORKA@
+Requires: openssl libpcre @KONFORKA_KONFORKA@
Cflags: -I${includedir} @LIBCURL_CPPFLAGS@ @PCREPP_CFLAGS@
Libs: -L${libdir} -lopkele @LIBCURL@ @PCREPP_LIBS@