author | Michael Krelin <hacker@klever.net> | 2007-11-21 18:24:28 (UTC) |
---|---|---|
committer | Michael Krelin <hacker@klever.net> | 2007-11-21 18:24:28 (UTC) |
commit | 6d455b3ce69e62bdbe7ca894bc2cacac3e793a99 (patch) (unidiff) | |
tree | 38c3cd9b588dfebb6b459c3ca6b927757667f22a /lib | |
parent | a9b6c1f0b1a771dcd9afc76f05d1ad2ff0af937e (diff) | |
download | libopkele-6d455b3ce69e62bdbe7ca894bc2cacac3e793a99.zip libopkele-6d455b3ce69e62bdbe7ca894bc2cacac3e793a99.tar.gz libopkele-6d455b3ce69e62bdbe7ca894bc2cacac3e793a99.tar.bz2 |
keep compiler happy about shadowed variable
Signed-off-by: Michael Krelin <hacker@klever.net>
-rw-r--r-- | lib/server.cc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/server.cc b/lib/server.cc index aa61035..282521e 100644 --- a/lib/server.cc +++ b/lib/server.cc | |||
@@ -68,104 +68,104 @@ namespace opkele { | |||
68 | } | 68 | } |
69 | } | 69 | } |
70 | 70 | ||
71 | void server_t::checkid_immediate(const params_t& pin,string& return_to,params_t& pout,extension_t *ext) { | 71 | void server_t::checkid_immediate(const params_t& pin,string& return_to,params_t& pout,extension_t *ext) { |
72 | checkid_(mode_checkid_immediate,pin,return_to,pout,ext); | 72 | checkid_(mode_checkid_immediate,pin,return_to,pout,ext); |
73 | } | 73 | } |
74 | 74 | ||
75 | void server_t::checkid_setup(const params_t& pin,string& return_to,params_t& pout,extension_t *ext) { | 75 | void server_t::checkid_setup(const params_t& pin,string& return_to,params_t& pout,extension_t *ext) { |
76 | checkid_(mode_checkid_setup,pin,return_to,pout,ext); | 76 | checkid_(mode_checkid_setup,pin,return_to,pout,ext); |
77 | } | 77 | } |
78 | 78 | ||
79 | void server_t::checkid_(mode_t mode,const params_t& pin,string& return_to,params_t& pout,extension_t *ext) { | 79 | void server_t::checkid_(mode_t mode,const params_t& pin,string& return_to,params_t& pout,extension_t *ext) { |
80 | if(mode!=mode_checkid_immediate && mode!=mode_checkid_setup) | 80 | if(mode!=mode_checkid_immediate && mode!=mode_checkid_setup) |
81 | throw bad_input(OPKELE_CP_ "invalid checkid_* mode"); | 81 | throw bad_input(OPKELE_CP_ "invalid checkid_* mode"); |
82 | pout.clear(); | 82 | pout.clear(); |
83 | assoc_t assoc; | 83 | assoc_t assoc; |
84 | try { | 84 | try { |
85 | assoc = retrieve_assoc(pin.get_param("openid.assoc_handle")); | 85 | assoc = retrieve_assoc(pin.get_param("openid.assoc_handle")); |
86 | }catch(failed_lookup& fl) { | 86 | }catch(failed_lookup& fl) { |
87 | // no handle specified or no valid handle found, going dumb | 87 | // no handle specified or no valid handle found, going dumb |
88 | assoc = alloc_assoc(mode_checkid_setup); | 88 | assoc = alloc_assoc(mode_checkid_setup); |
89 | if(pin.has_param("openid.assoc_handle")) | 89 | if(pin.has_param("openid.assoc_handle")) |
90 | pout["invalidate_handle"]=pin.get_param("openid.assoc_handle"); | 90 | pout["invalidate_handle"]=pin.get_param("openid.assoc_handle"); |
91 | } | 91 | } |
92 | string trust_root; | 92 | string trust_root; |
93 | try { | 93 | try { |
94 | trust_root = pin.get_param("openid.trust_root"); | 94 | trust_root = pin.get_param("openid.trust_root"); |
95 | }catch(failed_lookup& fl) { } | 95 | }catch(failed_lookup& fl) { } |
96 | string identity = pin.get_param("openid.identity"); | 96 | string identity = pin.get_param("openid.identity"); |
97 | return_to = pin.get_param("openid.return_to"); | 97 | return_to = pin.get_param("openid.return_to"); |
98 | validate(*assoc,pin,identity,trust_root); | 98 | validate(*assoc,pin,identity,trust_root); |
99 | pout["mode"] = "id_res"; | 99 | pout["mode"] = "id_res"; |
100 | pout["assoc_handle"] = assoc->handle(); | 100 | pout["assoc_handle"] = assoc->handle(); |
101 | if(pin.has_param("openid.assoc_handle") && assoc->stateless()) | 101 | if(pin.has_param("openid.assoc_handle") && assoc->stateless()) |
102 | pout["invalidate_handle"] = pin.get_param("openid.assoc_handle"); | 102 | pout["invalidate_handle"] = pin.get_param("openid.assoc_handle"); |
103 | pout["identity"] = identity; | 103 | pout["identity"] = identity; |
104 | pout["return_to"] = return_to; | 104 | pout["return_to"] = return_to; |
105 | /* TODO: eventually remove deprecated stuff */ | 105 | /* TODO: eventually remove deprecated stuff */ |
106 | time_t now = time(0); | 106 | time_t now = time(0); |
107 | pout["issued"] = util::time_to_w3c(now); | 107 | pout["issued"] = util::time_to_w3c(now); |
108 | pout["valid_to"] = util::time_to_w3c(now+120); | 108 | pout["valid_to"] = util::time_to_w3c(now+120); |
109 | pout["exipres_in"] = "120"; | 109 | pout["exipres_in"] = "120"; |
110 | pout["signed"]="mode,identity,return_to"; | 110 | pout["signed"]="mode,identity,return_to"; |
111 | if(ext) ext->checkid_hook(pin,pout); | 111 | if(ext) ext->checkid_hook(pin,pout); |
112 | pout.sign(assoc->secret(),pout["sig"],pout["signed"]); | 112 | pout.sign(assoc->secret(),pout["sig"],pout["signed"]); |
113 | } | 113 | } |
114 | 114 | ||
115 | void server_t::check_authentication(const params_t& pin,params_t& pout) { | 115 | void server_t::check_authentication(const params_t& pin,params_t& pout) { |
116 | vector<unsigned char> sig; | 116 | vector<unsigned char> sig; |
117 | const string& sigenc = pin.get_param("openid.sig"); | 117 | const string& sigenc = pin.get_param("openid.sig"); |
118 | util::decode_base64(sigenc,sig); | 118 | util::decode_base64(sigenc,sig); |
119 | assoc_t assoc; | 119 | assoc_t assoc; |
120 | try { | 120 | try { |
121 | assoc = retrieve_assoc(pin.get_param("openid.assoc_handle")); | 121 | assoc = retrieve_assoc(pin.get_param("openid.assoc_handle")); |
122 | }catch(failed_lookup& fl) { | 122 | }catch(failed_lookup& fl) { |
123 | throw failed_assertion(OPKELE_CP_ "invalid handle or handle not specified"); | 123 | throw failed_assertion(OPKELE_CP_ "invalid handle or handle not specified"); |
124 | } | 124 | } |
125 | if(!assoc->stateless()) | 125 | if(!assoc->stateless()) |
126 | throw stateful_handle(OPKELE_CP_ "will not do check_authentication on a stateful handle"); | 126 | throw stateful_handle(OPKELE_CP_ "will not do check_authentication on a stateful handle"); |
127 | const string& slist = pin.get_param("openid.signed"); | 127 | const string& slist = pin.get_param("openid.signed"); |
128 | string kv; | 128 | string kv; |
129 | string::size_type p =0; | 129 | string::size_type p =0; |
130 | while(true) { | 130 | while(true) { |
131 | string::size_type co = slist.find(',',p); | 131 | string::size_type co = slist.find(',',p); |
132 | string f = (co==string::npos)?slist.substr(p):slist.substr(p,co-p); | 132 | string f = (co==string::npos)?slist.substr(p):slist.substr(p,co-p); |
133 | kv += f; | 133 | kv += f; |
134 | kv += ':'; | 134 | kv += ':'; |
135 | if(f=="mode") | 135 | if(f=="mode") |
136 | kv += "id_res"; | 136 | kv += "id_res"; |
137 | else { | 137 | else { |
138 | f.insert(0,"openid."); | 138 | f.insert(0,"openid."); |
139 | kv += pin.get_param(f); | 139 | kv += pin.get_param(f); |
140 | } | 140 | } |
141 | kv += '\n'; | 141 | kv += '\n'; |
142 | if(co==string::npos) | 142 | if(co==string::npos) |
143 | break; | 143 | break; |
144 | p = co+1; | 144 | p = co+1; |
145 | } | 145 | } |
146 | secret_t secret = assoc->secret(); | 146 | secret_t secret = assoc->secret(); |
147 | unsigned int md_len = 0; | 147 | unsigned int md_len = 0; |
148 | unsigned char *md = HMAC( | 148 | unsigned char *md = HMAC( |
149 | EVP_sha1(), | 149 | EVP_sha1(), |
150 | &(secret.front()),secret.size(), | 150 | &(secret.front()),secret.size(), |
151 | (const unsigned char *)kv.data(),kv.length(), | 151 | (const unsigned char *)kv.data(),kv.length(), |
152 | 0,&md_len); | 152 | 0,&md_len); |
153 | pout.clear(); | 153 | pout.clear(); |
154 | if(sig.size()==md_len && !memcmp(&(sig.front()),md,md_len)) { | 154 | if(sig.size()==md_len && !memcmp(&(sig.front()),md,md_len)) { |
155 | pout["is_valid"]="true"; | 155 | pout["is_valid"]="true"; |
156 | pout["lifetime"]="60"; /* TODO: eventually remove deprecated stuff */ | 156 | pout["lifetime"]="60"; /* TODO: eventually remove deprecated stuff */ |
157 | }else{ | 157 | }else{ |
158 | pout["is_valid"]="false"; | 158 | pout["is_valid"]="false"; |
159 | pout["lifetime"]="0"; /* TODO: eventually remove deprecated stuff */ | 159 | pout["lifetime"]="0"; /* TODO: eventually remove deprecated stuff */ |
160 | } | 160 | } |
161 | if(pin.has_param("openid.invalidate_handle")) { | 161 | if(pin.has_param("openid.invalidate_handle")) { |
162 | string h = pin.get_param("openid.invalidate_handle"); | 162 | string h = pin.get_param("openid.invalidate_handle"); |
163 | try { | 163 | try { |
164 | assoc_t assoc = retrieve_assoc(h); | 164 | assoc_t tmp = retrieve_assoc(h); |
165 | }catch(invalid_handle& ih) { | 165 | }catch(invalid_handle& ih) { |
166 | pout["invalidate_handle"] = h; | 166 | pout["invalidate_handle"] = h; |
167 | }catch(failed_lookup& fl) { } | 167 | }catch(failed_lookup& fl) { } |
168 | } | 168 | } |
169 | } | 169 | } |
170 | 170 | ||
171 | } | 171 | } |