1 files changed, 1 insertions, 1 deletions
diff --git a/lib/server.cc b/lib/server.cc
index aa61035..282521e 100644
--- a/lib/server.cc
+++ b/lib/server.cc
@@ -116,56 +116,56 @@ namespace opkele {
        vector<unsigned char>  sig;
        const string& sigenc = pin.get_param("openid.sig");
        util::decode_base64(sigenc,sig);
        assoc_t assoc;
        try {
            assoc = retrieve_assoc(pin.get_param("openid.assoc_handle"));
        }catch(failed_lookup& fl) {
            throw failed_assertion(OPKELE_CP_ "invalid handle or handle not specified");
        }
        if(!assoc->stateless())
            throw stateful_handle(OPKELE_CP_ "will not do check_authentication on a stateful handle");
        const string& slist = pin.get_param("openid.signed");
        string kv;
        string::size_type p =0;
        while(true) {
            string::size_type co = slist.find(',',p);
            string f = (co==string::npos)?slist.substr(p):slist.substr(p,co-p);
            kv += f;
            kv += ':';
            if(f=="mode")
                kv += "id_res";
            else {
                f.insert(0,"openid.");
                kv += pin.get_param(f);
            }
            kv += '\n';
            if(co==string::npos)
                break;
            p = co+1;
        }
        secret_t secret = assoc->secret();
        unsigned int md_len = 0;
        unsigned char *md = HMAC(
                EVP_sha1(),
                &(secret.front()),secret.size(),
                (const unsigned char *)kv.data(),kv.length(),
                0,&md_len);
        pout.clear();
        if(sig.size()==md_len && !memcmp(&(sig.front()),md,md_len)) {
            pout["is_valid"]="true";
            pout["lifetime"]="60"; /* TODO: eventually remove deprecated stuff */
        }else{
            pout["is_valid"]="false";
            pout["lifetime"]="0"; /* TODO: eventually remove deprecated stuff */
        }
        if(pin.has_param("openid.invalidate_handle")) {
            string h = pin.get_param("openid.invalidate_handle");
            try {
-                assoc_t assoc = retrieve_assoc(h);
+                assoc_t tmp = retrieve_assoc(h);
            }catch(invalid_handle& ih) {
                pout["invalidate_handle"] = h;
            }catch(failed_lookup& fl) { }
        }
    }
 }

diff --git a/lib/server.cc b/lib/server.cc index aa61035..282521e 100644 --- a/lib/server.cc +++ b/lib/server.cc
@@ -116,56 +116,56 @@ namespace opkele {
116	vector<unsigned char> sig;	116	vector<unsigned char> sig;
117	const string& sigenc = pin.get_param("openid.sig");	117	const string& sigenc = pin.get_param("openid.sig");
118	util::decode_base64(sigenc,sig);	118	util::decode_base64(sigenc,sig);
119	assoc_t assoc;	119	assoc_t assoc;
120	try {	120	try {
121	assoc = retrieve_assoc(pin.get_param("openid.assoc_handle"));	121	assoc = retrieve_assoc(pin.get_param("openid.assoc_handle"));
122	}catch(failed_lookup& fl) {	122	}catch(failed_lookup& fl) {
123	throw failed_assertion(OPKELE_CP_ "invalid handle or handle not specified");	123	throw failed_assertion(OPKELE_CP_ "invalid handle or handle not specified");
124	}	124	}
125	if(!assoc->stateless())	125	if(!assoc->stateless())
126	throw stateful_handle(OPKELE_CP_ "will not do check_authentication on a stateful handle");	126	throw stateful_handle(OPKELE_CP_ "will not do check_authentication on a stateful handle");
127	const string& slist = pin.get_param("openid.signed");	127	const string& slist = pin.get_param("openid.signed");
128	string kv;	128	string kv;
129	string::size_type p =0;	129	string::size_type p =0;
130	while(true) {	130	while(true) {
131	string::size_type co = slist.find(',',p);	131	string::size_type co = slist.find(',',p);
132	string f = (co==string::npos)?slist.substr(p):slist.substr(p,co-p);	132	string f = (co==string::npos)?slist.substr(p):slist.substr(p,co-p);
133	kv += f;	133	kv += f;
134	kv += ':';	134	kv += ':';
135	if(f=="mode")	135	if(f=="mode")
136	kv += "id_res";	136	kv += "id_res";
137	else {	137	else {
138	f.insert(0,"openid.");	138	f.insert(0,"openid.");
139	kv += pin.get_param(f);	139	kv += pin.get_param(f);
140	}	140	}
141	kv += '\n';	141	kv += '\n';
142	if(co==string::npos)	142	if(co==string::npos)
143	break;	143	break;
144	p = co+1;	144	p = co+1;
145	}	145	}
146	secret_t secret = assoc->secret();	146	secret_t secret = assoc->secret();
147	unsigned int md_len = 0;	147	unsigned int md_len = 0;
148	unsigned char *md = HMAC(	148	unsigned char *md = HMAC(
149	EVP_sha1(),	149	EVP_sha1(),
150	&(secret.front()),secret.size(),	150	&(secret.front()),secret.size(),
151	(const unsigned char *)kv.data(),kv.length(),	151	(const unsigned char *)kv.data(),kv.length(),
152	0,&md_len);	152	0,&md_len);
153	pout.clear();	153	pout.clear();
154	if(sig.size()==md_len && !memcmp(&(sig.front()),md,md_len)) {	154	if(sig.size()==md_len && !memcmp(&(sig.front()),md,md_len)) {
155	pout["is_valid"]="true";	155	pout["is_valid"]="true";
156	pout["lifetime"]="60"; /* TODO: eventually remove deprecated stuff */	156	pout["lifetime"]="60"; /* TODO: eventually remove deprecated stuff */
157	}else{	157	}else{
158	pout["is_valid"]="false";	158	pout["is_valid"]="false";
159	pout["lifetime"]="0"; /* TODO: eventually remove deprecated stuff */	159	pout["lifetime"]="0"; /* TODO: eventually remove deprecated stuff */
160	}	160	}
161	if(pin.has_param("openid.invalidate_handle")) {	161	if(pin.has_param("openid.invalidate_handle")) {
162	string h = pin.get_param("openid.invalidate_handle");	162	string h = pin.get_param("openid.invalidate_handle");
163	try {	163	try {
164	assoc_t assoc = retrieve_assoc(h);	164	assoc_t tmp = retrieve_assoc(h);
165	}catch(invalid_handle& ih) {	165	}catch(invalid_handle& ih) {
166	pout["invalidate_handle"] = h;	166	pout["invalidate_handle"] = h;
167	}catch(failed_lookup& fl) { }	167	}catch(failed_lookup& fl) { }
168	}	168	}
169	}	169	}
170		170
171	}	171	}