summaryrefslogtreecommitdiffabout
path: root/lib
Side-by-side diff
Diffstat (limited to 'lib') (more/less context) (ignore whitespace changes)
-rw-r--r--lib/basic_op.cc29
-rw-r--r--lib/basic_rp.cc10
-rw-r--r--lib/discovery.cc2
-rw-r--r--lib/expat.cc1
-rw-r--r--lib/extension.cc2
-rw-r--r--lib/openid_message.cc32
-rw-r--r--lib/prequeue_rp.cc4
-rw-r--r--lib/sreg.cc6
-rw-r--r--lib/verify_op.cc4
9 files changed, 44 insertions, 46 deletions
diff --git a/lib/basic_op.cc b/lib/basic_op.cc
index 18446dc..2d82147 100644
--- a/lib/basic_op.cc
+++ b/lib/basic_op.cc
@@ -66,9 +66,6 @@ namespace opkele {
util::bignum_t c_pub;
unsigned char key_digest[SHA256_DIGEST_LENGTH];
size_t d_len = 0;
- enum {
- sess_cleartext, sess_dh_sha1, sess_dh_sha256
- } st = sess_cleartext;
string sts = inm.get_field("session_type");
string ats = inm.get_field("assoc_type");
if(sts=="DH-SHA1" || sts=="DH-SHA256") {
@@ -98,19 +95,19 @@ namespace opkele {
throw internal_error(OPKELE_CP_ "I thought I knew the session type");
}else
throw unsupported(OPKELE_CP_ "Unsupported session_type");
- assoc_t assoc;
+ assoc_t a;
if(ats=="HMAC-SHA1")
- assoc = alloc_assoc(ats,SHA_DIGEST_LENGTH,true);
+ a = alloc_assoc(ats,SHA_DIGEST_LENGTH,true);
else if(ats=="HMAC-SHA256")
- assoc = alloc_assoc(ats,SHA256_DIGEST_LENGTH,true);
+ a = alloc_assoc(ats,SHA256_DIGEST_LENGTH,true);
else
throw unsupported(OPKELE_CP_ "Unsupported assoc_type");
oum.reset_fields();
oum.set_field("ns",OIURI_OPENID20);
- oum.set_field("assoc_type",assoc->assoc_type());
- oum.set_field("assoc_handle",assoc->handle());
+ oum.set_field("assoc_type",a->assoc_type());
+ oum.set_field("assoc_handle",a->handle());
oum.set_field("expires_in",util::long_to_string(assoc->expires_in()));
- secret_t secret = assoc->secret();
+ secret_t secret = a->secret();
if(sts=="DH-SHA1" || sts=="DH-SHA256") {
if(d_len != secret.size())
throw bad_input(OPKELE_CP_ "Association secret and session MAC are not of the same size");
@@ -134,10 +131,10 @@ namespace opkele {
void basic_OP::checkid_(const basic_openid_message& inm,
extension_t *ext) {
reset_vars();
- string mode = inm.get_field("mode");
- if(mode=="checkid_setup")
+ string modestr = inm.get_field("mode");
+ if(modestr=="checkid_setup")
mode = mode_checkid_setup;
- else if(mode=="checkid_immediate")
+ else if(modestr=="checkid_immediate")
mode = mode_checkid_immediate;
else
throw bad_input(OPKELE_CP_ "Invalid checkid_* mode");
@@ -238,14 +235,14 @@ namespace opkele {
}
basic_openid_message& basic_OP::error(basic_openid_message& om,
- const string& error,const string& contact,
+ const string& err,const string& contact,
const string& reference ) {
assert(!return_to.empty());
om.set_field("ns",OIURI_OPENID20);
om.set_field("mode","error");
- om.set_field("error",error);
- om.set_field("contact",contact);
- om.set_field("reference",reference);
+ om.set_field("error",err);
+ if(!contact.empty()) om.set_field("contact",contact);
+ if(!reference.empty()) om.set_field("reference",reference);
return om;
}
diff --git a/lib/basic_rp.cc b/lib/basic_rp.cc
index bd45d99..a0ad130 100644
--- a/lib/basic_rp.cc
+++ b/lib/basic_rp.cc
@@ -1,3 +1,4 @@
+#include <cassert>
#include <openssl/sha.h>
#include <openssl/hmac.h>
#include <opkele/basic_rp.h>
@@ -25,7 +26,8 @@ namespace opkele {
throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()");
if(cklen && (*ckptr)&0x80) {
(*(--ckptr))=0; ++cklen; }
- unsigned char key_digest[d_len];
+ assert(d_len<=SHA256_DIGEST_LENGTH);
+ unsigned char key_digest[SHA256_DIGEST_LENGTH];
secret.enxor_from_base64((*d_fun)(ckptr,cklen,key_digest),om.get_field("enc_mac_key"));
if(secret.size()!=exp_s_len)
throw bad_input(OPKELE_CP_ "Secret length isn't consistent with association type");
@@ -78,7 +80,7 @@ namespace opkele {
"HMAC-SHA256", "DH-SHA256",
dh, SHA256_DIGEST_LENGTH, SHA256, SHA256_DIGEST_LENGTH );
expires_in = util::string_to_long(res.get_field("expires_in"));
- }catch(exception& e) {
+ }catch(exception&) {
try {
req.set_field("assoc_type","HMAC-SHA1");
req.set_field("session_type","DH-SHA1");
@@ -87,7 +89,7 @@ namespace opkele {
"HMAC-SHA1", "DH-SHA1",
dh, SHA_DIGEST_LENGTH, SHA1, SHA_DIGEST_LENGTH );
expires_in = util::string_to_long(res.get_field("expires_in"));
- }catch(bad_input& e) {
+ }catch(bad_input&) {
throw dumb_RP(OPKELE_CP_ "OP failed to supply an association");
}
}
@@ -234,7 +236,7 @@ namespace opkele {
static const char *mustsign[] = {
"op_endpoint", "return_to", "response_nonce", "assoc_handle",
"claimed_id", "identity" };
- for(int ms=0;ms<(sizeof(mustsign)/sizeof(*mustsign));++ms) {
+ for(size_t ms=0;ms<(sizeof(mustsign)/sizeof(*mustsign));++ms) {
if(om.has_field(mustsign[ms]) && !signeds.has_field(mustsign[ms]))
throw bad_input(OPKELE_CP_ string("Field '")+mustsign[ms]+"' is not signed against the specs");
}
diff --git a/lib/discovery.cc b/lib/discovery.cc
index 6f58339..6f9926c 100644
--- a/lib/discovery.cc
+++ b/lib/discovery.cc
@@ -330,7 +330,7 @@ namespace opkele {
xrds_location.clear(); http_content_type.clear();
}else if(colon) {
const char *hv = ++colon;
- int hnl = colon-h;
+ size_t hnl = colon-h;
int rb;
for(rb = bytes-hnl-1;rb>0 && isspace(*hv);++hv,--rb);
while(rb>0 && isspace(hv[rb-1])) --rb;
diff --git a/lib/expat.cc b/lib/expat.cc
index fa6fdde..c4dab7e 100644
--- a/lib/expat.cc
+++ b/lib/expat.cc
@@ -13,6 +13,7 @@ namespace opkele {
if(_x)
XML_ParserFree(_x);
_x = x;
+ return *this;
}
static void _start_element(void* ud,const XML_Char *n,const XML_Char **a) {
diff --git a/lib/extension.cc b/lib/extension.cc
index f7aaea5..0f121ca 100644
--- a/lib/extension.cc
+++ b/lib/extension.cc
@@ -11,7 +11,7 @@ namespace opkele {
void extension_t::op_checkid_hook(const basic_openid_message&) {
throw not_implemented(OPKELE_CP_ "OP checkid_* hook not implemented"); }
- void extension_t::op_id_res_hook(basic_openid_message& om) {
+ void extension_t::op_id_res_hook(basic_openid_message&) {
throw not_implemented(OPKELE_CP_ "OP id_res hook not implemented"); }
diff --git a/lib/openid_message.cc b/lib/openid_message.cc
index fdb4b04..521ea85 100644
--- a/lib/openid_message.cc
+++ b/lib/openid_message.cc
@@ -15,8 +15,8 @@ namespace opkele {
const basic_openid_message& from;
basic_openid_message& to;
- __om_copier(basic_openid_message& to,const basic_openid_message& from)
- : from(from), to(to) {
+ __om_copier(basic_openid_message& t,const basic_openid_message& f)
+ : from(f), to(t) {
to.reset_fields();
}
@@ -37,8 +37,8 @@ namespace opkele {
const basic_openid_message& om;
const string& uri;
- __om_ns_finder(const basic_openid_message& om,
- const string& uri) : om(om), uri(uri) { }
+ __om_ns_finder(const basic_openid_message& m,
+ const string& u) : om(m), uri(u) { }
result_type operator()(argument_type f) {
return
@@ -65,16 +65,16 @@ namespace opkele {
struct __om_query_builder : public unary_function<const string&,void> {
public:
const basic_openid_message& om;
- string& rv;
bool first;
+ string& rv;
- __om_query_builder(string& rv,const basic_openid_message& om)
- : om(om), first(true), rv(rv) {
+ __om_query_builder(string& r,const basic_openid_message& m)
+ : om(m), first(true), rv(r) {
for_each(om.fields_begin(),om.fields_end(),*this);
}
- __om_query_builder(string& rv,const basic_openid_message& om,const string& url)
- : om(om), first(true), rv(rv) {
- rv = url;
+ __om_query_builder(string& r,const basic_openid_message& m,const string& u)
+ : om(m), first(true), rv(r) {
+ rv = u;
if(rv.find('?')==string::npos)
rv += '?';
else
@@ -105,10 +105,10 @@ namespace opkele {
void basic_openid_message::reset_fields() {
throw not_implemented(OPKELE_CP_ "reset_fields() not implemented");
}
- void basic_openid_message::set_field(const string& n,const string& v) {
+ void basic_openid_message::set_field(const string&,const string&) {
throw not_implemented(OPKELE_CP_ "set_field() not implemented");
}
- void basic_openid_message::reset_field(const string& n) {
+ void basic_openid_message::reset_field(const string&) {
throw not_implemented(OPKELE_CP_ "reset_field() not implemented");
}
@@ -147,8 +147,8 @@ namespace opkele {
const basic_openid_message& om;
ostream& os;
- __om_kv_outputter(const basic_openid_message& om,ostream& os)
- : om(om), os(os) { }
+ __om_kv_outputter(const basic_openid_message& m,ostream& s)
+ : om(m), os(s) { }
result_type operator()(argument_type f) {
os << f << ':' << om.get_field(f) << '\n';
@@ -164,8 +164,8 @@ namespace opkele {
const basic_openid_message& om;
ostream& os;
- __om_html_outputter(const basic_openid_message& om,ostream& os)
- : om(om), os(os) { }
+ __om_html_outputter(const basic_openid_message& m,ostream& s)
+ : om(m), os(s) { }
result_type operator()(argument_type f) {
os <<
diff --git a/lib/prequeue_rp.cc b/lib/prequeue_rp.cc
index e242f87..3aa960f 100644
--- a/lib/prequeue_rp.cc
+++ b/lib/prequeue_rp.cc
@@ -55,7 +55,7 @@ namespace opkele {
public:
prequeue_RP& rp;
- endpoint_queuer(prequeue_RP& rp) : rp(rp) { }
+ endpoint_queuer(prequeue_RP& r) : rp(r) { }
endpoint_queuer& operator*() { return *this; }
endpoint_queuer& operator=(const openid_endpoint_t& oep) {
@@ -71,7 +71,7 @@ namespace opkele {
end_queueing();
}
- void prequeue_RP::set_normalized_id(const string& nid) {
+ void prequeue_RP::set_normalized_id(const string&) {
}
const string prequeue_RP::get_normalized_id() const {
diff --git a/lib/sreg.cc b/lib/sreg.cc
index b40cd45..0bd4d2e 100644
--- a/lib/sreg.cc
+++ b/lib/sreg.cc
@@ -55,12 +55,10 @@ namespace opkele {
string pfx;
try {
pfx = om.find_ns(OIURI_SREG11,"sreg");
- }catch(failed_lookup& fl) {
+ }catch(failed_lookup&) {
try {
pfx = om.find_ns(OIURI_SREG10,"sreg");
- }catch(failed_lookup& fl) {
- return;
- }
+ }catch(failed_lookup&) { return; }
}
pfx += '.';
for(fields_iterator f=fields_BEGIN;f<fields_END;++f) {
diff --git a/lib/verify_op.cc b/lib/verify_op.cc
index ab21b4f..c493c12 100644
--- a/lib/verify_op.cc
+++ b/lib/verify_op.cc
@@ -15,8 +15,8 @@ namespace opkele {
class RP_verifier : public iterator<output_iterator_tag,openid_endpoint_t,void> {
public:
- int seen;
const string& return_to;
+ int seen;
RP_verifier(const string& rt)
: return_to(rt), seen(0) { }
@@ -29,7 +29,7 @@ namespace opkele {
}
RP_verifier& operator++() { ++seen; return *this; }
- RP_verifier& operator++(int) { +seen; return *this; }
+ RP_verifier& operator++(int) { ++seen; return *this; }
};
void verify_OP::verify_return_to() {