summaryrefslogtreecommitdiffabout
authorMichael Krelin <hacker@klever.net>2005-07-20 23:17:25 (UTC)
committer Michael Krelin <hacker@klever.net>2005-07-20 23:17:25 (UTC)
commit84a0285be7c7a57cfc00cb31a4a1da9902fa1b34 (patch) (unidiff)
tree608822c31cbedeb35c7341b88456dd9c826b4d27
parent9634a1491130ef24130454e951672301e805351f (diff)
downloadlibopkele-84a0285be7c7a57cfc00cb31a4a1da9902fa1b34.zip
libopkele-84a0285be7c7a57cfc00cb31a4a1da9902fa1b34.tar.gz
libopkele-84a0285be7c7a57cfc00cb31a4a1da9902fa1b34.tar.bz2
moved util::canonicalize_url to consumer class
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--include/opkele/consumer.h2
-rw-r--r--include/opkele/util.h1
-rw-r--r--lib/consumer.cc29
-rw-r--r--lib/util.cc25
4 files changed, 29 insertions, 28 deletions
diff --git a/include/opkele/consumer.h b/include/opkele/consumer.h
index b9c29bd..3c0ed5f 100644
--- a/include/opkele/consumer.h
+++ b/include/opkele/consumer.h
@@ -1,135 +1,137 @@
1#ifndef __OPKELE_CONSUMER_H 1#ifndef __OPKELE_CONSUMER_H
2#define __OPKELE_CONSUMER_H 2#define __OPKELE_CONSUMER_H
3 3
4#include <opkele/types.h> 4#include <opkele/types.h>
5 5
6/** 6/**
7 * @file 7 * @file
8 * @brief OpenID consumer-side functionality 8 * @brief OpenID consumer-side functionality
9 */ 9 */
10 10
11/** 11/**
12 * @brief the main opkele namespace 12 * @brief the main opkele namespace
13 */ 13 */
14namespace opkele { 14namespace opkele {
15 15
16 /** 16 /**
17 * implementation of basic consumer functionality 17 * implementation of basic consumer functionality
18 */ 18 */
19 class consumer_t { 19 class consumer_t {
20 public: 20 public:
21 21
22 /** 22 /**
23 * store association. The function should be overridden in the real 23 * store association. The function should be overridden in the real
24 * implementation to provide persistent associations store. 24 * implementation to provide persistent associations store.
25 * @param server the OpenID server 25 * @param server the OpenID server
26 * @param handle association handle 26 * @param handle association handle
27 * @param secret the secret associated with the server and handle 27 * @param secret the secret associated with the server and handle
28 * @param expires_in the number of seconds until the handle is expired 28 * @param expires_in the number of seconds until the handle is expired
29 * @return the auto_ptr<> for the newly allocated association_t object 29 * @return the auto_ptr<> for the newly allocated association_t object
30 */ 30 */
31 virtual assoc_t store_assoc(const string& server,const string& handle,const secret_t& secret,int expires_in) = 0; 31 virtual assoc_t store_assoc(const string& server,const string& handle,const secret_t& secret,int expires_in) = 0;
32 /** 32 /**
33 * retrieve stored association. The function should be overridden 33 * retrieve stored association. The function should be overridden
34 * in the real implementation to provide persistent assocations 34 * in the real implementation to provide persistent assocations
35 * store. 35 * store.
36 * @param server the OpenID server 36 * @param server the OpenID server
37 * @param handle association handle 37 * @param handle association handle
38 * @return the autho_ptr<> for the newly allocated association_t object 38 * @return the autho_ptr<> for the newly allocated association_t object
39 * @throw failed_lookup in case of error 39 * @throw failed_lookup in case of error
40 */ 40 */
41 virtual assoc_t retrieve_assoc(const string& server,const string& handle) = 0; 41 virtual assoc_t retrieve_assoc(const string& server,const string& handle) = 0;
42 /** 42 /**
43 * invalidate stored association. The function should be overridden 43 * invalidate stored association. The function should be overridden
44 * in the real implementation of the consumer. 44 * in the real implementation of the consumer.
45 * @param server the OpenID server 45 * @param server the OpenID server
46 * @param handle association handle 46 * @param handle association handle
47 */ 47 */
48 virtual void invalidate_assoc(const string& server,const string& handle) = 0; 48 virtual void invalidate_assoc(const string& server,const string& handle) = 0;
49 /** 49 /**
50 * retrieve any unexpired association for the server. If the 50 * retrieve any unexpired association for the server. If the
51 * function is not overridden in the real implementation, the new 51 * function is not overridden in the real implementation, the new
52 * association will be established for each request. 52 * association will be established for each request.
53 * @param server the OpenID server 53 * @param server the OpenID server
54 * @return the auto_ptr<> for the newly allocated association_t object 54 * @return the auto_ptr<> for the newly allocated association_t object
55 * @throw failed_lookup in case of absence of the handle 55 * @throw failed_lookup in case of absence of the handle
56 */ 56 */
57 virtual assoc_t find_assoc(const string& server); 57 virtual assoc_t find_assoc(const string& server);
58 58
59 /** 59 /**
60 * retrieve the metainformation contained in link tags from the 60 * retrieve the metainformation contained in link tags from the
61 * page pointed by url. the function may implement caching of the 61 * page pointed by url. the function may implement caching of the
62 * information. 62 * information.
63 * @param url url to harvest for link tags 63 * @param url url to harvest for link tags
64 * @param server reference to the string object where to put 64 * @param server reference to the string object where to put
65 * openid.server value 65 * openid.server value
66 * @param delegate reference to the string object where to put the 66 * @param delegate reference to the string object where to put the
67 * openid.delegate value (if any) 67 * openid.delegate value (if any)
68 */ 68 */
69 virtual void retrieve_links(const string& url,string& server,string& delegate); 69 virtual void retrieve_links(const string& url,string& server,string& delegate);
70 70
71 /** 71 /**
72 * perform the associate request to OpenID server. 72 * perform the associate request to OpenID server.
73 * @param server the OpenID server 73 * @param server the OpenID server
74 * @return the auto_ptr<> for the newly allocated association_t 74 * @return the auto_ptr<> for the newly allocated association_t
75 * object, representing established association 75 * object, representing established association
76 * @throw exception in case of error 76 * @throw exception in case of error
77 */ 77 */
78 assoc_t associate(const string& server); 78 assoc_t associate(const string& server);
79 /** 79 /**
80 * prepare the parameters for the checkid_immediate 80 * prepare the parameters for the checkid_immediate
81 * request. 81 * request.
82 * @param identity the identity to verify 82 * @param identity the identity to verify
83 * @param return_to the return_to url to pass with the request 83 * @param return_to the return_to url to pass with the request
84 * @param trust_root the trust root to advertise with the request 84 * @param trust_root the trust root to advertise with the request
85 * @return the location string 85 * @return the location string
86 * @throw exception in case of error 86 * @throw exception in case of error
87 */ 87 */
88 string checkid_immediate(const string& identity,const string& return_to,const string& trust_root=""); 88 string checkid_immediate(const string& identity,const string& return_to,const string& trust_root="");
89 /** 89 /**
90 * prepare the parameters for the checkid_setup 90 * prepare the parameters for the checkid_setup
91 * request. 91 * request.
92 * @param identity the identity to verify 92 * @param identity the identity to verify
93 * @param return_to the return_to url to pass with the request 93 * @param return_to the return_to url to pass with the request
94 * @param trust_root the trust root to advertise with the request 94 * @param trust_root the trust root to advertise with the request
95 * @return the location string 95 * @return the location string
96 * @throw exception in case of error 96 * @throw exception in case of error
97 */ 97 */
98 string checkid_setup(const string& identity,const string& return_to,const string& trust_root=""); 98 string checkid_setup(const string& identity,const string& return_to,const string& trust_root="");
99 /** 99 /**
100 * the actual implementation behind checkid_immediate() and 100 * the actual implementation behind checkid_immediate() and
101 * checkid_setup() functions. 101 * checkid_setup() functions.
102 * @param mode checkid_* mode - either mode_checkid_immediate or mode_checkid_setup 102 * @param mode checkid_* mode - either mode_checkid_immediate or mode_checkid_setup
103 * @param identity the identity to verify 103 * @param identity the identity to verify
104 * @param return_to the return_to url to pass with the request 104 * @param return_to the return_to url to pass with the request
105 * @param trust_root the trust root to advertise with the request 105 * @param trust_root the trust root to advertise with the request
106 * @return the location string 106 * @return the location string
107 * @throw exception in case of error 107 * @throw exception in case of error
108 */ 108 */
109 string checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root=""); 109 string checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root="");
110 /** 110 /**
111 * verify the id_res response 111 * verify the id_res response
112 * @param pin the response parameters 112 * @param pin the response parameters
113 * @param identity the identity being checked (if not specified, extracted 113 * @param identity the identity being checked (if not specified, extracted
114 * from the openid.identity parameter 114 * from the openid.identity parameter
115 * @throw id_res_mismatch in case of signature 115 * @throw id_res_mismatch in case of signature
116 * mismatch 116 * mismatch
117 * @throw id_res_setup in case of 117 * @throw id_res_setup in case of
118 * openid.user_setup_url failure (supposedly 118 * openid.user_setup_url failure (supposedly
119 * checkid_immediate only) 119 * checkid_immediate only)
120 * @throw id_res_failed in case of failure 120 * @throw id_res_failed in case of failure
121 * @throw exception in case of other failures 121 * @throw exception in case of other failures
122 */ 122 */
123 void id_res(const params_t& pin,const string& identity=""); 123 void id_res(const params_t& pin,const string& identity="");
124 /** 124 /**
125 * perform a check_authentication request. 125 * perform a check_authentication request.
126 * @param server the OpenID server 126 * @param server the OpenID server
127 * @param p request parameters 127 * @param p request parameters
128 */ 128 */
129 void check_authentication(const string& server,const params_t& p); 129 void check_authentication(const string& server,const params_t& p);
130 130
131 static string canonicalize(const string& url);
132
131 }; 133 };
132 134
133} 135}
134 136
135#endif /* __OPKELE_CONSUMER_H */ 137#endif /* __OPKELE_CONSUMER_H */
diff --git a/include/opkele/util.h b/include/opkele/util.h
index fbbef93..5372498 100644
--- a/include/opkele/util.h
+++ b/include/opkele/util.h
@@ -1,60 +1,59 @@
1#ifndef __OPKELE_UTIL_H 1#ifndef __OPKELE_UTIL_H
2#define __OPKELE_UTIL_H 2#define __OPKELE_UTIL_H
3 3
4#include <time.h> 4#include <time.h>
5#include <string> 5#include <string>
6#include <openssl/bn.h> 6#include <openssl/bn.h>
7#include <openssl/dh.h> 7#include <openssl/dh.h>
8 8
9namespace opkele { 9namespace opkele {
10 using std::string; 10 using std::string;
11 11
12 namespace util { 12 namespace util {
13 13
14 class bignum_t { 14 class bignum_t {
15 public: 15 public:
16 BIGNUM *_bn; 16 BIGNUM *_bn;
17 17
18 bignum_t() : _bn(0) { } 18 bignum_t() : _bn(0) { }
19 bignum_t(BIGNUM *bn) : _bn(bn) { } 19 bignum_t(BIGNUM *bn) : _bn(bn) { }
20 ~bignum_t() throw() { if(_bn) BN_free(_bn); } 20 ~bignum_t() throw() { if(_bn) BN_free(_bn); }
21 21
22 bignum_t& operator=(BIGNUM *bn) { if(_bn) BN_free(_bn); _bn = bn; return *this; } 22 bignum_t& operator=(BIGNUM *bn) { if(_bn) BN_free(_bn); _bn = bn; return *this; }
23 23
24 operator const BIGNUM*(void) const { return _bn; } 24 operator const BIGNUM*(void) const { return _bn; }
25 operator BIGNUM*(void) { return _bn; } 25 operator BIGNUM*(void) { return _bn; }
26 }; 26 };
27 class dh_t { 27 class dh_t {
28 public: 28 public:
29 DH *_dh; 29 DH *_dh;
30 30
31 dh_t() : _dh(0) { } 31 dh_t() : _dh(0) { }
32 dh_t(DH *dh) : _dh(dh) { } 32 dh_t(DH *dh) : _dh(dh) { }
33 ~dh_t() throw() { if(_dh) DH_free(_dh); } 33 ~dh_t() throw() { if(_dh) DH_free(_dh); }
34 34
35 dh_t& operator=(DH *dh) { if(_dh) DH_free(_dh); _dh = dh; return *this; } 35 dh_t& operator=(DH *dh) { if(_dh) DH_free(_dh); _dh = dh; return *this; }
36 36
37 operator const DH*(void) const { return _dh; } 37 operator const DH*(void) const { return _dh; }
38 operator DH*(void) { return _dh; } 38 operator DH*(void) { return _dh; }
39 39
40 DH* operator->() { return _dh; } 40 DH* operator->() { return _dh; }
41 const DH* operator->() const { return _dh; } 41 const DH* operator->() const { return _dh; }
42 }; 42 };
43 43
44 BIGNUM *base64_to_bignum(const string& b64); 44 BIGNUM *base64_to_bignum(const string& b64);
45 BIGNUM *dec_to_bignum(const string& dec); 45 BIGNUM *dec_to_bignum(const string& dec);
46 string bignum_to_base64(const BIGNUM *bn); 46 string bignum_to_base64(const BIGNUM *bn);
47 47
48 string time_to_w3c(time_t t); 48 string time_to_w3c(time_t t);
49 time_t w3c_to_time(const string& w); 49 time_t w3c_to_time(const string& w);
50 50
51 string canonicalize_url(const string& url);
52 string url_encode(const string& str); 51 string url_encode(const string& str);
53 52
54 string long_to_string(long l); 53 string long_to_string(long l);
55 long string_to_long(const string& s); 54 long string_to_long(const string& s);
56 } 55 }
57 56
58} 57}
59 58
60#endif /* __OPKELE_UTIL_H */ 59#endif /* __OPKELE_UTIL_H */
diff --git a/lib/consumer.cc b/lib/consumer.cc
index bd76b61..cbe0769 100644
--- a/lib/consumer.cc
+++ b/lib/consumer.cc
@@ -1,316 +1,341 @@
1#include <algorithm> 1#include <algorithm>
2#include <opkele/util.h> 2#include <opkele/util.h>
3#include <opkele/exception.h> 3#include <opkele/exception.h>
4#include <opkele/data.h> 4#include <opkele/data.h>
5#include <opkele/consumer.h> 5#include <opkele/consumer.h>
6#include <openssl/sha.h> 6#include <openssl/sha.h>
7#include <openssl/hmac.h> 7#include <openssl/hmac.h>
8#include <mimetic/mimetic.h> 8#include <mimetic/mimetic.h>
9#include <curl/curl.h> 9#include <curl/curl.h>
10#include <pcre++.h> 10#include <pcre++.h>
11 11
12#include <iostream> 12#include <iostream>
13 13
14/* silly mimetic */ 14/* silly mimetic */
15#undef PACKAGE 15#undef PACKAGE
16#undef PACKAGE_BUGREPORT 16#undef PACKAGE_BUGREPORT
17#undef PACKAGE_NAME 17#undef PACKAGE_NAME
18#undef PACKAGE_STRING 18#undef PACKAGE_STRING
19#undef PACKAGE_TARNAME 19#undef PACKAGE_TARNAME
20#undef PACKAGE_VERSION 20#undef PACKAGE_VERSION
21#undef VERSION 21#undef VERSION
22 22
23#include "config.h" 23#include "config.h"
24 24
25namespace opkele { 25namespace opkele {
26 using namespace std; 26 using namespace std;
27 27
28 class curl_t { 28 class curl_t {
29 public: 29 public:
30 CURL *_c; 30 CURL *_c;
31 31
32 curl_t() : _c(0) { } 32 curl_t() : _c(0) { }
33 curl_t(CURL *c) : _c(c) { } 33 curl_t(CURL *c) : _c(c) { }
34 ~curl_t() throw() { if(_c) curl_easy_cleanup(_c); } 34 ~curl_t() throw() { if(_c) curl_easy_cleanup(_c); }
35 35
36 curl_t& operator=(CURL *c) { if(_c) curl_easy_cleanup(_c); _c=c; return *this; } 36 curl_t& operator=(CURL *c) { if(_c) curl_easy_cleanup(_c); _c=c; return *this; }
37 37
38 operator const CURL*(void) const { return _c; } 38 operator const CURL*(void) const { return _c; }
39 operator CURL*(void) { return _c; } 39 operator CURL*(void) { return _c; }
40 }; 40 };
41 41
42 static CURLcode curl_misc_sets(CURL* c) { 42 static CURLcode curl_misc_sets(CURL* c) {
43 CURLcode r; 43 CURLcode r;
44 (r=curl_easy_setopt(c,CURLOPT_FOLLOWLOCATION,1)) 44 (r=curl_easy_setopt(c,CURLOPT_FOLLOWLOCATION,1))
45 || (r=curl_easy_setopt(c,CURLOPT_MAXREDIRS,5)) 45 || (r=curl_easy_setopt(c,CURLOPT_MAXREDIRS,5))
46 || (r=curl_easy_setopt(c,CURLOPT_DNS_CACHE_TIMEOUT,120)) 46 || (r=curl_easy_setopt(c,CURLOPT_DNS_CACHE_TIMEOUT,120))
47 || (r=curl_easy_setopt(c,CURLOPT_DNS_USE_GLOBAL_CACHE,1)) 47 || (r=curl_easy_setopt(c,CURLOPT_DNS_USE_GLOBAL_CACHE,1))
48 || (r=curl_easy_setopt(c,CURLOPT_USERAGENT,PACKAGE_NAME"/"PACKAGE_VERSION)) 48 || (r=curl_easy_setopt(c,CURLOPT_USERAGENT,PACKAGE_NAME"/"PACKAGE_VERSION))
49 || (r=curl_easy_setopt(c,CURLOPT_TIMEOUT,20)) 49 || (r=curl_easy_setopt(c,CURLOPT_TIMEOUT,20))
50 ; 50 ;
51 return r; 51 return r;
52 } 52 }
53 53
54 static size_t _curl_tostring(void *ptr,size_t size,size_t nmemb,void *stream) { 54 static size_t _curl_tostring(void *ptr,size_t size,size_t nmemb,void *stream) {
55 string *str = (string*)stream; 55 string *str = (string*)stream;
56 size_t bytes = size*nmemb; 56 size_t bytes = size*nmemb;
57 size_t get = min(16384-str->length(),bytes); 57 size_t get = min(16384-str->length(),bytes);
58 str->append((const char*)ptr,get); 58 str->append((const char*)ptr,get);
59 return get; 59 return get;
60 } 60 }
61 61
62 assoc_t consumer_t::associate(const string& server) { 62 assoc_t consumer_t::associate(const string& server) {
63 util::dh_t dh = DH_new(); 63 util::dh_t dh = DH_new();
64 if(!dh) 64 if(!dh)
65 throw exception_openssl(OPKELE_CP_ "failed to DH_new()"); 65 throw exception_openssl(OPKELE_CP_ "failed to DH_new()");
66 dh->p = util::dec_to_bignum(data::_default_p); 66 dh->p = util::dec_to_bignum(data::_default_p);
67 dh->g = util::dec_to_bignum(data::_default_g); 67 dh->g = util::dec_to_bignum(data::_default_g);
68 if(!DH_generate_key(dh)) 68 if(!DH_generate_key(dh))
69 throw exception_openssl(OPKELE_CP_ "failed to DH_generate_key()"); 69 throw exception_openssl(OPKELE_CP_ "failed to DH_generate_key()");
70 string request = 70 string request =
71 "openid.mode=associate" 71 "openid.mode=associate"
72 "&openid.assoc_type=HMAC-SHA1" 72 "&openid.assoc_type=HMAC-SHA1"
73 "&openid.session_type=DH-SHA1" 73 "&openid.session_type=DH-SHA1"
74 "&openid.dh_consumer_public="; 74 "&openid.dh_consumer_public=";
75 request += util::url_encode(util::bignum_to_base64(dh->pub_key)); 75 request += util::url_encode(util::bignum_to_base64(dh->pub_key));
76 curl_t curl = curl_easy_init(); 76 curl_t curl = curl_easy_init();
77 if(!curl) 77 if(!curl)
78 throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()"); 78 throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");
79 string response; 79 string response;
80 CURLcode r; 80 CURLcode r;
81 (r=curl_misc_sets(curl)) 81 (r=curl_misc_sets(curl))
82 || (r=curl_easy_setopt(curl,CURLOPT_URL,server.c_str())) 82 || (r=curl_easy_setopt(curl,CURLOPT_URL,server.c_str()))
83 || (r=curl_easy_setopt(curl,CURLOPT_POST,1)) 83 || (r=curl_easy_setopt(curl,CURLOPT_POST,1))
84 || (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDS,request.data())) 84 || (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDS,request.data()))
85 || (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,request.length())) 85 || (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,request.length()))
86 || (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring)) 86 || (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))
87 || (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response)) 87 || (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response))
88 ; 88 ;
89 if(r) 89 if(r)
90 throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r); 90 throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);
91 if(r=curl_easy_perform(curl)) 91 if(r=curl_easy_perform(curl))
92 throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r); 92 throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);
93 params_t p; p.parse_keyvalues(response); 93 params_t p; p.parse_keyvalues(response);
94 if(p.has_param("assoc_type") && p.get_param("assoc_type")!="HMAC-SHA1") 94 if(p.has_param("assoc_type") && p.get_param("assoc_type")!="HMAC-SHA1")
95 throw bad_input(OPKELE_CP_ "unsupported assoc_type"); 95 throw bad_input(OPKELE_CP_ "unsupported assoc_type");
96 string st; 96 string st;
97 if(p.has_param("session_type")) st = p.get_param("session_type"); 97 if(p.has_param("session_type")) st = p.get_param("session_type");
98 if((!st.empty()) && st!="DH-SHA1") 98 if((!st.empty()) && st!="DH-SHA1")
99 throw bad_input(OPKELE_CP_ "unsupported session_type"); 99 throw bad_input(OPKELE_CP_ "unsupported session_type");
100 secret_t secret; 100 secret_t secret;
101 if(st.empty()) { 101 if(st.empty()) {
102 secret.from_base64(p.get_param("mac_key")); 102 secret.from_base64(p.get_param("mac_key"));
103 }else{ 103 }else{
104 util::bignum_t s_pub = util::base64_to_bignum(p.get_param("dh_server_public")); 104 util::bignum_t s_pub = util::base64_to_bignum(p.get_param("dh_server_public"));
105 vector<unsigned char> ck(DH_size(dh)); 105 vector<unsigned char> ck(DH_size(dh));
106 int cklen = DH_compute_key(&(ck.front()),s_pub,dh); 106 int cklen = DH_compute_key(&(ck.front()),s_pub,dh);
107 if(cklen<0) 107 if(cklen<0)
108 throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()"); 108 throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()");
109 ck.resize(cklen); 109 ck.resize(cklen);
110 // OpenID algorithm requires extra zero in case of set bit here 110 // OpenID algorithm requires extra zero in case of set bit here
111 if(ck[0]&0x80) ck.insert(ck.begin(),1,0); 111 if(ck[0]&0x80) ck.insert(ck.begin(),1,0);
112 unsigned char key_sha1[SHA_DIGEST_LENGTH]; 112 unsigned char key_sha1[SHA_DIGEST_LENGTH];
113 SHA1(&(ck.front()),ck.size(),key_sha1); 113 SHA1(&(ck.front()),ck.size(),key_sha1);
114 secret.enxor_from_base64(key_sha1,p.get_param("enc_mac_key")); 114 secret.enxor_from_base64(key_sha1,p.get_param("enc_mac_key"));
115 } 115 }
116 int expires_in = 0; 116 int expires_in = 0;
117 if(p.has_param("expires_in")) { 117 if(p.has_param("expires_in")) {
118 expires_in = util::string_to_long(p.get_param("expires_in")); 118 expires_in = util::string_to_long(p.get_param("expires_in"));
119 }else if(p.has_param("issued") && p.has_param("expiry")) { 119 }else if(p.has_param("issued") && p.has_param("expiry")) {
120 expires_in = util::w3c_to_time(p.get_param("expiry"))-util::w3c_to_time(p.get_param("issued")); 120 expires_in = util::w3c_to_time(p.get_param("expiry"))-util::w3c_to_time(p.get_param("issued"));
121 }else 121 }else
122 throw bad_input(OPKELE_CP_ "no expiration information"); 122 throw bad_input(OPKELE_CP_ "no expiration information");
123 return store_assoc(server,p.get_param("assoc_handle"),secret,expires_in); 123 return store_assoc(server,p.get_param("assoc_handle"),secret,expires_in);
124 } 124 }
125 125
126 string consumer_t::checkid_immediate(const string& identity,const string& return_to,const string& trust_root) { 126 string consumer_t::checkid_immediate(const string& identity,const string& return_to,const string& trust_root) {
127 return checkid_(mode_checkid_immediate,identity,return_to,trust_root); 127 return checkid_(mode_checkid_immediate,identity,return_to,trust_root);
128 } 128 }
129 string consumer_t::checkid_setup(const string& identity,const string& return_to,const string& trust_root) { 129 string consumer_t::checkid_setup(const string& identity,const string& return_to,const string& trust_root) {
130 return checkid_(mode_checkid_setup,identity,return_to,trust_root); 130 return checkid_(mode_checkid_setup,identity,return_to,trust_root);
131 } 131 }
132 string consumer_t::checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root) { 132 string consumer_t::checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root) {
133 params_t p; 133 params_t p;
134 if(mode==mode_checkid_immediate) 134 if(mode==mode_checkid_immediate)
135 p["mode"]="checkid_immediate"; 135 p["mode"]="checkid_immediate";
136 else if(mode==mode_checkid_setup) 136 else if(mode==mode_checkid_setup)
137 p["mode"]="checkid_setup"; 137 p["mode"]="checkid_setup";
138 else 138 else
139 throw bad_input(OPKELE_CP_ "unknown checkid_* mode"); 139 throw bad_input(OPKELE_CP_ "unknown checkid_* mode");
140 string iurl = util::canonicalize_url(identity); 140 string iurl = canonicalize(identity);
141 string server, delegate; 141 string server, delegate;
142 retrieve_links(iurl,server,delegate); 142 retrieve_links(iurl,server,delegate);
143 p["identity"] = delegate.empty()?iurl:delegate; 143 p["identity"] = delegate.empty()?iurl:delegate;
144 if(!trust_root.empty()) 144 if(!trust_root.empty())
145 p["trust_root"] = trust_root; 145 p["trust_root"] = trust_root;
146 p["return_to"] = return_to; 146 p["return_to"] = return_to;
147 try { 147 try {
148 try { 148 try {
149 string ah = find_assoc(server)->handle(); 149 string ah = find_assoc(server)->handle();
150 p["assoc_handle"] = ah; 150 p["assoc_handle"] = ah;
151 }catch(failed_lookup& fl) { 151 }catch(failed_lookup& fl) {
152 string ah = associate(server)->handle(); 152 string ah = associate(server)->handle();
153 p["assoc_handle"] = ah; 153 p["assoc_handle"] = ah;
154 } 154 }
155 }catch(exception& e) { } 155 }catch(exception& e) { }
156 return p.append_query(server); 156 return p.append_query(server);
157 } 157 }
158 158
159 void consumer_t::id_res(const params_t& pin,const string& identity) { 159 void consumer_t::id_res(const params_t& pin,const string& identity) {
160 if(pin.has_param("openid.user_setup_url")) 160 if(pin.has_param("openid.user_setup_url"))
161 throw id_res_setup(OPKELE_CP_ "assertion failed, setup url provided",pin.get_param("openid.user_setup_url")); 161 throw id_res_setup(OPKELE_CP_ "assertion failed, setup url provided",pin.get_param("openid.user_setup_url"));
162 string server,delegate; 162 string server,delegate;
163 retrieve_links(identity.empty()?pin.get_param("openid.identity"):util::canonicalize_url(identity),server,delegate); 163 retrieve_links(identity.empty()?pin.get_param("openid.identity"):canonicalize(identity),server,delegate);
164 try { 164 try {
165 assoc_t assoc = retrieve_assoc(server,pin.get_param("openid.assoc_handle")); 165 assoc_t assoc = retrieve_assoc(server,pin.get_param("openid.assoc_handle"));
166 const string& sigenc = pin.get_param("openid.sig"); 166 const string& sigenc = pin.get_param("openid.sig");
167 mimetic::Base64::Decoder b; 167 mimetic::Base64::Decoder b;
168 vector<unsigned char> sig; 168 vector<unsigned char> sig;
169 mimetic::decode( 169 mimetic::decode(
170 sigenc.begin(),sigenc.end(), b, 170 sigenc.begin(),sigenc.end(), b,
171 back_insert_iterator<vector<unsigned char> >(sig) ); 171 back_insert_iterator<vector<unsigned char> >(sig) );
172 const string& slist = pin.get_param("openid.signed"); 172 const string& slist = pin.get_param("openid.signed");
173 string kv; 173 string kv;
174 string::size_type p = 0; 174 string::size_type p = 0;
175 while(true) { 175 while(true) {
176 string::size_type co = slist.find(',',p); 176 string::size_type co = slist.find(',',p);
177 string f = (co==string::npos)?slist.substr(p):slist.substr(p,co-p); 177 string f = (co==string::npos)?slist.substr(p):slist.substr(p,co-p);
178 kv += f; 178 kv += f;
179 kv += ':'; 179 kv += ':';
180 f.insert(0,"openid."); 180 f.insert(0,"openid.");
181 kv += pin.get_param(f); 181 kv += pin.get_param(f);
182 kv += '\n'; 182 kv += '\n';
183 if(co==string::npos) 183 if(co==string::npos)
184 break; 184 break;
185 p = co+1; 185 p = co+1;
186 } 186 }
187 secret_t secret = assoc->secret(); 187 secret_t secret = assoc->secret();
188 unsigned int md_len = 0; 188 unsigned int md_len = 0;
189 unsigned char *md = HMAC( 189 unsigned char *md = HMAC(
190 EVP_sha1(), 190 EVP_sha1(),
191 &(secret.front()),secret.size(), 191 &(secret.front()),secret.size(),
192 (const unsigned char *)kv.data(),kv.length(), 192 (const unsigned char *)kv.data(),kv.length(),
193 0,&md_len); 193 0,&md_len);
194 if(sig.size()!=md_len || memcmp(&(sig.front()),md,md_len)) 194 if(sig.size()!=md_len || memcmp(&(sig.front()),md,md_len))
195 throw id_res_mismatch(OPKELE_CP_ "signature mismatch"); 195 throw id_res_mismatch(OPKELE_CP_ "signature mismatch");
196 }catch(failed_lookup& e) { /* XXX: more specific? */ 196 }catch(failed_lookup& e) { /* XXX: more specific? */
197 const string& slist = pin.get_param("openid.signed"); 197 const string& slist = pin.get_param("openid.signed");
198 string::size_type pp = 0; 198 string::size_type pp = 0;
199 params_t p; 199 params_t p;
200 while(true) { 200 while(true) {
201 string::size_type co = slist.find(',',pp); 201 string::size_type co = slist.find(',',pp);
202 string f = "openid."; 202 string f = "openid.";
203 f += (co==string::npos)?slist.substr(pp):slist.substr(pp,co-pp); 203 f += (co==string::npos)?slist.substr(pp):slist.substr(pp,co-pp);
204 p[f] = pin.get_param(f); 204 p[f] = pin.get_param(f);
205 if(co==string::npos) 205 if(co==string::npos)
206 break; 206 break;
207 pp = co+1; 207 pp = co+1;
208 } 208 }
209 p["openid.assoc_handle"] = pin.get_param("openid.assoc_handle"); 209 p["openid.assoc_handle"] = pin.get_param("openid.assoc_handle");
210 p["openid.sig"] = pin.get_param("openid.sig"); 210 p["openid.sig"] = pin.get_param("openid.sig");
211 p["openid.signed"] = pin.get_param("openid.signed"); 211 p["openid.signed"] = pin.get_param("openid.signed");
212 try { 212 try {
213 string ih = pin.get_param("openid.invalidate_handle"); 213 string ih = pin.get_param("openid.invalidate_handle");
214 p["openid.invalidate_handle"] = ih; 214 p["openid.invalidate_handle"] = ih;
215 }catch(failed_lookup& fl) { } 215 }catch(failed_lookup& fl) { }
216 try { 216 try {
217 check_authentication(server,p); 217 check_authentication(server,p);
218 }catch(failed_check_authentication& fca) { 218 }catch(failed_check_authentication& fca) {
219 throw id_res_failed(OPKELE_CP_ "failed to check_authentication()"); 219 throw id_res_failed(OPKELE_CP_ "failed to check_authentication()");
220 } 220 }
221 } 221 }
222 } 222 }
223 223
224 void consumer_t::check_authentication(const string& server,const params_t& p) { 224 void consumer_t::check_authentication(const string& server,const params_t& p) {
225 string request = "openid.mode=check_authentication"; 225 string request = "openid.mode=check_authentication";
226 for(params_t::const_iterator i=p.begin();i!=p.end();++i) { 226 for(params_t::const_iterator i=p.begin();i!=p.end();++i) {
227 if(i->first!="openid.mode") { 227 if(i->first!="openid.mode") {
228 request += '&'; 228 request += '&';
229 request += i->first; 229 request += i->first;
230 request += '='; 230 request += '=';
231 request += util::url_encode(i->second); 231 request += util::url_encode(i->second);
232 } 232 }
233 } 233 }
234 curl_t curl = curl_easy_init(); 234 curl_t curl = curl_easy_init();
235 if(!curl) 235 if(!curl)
236 throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()"); 236 throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");
237 string response; 237 string response;
238 CURLcode r; 238 CURLcode r;
239 (r=curl_misc_sets(curl)) 239 (r=curl_misc_sets(curl))
240 || (r=curl_easy_setopt(curl,CURLOPT_URL,server.c_str())) 240 || (r=curl_easy_setopt(curl,CURLOPT_URL,server.c_str()))
241 || (r=curl_easy_setopt(curl,CURLOPT_POST,1)) 241 || (r=curl_easy_setopt(curl,CURLOPT_POST,1))
242 || (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDS,request.data())) 242 || (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDS,request.data()))
243 || (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,request.length())) 243 || (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,request.length()))
244 || (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring)) 244 || (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))
245 || (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response)) 245 || (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response))
246 ; 246 ;
247 if(r) 247 if(r)
248 throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r); 248 throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);
249 if(r=curl_easy_perform(curl)) 249 if(r=curl_easy_perform(curl))
250 throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r); 250 throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);
251 params_t pp; pp.parse_keyvalues(response); 251 params_t pp; pp.parse_keyvalues(response);
252 if(pp.has_param("invalidate_handle")) 252 if(pp.has_param("invalidate_handle"))
253 invalidate_assoc(server,pp.get_param("invalidate_handle")); 253 invalidate_assoc(server,pp.get_param("invalidate_handle"));
254 if(pp.has_param("is_valid")) { 254 if(pp.has_param("is_valid")) {
255 if(pp.get_param("is_valid")=="true") 255 if(pp.get_param("is_valid")=="true")
256 return; 256 return;
257 }else if(pp.has_param("lifetime")) { 257 }else if(pp.has_param("lifetime")) {
258 if(util::string_to_long(pp.get_param("lifetime"))) 258 if(util::string_to_long(pp.get_param("lifetime")))
259 return; 259 return;
260 } 260 }
261 throw failed_check_authentication(OPKELE_CP_ "failed to verify response"); 261 throw failed_check_authentication(OPKELE_CP_ "failed to verify response");
262 } 262 }
263 263
264 void consumer_t::retrieve_links(const string& url,string& server,string& delegate) { 264 void consumer_t::retrieve_links(const string& url,string& server,string& delegate) {
265 server.erase(); 265 server.erase();
266 delegate.erase(); 266 delegate.erase();
267 curl_t curl = curl_easy_init(); 267 curl_t curl = curl_easy_init();
268 if(!curl) 268 if(!curl)
269 throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()"); 269 throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");
270 string html; 270 string html;
271 CURLcode r; 271 CURLcode r;
272 (r=curl_misc_sets(curl)) 272 (r=curl_misc_sets(curl))
273 || (r=curl_easy_setopt(curl,CURLOPT_URL,url.c_str())) 273 || (r=curl_easy_setopt(curl,CURLOPT_URL,url.c_str()))
274 || (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring)) 274 || (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))
275 || (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&html)) 275 || (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&html))
276 ; 276 ;
277 if(r) 277 if(r)
278 throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r); 278 throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);
279 r = curl_easy_perform(curl); 279 r = curl_easy_perform(curl);
280 if(r && r!=CURLE_WRITE_ERROR) 280 if(r && r!=CURLE_WRITE_ERROR)
281 throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r); 281 throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);
282 pcrepp::Pcre bre("<body\\b",PCRE_CASELESS); 282 pcrepp::Pcre bre("<body\\b",PCRE_CASELESS);
283 // strip out everything past body 283 // strip out everything past body
284 if(bre.search(html)) 284 if(bre.search(html))
285 html.erase(bre.get_match_start()); 285 html.erase(bre.get_match_start());
286 pcrepp::Pcre hdre("<head[^>]*>",PCRE_CASELESS); 286 pcrepp::Pcre hdre("<head[^>]*>",PCRE_CASELESS);
287 if(!hdre.search(html)) 287 if(!hdre.search(html))
288 throw bad_input(OPKELE_CP_ "failed to find head"); 288 throw bad_input(OPKELE_CP_ "failed to find head");
289 html.erase(0,hdre.get_match_end()+1); 289 html.erase(0,hdre.get_match_end()+1);
290 pcrepp::Pcre lre("<link\\b([^>]+)>",PCRE_CASELESS), 290 pcrepp::Pcre lre("<link\\b([^>]+)>",PCRE_CASELESS),
291 rre("\\brel=['\"]([^'\"]+)['\"]",PCRE_CASELESS), 291 rre("\\brel=['\"]([^'\"]+)['\"]",PCRE_CASELESS),
292 hre("\\bhref=['\"]([^'\"]+)['\"]",PCRE_CASELESS); 292 hre("\\bhref=['\"]([^'\"]+)['\"]",PCRE_CASELESS);
293 while(lre.search(html)) { 293 while(lre.search(html)) {
294 string attrs = lre[0]; 294 string attrs = lre[0];
295 html.erase(0,lre.get_match_end()+1); 295 html.erase(0,lre.get_match_end()+1);
296 if(!(rre.search(attrs)&&hre.search(attrs))) 296 if(!(rre.search(attrs)&&hre.search(attrs)))
297 continue; 297 continue;
298 if(rre[0]=="openid.server") { 298 if(rre[0]=="openid.server") {
299 server = hre[0]; 299 server = hre[0];
300 if(!delegate.empty()) 300 if(!delegate.empty())
301 break; 301 break;
302 }else if(rre[0]=="openid.delegate") { 302 }else if(rre[0]=="openid.delegate") {
303 delegate = hre[0]; 303 delegate = hre[0];
304 if(!server.empty()) 304 if(!server.empty())
305 break; 305 break;
306 } 306 }
307 } 307 }
308 if(server.empty()) 308 if(server.empty())
309 throw failed_assertion(OPKELE_CP_ "The location has no openid.server declaration"); 309 throw failed_assertion(OPKELE_CP_ "The location has no openid.server declaration");
310 } 310 }
311 311
312 assoc_t consumer_t::find_assoc(const string& server) { 312 assoc_t consumer_t::find_assoc(const string& server) {
313 throw failed_lookup(OPKELE_CP_ "no find_assoc() provided"); 313 throw failed_lookup(OPKELE_CP_ "no find_assoc() provided");
314 } 314 }
315 315
316 string consumer_t::canonicalize(const string& url) {
317 string rv = url;
318 // strip leading and trailing spaces
319 string::size_type i = rv.find_first_not_of(" \t\r\n");
320 if(i==string::npos)
321 throw bad_input(OPKELE_CP_ "empty URL");
322 if(i)
323 rv.erase(0,i);
324 i = rv.find_last_not_of(" \t\r\n");
325 assert(i!=string::npos);
326 if(i<(rv.length()-1))
327 rv.erase(i+1);
328 // add missing http://
329 i = rv.find("://");
330 if(i==string::npos) { // primitive. but do we need more?
331 rv.insert(0,"http://");
332 i = sizeof("http://")-1;
333 }else{
334 i += sizeof("://")-1;
335 }
336 if(rv.find('/',i)==string::npos)
337 rv += '/';
338 return rv;
339 }
340
316} 341}
diff --git a/lib/util.cc b/lib/util.cc
index 1e7335c..d78b5e0 100644
--- a/lib/util.cc
+++ b/lib/util.cc
@@ -1,138 +1,113 @@
1#include <errno.h> 1#include <errno.h>
2#include <cassert> 2#include <cassert>
3#include <vector> 3#include <vector>
4#include <string> 4#include <string>
5#include <mimetic/mimetic.h> 5#include <mimetic/mimetic.h>
6#include <curl/curl.h> 6#include <curl/curl.h>
7#include "opkele/util.h" 7#include "opkele/util.h"
8#include "opkele/exception.h" 8#include "opkele/exception.h"
9 9
10namespace opkele { 10namespace opkele {
11 using namespace std; 11 using namespace std;
12 12
13 namespace util { 13 namespace util {
14 14
15 /* 15 /*
16 * big numerics 16 * big numerics
17 */ 17 */
18 18
19 BIGNUM *base64_to_bignum(const string& b64) { 19 BIGNUM *base64_to_bignum(const string& b64) {
20 vector<unsigned char> bin; 20 vector<unsigned char> bin;
21 mimetic::Base64::Decoder b; 21 mimetic::Base64::Decoder b;
22 mimetic::decode( 22 mimetic::decode(
23 b64.begin(),b64.end(), b, 23 b64.begin(),b64.end(), b,
24 back_insert_iterator<vector<unsigned char> >(bin) ); 24 back_insert_iterator<vector<unsigned char> >(bin) );
25 BIGNUM *rv = BN_bin2bn(&(bin.front()),bin.size(),0); 25 BIGNUM *rv = BN_bin2bn(&(bin.front()),bin.size(),0);
26 if(!rv) 26 if(!rv)
27 throw failed_conversion(OPKELE_CP_ "failed to BN_bin2bn()"); 27 throw failed_conversion(OPKELE_CP_ "failed to BN_bin2bn()");
28 return rv; 28 return rv;
29 } 29 }
30 30
31 BIGNUM *dec_to_bignum(const string& dec) { 31 BIGNUM *dec_to_bignum(const string& dec) {
32 BIGNUM *rv = 0; 32 BIGNUM *rv = 0;
33 if(!BN_dec2bn(&rv,dec.c_str())) 33 if(!BN_dec2bn(&rv,dec.c_str()))
34 throw failed_conversion(OPKELE_CP_ "failed to BN_dec2bn()"); 34 throw failed_conversion(OPKELE_CP_ "failed to BN_dec2bn()");
35 return rv; 35 return rv;
36 } 36 }
37 37
38 string bignum_to_base64(const BIGNUM *bn) { 38 string bignum_to_base64(const BIGNUM *bn) {
39 vector<unsigned char> bin(BN_num_bytes(bn)); 39 vector<unsigned char> bin(BN_num_bytes(bn));
40 int l = BN_bn2bin(bn,&(bin.front())); 40 int l = BN_bn2bin(bn,&(bin.front()));
41 string rv; 41 string rv;
42 mimetic::Base64::Encoder b(0); 42 mimetic::Base64::Encoder b(0);
43 mimetic::encode( 43 mimetic::encode(
44 bin.begin(),bin.begin()+l, b, 44 bin.begin(),bin.begin()+l, b,
45 back_insert_iterator<string>(rv) ); 45 back_insert_iterator<string>(rv) );
46 return rv; 46 return rv;
47 } 47 }
48 48
49 /* 49 /*
50 * w3c times 50 * w3c times
51 */ 51 */
52 52
53 string time_to_w3c(time_t t) { 53 string time_to_w3c(time_t t) {
54 struct tm tm_t; 54 struct tm tm_t;
55 if(!gmtime_r(&t,&tm_t)) 55 if(!gmtime_r(&t,&tm_t))
56 throw failed_conversion(OPKELE_CP_ "failed to BN_dec2bn()"); 56 throw failed_conversion(OPKELE_CP_ "failed to BN_dec2bn()");
57 char rv[25]; 57 char rv[25];
58 if(!strftime(rv,sizeof(rv)-1,"%Y-%m-%dT%H:%M:%SZ",&tm_t)) 58 if(!strftime(rv,sizeof(rv)-1,"%Y-%m-%dT%H:%M:%SZ",&tm_t))
59 throw failed_conversion(OPKELE_CP_ "failed to strftime()"); 59 throw failed_conversion(OPKELE_CP_ "failed to strftime()");
60 return rv; 60 return rv;
61 } 61 }
62 62
63 time_t w3c_to_time(const string& w) { 63 time_t w3c_to_time(const string& w) {
64 struct tm tm_t; 64 struct tm tm_t;
65 memset(&tm_t,0,sizeof(tm_t)); 65 memset(&tm_t,0,sizeof(tm_t));
66 if( 66 if(
67 sscanf( 67 sscanf(
68 w.c_str(), 68 w.c_str(),
69 "%04d-%02d-%02dT%02d:%02d:%02dZ", 69 "%04d-%02d-%02dT%02d:%02d:%02dZ",
70 &tm_t.tm_year,&tm_t.tm_mon,&tm_t.tm_mday, 70 &tm_t.tm_year,&tm_t.tm_mon,&tm_t.tm_mday,
71 &tm_t.tm_hour,&tm_t.tm_min,&tm_t.tm_sec 71 &tm_t.tm_hour,&tm_t.tm_min,&tm_t.tm_sec
72 ) != 6 ) 72 ) != 6 )
73 throw failed_conversion(OPKELE_CP_ "failed to sscanf()"); 73 throw failed_conversion(OPKELE_CP_ "failed to sscanf()");
74 tm_t.tm_mon--; 74 tm_t.tm_mon--;
75 tm_t.tm_year-=1900; 75 tm_t.tm_year-=1900;
76 time_t rv = mktime(&tm_t); 76 time_t rv = mktime(&tm_t);
77 if(rv==(time_t)-1) 77 if(rv==(time_t)-1)
78 throw failed_conversion(OPKELE_CP_ "failed to mktime()"); 78 throw failed_conversion(OPKELE_CP_ "failed to mktime()");
79 return rv; 79 return rv;
80 } 80 }
81 81
82 /* 82 /*
83 * 83 *
84 */ 84 */
85 85
86 string canonicalize_url(const string& url) {
87 string rv = url;
88 // strip leading and trailing spaces
89 string::size_type i = rv.find_first_not_of(" \t\r\n");
90 if(i==string::npos)
91 throw bad_input(OPKELE_CP_ "empty URL");
92 if(i)
93 rv.erase(0,i);
94 i = rv.find_last_not_of(" \t\r\n");
95 assert(i!=string::npos);
96 if(i<(rv.length()-1))
97 rv.erase(i+1);
98 // add missing http://
99 i = rv.find("://");
100 if(i==string::npos) { // primitive. but do we need more?
101 rv.insert(0,"http://");
102 i = sizeof("http://")-1;
103 }else{
104 i += sizeof("://")-1;
105 }
106 if(rv.find('/',i)==string::npos)
107 rv += '/';
108 return rv;
109 }
110
111 string url_encode(const string& str) { 86 string url_encode(const string& str) {
112 char * t = curl_escape(str.c_str(),str.length()); 87 char * t = curl_escape(str.c_str(),str.length());
113 if(!t) 88 if(!t)
114 throw failed_conversion(OPKELE_CP_ "failed to curl_escape()"); 89 throw failed_conversion(OPKELE_CP_ "failed to curl_escape()");
115 string rv(t); 90 string rv(t);
116 curl_free(t); 91 curl_free(t);
117 return rv; 92 return rv;
118 } 93 }
119 94
120 string long_to_string(long l) { 95 string long_to_string(long l) {
121 char rv[32]; 96 char rv[32];
122 int r=snprintf(rv,sizeof(rv),"%ld",l); 97 int r=snprintf(rv,sizeof(rv),"%ld",l);
123 if(r<0 || r>=sizeof(rv)) 98 if(r<0 || r>=sizeof(rv))
124 throw failed_conversion(OPKELE_CP_ "failed to snprintf()"); 99 throw failed_conversion(OPKELE_CP_ "failed to snprintf()");
125 return rv; 100 return rv;
126 } 101 }
127 102
128 long string_to_long(const string& s) { 103 long string_to_long(const string& s) {
129 char *endptr = 0; 104 char *endptr = 0;
130 long rv = strtol(s.c_str(),&endptr,10); 105 long rv = strtol(s.c_str(),&endptr,10);
131 if((!endptr) || endptr==s.c_str()) 106 if((!endptr) || endptr==s.c_str())
132 throw failed_conversion(OPKELE_CP_ "failed to strtol()"); 107 throw failed_conversion(OPKELE_CP_ "failed to strtol()");
133 return rv; 108 return rv;
134 } 109 }
135 110
136 } 111 }
137 112
138} 113}