| author | Michael Krelin <hacker@klever.net> | 2007-11-21 17:05:50 (UTC) |
|---|---|---|
| committer | Michael Krelin <hacker@klever.net> | 2007-11-21 17:05:50 (UTC) |
| commit | d9772d76607ad5b293e385df26cce4c87b8f6e54 (patch) (side-by-side diff) | |
| tree | 2839b510d90652a429af68c37970bed1d63970fd | |
| parent | 55008364921771a74a1192411583a72cc05adfa6 (diff) | |
| download | libopkele-d9772d76607ad5b293e385df26cce4c87b8f6e54.zip libopkele-d9772d76607ad5b293e385df26cce4c87b8f6e54.tar.gz libopkele-d9772d76607ad5b293e385df26cce4c87b8f6e54.tar.bz2 | |
further calming compiler down
Signed-off-by: Michael Krelin <hacker@klever.net>
| -rw-r--r-- | lib/consumer.cc | 2 | ||||
| -rw-r--r-- | lib/extension.cc | 6 | ||||
| -rw-r--r-- | lib/sreg.cc | 6 | ||||
| -rw-r--r-- | test/test.cc | 6 |
4 files changed, 10 insertions, 10 deletions
diff --git a/lib/consumer.cc b/lib/consumer.cc index d578546..7881f5f 100644 --- a/lib/consumer.cc +++ b/lib/consumer.cc @@ -188,253 +188,253 @@ namespace opkele { if(!trust_root.empty()) p["trust_root"] = trust_root; p["return_to"] = return_to; try { string ah = find_assoc(server)->handle(); p["assoc_handle"] = ah; }catch(failed_lookup& fl) { string ah = associate(server)->handle(); p["assoc_handle"] = ah; } if(ext) ext->checkid_hook(p,identity); return p.append_query(server); } void consumer_t::id_res(const params_t& pin,const string& identity,extension_t *ext) { if(pin.has_param("openid.user_setup_url")) throw id_res_setup(OPKELE_CP_ "assertion failed, setup url provided",pin.get_param("openid.user_setup_url")); string server,delegate; retrieve_links(identity.empty()?pin.get_param("openid.identity"):canonicalize(identity),server,delegate); params_t ps; try { assoc_t assoc = retrieve_assoc(server,pin.get_param("openid.assoc_handle")); if(assoc->is_expired()) /* TODO: or should I throw some other exception to force programmer fix his implementation? */ throw failed_lookup(OPKELE_CP_ "retrieve_assoc() has returned expired handle"); const string& sigenc = pin.get_param("openid.sig"); vector<unsigned char> sig; util::decode_base64(sigenc,sig); const string& slist = pin.get_param("openid.signed"); string kv; string::size_type p = 0; while(true) { string::size_type co = slist.find(',',p); string f = (co==string::npos)?slist.substr(p):slist.substr(p,co-p); kv += f; kv += ':'; f.insert(0,"openid."); kv += pin.get_param(f); kv += '\n'; if(ext) ps[f.substr(sizeof("openid.")-1)] = pin.get_param(f); if(co==string::npos) break; p = co+1; } secret_t secret = assoc->secret(); unsigned int md_len = 0; unsigned char *md = HMAC( EVP_sha1(), &(secret.front()),secret.size(), (const unsigned char *)kv.data(),kv.length(), 0,&md_len); if(sig.size()!=md_len || memcmp(&(sig.front()),md,md_len)) throw id_res_mismatch(OPKELE_CP_ "signature mismatch"); }catch(failed_lookup& e) { /* XXX: more specific? */ const string& slist = pin.get_param("openid.signed"); string::size_type pp = 0; params_t p; while(true) { string::size_type co = slist.find(',',pp); string f = "openid."; f += (co==string::npos)?slist.substr(pp):slist.substr(pp,co-pp); p[f] = pin.get_param(f); if(co==string::npos) break; pp = co+1; } p["openid.assoc_handle"] = pin.get_param("openid.assoc_handle"); p["openid.sig"] = pin.get_param("openid.sig"); p["openid.signed"] = pin.get_param("openid.signed"); try { string ih = pin.get_param("openid.invalidate_handle"); p["openid.invalidate_handle"] = ih; }catch(failed_lookup& fl) { } try { check_authentication(server,p); }catch(failed_check_authentication& fca) { throw id_res_failed(OPKELE_CP_ "failed to check_authentication()"); } } if(ext) ext->id_res_hook(pin,ps,identity); } void consumer_t::check_authentication(const string& server,const params_t& p) { string request = "openid.mode=check_authentication"; for(params_t::const_iterator i=p.begin();i!=p.end();++i) { if(i->first!="openid.mode") { request += '&'; request += i->first; request += '='; request += util::url_encode(i->second); } } curl_t curl = curl_easy_init(); if(!curl) throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()"); string response; CURLcode r; (r=curl_misc_sets(curl)) || (r=curl_easy_setopt(curl,CURLOPT_URL,server.c_str())) || (r=curl_easy_setopt(curl,CURLOPT_POST,1)) || (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDS,request.data())) || (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,request.length())) || (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring)) || (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response)) ; if(r) throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r); if( (r=curl_easy_perform(curl)) ) throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r); params_t pp; pp.parse_keyvalues(response); if(pp.has_param("invalidate_handle")) invalidate_assoc(server,pp.get_param("invalidate_handle")); if(pp.has_param("is_valid")) { if(pp.get_param("is_valid")=="true") return; }else if(pp.has_param("lifetime")) { if(util::string_to_long(pp.get_param("lifetime"))) return; } throw failed_check_authentication(OPKELE_CP_ "failed to verify response"); } void consumer_t::retrieve_links(const string& url,string& server,string& delegate) { server.erase(); delegate.erase(); curl_t curl = curl_easy_init(); if(!curl) throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()"); string html; CURLcode r; (r=curl_misc_sets(curl)) || (r=curl_easy_setopt(curl,CURLOPT_URL,url.c_str())) || (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring)) || (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&html)) ; if(r) throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r); r = curl_easy_perform(curl); if(r && r!=CURLE_WRITE_ERROR) throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r); static const char *re_bre = "<\\s*body\\b", *re_hdre = "<\\s*head[^>]*>", *re_lre = "<\\s*link\\b([^>]+)>", *re_rre = "\\brel\\s*=\\s*['\"]([^'\"]+)['\"]", *re_hre = "\\bhref\\s*=\\s*['\"]\\s*([^'\"\\s]+)\\s*['\"]"; pcre_matches_t m1(3), m2(3); pcre_t bre(re_bre,PCRE_CASELESS); if(bre.exec(html,m1)>0) html.erase(m1.begin(0)); pcre_t hdre(re_hdre,PCRE_CASELESS); if(hdre.exec(html,m1)<=0) throw bad_input(OPKELE_CP_ "failed to find <head>"); html.erase(0,m1.end(0)+1); pcre_t lre(re_lre,PCRE_CASELESS), rre(re_rre,PCRE_CASELESS), hre(re_hre,PCRE_CASELESS); bool gotit = false; while( (!gotit) && lre.exec(html,m1)>=2 ) { static const char *whitespace = " \t"; string attrs(html,m1.begin(1),m1.length(1)); html.erase(0,m1.end(0)+1); if(!( rre.exec(attrs,m1)>=2 && hre.exec(attrs,m2)>=2 )) continue; string rels(attrs,m1.begin(1),m1.length(1)); for(string::size_type ns = rels.find_first_not_of(whitespace); ns!=string::npos; ns=rels.find_first_not_of(whitespace,ns)) { string::size_type s = rels.find_first_of(whitespace,ns); string rel; if(s==string::npos) { rel.assign(rels,ns,string::npos); ns=string::npos; }else{ rel.assign(rels,ns,s-ns); ns=s; } if(rel=="openid.server") { server.assign(attrs,m2.begin(1),m2.length(1)); if(!delegate.empty()) { gotit = true; break; } }else if(rel=="openid.delegate") { delegate.assign(attrs,m2.begin(1),m2.length(1)); if(!server.empty()) { gotit = true; break; } } if(ns==string::npos) break; } } if(server.empty()) throw failed_assertion(OPKELE_CP_ "The location has no openid.server declaration"); } - assoc_t consumer_t::find_assoc(const string& server) { + assoc_t consumer_t::find_assoc(const string& /* server */) { throw failed_lookup(OPKELE_CP_ "no find_assoc() provided"); } string consumer_t::normalize(const string& url) { string rv = url; // strip leading and trailing spaces string::size_type i = rv.find_first_not_of(" \t\r\n"); if(i==string::npos) throw bad_input(OPKELE_CP_ "empty URL"); if(i) rv.erase(0,i); i = rv.find_last_not_of(" \t\r\n"); assert(i!=string::npos); if(i<(rv.length()-1)) rv.erase(i+1); // add missing http:// i = rv.find("://"); if(i==string::npos) { // primitive. but do we need more? rv.insert(0,"http://"); i = sizeof("http://")-1; }else{ i += sizeof("://")-1; } string::size_type qm = rv.find('?',i); string::size_type sl = rv.find('/',i); if(qm!=string::npos) { if(sl==string::npos || sl>qm) rv.insert(qm,1,'/'); }else{ if(sl==string::npos) rv += '/'; } return rv; } string consumer_t::canonicalize(const string& url) { string rv = normalize(url); curl_t curl = curl_easy_init(); if(!curl) throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()"); string html; CURLcode r; (r=curl_misc_sets(curl)) || (r=curl_easy_setopt(curl,CURLOPT_URL,rv.c_str())) || (r=curl_easy_setopt(curl,CURLOPT_NOBODY,1)) ; if(r) throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r); r = curl_easy_perform(curl); if(r) throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r); const char *eu = 0; r = curl_easy_getinfo(curl,CURLINFO_EFFECTIVE_URL,&eu); if(r) throw exception_curl(OPKELE_CP_ "failed to curl_easy_getinfo(..CURLINFO_EFFECTIVE_URL..)",r); rv = eu; return normalize(rv); } } diff --git a/lib/extension.cc b/lib/extension.cc index 44cf0cb..8f22562 100644 --- a/lib/extension.cc +++ b/lib/extension.cc @@ -1,15 +1,15 @@ #include <opkele/exception.h> #include <opkele/extension.h> namespace opkele { - void extension_t::checkid_hook(params_t& p,const string& identity) { + void extension_t::checkid_hook(params_t& /* p */,const string& /* identity */ ) { throw not_implemented(OPKELE_CP_ "Consumer checkid_hook not implemented"); } - void extension_t::id_res_hook(const params_t& p,const params_t& sp,const string& identity) { + void extension_t::id_res_hook(const params_t& /* p */,const params_t& /* sp */,const string& /* identity */) { throw not_implemented(OPKELE_CP_ "Consumer id_res_hook not implemented"); } - void extension_t::checkid_hook(const params_t& pin,params_t& pout) { + void extension_t::checkid_hook(const params_t& /* pin */,params_t& /* pout */) { throw not_implemented(OPKELE_CP_ "Server checkid_hook not implemented"); } } diff --git a/lib/sreg.cc b/lib/sreg.cc index 08e66b7..60dc691 100644 --- a/lib/sreg.cc +++ b/lib/sreg.cc @@ -1,124 +1,124 @@ #include <opkele/exception.h> #include <opkele/sreg.h> #include <algorithm> namespace opkele { using std::find; static const struct _sreg_field { const char *fieldname; sreg_t::fieldbit_t fieldbit; } fields[] = { { "nickname", sreg_t::field_nickname }, { "email", sreg_t::field_email }, { "fullname", sreg_t::field_fullname }, { "dob", sreg_t::field_dob }, { "gender", sreg_t::field_gender }, { "postcode", sreg_t::field_postcode }, { "country", sreg_t::field_country }, { "language", sreg_t::field_language }, { "timezone", sreg_t::field_timezone } }; # define fields_BEGIN fields # define fields_END &fields[sizeof(fields)/sizeof(*fields)] typedef const struct _sreg_field *fields_iterator; bool operator==(const struct _sreg_field& fd,const string& fn) { return fd.fieldname==fn; } - void sreg_t::checkid_hook(params_t& p,const string& identity) { + void sreg_t::checkid_hook(params_t& p,const string& /* identity */) { string fr, fo; for(fields_iterator f=fields_BEGIN;f<fields_END;++f) { if(f->fieldbit&fields_required) { if(!fr.empty()) fr+=","; fr += f->fieldname; } if(f->fieldbit&fields_optional) { if(!fo.empty()) fo+=","; fo += f->fieldname; } } if(!fr.empty()) p["sreg.required"]=fr; if(!fo.empty()) p["sreg.optional"]=fo; if(!policy_url.empty()) p["sreg.policy_url"]=policy_url; } - void sreg_t::id_res_hook(const params_t& p,const params_t& sp,const string& identity) { + void sreg_t::id_res_hook(const params_t& /* p */,const params_t& sp,const string& /* identity */) { clear(); for(fields_iterator f=fields_BEGIN;f<fields_END;++f) { string fn = "sreg."; fn+=f->fieldname; if(!sp.has_param(fn)) continue; has_fields |= f->fieldbit; response[f->fieldbit]=sp.get_param(fn); } } const string& sreg_t::get_field(fieldbit_t fb) const { response_t::const_iterator i = response.find(fb); if(i==response.end()) throw failed_lookup(OPKELE_CP_ "no field data available"); return i->second; } void sreg_t::set_field(fieldbit_t fb,const string& fv) { response[fb] = fv; has_fields |= fb; } void sreg_t::reset_field(fieldbit_t fb) { has_fields &= ~fb; response.erase(fb); } void sreg_t::clear() { has_fields = 0; response.clear(); } static long fields_list_to_bitmask(string& fl) { long rv = 0; while(!fl.empty()) { string::size_type co = fl.find(','); string fn; if(co==string::npos) { fn = fl; fl.erase(); }else{ fn = fl.substr(0,co); fl.erase(0,co+1); } fields_iterator f = find(fields_BEGIN,fields_END,fn); if(f!=fields_END) rv |= f->fieldbit; } return rv; } void sreg_t::checkid_hook(const params_t& pin,params_t& pout) { fields_optional = 0; fields_required = 0; policy_url.erase(); fields_response = 0; try { string fl = pin.get_param("openid.sreg.required"); fields_required = fields_list_to_bitmask(fl); }catch(failed_lookup&) { } try { string fl = pin.get_param("openid.sreg.optional"); fields_optional = fields_list_to_bitmask(fl); }catch(failed_lookup&) { } try { policy_url = pin.get_param("openid.sreg.policy_url"); }catch(failed_lookup&) { } setup_response(pin,pout); fields_response &= has_fields; for(fields_iterator f=fields_BEGIN;f<fields_END;++f) { if(!(f->fieldbit&fields_response)) continue; if(!pout["signed"].empty()) pout["signed"] +=','; string pn = "sreg."; pn += f->fieldname; pout["signed"] += pn; pout[pn] = get_field(f->fieldbit); } } - void sreg_t::setup_response(const params_t& pin,params_t& pout) { + void sreg_t::setup_response(const params_t& /* pin */,params_t& /* pout */) { fields_response = (fields_required|fields_optional)&has_fields; } } diff --git a/test/test.cc b/test/test.cc index 0010f2b..f92284c 100644 --- a/test/test.cc +++ b/test/test.cc @@ -1,72 +1,72 @@ #include <iostream> #include <stdexcept> using namespace std; #include <opkele/exception.h> #include <opkele/consumer.h> #include "config.h" class failed_test : public opkele::exception { public: failed_test(OPKELE_E_PARS) : exception(OPKELE_E_CONS) { } }; class dummy_consumer_t : public opkele::consumer_t { public: - virtual opkele::assoc_t store_assoc(const string& server,const string& handle,const opkele::secret_t& secret,int expires_in) { + virtual opkele::assoc_t store_assoc(const string& /* server */,const string& /* handle */,const opkele::secret_t& /* secret */,int /* expires_in */) { throw opkele::not_implemented(OPKELE_CP_ "Not implemented"); } - virtual opkele::assoc_t retrieve_assoc(const string& server,const string& handle) { + virtual opkele::assoc_t retrieve_assoc(const string& /* server */ ,const string& /* handle */) { throw opkele::not_implemented(OPKELE_CP_ "Not implemented"); } - virtual void invalidate_assoc(const string& server,const string& handle) { + virtual void invalidate_assoc(const string& /* server */,const string& /* handle */) { throw opkele::not_implemented(OPKELE_CP_ "Not implemented"); } }; void test_retrieve_links(const string& f,bool success,const string& s="",const string& d="") { dummy_consumer_t dc; string server, delegate; try { dc.retrieve_links("file://" OPKELE_SRC_DIR "/test/html/"+f,server,delegate); if(!success) throw failed_test(OPKELE_CP_ "Retrieved links when it shouldn't"); if(server!=s) throw failed_test(OPKELE_CP_ "retrieve_links test failed, expected server '"+s+"', got '"+server+"'"); if(delegate!=d) throw failed_test(OPKELE_CP_ "retrieve_links test failed, expected delegate '"+d+"', got '"+delegate+"'"); }catch(opkele::bad_input& obi) { if(success) throw failed_test(OPKELE_CP_ "Test '"+f+"' failed due to 'bad_input'["+obi.what()+"]"); }catch(opkele::failed_assertion& ofa) { if(success) throw failed_test(OPKELE_CP_ "Test '"+f+"' failed due to 'failed_assertion'["+ofa.what()+"]"); } } void test_retrieve_links() { test_retrieve_links("empty.html",false); test_retrieve_links("in-body.html",false); test_retrieve_links("head-in-body.html",false); test_retrieve_links("hkn.html",true,"http://www.klever.net/openid.server","http://hacker.klever.net/"); test_retrieve_links("hkn-server.html",true,"http://www.klever.net/openid.server"); test_retrieve_links("hkn-delegate.html",false); test_retrieve_links("unclosed-head.html",true,"http://www.klever.net/openid.server","http://hacker.klever.net/"); test_retrieve_links("spaced-links.html",true,"http://www.klever.net/openid.server","http://hacker.klever.net/"); test_retrieve_links("spaced-link-attrs.html",true,"http://www.klever.net/openid.server","http://hacker.klever.net/"); test_retrieve_links("2rels.html",true,"http://www.klever.net/openid.server","http://www.klever.net/openid.server"); } int main() { try { test_retrieve_links(); }catch(failed_test& ft) { cerr << "Test failed: " << ft.what() << endl; }catch(exception& e) { cerr << "oops: " << e.what() << endl; _exit(1); } _exit(0); } |