summaryrefslogtreecommitdiffabout
authorMichael Krelin <hacker@klever.net>2007-12-09 22:10:49 (UTC)
committer Michael Krelin <hacker@klever.net>2007-12-09 22:10:49 (UTC)
commit2e7bf3278c3e13baaa32c7ec8c2b3fdc4780a080 (patch) (unidiff)
treed36530a517425d2507df8e9550fbcc48fba48c5f
parentc34adc6e274c3dbb63af99ca566000e7d218244c (diff)
parent7a6a6fbcf7e20f0d7da5f625a73c865b361f16aa (diff)
downloadlibopkele-2e7bf3278c3e13baaa32c7ec8c2b3fdc4780a080.zip
libopkele-2e7bf3278c3e13baaa32c7ec8c2b3fdc4780a080.tar.gz
libopkele-2e7bf3278c3e13baaa32c7ec8c2b3fdc4780a080.tar.bz2
Merge branch 'next' into devel/xri
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--include/opkele/consumer.h6
-rw-r--r--include/opkele/exception.h9
-rw-r--r--lib/consumer.cc6
-rw-r--r--lib/util.cc6
4 files changed, 21 insertions, 6 deletions
diff --git a/include/opkele/consumer.h b/include/opkele/consumer.h
index 50ff692..c463787 100644
--- a/include/opkele/consumer.h
+++ b/include/opkele/consumer.h
@@ -67,6 +67,11 @@ namespace opkele {
67 * function should never return an expired or invalidated 67 * function should never return an expired or invalidated
68 * association. 68 * association.
69 * 69 *
70 * @note
71 * It may be a good idea to pre-expire associations shortly before
72 * their time is really up to avoid association expiry in the
73 * middle of negotiations.
74 *
70 * @param server the OpenID server 75 * @param server the OpenID server
71 * @return the auto_ptr<> for the newly allocated association_t object 76 * @return the auto_ptr<> for the newly allocated association_t object
72 * @throw failed_lookup in case of absence of the handle 77 * @throw failed_lookup in case of absence of the handle
@@ -137,6 +142,7 @@ namespace opkele {
137 * @throw id_res_setup in case of openid.user_setup_url failure 142 * @throw id_res_setup in case of openid.user_setup_url failure
138 * (supposedly checkid_immediate only) 143 * (supposedly checkid_immediate only)
139 * @throw id_res_failed in case of failure 144 * @throw id_res_failed in case of failure
145 * @throw id_res_expired_on_delivery if the association expired before it could've been verified
140 * @throw exception in case of other failures 146 * @throw exception in case of other failures
141 */ 147 */
142 virtual void id_res(const params_t& pin,const string& identity="",extension_t *ext=0); 148 virtual void id_res(const params_t& pin,const string& identity="",extension_t *ext=0);
diff --git a/include/opkele/exception.h b/include/opkele/exception.h
index a654d59..8913665 100644
--- a/include/opkele/exception.h
+++ b/include/opkele/exception.h
@@ -170,6 +170,15 @@ namespace opkele {
170 }; 170 };
171 171
172 /** 172 /**
173 * thrown if the association has expired before it could've been verified.
174 */
175 class id_res_expired_on_delivery : public id_res_failed {
176 public:
177 id_res_expired_on_delivery(OPKELE_E_PARS)
178 : id_res_failed(OPKELE_E_CONS) { }
179 };
180
181 /**
173 * openssl malfunction occured 182 * openssl malfunction occured
174 */ 183 */
175 class exception_openssl : public exception { 184 class exception_openssl : public exception {
diff --git a/lib/consumer.cc b/lib/consumer.cc
index 66db7dd..9f7530f 100644
--- a/lib/consumer.cc
+++ b/lib/consumer.cc
@@ -184,8 +184,8 @@ namespace opkele {
184 params_t ps; 184 params_t ps;
185 try { 185 try {
186 assoc_t assoc = retrieve_assoc(server,pin.get_param("openid.assoc_handle")); 186 assoc_t assoc = retrieve_assoc(server,pin.get_param("openid.assoc_handle"));
187 if(assoc->is_expired()) /* TODO: or should I throw some other exception to force programmer fix his implementation? */ 187 if(assoc->is_expired())
188 throw failed_lookup(OPKELE_CP_ "retrieve_assoc() has returned expired handle"); 188 throw id_res_expired_on_delivery(OPKELE_CP_ "retrieve_assoc() has returned expired handle");
189 const string& sigenc = pin.get_param("openid.sig"); 189 const string& sigenc = pin.get_param("openid.sig");
190 vector<unsigned char> sig; 190 vector<unsigned char> sig;
191 util::decode_base64(sigenc,sig); 191 util::decode_base64(sigenc,sig);
@@ -214,7 +214,7 @@ namespace opkele {
214 0,&md_len); 214 0,&md_len);
215 if(sig.size()!=md_len || memcmp(&(sig.front()),md,md_len)) 215 if(sig.size()!=md_len || memcmp(&(sig.front()),md,md_len))
216 throw id_res_mismatch(OPKELE_CP_ "signature mismatch"); 216 throw id_res_mismatch(OPKELE_CP_ "signature mismatch");
217 }catch(failed_lookup& e) { /* XXX: more specific? */ 217 }catch(failed_lookup& e) {
218 const string& slist = pin.get_param("openid.signed"); 218 const string& slist = pin.get_param("openid.signed");
219 string::size_type pp = 0; 219 string::size_type pp = 0;
220 params_t p; 220 params_t p;
diff --git a/lib/util.cc b/lib/util.cc
index 83f0eef..4600576 100644
--- a/lib/util.cc
+++ b/lib/util.cc
@@ -221,9 +221,9 @@ namespace opkele {
221 char *eptr = 0; 221 char *eptr = 0;
222 long port = strtol(nptr,&eptr,10); 222 long port = strtol(nptr,&eptr,10);
223 if( (port>0) && (port<65535) && port!=(s?443:80) ) { 223 if( (port>0) && (port<65535) && port!=(s?443:80) ) {
224 char tmp[6]; 224 char tmp[8];
225 snprintf(tmp,sizeof(tmp),"%ld",port); 225 snprintf(tmp,sizeof(tmp),":%ld",port);
226 rv += ':'; rv += tmp; 226 rv += tmp;
227 } 227 }
228 if(ni==string::npos) { 228 if(ni==string::npos) {
229 rv += '/'; return rv; 229 rv += '/'; return rv;