author | Michael Krelin <hacker@klever.net> | 2007-06-24 14:28:38 (UTC) |
---|---|---|
committer | Michael Krelin <hacker@klever.net> | 2007-06-24 14:28:38 (UTC) |
commit | 5999c7b9517e52918046cbd846a35de451de6383 (patch) (unidiff) | |
tree | 4854b2c8cd68f1dc61d97ca38462eccf59babaaf /lib | |
parent | 2f03e7af2a72c49c20fe9a8d5c4953cfc65e6520 (diff) | |
download | libopkele-5999c7b9517e52918046cbd846a35de451de6383.zip libopkele-5999c7b9517e52918046cbd846a35de451de6383.tar.gz libopkele-5999c7b9517e52918046cbd846a35de451de6383.tar.bz2 |
yet another signature bugfix
-rw-r--r-- | lib/server.cc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/server.cc b/lib/server.cc index 8db97be..b1c5c3a 100644 --- a/lib/server.cc +++ b/lib/server.cc | |||
@@ -23,33 +23,33 @@ namespace opkele { | |||
23 | /* TODO: fallback to cleartext in case of exceptions here? */ | 23 | /* TODO: fallback to cleartext in case of exceptions here? */ |
24 | if(!(dh = DH_new())) | 24 | if(!(dh = DH_new())) |
25 | throw exception_openssl(OPKELE_CP_ "failed to DH_new()"); | 25 | throw exception_openssl(OPKELE_CP_ "failed to DH_new()"); |
26 | c_pub = util::base64_to_bignum(pin.get_param("openid.dh_consumer_public")); | 26 | c_pub = util::base64_to_bignum(pin.get_param("openid.dh_consumer_public")); |
27 | if(pin.has_param("openid.dh_modulus")) | 27 | if(pin.has_param("openid.dh_modulus")) |
28 | dh->p = util::base64_to_bignum(pin.get_param("openid.dh_modulus")); | 28 | dh->p = util::base64_to_bignum(pin.get_param("openid.dh_modulus")); |
29 | else | 29 | else |
30 | dh->p = util::dec_to_bignum(data::_default_p); | 30 | dh->p = util::dec_to_bignum(data::_default_p); |
31 | if(pin.has_param("openid.dh_gen")) | 31 | if(pin.has_param("openid.dh_gen")) |
32 | dh->g = util::base64_to_bignum(pin.get_param("openid.dh_gen")); | 32 | dh->g = util::base64_to_bignum(pin.get_param("openid.dh_gen")); |
33 | else | 33 | else |
34 | dh->g = util::dec_to_bignum(data::_default_g); | 34 | dh->g = util::dec_to_bignum(data::_default_g); |
35 | if(!DH_generate_key(dh)) | 35 | if(!DH_generate_key(dh)) |
36 | throw exception_openssl(OPKELE_CP_ "failed to DH_generate_key()"); | 36 | throw exception_openssl(OPKELE_CP_ "failed to DH_generate_key()"); |
37 | vector<unsigned char> ck(DH_size(dh)+1); | 37 | vector<unsigned char> ck(DH_size(dh)+1); |
38 | unsigned char *ckptr = &(ck.front())+1; | 38 | unsigned char *ckptr = &(ck.front())+1; |
39 | int cklen = DH_compute_key(&(ck.front()),c_pub,dh); | 39 | int cklen = DH_compute_key(ckptr,c_pub,dh); |
40 | if(cklen<0) | 40 | if(cklen<0) |
41 | throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()"); | 41 | throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()"); |
42 | if(cklen && (*ckptr)&0x80) { | 42 | if(cklen && (*ckptr)&0x80) { |
43 | (*(--ckptr)) = 0; ++cklen; | 43 | (*(--ckptr)) = 0; ++cklen; |
44 | } | 44 | } |
45 | SHA1(ckptr,cklen,key_sha1); | 45 | SHA1(ckptr,cklen,key_sha1); |
46 | st = sess_dh_sha1; | 46 | st = sess_dh_sha1; |
47 | } | 47 | } |
48 | assoc_t assoc = alloc_assoc(mode_associate); | 48 | assoc_t assoc = alloc_assoc(mode_associate); |
49 | time_t now = time(0); | 49 | time_t now = time(0); |
50 | pout.clear(); | 50 | pout.clear(); |
51 | pout["assoc_type"] = assoc->assoc_type(); | 51 | pout["assoc_type"] = assoc->assoc_type(); |
52 | pout["assoc_handle"] = assoc->handle(); | 52 | pout["assoc_handle"] = assoc->handle(); |
53 | /* TODO: eventually remove deprecated stuff */ | 53 | /* TODO: eventually remove deprecated stuff */ |
54 | pout["issued"] = util::time_to_w3c(now); | 54 | pout["issued"] = util::time_to_w3c(now); |
55 | pout["expiry"] = util::time_to_w3c(now+assoc->expires_in()); | 55 | pout["expiry"] = util::time_to_w3c(now+assoc->expires_in()); |