1 files changed, 2 insertions, 2 deletions
diff --git a/lib/consumer.cc b/lib/consumer.cc
index 76b6ea7..f9212ea 100644
--- a/lib/consumer.cc
+++ b/lib/consumer.cc
@@ -109,49 +109,49 @@ namespace opkele {
        dh->g = util::dec_to_bignum(data::_default_g);
        if(!DH_generate_key(dh))
            throw exception_openssl(OPKELE_CP_ "failed to DH_generate_key()");
        string request = 
            "openid.mode=associate"
            "&openid.assoc_type=HMAC-SHA1"
            "&openid.session_type=DH-SHA1"
            "&openid.dh_consumer_public=";
        request += util::url_encode(util::bignum_to_base64(dh->pub_key));
        curl_t curl = curl_easy_init();
        if(!curl)
            throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");
        string response;
        CURLcode r;
        (r=curl_misc_sets(curl))
        || (r=curl_easy_setopt(curl,CURLOPT_URL,server.c_str()))
        || (r=curl_easy_setopt(curl,CURLOPT_POST,1))
        || (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDS,request.data()))
        || (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,request.length()))
        || (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))
        || (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response))
        ;
        if(r)
            throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);
-        if(r=curl_easy_perform(curl))
+        if( (r=curl_easy_perform(curl)) )
            throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);
        params_t p; p.parse_keyvalues(response);
        if(p.has_param("assoc_type") && p.get_param("assoc_type")!="HMAC-SHA1")
            throw bad_input(OPKELE_CP_ "unsupported assoc_type");
        string st;
        if(p.has_param("session_type")) st = p.get_param("session_type");
        if((!st.empty()) && st!="DH-SHA1")
            throw bad_input(OPKELE_CP_ "unsupported session_type");
        secret_t secret;
        if(st.empty()) {
            secret.from_base64(p.get_param("mac_key"));
        }else{
            util::bignum_t s_pub = util::base64_to_bignum(p.get_param("dh_server_public"));
            vector<unsigned char> ck(DH_size(dh)+1);
            unsigned char *ckptr = &(ck.front())+1;
            int cklen = DH_compute_key(ckptr,s_pub,dh);
            if(cklen<0)
                throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()");
            if(cklen && (*ckptr)&0x80) {
                (*(--ckptr)) = 0; ++cklen;
            }
            unsigned char key_sha1[SHA_DIGEST_LENGTH];
            SHA1(ckptr,cklen,key_sha1);
            secret.enxor_from_base64(key_sha1,p.get_param("enc_mac_key"));
@@ -269,49 +269,49 @@ namespace opkele {
        string request = "openid.mode=check_authentication";
        for(params_t::const_iterator i=p.begin();i!=p.end();++i) {
            if(i->first!="openid.mode") {
                request += '&';
                request += i->first;
                request += '=';
                request += util::url_encode(i->second);
            }
        }
        curl_t curl = curl_easy_init();
        if(!curl)
            throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");
        string response;
        CURLcode r;
        (r=curl_misc_sets(curl))
        || (r=curl_easy_setopt(curl,CURLOPT_URL,server.c_str()))
        || (r=curl_easy_setopt(curl,CURLOPT_POST,1))
        || (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDS,request.data()))
        || (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,request.length()))
        || (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))
        || (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response))
        ;
        if(r)
            throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);
-        if(r=curl_easy_perform(curl))
+        if( (r=curl_easy_perform(curl)) )
            throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);
        params_t pp; pp.parse_keyvalues(response);
        if(pp.has_param("invalidate_handle"))
            invalidate_assoc(server,pp.get_param("invalidate_handle"));
        if(pp.has_param("is_valid")) {
            if(pp.get_param("is_valid")=="true")
                return;
        }else if(pp.has_param("lifetime")) {
            if(util::string_to_long(pp.get_param("lifetime")))
                return;
        }
        throw failed_check_authentication(OPKELE_CP_ "failed to verify response");
    }
    void consumer_t::retrieve_links(const string& url,string& server,string& delegate) {
        server.erase();
        delegate.erase();
        curl_t curl = curl_easy_init();
        if(!curl)
            throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");
        string html;
        CURLcode r;
        (r=curl_misc_sets(curl))
        || (r=curl_easy_setopt(curl,CURLOPT_URL,url.c_str()))

diff --git a/lib/consumer.cc b/lib/consumer.cc index 76b6ea7..f9212ea 100644 --- a/lib/consumer.cc +++ b/lib/consumer.cc
@@ -109,49 +109,49 @@ namespace opkele {
109	dh->g = util::dec_to_bignum(data::_default_g);	109	dh->g = util::dec_to_bignum(data::_default_g);
110	if(!DH_generate_key(dh))	110	if(!DH_generate_key(dh))
111	throw exception_openssl(OPKELE_CP_ "failed to DH_generate_key()");	111	throw exception_openssl(OPKELE_CP_ "failed to DH_generate_key()");
112	string request =	112	string request =
113	"openid.mode=associate"	113	"openid.mode=associate"
114	"&openid.assoc_type=HMAC-SHA1"	114	"&openid.assoc_type=HMAC-SHA1"
115	"&openid.session_type=DH-SHA1"	115	"&openid.session_type=DH-SHA1"
116	"&openid.dh_consumer_public=";	116	"&openid.dh_consumer_public=";
117	request += util::url_encode(util::bignum_to_base64(dh->pub_key));	117	request += util::url_encode(util::bignum_to_base64(dh->pub_key));
118	curl_t curl = curl_easy_init();	118	curl_t curl = curl_easy_init();
119	if(!curl)	119	if(!curl)
120	throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");	120	throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");
121	string response;	121	string response;
122	CURLcode r;	122	CURLcode r;
123	(r=curl_misc_sets(curl))	123	(r=curl_misc_sets(curl))
124	\|\| (r=curl_easy_setopt(curl,CURLOPT_URL,server.c_str()))	124	\|\| (r=curl_easy_setopt(curl,CURLOPT_URL,server.c_str()))
125	\|\| (r=curl_easy_setopt(curl,CURLOPT_POST,1))	125	\|\| (r=curl_easy_setopt(curl,CURLOPT_POST,1))
126	\|\| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDS,request.data()))	126	\|\| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDS,request.data()))
127	\|\| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,request.length()))	127	\|\| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,request.length()))
128	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))	128	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))
129	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response))	129	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response))
130	;	130	;
131	if(r)	131	if(r)
132	throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);	132	throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);
133	if(r=curl_easy_perform(curl))	133	if( (r=curl_easy_perform(curl)) )
134	throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);	134	throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);
135	params_t p; p.parse_keyvalues(response);	135	params_t p; p.parse_keyvalues(response);
136	if(p.has_param("assoc_type") && p.get_param("assoc_type")!="HMAC-SHA1")	136	if(p.has_param("assoc_type") && p.get_param("assoc_type")!="HMAC-SHA1")
137	throw bad_input(OPKELE_CP_ "unsupported assoc_type");	137	throw bad_input(OPKELE_CP_ "unsupported assoc_type");
138	string st;	138	string st;
139	if(p.has_param("session_type")) st = p.get_param("session_type");	139	if(p.has_param("session_type")) st = p.get_param("session_type");
140	if((!st.empty()) && st!="DH-SHA1")	140	if((!st.empty()) && st!="DH-SHA1")
141	throw bad_input(OPKELE_CP_ "unsupported session_type");	141	throw bad_input(OPKELE_CP_ "unsupported session_type");
142	secret_t secret;	142	secret_t secret;
143	if(st.empty()) {	143	if(st.empty()) {
144	secret.from_base64(p.get_param("mac_key"));	144	secret.from_base64(p.get_param("mac_key"));
145	}else{	145	}else{
146	util::bignum_t s_pub = util::base64_to_bignum(p.get_param("dh_server_public"));	146	util::bignum_t s_pub = util::base64_to_bignum(p.get_param("dh_server_public"));
147	vector<unsigned char> ck(DH_size(dh)+1);	147	vector<unsigned char> ck(DH_size(dh)+1);
148	unsigned char *ckptr = &(ck.front())+1;	148	unsigned char *ckptr = &(ck.front())+1;
149	int cklen = DH_compute_key(ckptr,s_pub,dh);	149	int cklen = DH_compute_key(ckptr,s_pub,dh);
150	if(cklen<0)	150	if(cklen<0)
151	throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()");	151	throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()");
152	if(cklen && (*ckptr)&0x80) {	152	if(cklen && (*ckptr)&0x80) {
153	(*(--ckptr)) = 0; ++cklen;	153	(*(--ckptr)) = 0; ++cklen;
154	}	154	}
155	unsigned char key_sha1[SHA_DIGEST_LENGTH];	155	unsigned char key_sha1[SHA_DIGEST_LENGTH];
156	SHA1(ckptr,cklen,key_sha1);	156	SHA1(ckptr,cklen,key_sha1);
157	secret.enxor_from_base64(key_sha1,p.get_param("enc_mac_key"));	157	secret.enxor_from_base64(key_sha1,p.get_param("enc_mac_key"));
@@ -269,49 +269,49 @@ namespace opkele {
269	string request = "openid.mode=check_authentication";	269	string request = "openid.mode=check_authentication";
270	for(params_t::const_iterator i=p.begin();i!=p.end();++i) {	270	for(params_t::const_iterator i=p.begin();i!=p.end();++i) {
271	if(i->first!="openid.mode") {	271	if(i->first!="openid.mode") {
272	request += '&';	272	request += '&';
273	request += i->first;	273	request += i->first;
274	request += '=';	274	request += '=';
275	request += util::url_encode(i->second);	275	request += util::url_encode(i->second);
276	}	276	}
277	}	277	}
278	curl_t curl = curl_easy_init();	278	curl_t curl = curl_easy_init();
279	if(!curl)	279	if(!curl)
280	throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");	280	throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");
281	string response;	281	string response;
282	CURLcode r;	282	CURLcode r;
283	(r=curl_misc_sets(curl))	283	(r=curl_misc_sets(curl))
284	\|\| (r=curl_easy_setopt(curl,CURLOPT_URL,server.c_str()))	284	\|\| (r=curl_easy_setopt(curl,CURLOPT_URL,server.c_str()))
285	\|\| (r=curl_easy_setopt(curl,CURLOPT_POST,1))	285	\|\| (r=curl_easy_setopt(curl,CURLOPT_POST,1))
286	\|\| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDS,request.data()))	286	\|\| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDS,request.data()))
287	\|\| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,request.length()))	287	\|\| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,request.length()))
288	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))	288	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))
289	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response))	289	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response))
290	;	290	;
291	if(r)	291	if(r)
292	throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);	292	throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);
293	if(r=curl_easy_perform(curl))	293	if( (r=curl_easy_perform(curl)) )
294	throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);	294	throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);
295	params_t pp; pp.parse_keyvalues(response);	295	params_t pp; pp.parse_keyvalues(response);
296	if(pp.has_param("invalidate_handle"))	296	if(pp.has_param("invalidate_handle"))
297	invalidate_assoc(server,pp.get_param("invalidate_handle"));	297	invalidate_assoc(server,pp.get_param("invalidate_handle"));
298	if(pp.has_param("is_valid")) {	298	if(pp.has_param("is_valid")) {
299	if(pp.get_param("is_valid")=="true")	299	if(pp.get_param("is_valid")=="true")
300	return;	300	return;
301	}else if(pp.has_param("lifetime")) {	301	}else if(pp.has_param("lifetime")) {
302	if(util::string_to_long(pp.get_param("lifetime")))	302	if(util::string_to_long(pp.get_param("lifetime")))
303	return;	303	return;
304	}	304	}
305	throw failed_check_authentication(OPKELE_CP_ "failed to verify response");	305	throw failed_check_authentication(OPKELE_CP_ "failed to verify response");
306	}	306	}
307		307
308	void consumer_t::retrieve_links(const string& url,string& server,string& delegate) {	308	void consumer_t::retrieve_links(const string& url,string& server,string& delegate) {
309	server.erase();	309	server.erase();
310	delegate.erase();	310	delegate.erase();
311	curl_t curl = curl_easy_init();	311	curl_t curl = curl_easy_init();
312	if(!curl)	312	if(!curl)
313	throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");	313	throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");
314	string html;	314	string html;
315	CURLcode r;	315	CURLcode r;
316	(r=curl_misc_sets(curl))	316	(r=curl_misc_sets(curl))
317	\|\| (r=curl_easy_setopt(curl,CURLOPT_URL,url.c_str()))	317	\|\| (r=curl_easy_setopt(curl,CURLOPT_URL,url.c_str()))