summaryrefslogtreecommitdiffabout
Side-by-side diff
Diffstat (more/less context) (show whitespace changes)
-rw-r--r--configure.ac1
-rw-r--r--test/OP.cc6
2 files changed, 6 insertions, 1 deletions
diff --git a/configure.ac b/configure.ac
index e636253..606e644 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,251 +1,252 @@
AC_INIT([libopkele], [2.0.4], [libopkele-bugs@klever.net])
AC_CONFIG_SRCDIR([include/opkele/opkele-config.h])
AC_CONFIG_HEADERS([config.h include/opkele/acconfig.h])
AC_CONFIG_MACRO_DIR([aclocal.d])
AC_CONFIG_AUX_DIR([aux.d])
AM_INIT_AUTOMAKE([dist-bzip2])
AC_PROG_INSTALL
AC_PROG_CXX
AC_PROG_CC
AC_PROG_LIBTOOL
PKG_PROG_PKG_CONFIG
AC_HEADER_STDC
AC_CHECK_FUNCS([timegm])
+AC_CHECK_HEADERS([ext/algorithm.h])
AC_PATH_PROG([XSLTPROC],[xsltproc],[true])
AC_MSG_CHECKING([for source tree version])
if headrev=$(cd $srcdir && git rev-parse --verify HEAD 2>/dev/null) ; then
PACKAGE_SRC_VERSION="$(cd $srcdir && git describe --tags $headrev)"
test "$PACKAGE_SRC_VERSION" = "$PACKAGE_VERSION" \
-o "${PACKAGE_SRC_VERSION#${PACKAGE_VERSION}-}" != "$PACKAGE_SRC_VERSION" || PACKAGE_SRC_VERSION="${PACKAGE_VERSION}:${PACKAGE_SRC_VERSION}"
( cd $srcdir && git diff-index $headrev | read dirt ) && PACKAGE_SRC_VERSION="${PACKAGE_SRC_VERSION}-dirty"
else
PACKAGE_SRC_VERSION="$PACKAGE_VERSION"
fi
AC_MSG_RESULT([$PACKAGE_SRC_VERSION])
AC_SUBST([PACKAGE_SRC_VERSION])
AC_DEFINE_UNQUOTED([PACKAGE_SRC_VERSION],["$PACKAGE_SRC_VERSION"],[more or less precise source tree version])
tr1_mem_std="false"
tr1_mem_boost="false"
AC_CHECK_SHAREDPTR(std::tr1,tr1/memory,[ tr1_mem_std=true ])
AC_CHECK_SHAREDPTR(boost,boost/shared_ptr.hpp,[ tr1_mem_boost=true ])
tr1_mem=""
AC_ARG_WITH([tr1-memory],
AC_HELP_STRING([--with-tr1-memory=<boost|std>],[select tr1/memory (shared_ptr<>) implementation to use]),
[ tr1_mem="$withval" ]
)
AC_MSG_CHECKING([for tr1/memory implementation to use])
test -z "$tr1_mem" && $tr1_mem_std && tr1_mem=std
test -z "$tr1_mem" && $tr1_mem_boost && tr1_mem=boost
if test -z "$tr1_mem" ; then
AC_MSG_RESULT([none found])
else
AC_MSG_RESULT([$tr1_mem])
fi
case "$tr1_mem" in
std)
$tr1_mem_std || AC_MSG_ERROR([std implementation requested, but not found])
OPKELE_TR1_MEM_NS=std::tr1
OPKELE_TR1_MEM_HEADER=tr1/memory
;;
boost)
$tr1_mem_boost || AC_MSG_ERROR([boost implementation requested, but not found])
OPKELE_TR1_MEM_NS=boost
OPKELE_TR1_MEM_HEADER=boost/shared_ptr.hpp
;;
*)
AC_MSG_ERROR([no shared_ptr<> implementation found])
;;
esac
AC_SUBST([OPKELE_TR1_MEM_NS])
AC_SUBST([OPKELE_TR1_MEM_HEADER])
AC_MSG_CHECKING([for deprecated attribute support])
AC_COMPILE_IFELSE([
int __attribute__((deprecated)) deprecated_function();
],[
AC_MSG_RESULT([yes])
AC_DEFINE([OPKELE_DEPRECATE],[__attribute__((deprecated))],[deprecated function attribute])
],[
AC_MSG_RESULT([no])
AC_DEFINE([OPKELE_DEPRECATE],,[deprecated function attribute])
]
)
AC_LANG_PUSH([C++])
AC_MSG_CHECKING([for abi::__cxa_demangle])
AC_COMPILE_IFELSE([
#include <typeinfo>
using namespace std;
#include <cxxabi.h>
int main(int c,char **v) {
int dstat;
char *demangled = abi::__cxa_demangle(typeid(dstat).name(),0,0,&dstat);
return 0;
}
],[
AC_MSG_RESULT([yes])
AC_DEFINE([HAVE_DEMANGLE],,[defined if abi::__cxa_demangle is available])
],[
AC_MSG_RESULT([no])
]
)
AC_LANG_POP([C++])
PKG_CHECK_MODULES([OPENSSL],[openssl],,[
AC_MSG_ERROR([no openssl library found. get one from http://www.openssl.org/])
])
WANT_KONFORKA="yes"
AC_ARG_ENABLE([konforka],
AC_HELP_STRING([--disable-konforka],[do not use konforka library (default: use if found)]),
[
test "${enableval}" = "no" && WANT_KONFORKA="no"
]
)
if test "${WANT_KONFORKA}" = "yes" ; then
PKG_CHECK_MODULES([KONFORKA],[konforka],[
AC_SUBST([KONFORKA_CFLAGS])
AC_SUBST([KONFORKA_LIBS])
AC_DEFINE([HAVE_KONFORKA],,[defined in presence of konforka library])
AC_DEFINE([OPKELE_HAVE_KONFORKA],,[defined in presence of konforka library])
AC_SUBST([KONFORKA_KONFORKA],[konforka])
],[true])
fi
WANT_DOXYGEN="yes"
AC_ARG_ENABLE([doxygen],
AC_HELP_STRING([--disable-doxygen],[do not generate documentation]),
[
test "${enableval}" = "no" && WANT_DOXYGEN="no"
]
)
if test "${WANT_DOXYGEN}" = "yes" ; then
AC_WITH_DOXYGEN
AC_WITH_DOT
else
AM_CONDITIONAL([HAVE_DOXYGEN],[false])
AM_CONDITIONAL([HAVE_DOT],[false])
fi
LIBCURL_CHECK_CONFIG(,,,[
AC_MSG_ERROR([no required libcurl library. get one from http://curl.haxx.se/])
])
AC_CHECK_HEADER([expat.h],[
AC_CHECK_LIB([expat],[XML_ParserCreate],[
EXPAT_LIBS=-lexpat
EXPAT_CFLAGS=
AC_SUBST([EXPAT_LIBS])
AC_SUBST([EXPAT_CFLAGS])
],[
AC_MSG_ERROR([no required expat library. get one from http://expat.sourceforge.net/])
])
],[
AC_MSG_ERROR([no required expat library. get one from http://expat.sourceforge.net/])
])
AC_CHECK_HEADERS([tidy.h tidy/tidy.h],[
test -z "$TIDY_LIBS" && AC_CHECK_LIB([tidy],[tidyParseBuffer],[
TIDY_LIBS=-ltidy
TIDY_CFLAGS=
AC_SUBST([TIDY_LIBS])
AC_SUBST([TIDY_CFLAGS])
],[
AC_MSG_ERROR([no required htmltidy library found. get one from http://tidy.sourceforge.net/])
])
],[
test -z "$TIDY_LIBS" -a "$ac_header" = "tidy/tidy.h" \
&& AC_MSG_ERROR([no required htmltidy library found. get one from http://tidy.sourceforge.net/])
])
PKG_CHECK_MODULES([SQLITE3],[sqlite3],[have_sqlite3=true],[have_sqlite3=false])
AM_CONDITIONAL([HAVE_SQLITE3],[$have_sqlite3])
PKG_CHECK_MODULES([KINGATE],[kingate-plaincgi],[have_kingate=true],[have_kingate=false])
AM_CONDITIONAL([HAVE_KINGATE],[$have_kingate])
PKG_CHECK_MODULES([UUID],[uuid],[have_uuid=true],[have_uuid=false])
AM_CONDITIONAL([HAVE_UUID],[$have_uuid])
if $have_uuid ; then
AC_DEFINE([HAVE_LIBUUID],,[defined in presence of libuuid])
AC_SUBST([UUID_UUID],[uuid])
fi
curl_ssl_verify_host="true"
AC_ARG_ENABLE([ssl-verify-host],
AC_HELP_STRING([--disable-ssl-verify-host],[disable cURL cert/host relationships verification]),
[ test "${enableval}" = "no" && curl_ssl_verify_host="false" ]
)
${curl_ssl_verify_host} || AC_DEFINE([DISABLE_CURL_SSL_VERIFYHOST],,[defined if cURL is not to verify cert/host])
curl_ssl_verify_peer="true"
AC_ARG_ENABLE([ssl-verify-peer],
AC_HELP_STRING([--disable-ssl-verify-peer],[disable cURL cert validity verification]),
[ test "${enableval}" = "no" && curl_ssl_verify_peer="false" ]
)
${curl_ssl_verify_peer} || AC_DEFINE([DISABLE_CURL_SSL_VERIFYPEER],,[defined if cURL is not to verify cert validity])
postels_law=true
AC_ARG_ENABLE([postels-law],
AC_HELP_STRING([--disable-postels-law],[Be strict, do not adhere to Postel's Law ("be conservative in what you do, be liberal in what you accept from others", RFC 793)]),
[ test "${enableval}" = "no" && postels_law=false ]
)
$postels_law && AC_DEFINE([POSTELS_LAW],,[defined if we want to adhere to Postel's Law])
AC_DEFINE_UNQUOTED([OPKELE_SRC_DIR],["$PWD"],[source directory])
nitpick=false
AC_ARG_ENABLE([nitpicking],
AC_HELP_STRING([--enable-nitpicking],[make compiler somewhat overly fastidious about the code it deals with]),
[ test "$enableval" = "no" || nitpick=true ]
)
if $nitpick ; then
CPP_NITPICK="-pedantic -Wall -Wextra -Wundef -Wshadow \
-Wunsafe-loop-optimizations -Wconversion -Wmissing-format-attribute \
-Wredundant-decls -ansi"
# -Wlogical-op -Wmissing-noreturn
C_NITPICK="$CPP_NITPICK"
CXX_NITPICK="$C_NITPICK"
CPPFLAGS="$CPPFLAGS $CPP_NITPICK"
CFLAGS="$CFLAGS $C_NITPICK"
CXXFLAGS="$CXXFLAGS $CXX_NITPICK"
fi
ndebug=true
AC_ARG_ENABLE([debug],
AC_HELP_STRING([--enable-debug],[enable debugging code]),
[ test "$enableval" = "no" || ndebug=false ]
)
if $ndebug ; then
CPPFLAGS_DEBUG="-DNDEBUG"
else
CPPFLAGS_DEBUG=""
fi
AC_SUBST([CPPFLAGS_DEBUG])
xri_proxy_url="https://xri.net/"
AC_MSG_CHECKING([for XRI resolver proxy])
AC_ARG_ENABLE([xri-proxy],
AC_HELP_STRING([--with-xri-proxy=url],[set xri proxy for use when resolving xri identities, default is https://xri.net/]),
[ xri_proxy_url="$withval" ]
)
AC_MSG_RESULT([$xri_proxy_url])
AC_DEFINE_UNQUOTED([XRI_PROXY_URL],["$xri_proxy_url"],[XRI proxy resolver URL])
AC_CONFIG_FILES([
Makefile
libopkele.pc
Doxyfile
include/Makefile
include/opkele/tr1-mem.h
lib/Makefile
test/Makefile
])
AC_OUTPUT
diff --git a/test/OP.cc b/test/OP.cc
index 6012b2e..4e2a5ed 100644
--- a/test/OP.cc
+++ b/test/OP.cc
@@ -1,274 +1,278 @@
#include <uuid/uuid.h>
#include <iostream>
#include <cassert>
#include <string>
-#include <ext/algorithm>
using namespace std;
#include <kingate/exception.h>
#include <kingate/plaincgi.h>
#include <kingate/cgi_gateway.h>
#include <opkele/exception.h>
#include <opkele/util.h>
#include <opkele/uris.h>
#include <opkele/extension.h>
#include <opkele/association.h>
#include <opkele/debug.h>
#include <opkele/verify_op.h>
#include <opkele/sreg.h>
+#include "config.h"
+#ifdef HAVE_EXT_ALGORITHM_H
+# include <ext/algorithm>
+#endif
+
#include "sqlite.h"
#include "kingate_openid_message.h"
static const string get_self_url(const kingate::cgi_gateway& gw) {
bool s = gw.has_meta("SSL_PROTOCOL_VERSION");
string rv = s?"https://":"http://";
rv += gw.http_request_header("Host");
const string& port = gw.get_meta("SERVER_PORT");
if( port!=(s?"443":"80") ) {
rv += ':'; rv += port;
}
rv += gw.get_meta("REQUEST_URI");
string::size_type q = rv.find('?');
if(q!=string::npos)
rv.erase(q);
return rv;
}
class opdb_t : public sqlite3_t {
public:
opdb_t()
: sqlite3_t("/tmp/OP.db") {
assert(_D);
char **resp; int nr,nc; char *errm;
if(sqlite3_get_table(
_D, "SELECT a_op FROM assoc LIMIT 0",
&resp,&nr,&nc,&errm)!=SQLITE_OK) {
extern const char *__OP_db_bootstrap;
DOUT_("Bootstrapping DB");
if(sqlite3_exec(_D,__OP_db_bootstrap,NULL,NULL,&errm)!=SQLITE_OK)
throw opkele::exception(OPKELE_CP_ string("Failed to boostrap SQLite database: ")+errm);
}else
sqlite3_free_table(resp);
}
};
class example_op_t : public opkele::verify_OP {
public:
kingate::cgi_gateway& gw;
opdb_t db;
kingate::cookie htc;
example_op_t(kingate::cgi_gateway& g)
: gw(g) {
try {
htc = gw.cookies.get_cookie("htop_session");
sqlite3_mem_t<char*> S = sqlite3_mprintf(
"SELECT 1 FROM ht_sessions WHERE hts_id=%Q",
htc.get_value().c_str());
sqlite3_table_t T; int nr,nc;
db.get_table(S,T,&nr,&nc);
if(nr<1)
throw kingate::exception_notfound(CODEPOINT,"forcing cookie generation");
}catch(kingate::exception_notfound& kenf) {
uuid_t uuid; uuid_generate(uuid);
htc = kingate::cookie("htop_session",opkele::util::encode_base64(uuid,sizeof(uuid)));
sqlite3_mem_t<char*> S = sqlite3_mprintf(
"INSERT INTO ht_sessions (hts_id) VALUES (%Q)",
htc.get_value().c_str());
db.exec(S);
}
}
void set_authorized(bool a) {
sqlite3_mem_t<char*>
S = sqlite3_mprintf(
"UPDATE ht_sessions"
" SET authorized=%d"
" WHERE hts_id=%Q",
(int)a,htc.get_value().c_str());
db.exec(S);
}
bool get_authorized() {
sqlite3_mem_t<char*>
S = sqlite3_mprintf(
"SELECT authorized"
" FROM ht_sessions"
" WHERE hts_id=%Q",
htc.get_value().c_str());
sqlite3_table_t T; int nr,nc;
db.get_table(S,T,&nr,&nc);
assert(nr==1); assert(nc=1);
return opkele::util::string_to_long(T.get(1,0,nc));
}
ostream& cookie_header(ostream& o) const {
o << "Set-Cookie: " << htc.set_cookie_header() << "\n";
return o;
}
opkele::assoc_t alloc_assoc(const string& type,size_t klength,bool sl) {
uuid_t uuid; uuid_generate(uuid);
string a_handle = opkele::util::encode_base64(uuid,sizeof(uuid));
opkele::secret_t a_secret;
generate_n(
back_insert_iterator<opkele::secret_t>(a_secret),klength,
rand );
string ssecret; a_secret.to_base64(ssecret);
time_t now = time(0);
int expires_in = sl?3600*2:3600*24*7*2;
sqlite3_mem_t<char*>
S = sqlite3_mprintf(
"INSERT INTO assoc"
" (a_handle,a_type,a_ctime,a_etime,a_secret,a_stateless)"
" VALUES ("
" %Q,%Q,datetime('now'),"
" datetime('now','+%d seconds'),"
" %Q,%d );",
a_handle.c_str(), type.c_str(),
expires_in,
ssecret.c_str(), sl );
db.exec(S);
return opkele::assoc_t(new opkele::association(
"",
a_handle, type, a_secret,
now+expires_in, sl ));
}
opkele::assoc_t retrieve_assoc(const string& h) {
sqlite3_mem_t<char*>
S = sqlite3_mprintf(
"SELECT"
" a_handle,a_type,a_secret,a_stateless,"
" strftime('%%s',a_etime) AS a_etime,"
" a_itime"
" FROM assoc"
" WHERE a_handle=%Q AND a_itime IS NULL"
" AND datetime('now') < a_etime"
" LIMIT 1",
h.c_str() );
sqlite3_table_t T;
int nr,nc;
db.get_table(S,T,&nr,&nc);
if(nr<1)
throw opkele::failed_lookup(OPKELE_CP_
"couldn't retrieve valid unexpired assoc");
assert(nr==1); assert(nc==6);
opkele::secret_t secret; opkele::util::decode_base64(T.get(1,2,nc),secret);
return opkele::assoc_t(new opkele::association(
"", h, T.get(1,1,nc), secret,
strtol(T.get(1,4,nc),0,0),
strtol(T.get(1,3,nc),0,0) ));
}
string& alloc_nonce(string& nonce) {
uuid_t uuid; uuid_generate(uuid);
nonce += opkele::util::encode_base64(uuid,sizeof(uuid));
sqlite3_mem_t<char*>
S = sqlite3_mprintf(
"INSERT INTO nonces"
" (n_once) VALUES (%Q)",
nonce.c_str() );
db.exec(S);
return nonce;
}
bool check_nonce(const string& nonce) {
sqlite3_mem_t<char*>
S = sqlite3_mprintf(
"SELECT 1"
" FROM nonces"
" WHERE n_once=%Q AND n_itime IS NULL",
nonce.c_str());
sqlite3_table_t T;
int nr,nc;
db.get_table(S,T,&nr,&nc);
return nr>=1;
}
void invalidate_nonce(const string& nonce) {
sqlite3_mem_t<char*>
S = sqlite3_mprintf(
"UPDATE nonces"
" SET n_itime=datetime('now')"
" WHERE n_once=%Q",
nonce.c_str());
db.exec(S);
}
const string get_op_endpoint() const {
return get_self_url(gw);
}
};
int main(int,char **) {
try {
kingate::plaincgi_interface ci;
kingate::cgi_gateway gw(ci);
string op;
try { op = gw.get_param("op"); }catch(kingate::exception_notfound&) { }
string message;
if(op=="set_password") {
example_op_t OP(gw);
string password = gw.get_param("password");
sqlite3_mem_t<char*>
Sget = sqlite3_mprintf("SELECT s_password FROM setup LIMIT 1");
sqlite3_table_t T; int nr,nc;
OP.db.get_table(Sget,T,&nr,&nc);
if(nr>=1)
throw opkele::exception(OPKELE_CP_ "Password already set");
sqlite3_mem_t<char*>
Sset = sqlite3_mprintf(
"INSERT INTO setup (s_password) VALUES (%Q)",
password.c_str());
OP.db.exec(Sset);
op.clear();
message = "password set";
}else if(op=="login") {
example_op_t OP(gw);
string password = gw.get_param("password");
sqlite3_mem_t<char*>
Sget = sqlite3_mprintf("SELECT s_password FROM setup LIMIT 1");
sqlite3_table_t T; int nr,nc;
OP.db.get_table(Sget,T,&nr,&nc);
if(nr<1)
throw opkele::exception(OPKELE_CP_ "no password set");
if(password!=T.get(1,0,nc))
throw opkele::exception(OPKELE_CP_ "wrong password");
OP.set_authorized(true);
op.clear();
message = "logged in";
OP.cookie_header(cout);
}else if(op=="logout") {
example_op_t OP(gw);
OP.set_authorized(false);
op.clear();
message = "logged out";
}
string omode;
try { omode = gw.get_param("openid.mode"); }catch(kingate::exception_notfound&) { }
if(op=="xrds") {
cout <<
"Content-type: application/xrds+xml\n\n"
"<?xml version='1.0' encoding='utf-8'?>"
"<xrds:XRDS xmlns:xrds='xri://$xrds' xmlns='xri://$xrd*($v*2.0)'>"
"<XRD>"
"<Service>"
"<Type>" STURI_OPENID20 "</Type>"
"<URI>" << get_self_url(gw) << "</URI>"
"</Service>";
if(gw.has_param("idsel")){
cout <<
"<Service>"
"<Type>" STURI_OPENID20_OP "</Type>"
"<URI>" << get_self_url(gw) << "</URI>";
}
cout <<
"</XRD>"
"</xrds:XRDS>";
}else if(op=="id_res" || op=="cancel") {
kingate_openid_message_t inm(gw);
example_op_t OP(gw);
if(gw.get_param("hts_id")!=OP.htc.get_value())
throw opkele::exception(OPKELE_CP_ "toying around, huh?");
opkele::sreg_t sreg;
OP.checkid_(inm,sreg);