| -rw-r--r-- | include/opkele/iterator.h | 4 | ||||
| -rw-r--r-- | lib/discovery.cc | 4 | ||||
| -rw-r--r-- | lib/message.cc | 2 | ||||
| -rw-r--r-- | lib/prequeue_rp.cc | 4 | ||||
| -rw-r--r-- | lib/secret.cc | 2 | ||||
| -rw-r--r-- | lib/util.cc | 6 |
6 files changed, 11 insertions, 11 deletions
diff --git a/include/opkele/iterator.h b/include/opkele/iterator.h index 28c1c83..8f86234 100644 --- a/include/opkele/iterator.h +++ b/include/opkele/iterator.h @@ -110,107 +110,107 @@ namespace opkele { bool operator!=(const forward_iterator_proxy<T,TR,TP>& x) const { return (*I)!=(*(x.I)); } TR operator*() const { return **I; } TP operator->() const { return I->operator->(); } forward_iterator_proxy<T,TR,TP>& operator++() { I->advance(); return *this; } forward_iterator_proxy<T,TR,TP>& operator++(int) { forward_iterator_proxy<T,TR,TP> rv(*this); I->advance(); return rv; } }; template<typename IT> class basic_filterator : public iterator< typename IT::iterator_category, typename IT::value_type, typename IT::difference_type, typename IT::pointer, typename IT::reference> { public: IT it; IT ei; bool empty; basic_filterator() : empty(true) { } basic_filterator(const IT& _bi,const IT& _ei) : it(_bi), ei(_ei) { empty = (it==ei); } basic_filterator(const basic_filterator<IT>& x) : it(x.it), ei(x.ei), empty(x.empty) { } virtual ~basic_filterator() { } bool operator==(const basic_filterator<IT>& x) const { return empty?x.empty:(it==x.it); } bool operator!=(const basic_filterator<IT>& x) const { return empty!=x.empty || it!=x.it; } typename IT::reference operator*() const { assert(!empty); return *it; } typename IT::pointer operator->() const { assert(!empty); return it.operator->(); } basic_filterator<IT>& operator++() { bool found = false; - for(++it;!(it==ei || (found=is_interesting()));++it); + for(++it;!(it==ei || (found=is_interesting()));++it) ; if(!found) empty=true; return *this; } basic_filterator<IT> operator++(int) { basic_filterator<IT> rv(*this); ++(*this); return rv; } void prepare() { bool found = false; - for(;!(it==ei || (found=is_interesting()));++it); + for(;!(it==ei || (found=is_interesting()));++it) ; if(!found) empty = true; } virtual bool is_interesting() const = 0; }; template<typename IT,typename T=typename IT::value_type::first_type,typename TR=T&,typename TP=T*> class map_keys_iterator : public iterator< typename IT::iterator_category, T,void,TP,TR> { public: typedef map_keys_iterator<IT,T,TR,TP> self_type; IT it; IT ei; bool empty; map_keys_iterator() : empty(true) { } map_keys_iterator(const IT& _bi, const IT& _ei) : it(_bi), ei(_ei) { empty = (it==ei); } map_keys_iterator(const self_type& x) : it(x.it), ei(x.ei), empty(x.empty) { } bool operator==(const self_type& x) const { return empty?x.empty:(it==x.it); } bool operator!=(const self_type& x) const { return empty!=x.empty || it!=x.it; } TR operator*() const { assert(!empty); return it->first; } TP operator->() const { assert(!empty); return &(it->first); } self_type& operator++() { assert(!empty); empty=((++it)==ei); return *this; } self_type operator++(int) { self_type rv(*this); ++(*this); return rv; } }; } } #endif /* __OPKELE_ITERATOR_H */ diff --git a/lib/discovery.cc b/lib/discovery.cc index d1989ec..984e308 100644 --- a/lib/discovery.cc +++ b/lib/discovery.cc @@ -294,97 +294,97 @@ namespace opkele { void html2xrd(endpoint_discovery_iterator& oi,idiscovery_t& id) { XRD_t& x = id.xrd; if(!html_openid2.uris.empty()) { html_openid2.types.insert(STURI_OPENID20); x.services.add(-1,html_openid2); queue_endpoints(oi,id,&op_service_types[st_index_2]); } if(!html_openid1.uris.empty()) { html_openid1.types.insert(STURI_OPENID11); x.services.add(-1,html_openid1); queue_endpoints(oi,id,&op_service_types[st_index_1]); } } size_t write(void *p,size_t s,size_t nm) { /* TODO: limit total size */ size_t bytes = s*nm; const char *inbuf = (const char*)p; if(xmode&xmode_html) { size_t mbts = save_html.capacity()-save_html.size(); size_t bts = 0; if(mbts>0) { bts = (bytes>mbts)?mbts:bytes; save_html.append(inbuf,bts); } if(skipping<0) return bts; } if(skipping<0) return 0; bool rp = parse(inbuf,bytes,false); if(!rp) { parser_choked = true; skipping = -1; if(!(xmode&xmode_html)) bytes = 0; } return bytes; } size_t header(void *p,size_t s,size_t nm) { size_t bytes = s*nm; const char *h = (const char*)p; const char *colon = (const char*)memchr(p,':',bytes); const char *space = (const char*)memchr(p,' ',bytes); if(space && ( (!colon) || space<colon ) ) { xrds_location.clear(); http_content_type.clear(); }else if(colon) { const char *hv = ++colon; size_t hnl = colon-h; int rb; - for(rb = bytes-hnl-1;rb>0 && isspace(*hv);++hv,--rb); + for(rb = bytes-hnl-1;rb>0 && isspace(*hv);++hv,--rb) ; while(rb>0 && isspace(hv[rb-1])) --rb; if(rb) { if( (hnl>=sizeof(XRDS_HEADER)) && !strncasecmp(h,XRDS_HEADER":", sizeof(XRDS_HEADER)) ) { xrds_location.assign(hv,rb); }else if( (hnl>=sizeof(CT_HEADER)) && !strncasecmp(h,CT_HEADER":", sizeof(CT_HEADER)) ) { const char *sc = (const char*)memchr( hv,';',rb); http_content_type.assign(hv,sc?(sc-hv):rb); } } } return curl_t::header(p,s,nm); } void start_element(const XML_Char *n,const XML_Char **a) { if(skipping<0) return; if(skipping) { if(xmode&xmode_html) html_start_element(n,a); ++skipping; return; } if(pt_stack.empty()) { if(is_qelement(n,NSURI_XRDS "\tXRDS")) return; if(is_qelement(n,NSURI_XRD "\tXRD")) { assert(xrd); xrd->clear(); pt_stack.push_back(n); }else if(xmode&xmode_html) { html_start_element(n,a); }else{ skipping = -1; } }else{ int pt_s = pt_stack.size(); if(pt_s==1) { if(is_qelement(n,NSURI_XRD "\tCanonicalID")) { assert(xrd); cdata = &(xrd->canonical_ids.add(element_priority(a),string())); }else if(is_qelement(n,NSURI_XRD "\tLocalID")) { assert(xrd); cdata = &(xrd->local_ids.add(element_priority(a),string())); }else if(is_qelement(n,NSURI_XRD "\tProviderID")) { assert(xrd); @@ -455,97 +455,97 @@ namespace opkele { }else if(is_qelement(n,NSURI_XRD "\tService")) { assert(xrd); assert(xrd_service); assert(!pt_stack.empty()); assert(pt_stack.back()==(NSURI_XRD "\tService")); pt_stack.pop_back(); xrd_service = 0; }else if(is_qelement(n,NSURI_XRD "\tStatus")) { assert(xrd); if(is_qelement(pt_stack.back().c_str(),n)) { assert(cdata==&status_string); pt_stack.pop_back(); if(status_code!=100) skipping = -1; } }else if(is_qelement(n,NSURI_XRD "\tExpires")) { assert(xrd); xrd->expires = util::w3c_to_time(cdata_buf); }else if((xmode&xmode_html) && is_element(n,"head")) { skipping = -1; } cdata = 0; } void character_data(const XML_Char *s,int l) { if(skipping) return; if(cdata) cdata->append(s,l); } void html_start_element(const XML_Char *n,const XML_Char **a) { if(is_element(n,"meta")) { bool heq = false; string l; for(;*a;a+=2) { if(!( strcasecmp(a[0],"http-equiv") || strcasecmp(a[1],XRDS_HEADER) )) heq = true; else if(!strcasecmp(a[0],"content")) l.assign(a[1]); } if(heq) xrds_location = l; }else if(is_element(n,"link")) { string rels; string href; for(;*a;a+=2) { if( !strcasecmp(a[0],"rel") ) { rels.assign(a[1]); }else if( !strcasecmp(a[0],"href") ) { const char *ns = a[1]; - for(;*ns && isspace(*ns);++ns); + for(;*ns && isspace(*ns);++ns) ; href.assign(ns); string::size_type lns=href.find_last_not_of(data::_whitespace_chars); href.erase(lns+1); } } for(string::size_type ns=rels.find_first_not_of(data::_whitespace_chars); ns!=string::npos; ns=rels.find_first_not_of(data::_whitespace_chars,ns)) { string::size_type s = rels.find_first_of(data::_whitespace_chars,ns); string rel; if(s==string::npos) { rel.assign(rels,ns,string::npos); ns = string::npos; }else{ rel.assign(rels,ns,s-ns); ns = s; } if(rel=="openid.server") html_openid1.uris.add(-1,xrd::uri_t(href)); else if(rel=="openid.delegate") html_openid1.local_ids.add(-1,href); else if(rel=="openid2.provider") html_openid2.uris.add(-1,xrd::uri_t(href)); else if(rel=="openid2.local_id") html_openid2.local_ids.add(-1,href); } }else if(is_element(n,"body")) { skipping = -1; } } void queue_endpoints(endpoint_discovery_iterator& oi, const idiscovery_t &id, const service_type_t *st) { openid_endpoint_t ep; ep.claimed_id = id.canonicalized_id; for(xrd::services_t::const_iterator isvc=id.xrd.services.begin(); isvc!=id.xrd.services.end(); ++isvc) { const xrd::service_t svc = isvc->second; if(svc.types.find(st->uri)==svc.types.end()) continue; for(xrd::uris_t::const_iterator iu=svc.uris.begin();iu!=svc.uris.end();++iu) { ep.uri = iu->second.uri; if(id.xri_identity) { if(iu->second.append=="qxri") { ep.uri += id.normalized_id; } /* TODO: else handle other append attribute values */ } if(st->forceid) { ep.local_id = ep.claimed_id = st->forceid; diff --git a/lib/message.cc b/lib/message.cc index 524946a..c1f8088 100644 --- a/lib/message.cc +++ b/lib/message.cc @@ -113,84 +113,84 @@ namespace opkele { void basic_openid_message::to_htmlhiddens(ostream& o,const char* pfx) const { for_each(fields_begin(),fields_end(),__om_html_outputter(*this,o,pfx)); } void basic_openid_message::add_to_signed(const string& fields) { string::size_type fnc = fields.find_first_not_of(","); if(fnc==string::npos) throw bad_input(OPKELE_CP_ "Trying to add nothing in particular to the list of signed fields"); string signeds; try { signeds = get_field("signed"); string::size_type lnc = signeds.find_last_not_of(","); if(lnc==string::npos) signeds.assign(fields,fnc,fields.size()-fnc); else{ string::size_type ss = signeds.size(); if(lnc==(ss-1)) { signeds+= ','; signeds.append(fields,fnc,fields.size()-fnc); }else{ if(lnc<(ss-2)) signeds.replace(lnc+2,ss-lnc-2, fields,fnc,fields.size()-fnc); else signeds.append(fields,fnc,fields.size()-fnc); } } }catch(failed_lookup&) { signeds.assign(fields,fnc,fields.size()-fnc); } set_field("signed",signeds); } string basic_openid_message::find_ns(const string& uri,const char *pfx) const { try { return get_ns(uri); }catch(failed_lookup&) { return pfx; } } string basic_openid_message::allocate_ns(const string& uri,const char *pfx) { if(!has_field("ns")) return pfx; if(has_ns(uri)) throw bad_input(OPKELE_CP_ "OpenID message already contains namespace"); string rv = pfx; if(has_field("ns."+rv)) { string::reference c=rv[rv.length()]; - for(c='a';c<='z' && has_field("ns."+rv);++c); + for(c='a';c<='z' && has_field("ns."+rv);++c) ; if(c=='z') throw exception(OPKELE_CP_ "Failed to allocate namespace"); } set_field("ns."+rv,uri); return rv; } bool openid_message_t::has_field(const string& n) const { return find(n)!=end(); } const string& openid_message_t::get_field(const string& n) const { const_iterator i=find(n); if(i==end()) throw failed_lookup(OPKELE_CP_ n+": no such field"); return i->second; } openid_message_t::fields_iterator openid_message_t::fields_begin() const { return util::map_keys_iterator<const_iterator,string,const string&,const string*>(begin(),end()); } openid_message_t::fields_iterator openid_message_t::fields_end() const { return util::map_keys_iterator<const_iterator,string,const string&,const string*>(end(),end()); } void openid_message_t::reset_fields() { clear(); } void openid_message_t::set_field(const string& n,const string& v) { (*this)[n]=v; } void openid_message_t::reset_field(const string& n) { erase(n); } } diff --git a/lib/prequeue_rp.cc b/lib/prequeue_rp.cc index e499d08..886efae 100644 --- a/lib/prequeue_rp.cc +++ b/lib/prequeue_rp.cc @@ -1,86 +1,86 @@ #include <iostream> #include <openssl/sha.h> #include <openssl/hmac.h> #include <opkele/exception.h> #include <opkele/prequeue_rp.h> #include <opkele/discovery.h> #include <opkele/uris.h> #include <opkele/data.h> #include <opkele/util.h> #include <opkele/curl.h> #include <opkele/debug.h> namespace opkele { class __OP_verifier_good_input : public exception { public: __OP_verifier_good_input(OPKELE_E_PARS) : exception(OPKELE_E_CONS) { } }; class OP_verifier : public iterator<output_iterator_tag,openid_endpoint_t,void> { public: const string& OP; const string& id; OP_verifier(const string& o,const string& i) : OP(o), id(i) { } OP_verifier& operator*() { return *this; } OP_verifier& operator=(const openid_endpoint_t& oep) { if(oep.uri==OP) { if(oep.claimed_id==IDURI_SELECT20 || oep.local_id==IDURI_SELECT20 ) throw bad_input(OPKELE_CP_ "claimed_id is an OP-Id"); if(oep.local_id==id) throw __OP_verifier_good_input(OPKELE_CP_ "Found corresponding endpoint"); } return *this; } OP_verifier& operator++() { return *this; } OP_verifier& operator++(int) { return *this; } }; - void prequeue_RP::verify_OP(const string& OP,const string& claimed_id,const string& id) const { + void prequeue_RP::verify_OP(const string& OP,const string& _claimed_id,const string& id) const { try { - discover(OP_verifier(OP,id),claimed_id); + discover(OP_verifier(OP,id),_claimed_id); throw id_res_unauthorized(OPKELE_CP_ "OP is not authorized to make an assertion regarding the identity"); }catch(__OP_verifier_good_input& ovgi) { } } class endpoint_queuer : public iterator<output_iterator_tag,openid_endpoint_t,void> { public: prequeue_RP& rp; endpoint_queuer(prequeue_RP& r) : rp(r) { } endpoint_queuer& operator*() { return *this; } endpoint_queuer& operator=(const openid_endpoint_t& oep) { rp.queue_endpoint(oep); return *this; } endpoint_queuer& operator++() { return *this; } endpoint_queuer& operator++(int) { return *this; } }; void prequeue_RP::initiate(const string& usi) { begin_queueing(); set_normalized_id( discover(endpoint_queuer(*this),usi) ); end_queueing(); } void prequeue_RP::set_normalized_id(const string&) { } const string prequeue_RP::get_normalized_id() const { throw not_implemented(OPKELE_CP_ "get_normalized_id() is not implemented"); } const string prequeue_RP::discover(openid_endpoint_output_iterator it, const string& id) const { return idiscover(it,id); } } diff --git a/lib/secret.cc b/lib/secret.cc index d538890..3f1e39c 100644 --- a/lib/secret.cc +++ b/lib/secret.cc @@ -1,45 +1,45 @@ #include <algorithm> #include <functional> #include <opkele/types.h> #include <opkele/exception.h> #include <opkele/util.h> namespace opkele { using namespace std; template<class __a1,class __a2,class __r> struct bitwise_xor : public binary_function<__a1,__a2,__r> { __r operator() (const __a1& a1,const __a2& a2) const { - return a1^a2; + return (__r)(a1^a2); } }; void secret_t::enxor_to_base64(const unsigned char *key_d,string& rv) const { vector<unsigned char> tmp; transform( begin(), end(), key_d, back_insert_iterator<vector<unsigned char> >(tmp), bitwise_xor<unsigned char,unsigned char,unsigned char>() ); rv = util::encode_base64(&(tmp.front()),tmp.size()); } void secret_t::enxor_from_base64(const unsigned char *key_d,const string& b64) { clear(); util::decode_base64(b64,*this); transform( begin(), end(), key_d, begin(), bitwise_xor<unsigned char,unsigned char,unsigned char>() ); } void secret_t::to_base64(string& rv) const { rv = util::encode_base64(&(front()),size()); } void secret_t::from_base64(const string& b64) { util::decode_base64(b64,*this); } } diff --git a/lib/util.cc b/lib/util.cc index b702291..d979502 100644 --- a/lib/util.cc +++ b/lib/util.cc @@ -166,97 +166,97 @@ namespace opkele { if(c=='~') return true; return false; } struct __url_encoder : public unary_function<char,void> { public: string& rv; __url_encoder(string& r) : rv(r) { } result_type operator()(argument_type c) { if(isrfc3986unreserved(c)) rv += c; else{ char tmp[4]; snprintf(tmp,sizeof(tmp),"%%%02X", (c&0xff)); rv += tmp; } } }; string url_encode(const string& str) { string rv; for_each(str.begin(),str.end(), __url_encoder(rv)); return rv; } string url_decode(const string& str) { string rv; back_insert_iterator<string> ii(rv); for(string::const_iterator i=str.begin(),ie=str.end(); i!=ie;++i) { switch(*i) { case '+': *(ii++) = ' '; break; case '%': ++i; static char tmp[3] = {0,0,0}; if(i==ie) throw failed_conversion(OPKELE_CP_ "trailing percent in the url-encoded string"); tmp[0] = *(i++); if(i==ie) throw failed_conversion(OPKELE_CP_ "not enough hexadecimals after the percent sign in url-encoded string"); tmp[1] = *i; if(!(isxdigit(tmp[0]) && isxdigit(tmp[1]))) throw failed_conversion(OPKELE_CP_ "non-hex follows percent in url-encoded string"); - *(ii++) = strtol(tmp,0,16); + *(ii++) = (char)strtol(tmp,0,16); break; default: *(ii++) = *i; break; } } return rv; } string attr_escape(const string& str) { static const char *unsafechars = "<>&\n\"'"; string rv; string::size_type p=0; while(true) { string::size_type us = str.find_first_of(unsafechars,p); if(us==string::npos) { if(p!=str.length()) rv.append(str,p,str.length()-p); return rv; } rv.append(str,p,us-p); rv += "&#"; rv += long_to_string((long)str[us]); rv += ';'; p = us+1; } } string long_to_string(long l) { char rv[32]; int r=snprintf(rv,sizeof(rv),"%ld",l); if(r<0 || r>=(int)sizeof(rv)) throw failed_conversion(OPKELE_CP_ "failed to snprintf()"); return rv; } long string_to_long(const string& s) { char *endptr = 0; long rv = strtol(s.c_str(),&endptr,10); if((!endptr) || endptr==s.c_str()) throw failed_conversion(OPKELE_CP_ "failed to strtol()"); return rv; } /* * Normalize URL according to the rules, described in rfc 3986, section 6 * * - uppercase hex triplets (e.g. %ab -> %AB) * - lowercase scheme and host @@ -303,100 +303,100 @@ namespace opkele { rv += '/'; return rv; } transform( uri.begin()+colon+3,uri.begin()+interesting, back_inserter(rv), ::tolower ); bool qf = false; char ic = uri[interesting]; if(ic==':') { string::size_type ni = uri.find_first_of("/#?%",interesting+1); const char *nptr = uri.data()+interesting+1; char *eptr = 0; long port = strtol(nptr,&eptr,10); if( (port>0) && (port<65535) && port!=(s?443:80) ) { char tmp[8]; snprintf(tmp,sizeof(tmp),":%ld",port); rv += tmp; } if(ni==string::npos) { rv += '/'; return rv; } interesting = ni; }else if(ic!='/') { rv += '/'; rv += ic; qf = true; ++interesting; } string::size_type n = interesting; char tmp[3] = { 0,0,0 }; stack<string::size_type> psegs; psegs.push(rv.length()); string pseg; for(;n<ul;) { string::size_type unsafe = uri.find_first_of(qf?"%":"%/?#",n); if(unsafe==string::npos) { pseg.append(uri,n,ul-n-1); n = ul-1; }else{ pseg.append(uri,n,unsafe-n); n = unsafe; } char c = uri[n++]; if(c=='%') { if((n+1)>=ul) throw bad_input(OPKELE_CP_ "Unexpected end of URI encountered while parsing percent-encoded character"); tmp[0] = uri[n++]; tmp[1] = uri[n++]; if(!( isxdigit(tmp[0]) && isxdigit(tmp[1]) )) throw bad_input(OPKELE_CP_ "Invalid percent-encoded character in URI being normalized"); int cc = strtol(tmp,0,16); if( isalpha(cc) || isdigit(cc) || strchr("._~-",cc) ) - pseg += cc; + pseg += (char)cc; else{ pseg += '%'; - pseg += toupper(tmp[0]); pseg += toupper(tmp[1]); + pseg += (char)toupper(tmp[0]); pseg += (char)toupper(tmp[1]); } }else if(qf) { rv += pseg; rv += c; pseg.clear(); }else if(n>=ul || strchr("?/#",c)) { if(pseg.empty() || pseg==".") { }else if(pseg=="..") { if(psegs.size()>1) { rv.resize(psegs.top()); psegs.pop(); } }else{ psegs.push(rv.length()); if(c!='/') { pseg += c; qf = true; } rv += '/'; rv += pseg; } if(c=='/' && (n>=ul || strchr("?#",uri[n])) ) { rv += '/'; if(n<ul) qf = true; }else if(strchr("?#",c)) { if(psegs.size()==1 && psegs.top()==rv.length()) rv += '/'; if(pseg.empty()) rv += c; qf = true; } pseg.clear(); }else{ pseg += c; } } if(!pseg.empty()) { if(!qf) rv += '/'; rv += pseg; } return rv; } string& strip_uri_fragment_part(string& u) { string::size_type q = u.find('?'), f = u.find('#'); if(q==string::npos) { if(f!=string::npos) u.erase(f); }else{ if(f!=string::npos) { |