1 files changed, 2 insertions, 2 deletions
diff --git a/lib/consumer.cc b/lib/consumer.cc
index 76b6ea7..f9212ea 100644
--- a/lib/consumer.cc
+++ b/lib/consumer.cc
@@ -85,97 +85,97 @@ namespace opkele {
        || (r=curl_easy_setopt(c,CURLOPT_TIMEOUT,20))
        #ifdefDISABLE_CURL_SSL_VERIFYHOST
        || (r=curl_easy_setopt(c,CURLOPT_SSL_VERIFYHOST,0))
 #endif
        #ifdefDISABLE_CURL_SSL_VERIFYPEER
        || (r=curl_easy_setopt(c,CURLOPT_SSL_VERIFYPEER,0))
 #endif
        ;
        return r;
    }
    static size_t _curl_tostring(void *ptr,size_t size,size_t nmemb,void *stream) {
        string *str = (string*)stream;
        size_t bytes = size*nmemb;
        size_t get = min(16384-str->length(),bytes);
        str->append((const char*)ptr,get);
        return get;
    }
    assoc_t consumer_t::associate(const string& server) {
        util::dh_t dh = DH_new();
        if(!dh)
            throw exception_openssl(OPKELE_CP_ "failed to DH_new()");
        dh->p = util::dec_to_bignum(data::_default_p);
        dh->g = util::dec_to_bignum(data::_default_g);
        if(!DH_generate_key(dh))
            throw exception_openssl(OPKELE_CP_ "failed to DH_generate_key()");
        string request = 
            "openid.mode=associate"
            "&openid.assoc_type=HMAC-SHA1"
            "&openid.session_type=DH-SHA1"
            "&openid.dh_consumer_public=";
        request += util::url_encode(util::bignum_to_base64(dh->pub_key));
        curl_t curl = curl_easy_init();
        if(!curl)
            throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");
        string response;
        CURLcode r;
        (r=curl_misc_sets(curl))
        || (r=curl_easy_setopt(curl,CURLOPT_URL,server.c_str()))
        || (r=curl_easy_setopt(curl,CURLOPT_POST,1))
        || (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDS,request.data()))
        || (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,request.length()))
        || (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))
        || (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response))
        ;
        if(r)
            throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);
-        if(r=curl_easy_perform(curl))
+        if( (r=curl_easy_perform(curl)) )
            throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);
        params_t p; p.parse_keyvalues(response);
        if(p.has_param("assoc_type") && p.get_param("assoc_type")!="HMAC-SHA1")
            throw bad_input(OPKELE_CP_ "unsupported assoc_type");
        string st;
        if(p.has_param("session_type")) st = p.get_param("session_type");
        if((!st.empty()) && st!="DH-SHA1")
            throw bad_input(OPKELE_CP_ "unsupported session_type");
        secret_t secret;
        if(st.empty()) {
            secret.from_base64(p.get_param("mac_key"));
        }else{
            util::bignum_t s_pub = util::base64_to_bignum(p.get_param("dh_server_public"));
            vector<unsigned char> ck(DH_size(dh)+1);
            unsigned char *ckptr = &(ck.front())+1;
            int cklen = DH_compute_key(ckptr,s_pub,dh);
            if(cklen<0)
                throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()");
            if(cklen && (*ckptr)&0x80) {
                (*(--ckptr)) = 0; ++cklen;
            }
            unsigned char key_sha1[SHA_DIGEST_LENGTH];
            SHA1(ckptr,cklen,key_sha1);
            secret.enxor_from_base64(key_sha1,p.get_param("enc_mac_key"));
        }
        int expires_in = 0;
        if(p.has_param("expires_in")) {
            expires_in = util::string_to_long(p.get_param("expires_in"));
        }else if(p.has_param("issued") && p.has_param("expiry")) {
            expires_in = util::w3c_to_time(p.get_param("expiry"))-util::w3c_to_time(p.get_param("issued"));
        }else
            throw bad_input(OPKELE_CP_ "no expiration information");
        return store_assoc(server,p.get_param("assoc_handle"),secret,expires_in);
    }
    string consumer_t::checkid_immediate(const string& identity,const string& return_to,const string& trust_root,extension_t *ext) {
        return checkid_(mode_checkid_immediate,identity,return_to,trust_root,ext);
    }
    string consumer_t::checkid_setup(const string& identity,const string& return_to,const string& trust_root,extension_t *ext) {
        return checkid_(mode_checkid_setup,identity,return_to,trust_root,ext);
    }
    string consumer_t::checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root,extension_t *ext) {
        params_t p;
        if(mode==mode_checkid_immediate)
            p["mode"]="checkid_immediate";
        else if(mode==mode_checkid_setup)
            p["mode"]="checkid_setup";
        else
@@ -245,97 +245,97 @@ namespace opkele {
                string f = "openid.";
                f += (co==string::npos)?slist.substr(pp):slist.substr(pp,co-pp);
                p[f] = pin.get_param(f);
                if(co==string::npos)
                    break;
                pp = co+1;
            }
            p["openid.assoc_handle"] = pin.get_param("openid.assoc_handle");
            p["openid.sig"] = pin.get_param("openid.sig");
            p["openid.signed"] = pin.get_param("openid.signed");
            try {
                string ih = pin.get_param("openid.invalidate_handle");
                p["openid.invalidate_handle"] = ih;
            }catch(failed_lookup& fl) { }
            try {
                check_authentication(server,p);
            }catch(failed_check_authentication& fca) {
                throw id_res_failed(OPKELE_CP_ "failed to check_authentication()");
            }
        }
        if(ext) ext->id_res_hook(pin,ps,identity);
    }
    void consumer_t::check_authentication(const string& server,const params_t& p) {
        string request = "openid.mode=check_authentication";
        for(params_t::const_iterator i=p.begin();i!=p.end();++i) {
            if(i->first!="openid.mode") {
                request += '&';
                request += i->first;
                request += '=';
                request += util::url_encode(i->second);
            }
        }
        curl_t curl = curl_easy_init();
        if(!curl)
            throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");
        string response;
        CURLcode r;
        (r=curl_misc_sets(curl))
        || (r=curl_easy_setopt(curl,CURLOPT_URL,server.c_str()))
        || (r=curl_easy_setopt(curl,CURLOPT_POST,1))
        || (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDS,request.data()))
        || (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,request.length()))
        || (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))
        || (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response))
        ;
        if(r)
            throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);
-        if(r=curl_easy_perform(curl))
+        if( (r=curl_easy_perform(curl)) )
            throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);
        params_t pp; pp.parse_keyvalues(response);
        if(pp.has_param("invalidate_handle"))
            invalidate_assoc(server,pp.get_param("invalidate_handle"));
        if(pp.has_param("is_valid")) {
            if(pp.get_param("is_valid")=="true")
                return;
        }else if(pp.has_param("lifetime")) {
            if(util::string_to_long(pp.get_param("lifetime")))
                return;
        }
        throw failed_check_authentication(OPKELE_CP_ "failed to verify response");
    }
    void consumer_t::retrieve_links(const string& url,string& server,string& delegate) {
        server.erase();
        delegate.erase();
        curl_t curl = curl_easy_init();
        if(!curl)
            throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");
        string html;
        CURLcode r;
        (r=curl_misc_sets(curl))
        || (r=curl_easy_setopt(curl,CURLOPT_URL,url.c_str()))
        || (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))
        || (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&html))
        ;
        if(r)
            throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);
        r = curl_easy_perform(curl);
        if(r && r!=CURLE_WRITE_ERROR)
            throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);
        static const char *re_bre = "<\\s*body\\b", *re_hdre = "<\\s*head[^>]*>",
                     *re_lre = "<\\s*link\\b([^>]+)>",
                     *re_rre = "\\brel\\s*=\\s*['\"]([^'\"]+)['\"]",
                     *re_hre = "\\bhref\\s*=\\s*['\"]\\s*([^'\"\\s]+)\\s*['\"]";
        pcre_matches_t m1(3), m2(3);
        pcre_t bre(re_bre,PCRE_CASELESS);
        if(bre.exec(html,m1)>0)
            html.erase(m1.begin(0));
        pcre_t hdre(re_hdre,PCRE_CASELESS);
        if(hdre.exec(html,m1)<=0)
            throw bad_input(OPKELE_CP_ "failed to find <head>");
        html.erase(0,m1.end(0)+1);
        pcre_t lre(re_lre,PCRE_CASELESS), rre(re_rre,PCRE_CASELESS), hre(re_hre,PCRE_CASELESS);
        bool gotit = false;
        while( (!gotit) && lre.exec(html,m1)>=2 ) {
            static const char *whitespace = " \t";

diff --git a/lib/consumer.cc b/lib/consumer.cc index 76b6ea7..f9212ea 100644 --- a/lib/consumer.cc +++ b/lib/consumer.cc
@@ -85,97 +85,97 @@ namespace opkele {
85	\|\| (r=curl_easy_setopt(c,CURLOPT_TIMEOUT,20))	85	\|\| (r=curl_easy_setopt(c,CURLOPT_TIMEOUT,20))
86	#ifdefDISABLE_CURL_SSL_VERIFYHOST	86	#ifdefDISABLE_CURL_SSL_VERIFYHOST
87	\|\| (r=curl_easy_setopt(c,CURLOPT_SSL_VERIFYHOST,0))	87	\|\| (r=curl_easy_setopt(c,CURLOPT_SSL_VERIFYHOST,0))
88	#endif	88	#endif
89	#ifdefDISABLE_CURL_SSL_VERIFYPEER	89	#ifdefDISABLE_CURL_SSL_VERIFYPEER
90	\|\| (r=curl_easy_setopt(c,CURLOPT_SSL_VERIFYPEER,0))	90	\|\| (r=curl_easy_setopt(c,CURLOPT_SSL_VERIFYPEER,0))
91	#endif	91	#endif
92	;	92	;
93	return r;	93	return r;
94	}	94	}
95		95
96	static size_t _curl_tostring(void ptr,size_t size,size_t nmemb,void stream) {	96	static size_t _curl_tostring(void ptr,size_t size,size_t nmemb,void stream) {
97	string str = (string)stream;	97	string str = (string)stream;
98	size_t bytes = size*nmemb;	98	size_t bytes = size*nmemb;
99	size_t get = min(16384-str->length(),bytes);	99	size_t get = min(16384-str->length(),bytes);
100	str->append((const char*)ptr,get);	100	str->append((const char*)ptr,get);
101	return get;	101	return get;
102	}	102	}
103		103
104	assoc_t consumer_t::associate(const string& server) {	104	assoc_t consumer_t::associate(const string& server) {
105	util::dh_t dh = DH_new();	105	util::dh_t dh = DH_new();
106	if(!dh)	106	if(!dh)
107	throw exception_openssl(OPKELE_CP_ "failed to DH_new()");	107	throw exception_openssl(OPKELE_CP_ "failed to DH_new()");
108	dh->p = util::dec_to_bignum(data::_default_p);	108	dh->p = util::dec_to_bignum(data::_default_p);
109	dh->g = util::dec_to_bignum(data::_default_g);	109	dh->g = util::dec_to_bignum(data::_default_g);
110	if(!DH_generate_key(dh))	110	if(!DH_generate_key(dh))
111	throw exception_openssl(OPKELE_CP_ "failed to DH_generate_key()");	111	throw exception_openssl(OPKELE_CP_ "failed to DH_generate_key()");
112	string request =	112	string request =
113	"openid.mode=associate"	113	"openid.mode=associate"
114	"&openid.assoc_type=HMAC-SHA1"	114	"&openid.assoc_type=HMAC-SHA1"
115	"&openid.session_type=DH-SHA1"	115	"&openid.session_type=DH-SHA1"
116	"&openid.dh_consumer_public=";	116	"&openid.dh_consumer_public=";
117	request += util::url_encode(util::bignum_to_base64(dh->pub_key));	117	request += util::url_encode(util::bignum_to_base64(dh->pub_key));
118	curl_t curl = curl_easy_init();	118	curl_t curl = curl_easy_init();
119	if(!curl)	119	if(!curl)
120	throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");	120	throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");
121	string response;	121	string response;
122	CURLcode r;	122	CURLcode r;
123	(r=curl_misc_sets(curl))	123	(r=curl_misc_sets(curl))
124	\|\| (r=curl_easy_setopt(curl,CURLOPT_URL,server.c_str()))	124	\|\| (r=curl_easy_setopt(curl,CURLOPT_URL,server.c_str()))
125	\|\| (r=curl_easy_setopt(curl,CURLOPT_POST,1))	125	\|\| (r=curl_easy_setopt(curl,CURLOPT_POST,1))
126	\|\| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDS,request.data()))	126	\|\| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDS,request.data()))
127	\|\| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,request.length()))	127	\|\| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,request.length()))
128	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))	128	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))
129	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response))	129	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response))
130	;	130	;
131	if(r)	131	if(r)
132	throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);	132	throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);
133	if(r=curl_easy_perform(curl))	133	if( (r=curl_easy_perform(curl)) )
134	throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);	134	throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);
135	params_t p; p.parse_keyvalues(response);	135	params_t p; p.parse_keyvalues(response);
136	if(p.has_param("assoc_type") && p.get_param("assoc_type")!="HMAC-SHA1")	136	if(p.has_param("assoc_type") && p.get_param("assoc_type")!="HMAC-SHA1")
137	throw bad_input(OPKELE_CP_ "unsupported assoc_type");	137	throw bad_input(OPKELE_CP_ "unsupported assoc_type");
138	string st;	138	string st;
139	if(p.has_param("session_type")) st = p.get_param("session_type");	139	if(p.has_param("session_type")) st = p.get_param("session_type");
140	if((!st.empty()) && st!="DH-SHA1")	140	if((!st.empty()) && st!="DH-SHA1")
141	throw bad_input(OPKELE_CP_ "unsupported session_type");	141	throw bad_input(OPKELE_CP_ "unsupported session_type");
142	secret_t secret;	142	secret_t secret;
143	if(st.empty()) {	143	if(st.empty()) {
144	secret.from_base64(p.get_param("mac_key"));	144	secret.from_base64(p.get_param("mac_key"));
145	}else{	145	}else{
146	util::bignum_t s_pub = util::base64_to_bignum(p.get_param("dh_server_public"));	146	util::bignum_t s_pub = util::base64_to_bignum(p.get_param("dh_server_public"));
147	vector<unsigned char> ck(DH_size(dh)+1);	147	vector<unsigned char> ck(DH_size(dh)+1);
148	unsigned char *ckptr = &(ck.front())+1;	148	unsigned char *ckptr = &(ck.front())+1;
149	int cklen = DH_compute_key(ckptr,s_pub,dh);	149	int cklen = DH_compute_key(ckptr,s_pub,dh);
150	if(cklen<0)	150	if(cklen<0)
151	throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()");	151	throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()");
152	if(cklen && (*ckptr)&0x80) {	152	if(cklen && (*ckptr)&0x80) {
153	(*(--ckptr)) = 0; ++cklen;	153	(*(--ckptr)) = 0; ++cklen;
154	}	154	}
155	unsigned char key_sha1[SHA_DIGEST_LENGTH];	155	unsigned char key_sha1[SHA_DIGEST_LENGTH];
156	SHA1(ckptr,cklen,key_sha1);	156	SHA1(ckptr,cklen,key_sha1);
157	secret.enxor_from_base64(key_sha1,p.get_param("enc_mac_key"));	157	secret.enxor_from_base64(key_sha1,p.get_param("enc_mac_key"));
158	}	158	}
159	int expires_in = 0;	159	int expires_in = 0;
160	if(p.has_param("expires_in")) {	160	if(p.has_param("expires_in")) {
161	expires_in = util::string_to_long(p.get_param("expires_in"));	161	expires_in = util::string_to_long(p.get_param("expires_in"));
162	}else if(p.has_param("issued") && p.has_param("expiry")) {	162	}else if(p.has_param("issued") && p.has_param("expiry")) {
163	expires_in = util::w3c_to_time(p.get_param("expiry"))-util::w3c_to_time(p.get_param("issued"));	163	expires_in = util::w3c_to_time(p.get_param("expiry"))-util::w3c_to_time(p.get_param("issued"));
164	}else	164	}else
165	throw bad_input(OPKELE_CP_ "no expiration information");	165	throw bad_input(OPKELE_CP_ "no expiration information");
166	return store_assoc(server,p.get_param("assoc_handle"),secret,expires_in);	166	return store_assoc(server,p.get_param("assoc_handle"),secret,expires_in);
167	}	167	}
168		168
169	string consumer_t::checkid_immediate(const string& identity,const string& return_to,const string& trust_root,extension_t *ext) {	169	string consumer_t::checkid_immediate(const string& identity,const string& return_to,const string& trust_root,extension_t *ext) {
170	return checkid_(mode_checkid_immediate,identity,return_to,trust_root,ext);	170	return checkid_(mode_checkid_immediate,identity,return_to,trust_root,ext);
171	}	171	}
172	string consumer_t::checkid_setup(const string& identity,const string& return_to,const string& trust_root,extension_t *ext) {	172	string consumer_t::checkid_setup(const string& identity,const string& return_to,const string& trust_root,extension_t *ext) {
173	return checkid_(mode_checkid_setup,identity,return_to,trust_root,ext);	173	return checkid_(mode_checkid_setup,identity,return_to,trust_root,ext);
174	}	174	}
175	string consumer_t::checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root,extension_t *ext) {	175	string consumer_t::checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root,extension_t *ext) {
176	params_t p;	176	params_t p;
177	if(mode==mode_checkid_immediate)	177	if(mode==mode_checkid_immediate)
178	p["mode"]="checkid_immediate";	178	p["mode"]="checkid_immediate";
179	else if(mode==mode_checkid_setup)	179	else if(mode==mode_checkid_setup)
180	p["mode"]="checkid_setup";	180	p["mode"]="checkid_setup";
181	else	181	else
@@ -245,97 +245,97 @@ namespace opkele {
245	string f = "openid.";	245	string f = "openid.";
246	f += (co==string::npos)?slist.substr(pp):slist.substr(pp,co-pp);	246	f += (co==string::npos)?slist.substr(pp):slist.substr(pp,co-pp);
247	p[f] = pin.get_param(f);	247	p[f] = pin.get_param(f);
248	if(co==string::npos)	248	if(co==string::npos)
249	break;	249	break;
250	pp = co+1;	250	pp = co+1;
251	}	251	}
252	p["openid.assoc_handle"] = pin.get_param("openid.assoc_handle");	252	p["openid.assoc_handle"] = pin.get_param("openid.assoc_handle");
253	p["openid.sig"] = pin.get_param("openid.sig");	253	p["openid.sig"] = pin.get_param("openid.sig");
254	p["openid.signed"] = pin.get_param("openid.signed");	254	p["openid.signed"] = pin.get_param("openid.signed");
255	try {	255	try {
256	string ih = pin.get_param("openid.invalidate_handle");	256	string ih = pin.get_param("openid.invalidate_handle");
257	p["openid.invalidate_handle"] = ih;	257	p["openid.invalidate_handle"] = ih;
258	}catch(failed_lookup& fl) { }	258	}catch(failed_lookup& fl) { }
259	try {	259	try {
260	check_authentication(server,p);	260	check_authentication(server,p);
261	}catch(failed_check_authentication& fca) {	261	}catch(failed_check_authentication& fca) {
262	throw id_res_failed(OPKELE_CP_ "failed to check_authentication()");	262	throw id_res_failed(OPKELE_CP_ "failed to check_authentication()");
263	}	263	}
264	}	264	}
265	if(ext) ext->id_res_hook(pin,ps,identity);	265	if(ext) ext->id_res_hook(pin,ps,identity);
266	}	266	}
267		267
268	void consumer_t::check_authentication(const string& server,const params_t& p) {	268	void consumer_t::check_authentication(const string& server,const params_t& p) {
269	string request = "openid.mode=check_authentication";	269	string request = "openid.mode=check_authentication";
270	for(params_t::const_iterator i=p.begin();i!=p.end();++i) {	270	for(params_t::const_iterator i=p.begin();i!=p.end();++i) {
271	if(i->first!="openid.mode") {	271	if(i->first!="openid.mode") {
272	request += '&';	272	request += '&';
273	request += i->first;	273	request += i->first;
274	request += '=';	274	request += '=';
275	request += util::url_encode(i->second);	275	request += util::url_encode(i->second);
276	}	276	}
277	}	277	}
278	curl_t curl = curl_easy_init();	278	curl_t curl = curl_easy_init();
279	if(!curl)	279	if(!curl)
280	throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");	280	throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");
281	string response;	281	string response;
282	CURLcode r;	282	CURLcode r;
283	(r=curl_misc_sets(curl))	283	(r=curl_misc_sets(curl))
284	\|\| (r=curl_easy_setopt(curl,CURLOPT_URL,server.c_str()))	284	\|\| (r=curl_easy_setopt(curl,CURLOPT_URL,server.c_str()))
285	\|\| (r=curl_easy_setopt(curl,CURLOPT_POST,1))	285	\|\| (r=curl_easy_setopt(curl,CURLOPT_POST,1))
286	\|\| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDS,request.data()))	286	\|\| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDS,request.data()))
287	\|\| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,request.length()))	287	\|\| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,request.length()))
288	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))	288	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))
289	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response))	289	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response))
290	;	290	;
291	if(r)	291	if(r)
292	throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);	292	throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);
293	if(r=curl_easy_perform(curl))	293	if( (r=curl_easy_perform(curl)) )
294	throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);	294	throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);
295	params_t pp; pp.parse_keyvalues(response);	295	params_t pp; pp.parse_keyvalues(response);
296	if(pp.has_param("invalidate_handle"))	296	if(pp.has_param("invalidate_handle"))
297	invalidate_assoc(server,pp.get_param("invalidate_handle"));	297	invalidate_assoc(server,pp.get_param("invalidate_handle"));
298	if(pp.has_param("is_valid")) {	298	if(pp.has_param("is_valid")) {
299	if(pp.get_param("is_valid")=="true")	299	if(pp.get_param("is_valid")=="true")
300	return;	300	return;
301	}else if(pp.has_param("lifetime")) {	301	}else if(pp.has_param("lifetime")) {
302	if(util::string_to_long(pp.get_param("lifetime")))	302	if(util::string_to_long(pp.get_param("lifetime")))
303	return;	303	return;
304	}	304	}
305	throw failed_check_authentication(OPKELE_CP_ "failed to verify response");	305	throw failed_check_authentication(OPKELE_CP_ "failed to verify response");
306	}	306	}
307		307
308	void consumer_t::retrieve_links(const string& url,string& server,string& delegate) {	308	void consumer_t::retrieve_links(const string& url,string& server,string& delegate) {
309	server.erase();	309	server.erase();
310	delegate.erase();	310	delegate.erase();
311	curl_t curl = curl_easy_init();	311	curl_t curl = curl_easy_init();
312	if(!curl)	312	if(!curl)
313	throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");	313	throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");
314	string html;	314	string html;
315	CURLcode r;	315	CURLcode r;
316	(r=curl_misc_sets(curl))	316	(r=curl_misc_sets(curl))
317	\|\| (r=curl_easy_setopt(curl,CURLOPT_URL,url.c_str()))	317	\|\| (r=curl_easy_setopt(curl,CURLOPT_URL,url.c_str()))
318	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))	318	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))
319	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&html))	319	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&html))
320	;	320	;
321	if(r)	321	if(r)
322	throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);	322	throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);
323	r = curl_easy_perform(curl);	323	r = curl_easy_perform(curl);
324	if(r && r!=CURLE_WRITE_ERROR)	324	if(r && r!=CURLE_WRITE_ERROR)
325	throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);	325	throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);
326	static const char re_bre = "<\\sbody\\b", re_hdre = "<\\shead[^>]*>",	326	static const char re_bre = "<\\sbody\\b", re_hdre = "<\\shead[^>]*>",
327	re_lre = "<\\slink\\b([^>]+)>",	327	re_lre = "<\\slink\\b([^>]+)>",
328	re_rre = "\\brel\\s=\\s*['\"]([^'\"]+)['\"]",	328	re_rre = "\\brel\\s=\\s*['\"]([^'\"]+)['\"]",
329	re_hre = "\\bhref\\s=\\s['\"]\\s([^'\"\\s]+)\\s*['\"]";	329	re_hre = "\\bhref\\s=\\s['\"]\\s([^'\"\\s]+)\\s*['\"]";
330	pcre_matches_t m1(3), m2(3);	330	pcre_matches_t m1(3), m2(3);
331	pcre_t bre(re_bre,PCRE_CASELESS);	331	pcre_t bre(re_bre,PCRE_CASELESS);
332	if(bre.exec(html,m1)>0)	332	if(bre.exec(html,m1)>0)
333	html.erase(m1.begin(0));	333	html.erase(m1.begin(0));
334	pcre_t hdre(re_hdre,PCRE_CASELESS);	334	pcre_t hdre(re_hdre,PCRE_CASELESS);
335	if(hdre.exec(html,m1)<=0)	335	if(hdre.exec(html,m1)<=0)
336	throw bad_input(OPKELE_CP_ "failed to find <head>");	336	throw bad_input(OPKELE_CP_ "failed to find <head>");
337	html.erase(0,m1.end(0)+1);	337	html.erase(0,m1.end(0)+1);
338	pcre_t lre(re_lre,PCRE_CASELESS), rre(re_rre,PCRE_CASELESS), hre(re_hre,PCRE_CASELESS);	338	pcre_t lre(re_lre,PCRE_CASELESS), rre(re_rre,PCRE_CASELESS), hre(re_hre,PCRE_CASELESS);
339	bool gotit = false;	339	bool gotit = false;
340	while( (!gotit) && lre.exec(html,m1)>=2 ) {	340	while( (!gotit) && lre.exec(html,m1)>=2 ) {
341	static const char *whitespace = " \t";	341	static const char *whitespace = " \t";