| -rw-r--r-- | lib/consumer.cc | 20 |
1 files changed, 1 insertions, 19 deletions
diff --git a/lib/consumer.cc b/lib/consumer.cc index 9f7530f..3c3b4f8 100644 --- a/lib/consumer.cc +++ b/lib/consumer.cc @@ -1,134 +1,116 @@ #include <algorithm> #include <cassert> #include <cstring> #include <opkele/util.h> #include <opkele/curl.h> #include <opkele/exception.h> #include <opkele/data.h> #include <opkele/consumer.h> #include <openssl/sha.h> #include <openssl/hmac.h> #include <iostream> #include "config.h" #include <pcre.h> namespace opkele { using namespace std; using util::curl_t; - - template<int lim> - class curl_fetch_string_t : public curl_t { - public: - curl_fetch_string_t(CURL *c) - : curl_t(c) { } - ~curl_fetch_string_t() throw() { } - - string response; - - size_t write(void *p,size_t size,size_t nmemb) { - size_t bytes = size*nmemb; - size_t get = min(lim-response.length(),bytes); - response.append((const char *)p,get); - return get; - } - }; - - typedef curl_fetch_string_t<16384> curl_pick_t; + using util::curl_pick_t; class pcre_matches_t { public: int *_ov; int _s; pcre_matches_t() : _ov(0), _s(0) { } pcre_matches_t(int s) : _ov(0), _s(s) { if(_s&1) ++_s; _s += _s>>1; _ov = new int[_s]; } ~pcre_matches_t() throw() { if(_ov) delete[] _ov; } int begin(int i) const { return _ov[i<<1]; } int end(int i) const { return _ov[(i<<1)+1]; } int length(int i) const { int t=i<<1; return _ov[t+1]-_ov[t]; } }; class pcre_t { public: pcre *_p; pcre_t() : _p(0) { } pcre_t(pcre *p) : _p(p) { } pcre_t(const char *re,int opts) : _p(0) { static const char *errptr; static int erroffset; _p = pcre_compile(re,opts,&errptr,&erroffset,NULL); if(!_p) throw internal_error(OPKELE_CP_ string("Failed to compile regexp: ")+errptr); } ~pcre_t() throw() { if(_p) (*pcre_free)(_p); } pcre_t& operator=(pcre *p) { if(_p) (*pcre_free)(_p); _p=p; return *this; } operator const pcre*(void) const { return _p; } operator pcre*(void) { return _p; } int exec(const string& s,pcre_matches_t& m) { if(!_p) throw internal_error(OPKELE_CP_ "Trying to execute absent regexp"); return pcre_exec(_p,NULL,s.c_str(),s.length(),0,0,m._ov,m._s); } }; assoc_t consumer_t::associate(const string& server) { util::dh_t dh = DH_new(); if(!dh) throw exception_openssl(OPKELE_CP_ "failed to DH_new()"); dh->p = util::dec_to_bignum(data::_default_p); dh->g = util::dec_to_bignum(data::_default_g); if(!DH_generate_key(dh)) throw exception_openssl(OPKELE_CP_ "failed to DH_generate_key()"); string request = "openid.mode=associate" "&openid.assoc_type=HMAC-SHA1" "&openid.session_type=DH-SHA1" "&openid.dh_consumer_public="; request += util::url_encode(util::bignum_to_base64(dh->pub_key)); curl_pick_t curl = curl_pick_t::easy_init(); if(!curl) throw exception_curl(OPKELE_CP_ "failed to initialize curl"); CURLcode r; (r=curl.misc_sets()) || (r=curl.easy_setopt(CURLOPT_URL,server.c_str())) || (r=curl.easy_setopt(CURLOPT_POST,1)) || (r=curl.easy_setopt(CURLOPT_POSTFIELDS,request.data())) || (r=curl.easy_setopt(CURLOPT_POSTFIELDSIZE,request.length())) || (r=curl.set_write()) ; if(r) throw exception_curl(OPKELE_CP_ "failed to set curly options",r); if( (r=curl.easy_perform()) ) throw exception_curl(OPKELE_CP_ "failed to perform curly request",r); params_t p; p.parse_keyvalues(curl.response); if(p.has_param("assoc_type") && p.get_param("assoc_type")!="HMAC-SHA1") throw bad_input(OPKELE_CP_ "unsupported assoc_type"); string st; if(p.has_param("session_type")) st = p.get_param("session_type"); if((!st.empty()) && st!="DH-SHA1") throw bad_input(OPKELE_CP_ "unsupported session_type"); secret_t secret; if(st.empty()) { secret.from_base64(p.get_param("mac_key")); }else{ util::bignum_t s_pub = util::base64_to_bignum(p.get_param("dh_server_public")); vector<unsigned char> ck(DH_size(dh)+1); unsigned char *ckptr = &(ck.front())+1; int cklen = DH_compute_key(ckptr,s_pub,dh); if(cklen<0) throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()"); if(cklen && (*ckptr)&0x80) { (*(--ckptr)) = 0; ++cklen; } unsigned char key_sha1[SHA_DIGEST_LENGTH]; SHA1(ckptr,cklen,key_sha1); |