1 files changed, 1 insertions, 1 deletions
diff --git a/lib/consumer.cc b/lib/consumer.cc
index f72ae08..76b6ea7 100644
--- a/lib/consumer.cc
+++ b/lib/consumer.cc
@@ -1,180 +1,180 @@
 #include <algorithm>
 #include <cassert>
 #include <opkele/util.h>
 #include <opkele/exception.h>
 #include <opkele/data.h>
 #include <opkele/consumer.h>
 #include <openssl/sha.h>
 #include <openssl/hmac.h>
 #include <curl/curl.h>
 #include <iostream>
 #include "config.h"
 #include <pcre.h>
 namespace opkele {
    using namespace std;
    class pcre_matches_t {
        public:
            int *_ov;
            int _s;
            pcre_matches_t() : _ov(0), _s(0) { }
            pcre_matches_t(int s) : _ov(0), _s(s) {
                if(_s&1) ++_s;
                _s += _s>>1;
                _ov = new int[_s];
            }
            ~pcre_matches_t() throw() { if(_ov) delete[] _ov; }
            int begin(int i) const { return _ov[i<<1]; }
            int end(int i) const { return _ov[(i<<1)+1]; }
            int length(int i) const { int t=i<<1; return _ov[t+1]-_ov[t]; }
    };
    class pcre_t {
        public:
            pcre *_p;
            pcre_t() : _p(0) { }
            pcre_t(pcre *p) : _p(p) { }
            pcre_t(const char *re,int opts) : _p(0) {
                static const char *errptr; static int erroffset;
                _p = pcre_compile(re,opts,&errptr,&erroffset,NULL);
                if(!_p)
                    throw internal_error(OPKELE_CP_ string("Failed to compile regexp: ")+errptr);
            }
            ~pcre_t() throw() { if(_p) (*pcre_free)(_p); }
            pcre_t& operator=(pcre *p) { if(_p) (*pcre_free)(_p); _p=p; return *this; }
            operator const pcre*(void) const { return _p; }
            operator pcre*(void) { return _p; }
            int exec(const string& s,pcre_matches_t& m) {
                if(!_p)
                    throw internal_error(OPKELE_CP_ "Trying to execute absent regexp");
                return pcre_exec(_p,NULL,s.c_str(),s.length(),0,0,m._ov,m._s);
            }
    };
    class curl_t {
        public:
            CURL *_c;
            curl_t() : _c(0) { }
            curl_t(CURL *c) : _c(c) { }
            ~curl_t() throw() { if(_c) curl_easy_cleanup(_c); }
            curl_t& operator=(CURL *c) { if(_c) curl_easy_cleanup(_c); _c=c; return *this; }
            operator const CURL*(void) const { return _c; }
            operator CURL*(void) { return _c; }
    };
    static CURLcode curl_misc_sets(CURL* c) {
        CURLcode r;
        (r=curl_easy_setopt(c,CURLOPT_FOLLOWLOCATION,1))
        || (r=curl_easy_setopt(c,CURLOPT_MAXREDIRS,5))
        || (r=curl_easy_setopt(c,CURLOPT_DNS_CACHE_TIMEOUT,120))
        || (r=curl_easy_setopt(c,CURLOPT_DNS_USE_GLOBAL_CACHE,1))
-        || (r=curl_easy_setopt(c,CURLOPT_USERAGENT,PACKAGE_NAME"/"PACKAGE_VERSION))
+        || (r=curl_easy_setopt(c,CURLOPT_USERAGENT,PACKAGE_NAME"/"PACKAGE_SRC_VERSION))
        || (r=curl_easy_setopt(c,CURLOPT_TIMEOUT,20))
        #ifdefDISABLE_CURL_SSL_VERIFYHOST
        || (r=curl_easy_setopt(c,CURLOPT_SSL_VERIFYHOST,0))
 #endif
        #ifdefDISABLE_CURL_SSL_VERIFYPEER
        || (r=curl_easy_setopt(c,CURLOPT_SSL_VERIFYPEER,0))
 #endif
        ;
        return r;
    }
    static size_t _curl_tostring(void *ptr,size_t size,size_t nmemb,void *stream) {
        string *str = (string*)stream;
        size_t bytes = size*nmemb;
        size_t get = min(16384-str->length(),bytes);
        str->append((const char*)ptr,get);
        return get;
    }
    assoc_t consumer_t::associate(const string& server) {
        util::dh_t dh = DH_new();
        if(!dh)
            throw exception_openssl(OPKELE_CP_ "failed to DH_new()");
        dh->p = util::dec_to_bignum(data::_default_p);
        dh->g = util::dec_to_bignum(data::_default_g);
        if(!DH_generate_key(dh))
            throw exception_openssl(OPKELE_CP_ "failed to DH_generate_key()");
        string request = 
            "openid.mode=associate"
            "&openid.assoc_type=HMAC-SHA1"
            "&openid.session_type=DH-SHA1"
            "&openid.dh_consumer_public=";
        request += util::url_encode(util::bignum_to_base64(dh->pub_key));
        curl_t curl = curl_easy_init();
        if(!curl)
            throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");
        string response;
        CURLcode r;
        (r=curl_misc_sets(curl))
        || (r=curl_easy_setopt(curl,CURLOPT_URL,server.c_str()))
        || (r=curl_easy_setopt(curl,CURLOPT_POST,1))
        || (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDS,request.data()))
        || (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,request.length()))
        || (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))
        || (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response))
        ;
        if(r)
            throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);
        if(r=curl_easy_perform(curl))
            throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);
        params_t p; p.parse_keyvalues(response);
        if(p.has_param("assoc_type") && p.get_param("assoc_type")!="HMAC-SHA1")
            throw bad_input(OPKELE_CP_ "unsupported assoc_type");
        string st;
        if(p.has_param("session_type")) st = p.get_param("session_type");
        if((!st.empty()) && st!="DH-SHA1")
            throw bad_input(OPKELE_CP_ "unsupported session_type");
        secret_t secret;
        if(st.empty()) {
            secret.from_base64(p.get_param("mac_key"));
        }else{
            util::bignum_t s_pub = util::base64_to_bignum(p.get_param("dh_server_public"));
            vector<unsigned char> ck(DH_size(dh)+1);
            unsigned char *ckptr = &(ck.front())+1;
            int cklen = DH_compute_key(ckptr,s_pub,dh);
            if(cklen<0)
                throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()");
            if(cklen && (*ckptr)&0x80) {
                (*(--ckptr)) = 0; ++cklen;
            }
            unsigned char key_sha1[SHA_DIGEST_LENGTH];
            SHA1(ckptr,cklen,key_sha1);
            secret.enxor_from_base64(key_sha1,p.get_param("enc_mac_key"));
        }
        int expires_in = 0;
        if(p.has_param("expires_in")) {
            expires_in = util::string_to_long(p.get_param("expires_in"));
        }else if(p.has_param("issued") && p.has_param("expiry")) {
            expires_in = util::w3c_to_time(p.get_param("expiry"))-util::w3c_to_time(p.get_param("issued"));
        }else
            throw bad_input(OPKELE_CP_ "no expiration information");
        return store_assoc(server,p.get_param("assoc_handle"),secret,expires_in);
    }
    string consumer_t::checkid_immediate(const string& identity,const string& return_to,const string& trust_root,extension_t *ext) {
        return checkid_(mode_checkid_immediate,identity,return_to,trust_root,ext);
    }
    string consumer_t::checkid_setup(const string& identity,const string& return_to,const string& trust_root,extension_t *ext) {
        return checkid_(mode_checkid_setup,identity,return_to,trust_root,ext);
    }
    string consumer_t::checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root,extension_t *ext) {
        params_t p;
        if(mode==mode_checkid_immediate)
            p["mode"]="checkid_immediate";
        else if(mode==mode_checkid_setup)
            p["mode"]="checkid_setup";

diff --git a/lib/consumer.cc b/lib/consumer.cc index f72ae08..76b6ea7 100644 --- a/lib/consumer.cc +++ b/lib/consumer.cc
@@ -1,180 +1,180 @@
1	#include <algorithm>	1	#include <algorithm>
2	#include <cassert>	2	#include <cassert>
3	#include <opkele/util.h>	3	#include <opkele/util.h>
4	#include <opkele/exception.h>	4	#include <opkele/exception.h>
5	#include <opkele/data.h>	5	#include <opkele/data.h>
6	#include <opkele/consumer.h>	6	#include <opkele/consumer.h>
7	#include <openssl/sha.h>	7	#include <openssl/sha.h>
8	#include <openssl/hmac.h>	8	#include <openssl/hmac.h>
9	#include <curl/curl.h>	9	#include <curl/curl.h>
10		10
11	#include <iostream>	11	#include <iostream>
12		12
13	#include "config.h"	13	#include "config.h"
14		14
15	#include <pcre.h>	15	#include <pcre.h>
16		16
17	namespace opkele {	17	namespace opkele {
18	using namespace std;	18	using namespace std;
19		19
20	class pcre_matches_t {	20	class pcre_matches_t {
21	public:	21	public:
22	int *_ov;	22	int *_ov;
23	int _s;	23	int _s;
24		24
25	pcre_matches_t() : _ov(0), _s(0) { }	25	pcre_matches_t() : _ov(0), _s(0) { }
26	pcre_matches_t(int s) : _ov(0), _s(s) {	26	pcre_matches_t(int s) : _ov(0), _s(s) {
27	if(_s&1) ++_s;	27	if(_s&1) ++_s;
28	_s += _s>>1;	28	_s += _s>>1;
29	_ov = new int[_s];	29	_ov = new int[_s];
30	}	30	}
31	~pcre_matches_t() throw() { if(_ov) delete[] _ov; }	31	~pcre_matches_t() throw() { if(_ov) delete[] _ov; }
32		32
33	int begin(int i) const { return _ov[i<<1]; }	33	int begin(int i) const { return _ov[i<<1]; }
34	int end(int i) const { return _ov[(i<<1)+1]; }	34	int end(int i) const { return _ov[(i<<1)+1]; }
35	int length(int i) const { int t=i<<1; return _ov[t+1]-_ov[t]; }	35	int length(int i) const { int t=i<<1; return _ov[t+1]-_ov[t]; }
36	};	36	};
37		37
38	class pcre_t {	38	class pcre_t {
39	public:	39	public:
40	pcre *_p;	40	pcre *_p;
41		41
42	pcre_t() : _p(0) { }	42	pcre_t() : _p(0) { }
43	pcre_t(pcre *p) : _p(p) { }	43	pcre_t(pcre *p) : _p(p) { }
44	pcre_t(const char *re,int opts) : _p(0) {	44	pcre_t(const char *re,int opts) : _p(0) {
45	static const char *errptr; static int erroffset;	45	static const char *errptr; static int erroffset;
46	_p = pcre_compile(re,opts,&errptr,&erroffset,NULL);	46	_p = pcre_compile(re,opts,&errptr,&erroffset,NULL);
47	if(!_p)	47	if(!_p)
48	throw internal_error(OPKELE_CP_ string("Failed to compile regexp: ")+errptr);	48	throw internal_error(OPKELE_CP_ string("Failed to compile regexp: ")+errptr);
49	}	49	}
50	~pcre_t() throw() { if(_p) (*pcre_free)(_p); }	50	~pcre_t() throw() { if(_p) (*pcre_free)(_p); }
51		51
52	pcre_t& operator=(pcre p) { if(_p) (pcre_free)(_p); _p=p; return *this; }	52	pcre_t& operator=(pcre p) { if(_p) (pcre_free)(_p); _p=p; return *this; }
53		53
54	operator const pcre*(void) const { return _p; }	54	operator const pcre*(void) const { return _p; }
55	operator pcre*(void) { return _p; }	55	operator pcre*(void) { return _p; }
56		56
57	int exec(const string& s,pcre_matches_t& m) {	57	int exec(const string& s,pcre_matches_t& m) {
58	if(!_p)	58	if(!_p)
59	throw internal_error(OPKELE_CP_ "Trying to execute absent regexp");	59	throw internal_error(OPKELE_CP_ "Trying to execute absent regexp");
60	return pcre_exec(_p,NULL,s.c_str(),s.length(),0,0,m._ov,m._s);	60	return pcre_exec(_p,NULL,s.c_str(),s.length(),0,0,m._ov,m._s);
61	}	61	}
62	};	62	};
63		63
64	class curl_t {	64	class curl_t {
65	public:	65	public:
66	CURL *_c;	66	CURL *_c;
67		67
68	curl_t() : _c(0) { }	68	curl_t() : _c(0) { }
69	curl_t(CURL *c) : _c(c) { }	69	curl_t(CURL *c) : _c(c) { }
70	~curl_t() throw() { if(_c) curl_easy_cleanup(_c); }	70	~curl_t() throw() { if(_c) curl_easy_cleanup(_c); }
71		71
72	curl_t& operator=(CURL c) { if(_c) curl_easy_cleanup(_c); _c=c; return this; }	72	curl_t& operator=(CURL c) { if(_c) curl_easy_cleanup(_c); _c=c; return this; }
73		73
74	operator const CURL*(void) const { return _c; }	74	operator const CURL*(void) const { return _c; }
75	operator CURL*(void) { return _c; }	75	operator CURL*(void) { return _c; }
76	};	76	};
77		77
78	static CURLcode curl_misc_sets(CURL* c) {	78	static CURLcode curl_misc_sets(CURL* c) {
79	CURLcode r;	79	CURLcode r;
80	(r=curl_easy_setopt(c,CURLOPT_FOLLOWLOCATION,1))	80	(r=curl_easy_setopt(c,CURLOPT_FOLLOWLOCATION,1))
81	\|\| (r=curl_easy_setopt(c,CURLOPT_MAXREDIRS,5))	81	\|\| (r=curl_easy_setopt(c,CURLOPT_MAXREDIRS,5))
82	\|\| (r=curl_easy_setopt(c,CURLOPT_DNS_CACHE_TIMEOUT,120))	82	\|\| (r=curl_easy_setopt(c,CURLOPT_DNS_CACHE_TIMEOUT,120))
83	\|\| (r=curl_easy_setopt(c,CURLOPT_DNS_USE_GLOBAL_CACHE,1))	83	\|\| (r=curl_easy_setopt(c,CURLOPT_DNS_USE_GLOBAL_CACHE,1))
84	\|\| (r=curl_easy_setopt(c,CURLOPT_USERAGENT,PACKAGE_NAME"/"PACKAGE_VERSION))	84	\|\| (r=curl_easy_setopt(c,CURLOPT_USERAGENT,PACKAGE_NAME"/"PACKAGE_SRC_VERSION))
85	\|\| (r=curl_easy_setopt(c,CURLOPT_TIMEOUT,20))	85	\|\| (r=curl_easy_setopt(c,CURLOPT_TIMEOUT,20))
86	#ifdefDISABLE_CURL_SSL_VERIFYHOST	86	#ifdefDISABLE_CURL_SSL_VERIFYHOST
87	\|\| (r=curl_easy_setopt(c,CURLOPT_SSL_VERIFYHOST,0))	87	\|\| (r=curl_easy_setopt(c,CURLOPT_SSL_VERIFYHOST,0))
88	#endif	88	#endif
89	#ifdefDISABLE_CURL_SSL_VERIFYPEER	89	#ifdefDISABLE_CURL_SSL_VERIFYPEER
90	\|\| (r=curl_easy_setopt(c,CURLOPT_SSL_VERIFYPEER,0))	90	\|\| (r=curl_easy_setopt(c,CURLOPT_SSL_VERIFYPEER,0))
91	#endif	91	#endif
92	;	92	;
93	return r;	93	return r;
94	}	94	}
95		95
96	static size_t _curl_tostring(void ptr,size_t size,size_t nmemb,void stream) {	96	static size_t _curl_tostring(void ptr,size_t size,size_t nmemb,void stream) {
97	string str = (string)stream;	97	string str = (string)stream;
98	size_t bytes = size*nmemb;	98	size_t bytes = size*nmemb;
99	size_t get = min(16384-str->length(),bytes);	99	size_t get = min(16384-str->length(),bytes);
100	str->append((const char*)ptr,get);	100	str->append((const char*)ptr,get);
101	return get;	101	return get;
102	}	102	}
103		103
104	assoc_t consumer_t::associate(const string& server) {	104	assoc_t consumer_t::associate(const string& server) {
105	util::dh_t dh = DH_new();	105	util::dh_t dh = DH_new();
106	if(!dh)	106	if(!dh)
107	throw exception_openssl(OPKELE_CP_ "failed to DH_new()");	107	throw exception_openssl(OPKELE_CP_ "failed to DH_new()");
108	dh->p = util::dec_to_bignum(data::_default_p);	108	dh->p = util::dec_to_bignum(data::_default_p);
109	dh->g = util::dec_to_bignum(data::_default_g);	109	dh->g = util::dec_to_bignum(data::_default_g);
110	if(!DH_generate_key(dh))	110	if(!DH_generate_key(dh))
111	throw exception_openssl(OPKELE_CP_ "failed to DH_generate_key()");	111	throw exception_openssl(OPKELE_CP_ "failed to DH_generate_key()");
112	string request =	112	string request =
113	"openid.mode=associate"	113	"openid.mode=associate"
114	"&openid.assoc_type=HMAC-SHA1"	114	"&openid.assoc_type=HMAC-SHA1"
115	"&openid.session_type=DH-SHA1"	115	"&openid.session_type=DH-SHA1"
116	"&openid.dh_consumer_public=";	116	"&openid.dh_consumer_public=";
117	request += util::url_encode(util::bignum_to_base64(dh->pub_key));	117	request += util::url_encode(util::bignum_to_base64(dh->pub_key));
118	curl_t curl = curl_easy_init();	118	curl_t curl = curl_easy_init();
119	if(!curl)	119	if(!curl)
120	throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");	120	throw exception_curl(OPKELE_CP_ "failed to curl_easy_init()");
121	string response;	121	string response;
122	CURLcode r;	122	CURLcode r;
123	(r=curl_misc_sets(curl))	123	(r=curl_misc_sets(curl))
124	\|\| (r=curl_easy_setopt(curl,CURLOPT_URL,server.c_str()))	124	\|\| (r=curl_easy_setopt(curl,CURLOPT_URL,server.c_str()))
125	\|\| (r=curl_easy_setopt(curl,CURLOPT_POST,1))	125	\|\| (r=curl_easy_setopt(curl,CURLOPT_POST,1))
126	\|\| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDS,request.data()))	126	\|\| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDS,request.data()))
127	\|\| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,request.length()))	127	\|\| (r=curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,request.length()))
128	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))	128	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curl_tostring))
129	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response))	129	\|\| (r=curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response))
130	;	130	;
131	if(r)	131	if(r)
132	throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);	132	throw exception_curl(OPKELE_CP_ "failed to curl_easy_setopt()",r);
133	if(r=curl_easy_perform(curl))	133	if(r=curl_easy_perform(curl))
134	throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);	134	throw exception_curl(OPKELE_CP_ "failed to curl_easy_perform()",r);
135	params_t p; p.parse_keyvalues(response);	135	params_t p; p.parse_keyvalues(response);
136	if(p.has_param("assoc_type") && p.get_param("assoc_type")!="HMAC-SHA1")	136	if(p.has_param("assoc_type") && p.get_param("assoc_type")!="HMAC-SHA1")
137	throw bad_input(OPKELE_CP_ "unsupported assoc_type");	137	throw bad_input(OPKELE_CP_ "unsupported assoc_type");
138	string st;	138	string st;
139	if(p.has_param("session_type")) st = p.get_param("session_type");	139	if(p.has_param("session_type")) st = p.get_param("session_type");
140	if((!st.empty()) && st!="DH-SHA1")	140	if((!st.empty()) && st!="DH-SHA1")
141	throw bad_input(OPKELE_CP_ "unsupported session_type");	141	throw bad_input(OPKELE_CP_ "unsupported session_type");
142	secret_t secret;	142	secret_t secret;
143	if(st.empty()) {	143	if(st.empty()) {
144	secret.from_base64(p.get_param("mac_key"));	144	secret.from_base64(p.get_param("mac_key"));
145	}else{	145	}else{
146	util::bignum_t s_pub = util::base64_to_bignum(p.get_param("dh_server_public"));	146	util::bignum_t s_pub = util::base64_to_bignum(p.get_param("dh_server_public"));
147	vector<unsigned char> ck(DH_size(dh)+1);	147	vector<unsigned char> ck(DH_size(dh)+1);
148	unsigned char *ckptr = &(ck.front())+1;	148	unsigned char *ckptr = &(ck.front())+1;
149	int cklen = DH_compute_key(ckptr,s_pub,dh);	149	int cklen = DH_compute_key(ckptr,s_pub,dh);
150	if(cklen<0)	150	if(cklen<0)
151	throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()");	151	throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()");
152	if(cklen && (*ckptr)&0x80) {	152	if(cklen && (*ckptr)&0x80) {
153	(*(--ckptr)) = 0; ++cklen;	153	(*(--ckptr)) = 0; ++cklen;
154	}	154	}
155	unsigned char key_sha1[SHA_DIGEST_LENGTH];	155	unsigned char key_sha1[SHA_DIGEST_LENGTH];
156	SHA1(ckptr,cklen,key_sha1);	156	SHA1(ckptr,cklen,key_sha1);
157	secret.enxor_from_base64(key_sha1,p.get_param("enc_mac_key"));	157	secret.enxor_from_base64(key_sha1,p.get_param("enc_mac_key"));
158	}	158	}
159	int expires_in = 0;	159	int expires_in = 0;
160	if(p.has_param("expires_in")) {	160	if(p.has_param("expires_in")) {
161	expires_in = util::string_to_long(p.get_param("expires_in"));	161	expires_in = util::string_to_long(p.get_param("expires_in"));
162	}else if(p.has_param("issued") && p.has_param("expiry")) {	162	}else if(p.has_param("issued") && p.has_param("expiry")) {
163	expires_in = util::w3c_to_time(p.get_param("expiry"))-util::w3c_to_time(p.get_param("issued"));	163	expires_in = util::w3c_to_time(p.get_param("expiry"))-util::w3c_to_time(p.get_param("issued"));
164	}else	164	}else
165	throw bad_input(OPKELE_CP_ "no expiration information");	165	throw bad_input(OPKELE_CP_ "no expiration information");
166	return store_assoc(server,p.get_param("assoc_handle"),secret,expires_in);	166	return store_assoc(server,p.get_param("assoc_handle"),secret,expires_in);
167	}	167	}
168		168
169	string consumer_t::checkid_immediate(const string& identity,const string& return_to,const string& trust_root,extension_t *ext) {	169	string consumer_t::checkid_immediate(const string& identity,const string& return_to,const string& trust_root,extension_t *ext) {
170	return checkid_(mode_checkid_immediate,identity,return_to,trust_root,ext);	170	return checkid_(mode_checkid_immediate,identity,return_to,trust_root,ext);
171	}	171	}
172	string consumer_t::checkid_setup(const string& identity,const string& return_to,const string& trust_root,extension_t *ext) {	172	string consumer_t::checkid_setup(const string& identity,const string& return_to,const string& trust_root,extension_t *ext) {
173	return checkid_(mode_checkid_setup,identity,return_to,trust_root,ext);	173	return checkid_(mode_checkid_setup,identity,return_to,trust_root,ext);
174	}	174	}
175	string consumer_t::checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root,extension_t *ext) {	175	string consumer_t::checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root,extension_t *ext) {
176	params_t p;	176	params_t p;
177	if(mode==mode_checkid_immediate)	177	if(mode==mode_checkid_immediate)
178	p["mode"]="checkid_immediate";	178	p["mode"]="checkid_immediate";
179	else if(mode==mode_checkid_setup)	179	else if(mode==mode_checkid_setup)
180	p["mode"]="checkid_setup";	180	p["mode"]="checkid_setup";