summaryrefslogtreecommitdiffabout
path: root/lib
Unidiff
Diffstat (limited to 'lib') (more/less context) (ignore whitespace changes)
-rw-r--r--lib/basic_op.cc29
-rw-r--r--lib/basic_rp.cc10
-rw-r--r--lib/discovery.cc2
-rw-r--r--lib/expat.cc1
-rw-r--r--lib/extension.cc2
-rw-r--r--lib/openid_message.cc32
-rw-r--r--lib/prequeue_rp.cc4
-rw-r--r--lib/sreg.cc6
-rw-r--r--lib/verify_op.cc4
9 files changed, 44 insertions, 46 deletions
diff --git a/lib/basic_op.cc b/lib/basic_op.cc
index 18446dc..2d82147 100644
--- a/lib/basic_op.cc
+++ b/lib/basic_op.cc
@@ -66,9 +66,6 @@ namespace opkele {
66 util::bignum_t c_pub; 66 util::bignum_t c_pub;
67 unsigned char key_digest[SHA256_DIGEST_LENGTH]; 67 unsigned char key_digest[SHA256_DIGEST_LENGTH];
68 size_t d_len = 0; 68 size_t d_len = 0;
69 enum {
70 sess_cleartext, sess_dh_sha1, sess_dh_sha256
71 } st = sess_cleartext;
72 string sts = inm.get_field("session_type"); 69 string sts = inm.get_field("session_type");
73 string ats = inm.get_field("assoc_type"); 70 string ats = inm.get_field("assoc_type");
74 if(sts=="DH-SHA1" || sts=="DH-SHA256") { 71 if(sts=="DH-SHA1" || sts=="DH-SHA256") {
@@ -98,19 +95,19 @@ namespace opkele {
98 throw internal_error(OPKELE_CP_ "I thought I knew the session type"); 95 throw internal_error(OPKELE_CP_ "I thought I knew the session type");
99 }else 96 }else
100 throw unsupported(OPKELE_CP_ "Unsupported session_type"); 97 throw unsupported(OPKELE_CP_ "Unsupported session_type");
101 assoc_t assoc; 98 assoc_t a;
102 if(ats=="HMAC-SHA1") 99 if(ats=="HMAC-SHA1")
103 assoc = alloc_assoc(ats,SHA_DIGEST_LENGTH,true); 100 a = alloc_assoc(ats,SHA_DIGEST_LENGTH,true);
104 else if(ats=="HMAC-SHA256") 101 else if(ats=="HMAC-SHA256")
105 assoc = alloc_assoc(ats,SHA256_DIGEST_LENGTH,true); 102 a = alloc_assoc(ats,SHA256_DIGEST_LENGTH,true);
106 else 103 else
107 throw unsupported(OPKELE_CP_ "Unsupported assoc_type"); 104 throw unsupported(OPKELE_CP_ "Unsupported assoc_type");
108 oum.reset_fields(); 105 oum.reset_fields();
109 oum.set_field("ns",OIURI_OPENID20); 106 oum.set_field("ns",OIURI_OPENID20);
110 oum.set_field("assoc_type",assoc->assoc_type()); 107 oum.set_field("assoc_type",a->assoc_type());
111 oum.set_field("assoc_handle",assoc->handle()); 108 oum.set_field("assoc_handle",a->handle());
112 oum.set_field("expires_in",util::long_to_string(assoc->expires_in())); 109 oum.set_field("expires_in",util::long_to_string(assoc->expires_in()));
113 secret_t secret = assoc->secret(); 110 secret_t secret = a->secret();
114 if(sts=="DH-SHA1" || sts=="DH-SHA256") { 111 if(sts=="DH-SHA1" || sts=="DH-SHA256") {
115 if(d_len != secret.size()) 112 if(d_len != secret.size())
116 throw bad_input(OPKELE_CP_ "Association secret and session MAC are not of the same size"); 113 throw bad_input(OPKELE_CP_ "Association secret and session MAC are not of the same size");
@@ -134,10 +131,10 @@ namespace opkele {
134 void basic_OP::checkid_(const basic_openid_message& inm, 131 void basic_OP::checkid_(const basic_openid_message& inm,
135 extension_t *ext) { 132 extension_t *ext) {
136 reset_vars(); 133 reset_vars();
137 string mode = inm.get_field("mode"); 134 string modestr = inm.get_field("mode");
138 if(mode=="checkid_setup") 135 if(modestr=="checkid_setup")
139 mode = mode_checkid_setup; 136 mode = mode_checkid_setup;
140 else if(mode=="checkid_immediate") 137 else if(modestr=="checkid_immediate")
141 mode = mode_checkid_immediate; 138 mode = mode_checkid_immediate;
142 else 139 else
143 throw bad_input(OPKELE_CP_ "Invalid checkid_* mode"); 140 throw bad_input(OPKELE_CP_ "Invalid checkid_* mode");
@@ -238,14 +235,14 @@ namespace opkele {
238 } 235 }
239 236
240 basic_openid_message& basic_OP::error(basic_openid_message& om, 237 basic_openid_message& basic_OP::error(basic_openid_message& om,
241 const string& error,const string& contact, 238 const string& err,const string& contact,
242 const string& reference ) { 239 const string& reference ) {
243 assert(!return_to.empty()); 240 assert(!return_to.empty());
244 om.set_field("ns",OIURI_OPENID20); 241 om.set_field("ns",OIURI_OPENID20);
245 om.set_field("mode","error"); 242 om.set_field("mode","error");
246 om.set_field("error",error); 243 om.set_field("error",err);
247 om.set_field("contact",contact); 244 if(!contact.empty()) om.set_field("contact",contact);
248 om.set_field("reference",reference); 245 if(!reference.empty()) om.set_field("reference",reference);
249 return om; 246 return om;
250 } 247 }
251 248
diff --git a/lib/basic_rp.cc b/lib/basic_rp.cc
index bd45d99..a0ad130 100644
--- a/lib/basic_rp.cc
+++ b/lib/basic_rp.cc
@@ -1,3 +1,4 @@
1#include <cassert>
1#include <openssl/sha.h> 2#include <openssl/sha.h>
2#include <openssl/hmac.h> 3#include <openssl/hmac.h>
3#include <opkele/basic_rp.h> 4#include <opkele/basic_rp.h>
@@ -25,7 +26,8 @@ namespace opkele {
25 throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()"); 26 throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()");
26 if(cklen && (*ckptr)&0x80) { 27 if(cklen && (*ckptr)&0x80) {
27 (*(--ckptr))=0; ++cklen; } 28 (*(--ckptr))=0; ++cklen; }
28 unsigned char key_digest[d_len]; 29 assert(d_len<=SHA256_DIGEST_LENGTH);
30 unsigned char key_digest[SHA256_DIGEST_LENGTH];
29 secret.enxor_from_base64((*d_fun)(ckptr,cklen,key_digest),om.get_field("enc_mac_key")); 31 secret.enxor_from_base64((*d_fun)(ckptr,cklen,key_digest),om.get_field("enc_mac_key"));
30 if(secret.size()!=exp_s_len) 32 if(secret.size()!=exp_s_len)
31 throw bad_input(OPKELE_CP_ "Secret length isn't consistent with association type"); 33 throw bad_input(OPKELE_CP_ "Secret length isn't consistent with association type");
@@ -78,7 +80,7 @@ namespace opkele {
78 "HMAC-SHA256", "DH-SHA256", 80 "HMAC-SHA256", "DH-SHA256",
79 dh, SHA256_DIGEST_LENGTH, SHA256, SHA256_DIGEST_LENGTH ); 81 dh, SHA256_DIGEST_LENGTH, SHA256, SHA256_DIGEST_LENGTH );
80 expires_in = util::string_to_long(res.get_field("expires_in")); 82 expires_in = util::string_to_long(res.get_field("expires_in"));
81 }catch(exception& e) { 83 }catch(exception&) {
82 try { 84 try {
83 req.set_field("assoc_type","HMAC-SHA1"); 85 req.set_field("assoc_type","HMAC-SHA1");
84 req.set_field("session_type","DH-SHA1"); 86 req.set_field("session_type","DH-SHA1");
@@ -87,7 +89,7 @@ namespace opkele {
87 "HMAC-SHA1", "DH-SHA1", 89 "HMAC-SHA1", "DH-SHA1",
88 dh, SHA_DIGEST_LENGTH, SHA1, SHA_DIGEST_LENGTH ); 90 dh, SHA_DIGEST_LENGTH, SHA1, SHA_DIGEST_LENGTH );
89 expires_in = util::string_to_long(res.get_field("expires_in")); 91 expires_in = util::string_to_long(res.get_field("expires_in"));
90 }catch(bad_input& e) { 92 }catch(bad_input&) {
91 throw dumb_RP(OPKELE_CP_ "OP failed to supply an association"); 93 throw dumb_RP(OPKELE_CP_ "OP failed to supply an association");
92 } 94 }
93 } 95 }
@@ -234,7 +236,7 @@ namespace opkele {
234 static const char *mustsign[] = { 236 static const char *mustsign[] = {
235 "op_endpoint", "return_to", "response_nonce", "assoc_handle", 237 "op_endpoint", "return_to", "response_nonce", "assoc_handle",
236 "claimed_id", "identity" }; 238 "claimed_id", "identity" };
237 for(int ms=0;ms<(sizeof(mustsign)/sizeof(*mustsign));++ms) { 239 for(size_t ms=0;ms<(sizeof(mustsign)/sizeof(*mustsign));++ms) {
238 if(om.has_field(mustsign[ms]) && !signeds.has_field(mustsign[ms])) 240 if(om.has_field(mustsign[ms]) && !signeds.has_field(mustsign[ms]))
239 throw bad_input(OPKELE_CP_ string("Field '")+mustsign[ms]+"' is not signed against the specs"); 241 throw bad_input(OPKELE_CP_ string("Field '")+mustsign[ms]+"' is not signed against the specs");
240 } 242 }
diff --git a/lib/discovery.cc b/lib/discovery.cc
index 6f58339..6f9926c 100644
--- a/lib/discovery.cc
+++ b/lib/discovery.cc
@@ -330,7 +330,7 @@ namespace opkele {
330 xrds_location.clear(); http_content_type.clear(); 330 xrds_location.clear(); http_content_type.clear();
331 }else if(colon) { 331 }else if(colon) {
332 const char *hv = ++colon; 332 const char *hv = ++colon;
333 int hnl = colon-h; 333 size_t hnl = colon-h;
334 int rb; 334 int rb;
335 for(rb = bytes-hnl-1;rb>0 && isspace(*hv);++hv,--rb); 335 for(rb = bytes-hnl-1;rb>0 && isspace(*hv);++hv,--rb);
336 while(rb>0 && isspace(hv[rb-1])) --rb; 336 while(rb>0 && isspace(hv[rb-1])) --rb;
diff --git a/lib/expat.cc b/lib/expat.cc
index fa6fdde..c4dab7e 100644
--- a/lib/expat.cc
+++ b/lib/expat.cc
@@ -13,6 +13,7 @@ namespace opkele {
13 if(_x) 13 if(_x)
14 XML_ParserFree(_x); 14 XML_ParserFree(_x);
15 _x = x; 15 _x = x;
16 return *this;
16 } 17 }
17 18
18 static void _start_element(void* ud,const XML_Char *n,const XML_Char **a) { 19 static void _start_element(void* ud,const XML_Char *n,const XML_Char **a) {
diff --git a/lib/extension.cc b/lib/extension.cc
index f7aaea5..0f121ca 100644
--- a/lib/extension.cc
+++ b/lib/extension.cc
@@ -11,7 +11,7 @@ namespace opkele {
11 11
12 void extension_t::op_checkid_hook(const basic_openid_message&) { 12 void extension_t::op_checkid_hook(const basic_openid_message&) {
13 throw not_implemented(OPKELE_CP_ "OP checkid_* hook not implemented"); } 13 throw not_implemented(OPKELE_CP_ "OP checkid_* hook not implemented"); }
14 void extension_t::op_id_res_hook(basic_openid_message& om) { 14 void extension_t::op_id_res_hook(basic_openid_message&) {
15 throw not_implemented(OPKELE_CP_ "OP id_res hook not implemented"); } 15 throw not_implemented(OPKELE_CP_ "OP id_res hook not implemented"); }
16 16
17 17
diff --git a/lib/openid_message.cc b/lib/openid_message.cc
index fdb4b04..521ea85 100644
--- a/lib/openid_message.cc
+++ b/lib/openid_message.cc
@@ -15,8 +15,8 @@ namespace opkele {
15 const basic_openid_message& from; 15 const basic_openid_message& from;
16 basic_openid_message& to; 16 basic_openid_message& to;
17 17
18 __om_copier(basic_openid_message& to,const basic_openid_message& from) 18 __om_copier(basic_openid_message& t,const basic_openid_message& f)
19 : from(from), to(to) { 19 : from(f), to(t) {
20 to.reset_fields(); 20 to.reset_fields();
21 } 21 }
22 22
@@ -37,8 +37,8 @@ namespace opkele {
37 const basic_openid_message& om; 37 const basic_openid_message& om;
38 const string& uri; 38 const string& uri;
39 39
40 __om_ns_finder(const basic_openid_message& om, 40 __om_ns_finder(const basic_openid_message& m,
41 const string& uri) : om(om), uri(uri) { } 41 const string& u) : om(m), uri(u) { }
42 42
43 result_type operator()(argument_type f) { 43 result_type operator()(argument_type f) {
44 return 44 return
@@ -65,16 +65,16 @@ namespace opkele {
65 struct __om_query_builder : public unary_function<const string&,void> { 65 struct __om_query_builder : public unary_function<const string&,void> {
66 public: 66 public:
67 const basic_openid_message& om; 67 const basic_openid_message& om;
68 string& rv;
69 bool first; 68 bool first;
69 string& rv;
70 70
71 __om_query_builder(string& rv,const basic_openid_message& om) 71 __om_query_builder(string& r,const basic_openid_message& m)
72 : om(om), first(true), rv(rv) { 72 : om(m), first(true), rv(r) {
73 for_each(om.fields_begin(),om.fields_end(),*this); 73 for_each(om.fields_begin(),om.fields_end(),*this);
74 } 74 }
75 __om_query_builder(string& rv,const basic_openid_message& om,const string& url) 75 __om_query_builder(string& r,const basic_openid_message& m,const string& u)
76 : om(om), first(true), rv(rv) { 76 : om(m), first(true), rv(r) {
77 rv = url; 77 rv = u;
78 if(rv.find('?')==string::npos) 78 if(rv.find('?')==string::npos)
79 rv += '?'; 79 rv += '?';
80 else 80 else
@@ -105,10 +105,10 @@ namespace opkele {
105 void basic_openid_message::reset_fields() { 105 void basic_openid_message::reset_fields() {
106 throw not_implemented(OPKELE_CP_ "reset_fields() not implemented"); 106 throw not_implemented(OPKELE_CP_ "reset_fields() not implemented");
107 } 107 }
108 void basic_openid_message::set_field(const string& n,const string& v) { 108 void basic_openid_message::set_field(const string&,const string&) {
109 throw not_implemented(OPKELE_CP_ "set_field() not implemented"); 109 throw not_implemented(OPKELE_CP_ "set_field() not implemented");
110 } 110 }
111 void basic_openid_message::reset_field(const string& n) { 111 void basic_openid_message::reset_field(const string&) {
112 throw not_implemented(OPKELE_CP_ "reset_field() not implemented"); 112 throw not_implemented(OPKELE_CP_ "reset_field() not implemented");
113 } 113 }
114 114
@@ -147,8 +147,8 @@ namespace opkele {
147 const basic_openid_message& om; 147 const basic_openid_message& om;
148 ostream& os; 148 ostream& os;
149 149
150 __om_kv_outputter(const basic_openid_message& om,ostream& os) 150 __om_kv_outputter(const basic_openid_message& m,ostream& s)
151 : om(om), os(os) { } 151 : om(m), os(s) { }
152 152
153 result_type operator()(argument_type f) { 153 result_type operator()(argument_type f) {
154 os << f << ':' << om.get_field(f) << '\n'; 154 os << f << ':' << om.get_field(f) << '\n';
@@ -164,8 +164,8 @@ namespace opkele {
164 const basic_openid_message& om; 164 const basic_openid_message& om;
165 ostream& os; 165 ostream& os;
166 166
167 __om_html_outputter(const basic_openid_message& om,ostream& os) 167 __om_html_outputter(const basic_openid_message& m,ostream& s)
168 : om(om), os(os) { } 168 : om(m), os(s) { }
169 169
170 result_type operator()(argument_type f) { 170 result_type operator()(argument_type f) {
171 os << 171 os <<
diff --git a/lib/prequeue_rp.cc b/lib/prequeue_rp.cc
index e242f87..3aa960f 100644
--- a/lib/prequeue_rp.cc
+++ b/lib/prequeue_rp.cc
@@ -55,7 +55,7 @@ namespace opkele {
55 public: 55 public:
56 prequeue_RP& rp; 56 prequeue_RP& rp;
57 57
58 endpoint_queuer(prequeue_RP& rp) : rp(rp) { } 58 endpoint_queuer(prequeue_RP& r) : rp(r) { }
59 59
60 endpoint_queuer& operator*() { return *this; } 60 endpoint_queuer& operator*() { return *this; }
61 endpoint_queuer& operator=(const openid_endpoint_t& oep) { 61 endpoint_queuer& operator=(const openid_endpoint_t& oep) {
@@ -71,7 +71,7 @@ namespace opkele {
71 end_queueing(); 71 end_queueing();
72 } 72 }
73 73
74 void prequeue_RP::set_normalized_id(const string& nid) { 74 void prequeue_RP::set_normalized_id(const string&) {
75 } 75 }
76 76
77 const string prequeue_RP::get_normalized_id() const { 77 const string prequeue_RP::get_normalized_id() const {
diff --git a/lib/sreg.cc b/lib/sreg.cc
index b40cd45..0bd4d2e 100644
--- a/lib/sreg.cc
+++ b/lib/sreg.cc
@@ -55,12 +55,10 @@ namespace opkele {
55 string pfx; 55 string pfx;
56 try { 56 try {
57 pfx = om.find_ns(OIURI_SREG11,"sreg"); 57 pfx = om.find_ns(OIURI_SREG11,"sreg");
58 }catch(failed_lookup& fl) { 58 }catch(failed_lookup&) {
59 try { 59 try {
60 pfx = om.find_ns(OIURI_SREG10,"sreg"); 60 pfx = om.find_ns(OIURI_SREG10,"sreg");
61 }catch(failed_lookup& fl) { 61 }catch(failed_lookup&) { return; }
62 return;
63 }
64 } 62 }
65 pfx += '.'; 63 pfx += '.';
66 for(fields_iterator f=fields_BEGIN;f<fields_END;++f) { 64 for(fields_iterator f=fields_BEGIN;f<fields_END;++f) {
diff --git a/lib/verify_op.cc b/lib/verify_op.cc
index ab21b4f..c493c12 100644
--- a/lib/verify_op.cc
+++ b/lib/verify_op.cc
@@ -15,8 +15,8 @@ namespace opkele {
15 15
16 class RP_verifier : public iterator<output_iterator_tag,openid_endpoint_t,void> { 16 class RP_verifier : public iterator<output_iterator_tag,openid_endpoint_t,void> {
17 public: 17 public:
18 int seen;
19 const string& return_to; 18 const string& return_to;
19 int seen;
20 20
21 RP_verifier(const string& rt) 21 RP_verifier(const string& rt)
22 : return_to(rt), seen(0) { } 22 : return_to(rt), seen(0) { }
@@ -29,7 +29,7 @@ namespace opkele {
29 } 29 }
30 30
31 RP_verifier& operator++() { ++seen; return *this; } 31 RP_verifier& operator++() { ++seen; return *this; }
32 RP_verifier& operator++(int) { +seen; return *this; } 32 RP_verifier& operator++(int) { ++seen; return *this; }
33 }; 33 };
34 34
35 void verify_OP::verify_return_to() { 35 void verify_OP::verify_return_to() {