[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] 02/02: log
From: |
gnunet |
Subject: |
[taler-anastasis] 02/02: log |
Date: |
Tue, 07 Apr 2020 22:24:49 +0200 |
This is an automated email from the git hooks/post-receive script.
dennis-neufeld pushed a commit to branch master
in repository anastasis.
commit 529a3db38a81ce3a7105ae658a49e62969abe750
Author: Dennis Neufeld <address@hidden>
AuthorDate: Tue Apr 7 20:24:36 2020 +0000
log
---
src/backend/anastasis-httpd.c | 4 +-
src/backend/anastasis-httpd_policy.c | 242 +++++++++++++++-------------
src/backend/anastasis-httpd_policy.h | 4 +-
src/backend/anastasis-httpd_policy_upload.c | 3 +
src/lib/anastasis_api_policy_lookup.c | 43 ++---
src/lib/testing_api_cmd_policy_lookup.c | 27 ++--
6 files changed, 171 insertions(+), 152 deletions(-)
diff --git a/src/backend/anastasis-httpd.c b/src/backend/anastasis-httpd.c
index dbb5d86..afdaf9a 100644
--- a/src/backend/anastasis-httpd.c
+++ b/src/backend/anastasis-httpd.c
@@ -268,8 +268,8 @@ url_handler (void *cls,
if (0 == strcmp (method,
MHD_HTTP_METHOD_GET))
{
- return AH_handler_policy_get (connection,
- url);
+ return AH_policy_get (connection,
+ url);
}
if (0 == strcmp (method,
MHD_HTTP_METHOD_POST))
diff --git a/src/backend/anastasis-httpd_policy.c
b/src/backend/anastasis-httpd_policy.c
index 6c203df..146b1ba 100644
--- a/src/backend/anastasis-httpd_policy.c
+++ b/src/backend/anastasis-httpd_policy.c
@@ -50,7 +50,7 @@
*/
int
AH_return_policy (struct MHD_Connection *connection,
- const struct ANASTASIS_CRYPTO_AccountPublicKey *account,
+ const struct ANASTASIS_CRYPTO_AccountPublicKey *account_pub,
unsigned int default_http_status)
{
enum ANASTASIS_DB_QueryStatus qs;
@@ -59,17 +59,48 @@ AH_return_policy (struct MHD_Connection *connection,
struct ANASTASIS_AccountSignatureP account_sig;
struct GNUNET_HashCode recovery_data_hash;
struct GNUNET_HashCode prev_hash;
+ const char *version_s;
uint32_t version;
- size_t recovery_data_size;
- void *recovery_data;
+ void *res_recovery_data;
+ size_t res_recovery_data_size;
+
+ version_s = MHD_lookup_connection_value (connection,
+ MHD_GET_ARGUMENT_KIND,
+ "version");
+ if (NULL != version_s)
+ {
- qs = db->get_latest_recovery_document (db->cls,
- account,
- &account_sig,
- &recovery_data_hash,
- &recovery_data_size,
- &recovery_data,
- &version);
+ if (1 != sscanf (version_s,
+ "%u",
+ &version))
+ {
+ return TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_BAD_REQUEST,
+ 43,
+ "version");
+ }
+ qs = db->get_recovery_document (db->cls,
+ account_pub,
+ &account_sig,
+ &recovery_data_hash,
+ version,
+ &res_recovery_data_size,
+ &res_recovery_data);
+ }
+ else
+ {
+ qs = db->get_latest_recovery_document (db->cls,
+ account_pub,
+ &account_sig,
+ &recovery_data_hash,
+ &res_recovery_data_size,
+ &res_recovery_data,
+ &version);
+
+ }
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Account Signature from db: %s\n",
+ TALER_B2S (&account_sig));
switch (qs)
{
case ANASTASIS_DB_STATUS_OLD_RECOVERY_UPLOAD_MISSMATCH:
@@ -98,10 +129,6 @@ AH_return_policy (struct MHD_Connection *connection,
"soft database failure");
case ANASTASIS_DB_STATUS_NO_RESULTS:
GNUNET_break (0);
- /* Note: can theoretically happen due to non-transactional nature if
- the backup expired / was gc'ed JUST between the two SQL calls.
- But too rare to handle properly, as doing a transaction would be
- expensive. Just admit to failure ;-) */
return TALER_MHD_reply_with_error (connection,
MHD_HTTP_INTERNAL_SERVER_ERROR,
TALER_EC_SYNC_DB_FETCH_ERROR,
@@ -110,13 +137,10 @@ AH_return_policy (struct MHD_Connection *connection,
/* interesting case below */
break;
}
- resp = MHD_create_response_from_buffer (recovery_data_size,
- recovery_data,
+ resp = MHD_create_response_from_buffer (res_recovery_data_size,
+ res_recovery_data,
MHD_RESPMEM_MUST_FREE);
- GNUNET_break (MHD_YES ==
- MHD_add_response_header (resp,
-
MHD_HTTP_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN,
- "*"));
+ TALER_MHD_add_global_headers (resp);
{
char *sig_s;
char *prev_s;
@@ -160,18 +184,13 @@ AH_return_policy (struct MHD_Connection *connection,
* @return MHD result code
*/
int
-AH_handler_policy_get (struct MHD_Connection *connection,
- const char *url)
+AH_policy_get (struct MHD_Connection *connection,
+ const char *url)
{
- struct ANASTASIS_CRYPTO_AccountPublicKey accountPubP;
- void *res_recovery_data;
- size_t res_recovery_data_size;
- struct ANASTASIS_AccountSignatureP account_sig;
struct GNUNET_HashCode recovery_data_hash;
- const char *version_s;
- uint32_t version;
- int ret;
enum ANASTASIS_DB_QueryStatus qs;
+ int ret;
+ struct ANASTASIS_CRYPTO_AccountPublicKey account_pub;
GNUNET_assert (0 == strncmp (url,
"/policy/",
@@ -181,110 +200,105 @@ AH_handler_policy_get (struct MHD_Connection
*connection,
account = &url[strlen ("/policy/")];
if (GNUNET_OK !=
- GNUNET_CRYPTO_eddsa_public_key_from_string (account,
- strlen (account),
- &accountPubP.pub))
+ GNUNET_STRINGS_string_to_data (account,
+ strlen (account),
+ &account_pub,
+ sizeof (struct
+
ANASTASIS_CRYPTO_AccountPublicKey)))
{
return TALER_MHD_reply_with_error (connection,
MHD_HTTP_BAD_REQUEST,
- 42 /*FIXME */,
+ 42, // FIXME: reasonable ec
"account public key malformed");
}
}
- version_s = MHD_lookup_connection_value (connection,
- MHD_GET_ARGUMENT_KIND,
- "version");
-
- if (NULL != version_s)
- {
-
- if (1 != sscanf (version_s,
- "%u",
- &version))
- {
- return TALER_MHD_reply_with_error (connection,
- MHD_HTTP_BAD_REQUEST,
- 43 /*FIXME */,
- "version");
- }
- qs = db->get_recovery_document (db->cls,
- &accountPubP,
- &account_sig,
- &recovery_data_hash,
- version,
- &res_recovery_data_size,
- &res_recovery_data);
- }
- else
- {
- qs = db->get_latest_recovery_document (db->cls,
- &accountPubP,
- &account_sig,
- &recovery_data_hash,
- &res_recovery_data_size,
- &res_recovery_data,
- &version);
-
- }
+ qs = db->lookup_account (db->cls,
+ &account_pub,
+ &recovery_data_hash);
switch (qs)
{
- // FIXME: handle DB error cases!
- case ANASTASIS_DB_STATUS_NO_RESULTS:
- return TALER_MHD_reply_with_error (connection,
- MHD_HTTP_NOT_FOUND,
- 42 /*FIXME*/,
- "recovery data not available");
- case ANASTASIS_DB_STATUS_HARD_ERROR:
- // FIXME: correct reply?
+ case ANASTASIS_DB_STATUS_OLD_RECOVERY_UPLOAD_MISSMATCH:
+ GNUNET_break (0);
return TALER_MHD_reply_with_error (connection,
MHD_HTTP_INTERNAL_SERVER_ERROR,
- 1003,
- "failed hard");
- case ANASTASIS_DB_STATUS_SOFT_ERROR:
- // FIXME: correct reply?
- return TALER_MHD_reply_with_error (connection,
- MHD_HTTP_NOT_ACCEPTABLE,
- 42 /*FIXME*/,
- "failed hard");
- case ANASTASIS_DB_STATUS_SUCCESS_ONE_RESULT:
- GNUNET_assert (NULL != res_recovery_data);
- break;
+ TALER_EC_INTERNAL_INVARIANT_FAILURE,
+ "unexpected return status (backup
missing)");
case ANASTASIS_DB_STATUS_PAYMENT_REQUIRED:
return TALER_MHD_reply_with_error (connection,
MHD_HTTP_NOT_FOUND,
- 42 /*FIXME Unknown account */,
+ TALER_EC_SYNC_ACCOUNT_UNKNOWN,
"account");
- case ANASTASIS_DB_STATUS_OLD_RECOVERY_UPLOAD_MISSMATCH:
+ case ANASTASIS_DB_STATUS_HARD_ERROR:
GNUNET_break (0);
return TALER_MHD_reply_with_error (connection,
MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_INTERNAL_INVARIANT_FAILURE,
- "unexpected return status (backup
missmatch)");
- }
+ TALER_EC_SYNC_DB_FETCH_ERROR,
+ "hard database failure");
+ case ANASTASIS_DB_STATUS_SOFT_ERROR:
+ GNUNET_break (0);
+ return TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_SYNC_DB_FETCH_ERROR,
+ "soft database failure");
+ case ANASTASIS_DB_STATUS_NO_RESULTS:
+ {
+ struct MHD_Response *resp;
- // BUILD reply
- // binary reply
- {
- struct MHD_Response *response;
+ resp = MHD_create_response_from_buffer (0,
+ NULL,
+ MHD_RESPMEM_PERSISTENT);
+ TALER_MHD_add_global_headers (resp);
+ ret = MHD_queue_response (connection,
+ MHD_HTTP_NO_CONTENT,
+ resp);
+ MHD_destroy_response (resp);
+ }
+ return ret;
+ case ANASTASIS_DB_STATUS_SUCCESS_ONE_RESULT:
+ {
+ const char *inm;
- /*FIXME: header must contain:
- * - version of returned encrypted recovery document
- * - Etag if Status 200 OK
- */
- // FIXME: Find correct create_response
- response = MHD_create_response_from_buffer (sizeof (res_recovery_data),
- res_recovery_data,
- MHD_RESPMEM_MUST_FREE);
- TALER_MHD_add_global_headers (response);
- GNUNET_break (MHD_YES ==
- MHD_add_response_header (response,
- MHD_HTTP_HEADER_CONTENT_TYPE,
- "anastasis/encrypted-policy"));
- ret = MHD_queue_response (connection,
- MHD_HTTP_OK,
- response);
- MHD_destroy_response (response);
+ inm = MHD_lookup_connection_value (connection,
+ MHD_HEADER_KIND,
+ MHD_HTTP_HEADER_IF_NONE_MATCH);
+ if (NULL != inm)
+ {
+ struct GNUNET_HashCode inm_h;
+
+ if (GNUNET_OK !=
+ GNUNET_STRINGS_string_to_data (inm,
+ strlen (inm),
+ &inm_h,
+ sizeof (inm_h)))
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_SYNC_BAD_IF_NONE_MATCH,
+ "Etag does not include a
base32-encoded SHA-512 hash");
+ }
+ if (0 == GNUNET_memcmp (&inm_h,
+ &recovery_data_hash))
+ {
+ struct MHD_Response *resp;
+
+ resp = MHD_create_response_from_buffer (0,
+ NULL,
+ MHD_RESPMEM_PERSISTENT);
+ TALER_MHD_add_global_headers (resp);
+ ret = MHD_queue_response (connection,
+ MHD_HTTP_NOT_MODIFIED,
+ resp);
+ MHD_destroy_response (resp);
+ return ret;
+ }
+ }
+ }
+ /* We have a result, should fetch and return it! */
+ break;
}
- return ret;
+ return AH_return_policy (connection,
+ &account_pub,
+ MHD_HTTP_OK);
}
diff --git a/src/backend/anastasis-httpd_policy.h
b/src/backend/anastasis-httpd_policy.h
index 5e9cab1..f4e4171 100644
--- a/src/backend/anastasis-httpd_policy.h
+++ b/src/backend/anastasis-httpd_policy.h
@@ -38,8 +38,8 @@ AH_resume_all_bc (void);
* @return MHD result code
*/
int
-AH_handler_policy_get (struct MHD_Connection *connection,
- const char *url);
+AH_policy_get (struct MHD_Connection *connection,
+ const char *url);
/**
* @param connection the MHD connection to handle
diff --git a/src/backend/anastasis-httpd_policy_upload.c
b/src/backend/anastasis-httpd_policy_upload.c
index 378899e..bfd0682 100644
--- a/src/backend/anastasis-httpd_policy_upload.c
+++ b/src/backend/anastasis-httpd_policy_upload.c
@@ -764,6 +764,9 @@ AH_handler_policy_post (struct MHD_Connection *connection,
TALER_EC_SYNC_BAD_SYNC_SIGNATURE,
"Anastasis-Policy-Signature does
not include a base32-encoded EdDSA signature");
}
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Account Signature to save: %s\n",
+ TALER_B2S (&puc->account_sig));
}
{
// Check if header contains an ETAG
diff --git a/src/lib/anastasis_api_policy_lookup.c
b/src/lib/anastasis_api_policy_lookup.c
index 9d2abed..fc8bfbb 100644
--- a/src/lib/anastasis_api_policy_lookup.c
+++ b/src/lib/anastasis_api_policy_lookup.c
@@ -35,6 +35,7 @@
#include <taler/taler_util.h>
#include <taler/taler_signatures.h>
#include "anastasis_service.h"
+#include "anastasis_api_curl_defaults.h"
/**
@@ -127,18 +128,24 @@ handle_policy_lookup_finished (void *cls,
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Backend didn't even return from GET /policy\n");
break;
-
case MHD_HTTP_OK:
{
struct ANASTASIS_DownloadDetails dd;
struct ANASTASIS_UploadSignaturePS usp;
usp.purpose.purpose = htonl (TALER_SIGNATURE_ANASTASIS_POLICY_UPLOAD);
- usp.purpose.size = htonl (sizeof (usp));
+ usp.purpose.size = htonl (sizeof (struct ANASTASIS_UploadSignaturePS));
usp.old_recovery_data_hash = plo->anastasis_previous;
GNUNET_CRYPTO_hash (data,
data_size,
&usp.new_recovery_data_hash);
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Account Signature to verify download: %s\n",
+ TALER_B2S (&plo->account_sig));
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Account Public Key for verification of signature: %s\n",
+ TALER_B2S (&plo->account_pub));
+
if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_ANASTASIS_POLICY_UPLOAD,
&usp.purpose,
@@ -295,10 +302,9 @@ ANASTASIS_policy_lookup (struct GNUNET_CURL_Context *ctx,
char *path;
plo = GNUNET_new (struct ANASTASIS_PolicyLookupOperation);
- plo->ctx = ctx;
- plo->cb = cb;
- plo->cb_cls = cb_cls;
- acc_pub_str = GNUNET_CRYPTO_eddsa_public_key_to_string (&anastasis_pub->pub);
+ plo->account_pub = *anastasis_pub;
+ acc_pub_str = GNUNET_STRINGS_data_to_string_alloc (anastasis_pub,
+ sizeof (*anastasis_pub));
GNUNET_asprintf (&path,
"policy/%s",
acc_pub_str);
@@ -307,14 +313,15 @@ ANASTASIS_policy_lookup (struct GNUNET_CURL_Context *ctx,
path,
NULL);
GNUNET_free (path);
- eh = curl_easy_init ();
+ eh = ANASTASIS_curl_easy_get_ (plo->url);
GNUNET_assert (CURLE_OK ==
curl_easy_setopt (eh,
CURLOPT_HEADERFUNCTION,
&handle_header));
- GNUNET_assert ((CURLE_OK != curl_easy_setopt (eh,
- CURLOPT_URL,
- plo)));
+ GNUNET_assert (CURLE_OK ==
+ curl_easy_setopt (eh,
+ CURLOPT_HEADERDATA,
+ plo));
plo->cb = cb;
plo->cb_cls = cb_cls;
plo->job = GNUNET_CURL_job_add_raw (ctx,
@@ -353,10 +360,9 @@ ANASTASIS_policy_lookup_version (struct
GNUNET_CURL_Context *ctx,
char *path;
plo = GNUNET_new (struct ANASTASIS_PolicyLookupOperation);
- plo->ctx = ctx;
- plo->cb = cb;
- plo->cb_cls = cb_cls;
- acc_pub_str = GNUNET_CRYPTO_eddsa_public_key_to_string (&anastasis_pub->pub);
+ plo->account_pub = *anastasis_pub;
+ acc_pub_str = GNUNET_STRINGS_data_to_string_alloc (anastasis_pub,
+ sizeof (*anastasis_pub));
GNUNET_asprintf (&path,
"policy/%s",
acc_pub_str);
@@ -367,14 +373,15 @@ ANASTASIS_policy_lookup_version (struct
GNUNET_CURL_Context *ctx,
version,
NULL);
GNUNET_free (path);
- eh = curl_easy_init ();
+ eh = ANASTASIS_curl_easy_get_ (plo->url);
GNUNET_assert (CURLE_OK ==
curl_easy_setopt (eh,
CURLOPT_HEADERFUNCTION,
&handle_header));
- GNUNET_assert ((CURLE_OK != curl_easy_setopt (eh,
- CURLOPT_URL,
- plo)));
+ GNUNET_assert (CURLE_OK !=
+ curl_easy_setopt (eh,
+ CURLOPT_HEADERDATA,
+ plo));
plo->cb = cb;
plo->cb_cls = cb_cls;
plo->job = GNUNET_CURL_job_add_raw (ctx,
diff --git a/src/lib/testing_api_cmd_policy_lookup.c
b/src/lib/testing_api_cmd_policy_lookup.c
index ff9ad3f..c3a1cbb 100644
--- a/src/lib/testing_api_cmd_policy_lookup.c
+++ b/src/lib/testing_api_cmd_policy_lookup.c
@@ -70,15 +70,10 @@ struct PolicyLookupState
*/
const char *upload_reference;
- /**
- * The /policy GET operation handle.
- */
- struct ANASTASIS_PolicyLookupOperation *plo;
-
/**
* The /policy GET operation handle.
*/
- struct ANASTASIS_PolicyLookupOperation *lookup;
+ struct ANASTASIS_PolicyLookupOperation *plo;
};
/**
@@ -95,7 +90,7 @@ policy_lookup_cb (void *cls,
{
struct PolicyLookupState *pls = cls;
- pls->lookup = NULL;
+ pls->plo = NULL;
if (http_status != pls->http_status)
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
@@ -188,12 +183,12 @@ policy_lookup_run (void *cls,
}
pls->anastasis_pub = *anastasis_pub;
}
- pls->lookup = ANASTASIS_policy_lookup (is->ctx,
- pls->anastasis_url,
- &pls->anastasis_pub,
- &policy_lookup_cb,
- pls);
- if (NULL == pls->lookup)
+ pls->plo = ANASTASIS_policy_lookup (is->ctx,
+ pls->anastasis_url,
+ &pls->anastasis_pub,
+ &policy_lookup_cb,
+ pls);
+ if (NULL == pls->plo)
{
GNUNET_break (0);
TALER_TESTING_interpreter_fail (pls->is);
@@ -215,13 +210,13 @@ policy_lookup_cleanup (void *cls,
{
struct PolicyLookupState *pls = cls;
- if (NULL != pls->lookup)
+ if (NULL != pls->plo)
{
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"Command '%s' did not complete (policy lookup)\n",
cmd->label);
- ANASTASIS_policy_lookup_cancel (pls->lookup);
- pls->lookup = NULL;
+ ANASTASIS_policy_lookup_cancel (pls->plo);
+ pls->plo = NULL;
}
GNUNET_free (pls);
}
--
To stop receiving notification emails like this one, please contact
address@hidden.