[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: email plugin
|
From: |
gnunet |
|
Subject: |
[taler-anastasis] branch master updated: email plugin |
|
Date: |
Wed, 02 Dec 2020 18:12:18 +0100 |
This is an automated email from the git hooks/post-receive script.
ds-meister pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new 794f3c7 email plugin
794f3c7 is described below
commit 794f3c73a4100776073ea6615a110efe8c41f634
Author: Dominik Meister <dominik.meister@hotmail.ch>
AuthorDate: Wed Dec 2 18:12:14 2020 +0100
email plugin
---
src/backend/Makefile.am | 14 +-
src/backend/anastasis-httpd_truth.c | 6 +-
src/backend/anastasis_authorization_plugin_email.c | 239 +++++++++++++++++++++
3 files changed, 253 insertions(+), 6 deletions(-)
diff --git a/src/backend/Makefile.am b/src/backend/Makefile.am
index eaec29b..0cd511e 100644
--- a/src/backend/Makefile.am
+++ b/src/backend/Makefile.am
@@ -21,7 +21,8 @@ libanastasisauthorization_la_LDFLAGS = \
-lgnunetutil
plugin_LTLIBRARIES = \
- libanastasis_plugin_authorization_file.la
+ libanastasis_plugin_authorization_file.la \
+ libanastasis_plugin_authorization_email.la
libanastasis_plugin_authorization_file_la_SOURCES = \
anastasis_authorization_plugin_file.c
libanastasis_plugin_authorization_file_la_LIBADD = \
@@ -32,7 +33,16 @@ libanastasis_plugin_authorization_file_la_LDFLAGS = \
-ltalerutil \
-lgnunetutil \
$(XLIB)
-
+libanastasis_plugin_authorization_email_la_SOURCES = \
+ anastasis_authorization_plugin_email.c
+libanastasis_plugin_authorization_email_la_LIBADD = \
+ $(LTLIBINTL)
+libanastasis_plugin_authorization_email_la_LDFLAGS = \
+ $(ANASTASIS_PLUGIN_LDFLAGS) \
+ -ljansson \
+ -ltalerutil \
+ -lgnunetutil \
+ $(XLIB)
pkgcfg_DATA = \
anastasis.conf
diff --git a/src/backend/anastasis-httpd_truth.c
b/src/backend/anastasis-httpd_truth.c
index bfd0e5b..8959b02 100644
--- a/src/backend/anastasis-httpd_truth.c
+++ b/src/backend/anastasis-httpd_truth.c
@@ -1010,12 +1010,10 @@ AH_handler_truth_get (struct MHD_Connection *connection,
GNUNET_free (decrypted_truth);
return MHD_NO;
}
- // FIXME:
- // RANDOM! -- or from DB if recent one in DB!
+
uint64_t code = GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_NONCE,
999999);
- // FIXME TIME where to put this?
- // FIXME retry counter where to put it?
+
qs = db->store_challenge_code (db->cls,
&truth_public_key,
code,
diff --git a/src/backend/anastasis_authorization_plugin_email.c
b/src/backend/anastasis_authorization_plugin_email.c
new file mode 100644
index 0000000..407aa45
--- /dev/null
+++ b/src/backend/anastasis_authorization_plugin_email.c
@@ -0,0 +1,239 @@
+/*
+ This file is part of Anastasis
+ Copyright (C) 2019 Taler Systems SA
+
+ Anastasis is free software; you can redistribute it and/or modify it under
the
+ terms of the GNU Lesser General Public License as published by the Free
Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ Anastasis is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ Anastasis; see the file COPYING.GPL. If not, see
<http://www.gnu.org/licenses/>
+*/
+/**
+ * @file include/anastasis_authorization_plugin_email.c
+ * @brief authorization plugin email based
+ * @author Dominik Meister
+ */
+#include "platform.h"
+#include "anastasis-httpd.h"
+#include "anastasis_authorization_plugin.h"
+#include <taler/taler_mhd_lib.h>
+#include <regex.h>
+
+
+/**
+ * Saves the State of a authorization process
+ */
+
+struct ANASTASIS_AUTHORIZATION_State
+{
+ /**
+ * Public key of the challenge which is authorised
+ */
+ const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key;
+ /**
+ * Code which is sent to the user (here saved into a file)
+ */
+ uint64_t code;
+ /**
+ * holds the truth information
+ */
+ char *email;
+ /**
+ * closure
+ */
+ void *cls;
+};
+
+
+/**
+ * Validate @a data is a well-formed input into the challenge method,
+ * i.e. @a data is a well-formed phone number for sending an SMS, or
+ * a well-formed e-mail address for sending an e-mail. Not expected to
+ * check that the phone number or e-mail account actually exists.
+ *
+ * To be possibly used before issuing a 402 payment required to the client.
+ *
+ * @param cls closure
+ * @param connection HTTP client request (for queuing response)
+ * @param data input to validate (i.e. is it a valid phone number, etc.)
+ * @param data_length number of bytes in @a data
+ * @return #GNUNET_OK if @a data is valid,
+ * #GNUNET_NO if @a data is invalid and a reply was successfully
queued on @a connection
+ * #GNUNET_SYSERR if @a data invalid but we failed to queue a reply on
@a connection
+ */
+static enum GNUNET_GenericReturnValue
+email_validate (void *cls,
+ struct MHD_Connection *connection,
+ const char *data,
+ size_t data_length)
+{
+ regex_t regex;
+ int regex_result;
+ /*FIXME very basic check */
+ const char *regexp = "[A-Z0-9._%+-]+@[A-Z0-9.-]+\\.[A-Z]{2,4}";
+ char *email = GNUNET_STRINGS_data_to_string_alloc (data,
+ data_length);
+
+ regex_result = regcomp (®ex,
+ regexp,
+ REG_EXTENDED);
+ if (0 < regex_result)
+ {
+ GNUNET_break (0);
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Failed to compile regular expression.");
+ regfree (®ex);
+ return GNUNET_NO;
+ }
+
+ regex_result = regexec (®ex,
+ email,
+ 0,
+ NULL,
+ 0);
+ if (0 != regex_result)
+ {
+ regfree (®ex);
+ return GNUNET_NO;
+ }
+ regfree (®ex);
+ GNUNET_free (email);
+ return GNUNET_OK;
+}
+
+
+/**
+ * Begin issuing authentication challenge to user based on @a data.
+ * I.e. start to send SMS or e-mail or launch video identification.
+ *
+ * @param cls closure
+ * @param truth_public_key Identifier of the challenge, to be (if possible)
included in the
+ * interaction with the user
+ * @param code secret code that the user has to provide back to satisfy the
challenge in
+ * the main anastasis protocol
+ * @param data input to validate (i.e. is it a valid phone number, etc.)
+ * @return state to track progress on the authorization operation, NULL on
failure
+ */
+static struct ANASTASIS_AUTHORIZATION_State *
+email_start (void *cls,
+ const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ uint64_t code,
+ const void *data,
+ size_t data_length)
+{
+ struct ANASTASIS_AUTHORIZATION_State *as;
+
+ as = GNUNET_new (struct ANASTASIS_AUTHORIZATION_State);
+ as->cls = cls;
+ as->truth_public_key = truth_public_key;
+ as->code = code;
+ as->email = GNUNET_STRINGS_data_to_string_alloc (data,
+ data_length);
+ return as;
+}
+
+
+/**
+ * Begin issuing authentication challenge to user based on @a data.
+ * I.e. start to send SMS or e-mail or launch video identification.
+ *
+ * @param as authorization state
+ * @param connection HTTP client request (for queuing response, such as
redirection to video portal)
+ * @return state of the request
+ */
+static enum ANASTASIS_AUTHORIZATION_Result
+email_process (struct ANASTASIS_AUTHORIZATION_State *as,
+ struct MHD_Connection *connection)
+{
+ MHD_RESULT mres;
+ struct MHD_Response *resp;
+ char *subject = "Anastasis E-Mail Authentication Service";
+ int p[2];
+ /*FIXME ERROR HANDLING*/
+ int ret = pipe (p);
+ pid_t pid = fork ();
+ switch (pid)
+ {
+ case -1:
+ close (p[0]);
+ close (p[1]);
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Error while trying to send email");
+ resp = TALER_MHD_make_error (TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE,
+ "Failed to fork process");
+ mres = MHD_queue_response (connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ resp);
+ MHD_destroy_response (resp);
+ if (MHD_YES != mres)
+ return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_RES_FAILED;
+ case 0:
+ dup2 (p[0],0);
+ close (p[1]);
+ execlp ("mail", "mail", "-s", subject, as->email, NULL);
+ close (p[0]);
+ char buff[21];
+ sprintf (buff, "%lu", as->code);
+ ret = write (p[1], buff, strlen (buff));
+ close (p[1]);
+ break;
+ default:
+ /*FIXME */
+ break;
+ }
+ return ANASTASIS_AUTHORIZATION_RES_SUCCESS;
+}
+
+
+/**
+ * Free internal state associated with @a as.
+ *
+ * @param as state to clean up
+ */
+static void
+email_cleanup (struct ANASTASIS_AUTHORIZATION_State *as)
+{
+ GNUNET_free (as->email);
+ GNUNET_free (as);
+}
+
+
+/**
+ * Initialize email based authorization plugin
+ *
+ * @param cls a configuration instance
+ * @return NULL on error, otherwise a `struct ANASTASIS_AuthorizationPlugin`
+ */
+void *
+libanastasis_plugin_authorization_email_init (void *cls)
+{
+ struct ANASTASIS_AuthorizationPlugin *plugin;
+ struct GNUNET_CONFIGURATION_Handle *cfg = cls;
+ plugin = GNUNET_new (struct ANASTASIS_AuthorizationPlugin);
+ plugin->validate = &email_validate;
+ plugin->start = &email_start;
+ plugin->process = &email_process;
+ plugin->cleanup = &email_cleanup;
+ return plugin;
+}
+
+
+/**
+ * Unload authorization plugin
+ *
+ * @param cls a `struct ANASTASIS_AuthorizationPlugin`
+ * @return NULL (always)
+ */
+void *
+libanastasis_plugin_authorization_email_done (void *cls)
+{
+ struct ANASTASIS_AuthorizationPlugin *plugin = cls;
+ GNUNET_free (plugin);
+ return NULL;
+}
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: email plugin,
gnunet <=