[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: -make meta data mandatory
|
From: |
gnunet |
|
Subject: |
[taler-anastasis] branch master updated: -make meta data mandatory |
|
Date: |
Tue, 12 Apr 2022 21:52:21 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new 257c5a1 -make meta data mandatory
257c5a1 is described below
commit 257c5a12043fd6a05ce2bf8aaa19fcf90eb10a78
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Tue Apr 12 21:52:18 2022 +0200
-make meta data mandatory
---
doc/sphinx/rest.rst | 4 ++-
src/backend/anastasis-httpd_policy-meta.c | 9 +++---
src/backend/anastasis-httpd_policy-upload.c | 37 ++++++++++++++---------
src/include/anastasis_service.h | 2 +-
src/restclient/anastasis_api_policy_meta_lookup.c | 8 ++---
src/restclient/anastasis_api_policy_store.c | 1 -
src/stasis/plugin_anastasis_postgres.c | 19 +++++-------
src/stasis/stasis-0001.sql | 2 +-
8 files changed, 41 insertions(+), 41 deletions(-)
diff --git a/doc/sphinx/rest.rst b/doc/sphinx/rest.rst
index 835ac6f..6943387 100644
--- a/doc/sphinx/rest.rst
+++ b/doc/sphinx/rest.rst
@@ -174,7 +174,7 @@ In the following, UUID is always defined and used according
to `RFC 4122`_.
interface MetaData {
// The meta value can be NULL if the document
// exists but no meta data was provided.
- meta?: String;
+ meta: string;
// Server-time indicative of when the recovery
// document was uploaded.
@@ -263,6 +263,8 @@ In the following, UUID is always defined and used according
to `RFC 4122`_.
The server MUST refuse the upload with a ``304`` status code if the Etag
matches
the latest version already known to the server.
+ *Anastasis-Policy-Meta-Data*: Encrypted meta data to be stored by the server
and returned with the respective endpoint to provide an overview of the
available policies. Encrypted using a random nonce and a key derived from the
user ID using the salt "rmd". The plaintext metadata must consist of the policy
hash (for deduplication) and the (human readable) secret name.
+
*Anastasis-Policy-Signature*: The client must provide Base-32 encoded EdDSA
signature over hash of body with ``$ACCOUNT_PRIV``, affirming desire to upload
an encrypted recovery document.
*Payment-Identifier*: Base-32 encoded 32-byte payment identifier that was
included in a previous payment (see ``402`` status code). Used to allow the
server to check that the client paid for the upload (to protect the server
against DoS attacks) and that the client knows a real secret of financial value
(as the **kdf_id** might be known to an attacker). If this header is missing in
the client's request (or the associated payment has exceeded the upload limit),
the server must return a [...]
diff --git a/src/backend/anastasis-httpd_policy-meta.c
b/src/backend/anastasis-httpd_policy-meta.c
index a62a21e..67acc52 100644
--- a/src/backend/anastasis-httpd_policy-meta.c
+++ b/src/backend/anastasis-httpd_policy-meta.c
@@ -60,11 +60,10 @@ build_meta_result (void *cls,
result,
version_s,
GNUNET_JSON_PACK (
- GNUNET_JSON_pack_allow_null (
- GNUNET_JSON_pack_data_varsize (
- "meta",
- recovery_meta_data,
- recovery_meta_data_size)),
+ GNUNET_JSON_pack_data_varsize (
+ "meta",
+ recovery_meta_data,
+ recovery_meta_data_size),
GNUNET_JSON_pack_timestamp (
"upload_time",
ts))));
diff --git a/src/backend/anastasis-httpd_policy-upload.c
b/src/backend/anastasis-httpd_policy-upload.c
index 2cc0389..32f0266 100644
--- a/src/backend/anastasis-httpd_policy-upload.c
+++ b/src/backend/anastasis-httpd_policy-upload.c
@@ -699,22 +699,29 @@ AH_handler_policy_post (
metas = MHD_lookup_connection_value (connection,
MHD_HEADER_KIND,
ANASTASIS_HTTP_HEADER_POLICY_META_DATA);
- if (NULL != metas)
+ if (NULL == metas)
{
- if (GNUNET_OK !=
- GNUNET_STRINGS_string_to_data_alloc (metas,
- strlen (metas),
- &puc->meta_data,
- &puc->meta_data_size))
- {
- GNUNET_break_op (0);
- return TALER_MHD_reply_with_error (
- connection,
- MHD_HTTP_BAD_REQUEST,
- TALER_EC_GENERIC_HTTP_HEADERS_MALFORMED,
- ANASTASIS_HTTP_HEADER_POLICY_META_DATA
- " header must include a base32-encoded value");
- }
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_GENERIC_HTTP_HEADERS_MALFORMED,
+ ANASTASIS_HTTP_HEADER_POLICY_META_DATA
+ " header must be present");
+ }
+ if (GNUNET_OK !=
+ GNUNET_STRINGS_string_to_data_alloc (metas,
+ strlen (metas),
+ &puc->meta_data,
+ &puc->meta_data_size))
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_GENERIC_HTTP_HEADERS_MALFORMED,
+ ANASTASIS_HTTP_HEADER_POLICY_META_DATA
+ " header must include a base32-encoded value");
}
}
/* now setup 'puc' */
diff --git a/src/include/anastasis_service.h b/src/include/anastasis_service.h
index 8af0f07..d439ca5 100644
--- a/src/include/anastasis_service.h
+++ b/src/include/anastasis_service.h
@@ -477,7 +477,7 @@ typedef void
* @param anastasis_priv private key of the user's account
* @param recovery_data policy data to be stored
* @param recovery_data_size number of bytes in @a recovery_data
- * @param recovery_meta_data policy meta data to be stored, can be NULL
+ * @param recovery_meta_data policy meta data to be stored
* @param recovery_meta_data_size number of bytes in @a recovery_meta_data
* @param payment_years_requested for how many years would the client like the
service to store the truth?
* @param payment_secret payment identifier of last payment
diff --git a/src/restclient/anastasis_api_policy_meta_lookup.c
b/src/restclient/anastasis_api_policy_meta_lookup.c
index 43c966e..3d1482f 100644
--- a/src/restclient/anastasis_api_policy_meta_lookup.c
+++ b/src/restclient/anastasis_api_policy_meta_lookup.c
@@ -134,11 +134,9 @@ handle_policy_meta_lookup_finished (void *cls,
unsigned int ver;
char dummy;
struct GNUNET_JSON_Specification spec[] = {
- GNUNET_JSON_spec_mark_optional (
- GNUNET_JSON_spec_varsize ("meta",
- &md[off],
- &metas[off].meta_data_size),
- NULL),
+ GNUNET_JSON_spec_varsize ("meta",
+ &md[off],
+ &metas[off].meta_data_size),
GNUNET_JSON_spec_timestamp ("upload_time",
&metas[off].server_time),
GNUNET_JSON_spec_end ()
diff --git a/src/restclient/anastasis_api_policy_store.c
b/src/restclient/anastasis_api_policy_store.c
index 2432079..7a8925f 100644
--- a/src/restclient/anastasis_api_policy_store.c
+++ b/src/restclient/anastasis_api_policy_store.c
@@ -428,7 +428,6 @@ ANASTASIS_policy_store (
job_headers = ext;
/* Setup meta-data header */
- if (NULL != recovery_meta_data)
{
char *meta_val;
diff --git a/src/stasis/plugin_anastasis_postgres.c
b/src/stasis/plugin_anastasis_postgres.c
index bfe86da..709228f 100644
--- a/src/stasis/plugin_anastasis_postgres.c
+++ b/src/stasis/plugin_anastasis_postgres.c
@@ -1030,10 +1030,8 @@ postgres_store_recovery_document (
GNUNET_PQ_query_param_auto_from_type (recovery_data_hash),
GNUNET_PQ_query_param_fixed_size (recovery_data,
recovery_data_size),
- (NULL == recovery_meta_data)
- ? GNUNET_PQ_query_param_null ()
- : GNUNET_PQ_query_param_fixed_size (recovery_meta_data,
- recovery_meta_data_size),
+ GNUNET_PQ_query_param_fixed_size (recovery_meta_data,
+ recovery_meta_data_size),
GNUNET_PQ_query_param_timestamp (&now),
GNUNET_PQ_query_param_end
};
@@ -2251,20 +2249,17 @@ meta_iterator (void *cls,
for (unsigned int i = 0; i<num_results; i++)
{
uint32_t version;
- void *meta_data = NULL;
- size_t meta_data_size = 0;
+ void *meta_data;
+ size_t meta_data_size;
struct GNUNET_TIME_Timestamp ts;
- bool unused = false;
struct GNUNET_PQ_ResultSpec rs[] = {
GNUNET_PQ_result_spec_uint32 ("version",
&version),
GNUNET_PQ_result_spec_timestamp ("creation_date",
&ts),
- GNUNET_PQ_result_spec_allow_null (
- GNUNET_PQ_result_spec_variable_size ("recovery_meta_data",
- &meta_data,
- &meta_data_size),
- &unused),
+ GNUNET_PQ_result_spec_variable_size ("recovery_meta_data",
+ &meta_data,
+ &meta_data_size),
GNUNET_PQ_result_spec_end
};
enum GNUNET_GenericReturnValue ret;
diff --git a/src/stasis/stasis-0001.sql b/src/stasis/stasis-0001.sql
index 38e60fc..fe0ab63 100644
--- a/src/stasis/stasis-0001.sql
+++ b/src/stasis/stasis-0001.sql
@@ -140,7 +140,7 @@ CREATE TABLE IF NOT EXISTS anastasis_recoverydocument
account_sig BYTEA NOT NULL CHECK(LENGTH(account_sig)=64),
recovery_data_hash BYTEA NOT NULL CHECK(length(recovery_data_hash)=64),
recovery_data BYTEA NOT NULL,
- recovery_meta_data BYTEA DEFAULT NULL,
+ recovery_meta_data BYTEA NOT NULL,
creation_date INT8 NOT NULL,
PRIMARY KEY (user_id, version));
COMMENT ON TABLE anastasis_recoverydocument
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: -make meta data mandatory,
gnunet <=