Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fixing whitespace and line length

  • Loading branch information...
commit 5e0ad6d9cfd71fcfcf6f52c20e6b2472bbf9f00a 1 parent 87b90a4
@ozten authored
View
1  .gitignore
@@ -12,3 +12,4 @@ config.log
config.status
# Makefile
stamp-h1
+*.pyc
View
2  configs/slapd.conf
@@ -1,7 +1,7 @@
mech_list: BROWSER-ID
# BrowserID service endpoint
-browserid_endpoint: https://browserid.org/verify?assertion=%s&audience=%s
+browserid_endpoint: https://browserid.org/verify
ybrowserid_endpoint: http://localhost:8001/en-US/media/js/timeout.json
zbrowserid_endpoint: http://localhost:8001/en-US/media/js/success.json
View
648 plugins/browserid.c
@@ -62,10 +62,10 @@ static const unsigned short version = 5;
* Application is shutting down. Your FREE, FREE!
*/
static void browserid_common_mech_free(void *glob_context,
- const sasl_utils_t *utils)
+ const sasl_utils_t *utils)
{
- syslog(LOG_DEBUG, "browserid_common_mech_free");
- return;
+ syslog(LOG_DEBUG, "browserid_common_mech_free");
+ return;
}
/***************************** Server Section *****************************/
@@ -75,200 +75,211 @@ static void browserid_common_mech_free(void *glob_context,
* throught the request. Doesn't send any data to the server.
*/
static int browserid_server_mech_new(void *glob_context,
- sasl_server_params_t * sparams,
- const char *challenge __attribute__((unused)),
- unsigned challen __attribute__((unused)),
- void **conn_context)
+ sasl_server_params_t * sparams,
+ const char *challenge __attribute__((unused)),
+ unsigned challen __attribute__((unused)),
+ void **conn_context)
{
- syslog(LOG_DEBUG, "browserid_server_mech_new");
- return SASL_OK;
+ syslog(LOG_DEBUG, "browserid_server_mech_new");
+ return SASL_OK;
}
/**
* Core of the server plugin.
*/
static int browserid_server_mech_step(void *conn_context,
- sasl_server_params_t *sparams,
- const char *clientin,
- unsigned clientinlen,
- const char **serverout,
- unsigned *serveroutlen,
- sasl_out_params_t *oparams)
+ sasl_server_params_t *sparams,
+ const char *clientin,
+ unsigned clientinlen,
+ const char **serverout,
+ unsigned *serveroutlen,
+ sasl_out_params_t *oparams)
{
- const char *assertion;
- const char *audience;
- unsigned audience_len;
- unsigned lup=0;
- int result;
- char *audience_copy;
- struct browserid_response_t *browserid_response;
- char email[1024];
+ const char *assertion;
+ const char *audience;
+ unsigned audience_len;
+ unsigned lup=0;
+ int result;
+ char *audience_copy;
+ struct browserid_response_t *browserid_response;
+ char email[1024];
- syslog(LOG_DEBUG, "browserid_server_mech_step clientinlen=%d", clientinlen);
+ syslog(LOG_DEBUG, "browserid_server_mech_step clientinlen=%d",
+ clientinlen);
- /* should have received assertion NUL audience */
+ /* should have received assertion NUL audience */
- /* get assertion */
+ /* get assertion */
- assertion = clientin;
+ assertion = clientin;
if (strlen(assertion) > MAX_ASSERTION) {
- syslog(LOG_ERR, "Client send a longer assertion [%u] that we expected, failing", strlen(assertion));
- return SASL_BADPROT;
+ syslog(LOG_ERR, "Client send a longer assertion [%u] that we "
+ "expected, failing", strlen(assertion));
+ return SASL_BADPROT;
}
- syslog(LOG_DEBUG, "Assertion: [%s]", assertion);
+ syslog(LOG_DEBUG, "Assertion: [%s]", assertion);
- while ((lup < clientinlen) && (clientin[lup] != 0)) ++lup;
+ while ((lup < clientinlen) && (clientin[lup] != 0)) ++lup;
- if (lup >= clientinlen) {
- SETERROR(sparams->utils, "Can only find browserid assertion (no audience)");
- return SASL_BADPROT;
- }
+ if (lup >= clientinlen) {
+ SETERROR(sparams->utils, "Can only find browserid assertion "
+ "(no audience)");
+ return SASL_BADPROT;
+ }
- /* get audience */
- ++lup;
- audience = clientin + lup;
- while ((lup < clientinlen) && (clientin[lup] != 0)) ++lup;
+ /* get audience */
+ ++lup;
+ audience = clientin + lup;
+ while ((lup < clientinlen) && (clientin[lup] != 0)) ++lup;
- audience_len = (unsigned) (clientin + lup - audience);
+ audience_len = (unsigned) (clientin + lup - audience);
if (audience_len > MAX_AUDIENCE) {
- syslog(LOG_ERR, "Client send a longer audience [%u] that we expected, failing",
- strlen(audience));
+ syslog(LOG_ERR, "Client send a longer audience [%u] that "
+ "we expected, failing",
+ strlen(audience));
return SASL_BADPROT;
}
- syslog(LOG_DEBUG, "lup = %d clientinlen = %d", lup, clientinlen);
-
- if (lup != clientinlen) {
- SETERROR(sparams->utils,
- "Oh snap, more data than we were expecting in the BROWSER-ID plugin\n");
-
- }
-
- /* Ensure null terminated */
- audience_copy = sparams->utils->malloc(audience_len + 1);
- if (audience_copy == NULL) {
- MEMERROR(sparams->utils);
- return SASL_NOMEM;
- }
-
- strncpy(audience_copy, audience, audience_len);
- audience_copy[audience_len] = '\0';
-
- syslog(LOG_DEBUG, "Server side, we've got ASSERTION[%s] AUDIENCE[%s]",
- assertion, audience_copy);
-
-
- if (check_session(sparams->utils, assertion, (char *)&email) == 1) {
- syslog(LOG_DEBUG, "Got email = %s", email);
- /* set user into the session or whatever... */
- result = sparams->canon_user(sparams->utils->conn,
- email, 0,
- SASL_CU_AUTHID | SASL_CU_AUTHZID, oparams);
- } else {
- browserid_response = malloc(sizeof(struct browserid_response_t));
-
- browserid_verify(sparams->utils, browserid_response, assertion, audience_copy);
-
- if (strcasecmp(browserid_response->status, "okay") == 0) {
- syslog(LOG_DEBUG, "Yes, we're all good! %s %s %s until %llu",
- browserid_response->email,
- browserid_response->audience,
- browserid_response->issuer,
- browserid_response->valid_until);
- create_session(sparams->utils, assertion, browserid_response->email);
- result = sparams->canon_user(sparams->utils->conn,
- browserid_response->email, 0,
- SASL_CU_AUTHID | SASL_CU_AUTHZID, oparams);
- if (result != SASL_OK) {
- _plug_free_string(sparams->utils, &audience_copy);
- free(browserid_response);
- return result;
- }
- } else {
- syslog(LOG_ERR, "No dice, STATUS=[%s] REASON=[%s]", browserid_response->status, browserid_response->reason);
- SETERROR(sparams->utils, browserid_response->reason);
-
- _plug_free_string(sparams->utils, &audience_copy);
- free(browserid_response);
- return SASL_BADAUTH;
- }
-
-
- free(browserid_response);
- }
- _plug_free_string(sparams->utils, &audience_copy);
-
-
- /* set oparams */
- oparams->doneflag = 1;
- oparams->mech_ssf = 0;
- oparams->maxoutbuf = 0;
- oparams->encode_context = NULL;
- oparams->encode = NULL;
- oparams->decode_context = NULL;
- oparams->decode = NULL;
- oparams->param_version = 0;
- return SASL_OK;
+ syslog(LOG_DEBUG, "lup = %d clientinlen = %d", lup,
+ clientinlen);
+
+ if (lup != clientinlen) {
+ SETERROR(sparams->utils,
+ "Oh snap, more data than we were expecting in the "
+ "BROWSER-ID plugin\n");
+
+ }
+
+ /* Ensure null terminated */
+ audience_copy = sparams->utils->malloc(audience_len + 1);
+ if (audience_copy == NULL) {
+ MEMERROR(sparams->utils);
+ return SASL_NOMEM;
+ }
+
+ strncpy(audience_copy, audience, audience_len);
+ audience_copy[audience_len] = '\0';
+
+ syslog(LOG_DEBUG, "Server side, we've got ASSERTION[%s] AUDIENCE[%s]",
+ assertion, audience_copy);
+
+
+ if (check_session(sparams->utils, assertion, (char *)&email) == 1) {
+ syslog(LOG_DEBUG, "Got email = %s", email);
+ /* set user into the session or whatever... */
+ result = sparams->canon_user(sparams->utils->conn,
+ email, 0,
+ SASL_CU_AUTHID | SASL_CU_AUTHZID,
+ oparams);
+ } else {
+ browserid_response = malloc(sizeof(struct browserid_response_t));
+
+ browserid_verify(sparams->utils, browserid_response,
+ assertion, audience_copy);
+
+ if (strcasecmp(browserid_response->status, "okay") == 0) {
+ syslog(LOG_DEBUG, "Yes, we're all good! %s %s %s until %llu",
+ browserid_response->email,
+ browserid_response->audience,
+ browserid_response->issuer,
+ browserid_response->valid_until);
+ create_session(sparams->utils, assertion,
+ browserid_response->email);
+ result = sparams->canon_user(sparams->utils->conn,
+ browserid_response->email, 0,
+ SASL_CU_AUTHID | SASL_CU_AUTHZID, oparams);
+ if (result != SASL_OK) {
+ _plug_free_string(sparams->utils, &audience_copy);
+ free(browserid_response);
+ return result;
+ }
+ } else {
+ syslog(LOG_ERR, "No dice, STATUS=[%s] REASON=[%s]",
+ browserid_response->status,
+ browserid_response->reason);
+ SETERROR(sparams->utils, browserid_response->reason);
+
+ _plug_free_string(sparams->utils, &audience_copy);
+ free(browserid_response);
+ return SASL_BADAUTH;
+ }
+
+
+ free(browserid_response);
+ }
+ _plug_free_string(sparams->utils, &audience_copy);
+
+
+ /* set oparams */
+ oparams->doneflag = 1;
+ oparams->mech_ssf = 0;
+ oparams->maxoutbuf = 0;
+ oparams->encode_context = NULL;
+ oparams->encode = NULL;
+ oparams->decode_context = NULL;
+ oparams->decode = NULL;
+ oparams->param_version = 0;
+ return SASL_OK;
}
/**
* This request is over, connection coming to an end.
*/
static void browserid_server_mech_dispose(void *conn_context,
- const sasl_utils_t *utils)
+ const sasl_utils_t *utils)
{
- syslog(LOG_DEBUG, "browserid_server_mech_dispose");
- return;
+ syslog(LOG_DEBUG, "browserid_server_mech_dispose");
+ return;
}
static sasl_server_plug_t browserid_server_plugins[] =
{
{
- "BROWSER-ID", /* mech_name */
- 1, /* TODO max_ssf */
- SASL_SEC_NOPLAINTEXT
- | SASL_SEC_NOANONYMOUS
- | SASL_SEC_MUTUAL_AUTH, /* security_flags */
- SASL_FEAT_ALLOWS_PROXY, /* features */
- NULL, /* glob_context */
- &browserid_server_mech_new, /* mech_new */
- &browserid_server_mech_step, /* mech_step */
- &browserid_server_mech_dispose, /* mech_dispose */
- &browserid_common_mech_free, /* mech_free */
- NULL, /* setpass */
- NULL, /* user_query */
- NULL, /* idle */
- NULL, /* mech avail */
- NULL /* spare */
+ "BROWSER-ID", /* mech_name */
+ 1, /* TODO max_ssf */
+ SASL_SEC_NOPLAINTEXT
+ | SASL_SEC_NOANONYMOUS
+ | SASL_SEC_MUTUAL_AUTH, /* security_flags */
+ SASL_FEAT_ALLOWS_PROXY, /* features */
+ NULL, /* glob_context */
+ &browserid_server_mech_new, /* mech_new */
+ &browserid_server_mech_step, /* mech_step */
+ &browserid_server_mech_dispose, /* mech_dispose */
+ &browserid_common_mech_free, /* mech_free */
+ NULL, /* setpass */
+ NULL, /* user_query */
+ NULL, /* idle */
+ NULL, /* mech avail */
+ NULL /* spare */
}
};
int browserid_server_plug_init(sasl_utils_t *utils,
- int maxversion,
- int *out_version,
- sasl_server_plug_t **pluglist,
- int *plugcount)
+ int maxversion,
+ int *out_version,
+ sasl_server_plug_t **pluglist,
+ int *plugcount)
{
- openlog("browserid-server", LOG_NDELAY, LOG_AUTH);
- syslog(LOG_DEBUG, "browserid_server_plug_init");
- if (maxversion < SASL_SERVER_PLUG_VERSION) {
- SETERROR( utils, "ANONYMOUS version mismatch" );
- return SASL_BADVERS;
- }
-
- *out_version = SASL_SERVER_PLUG_VERSION;
- *pluglist = browserid_server_plugins;
- *plugcount = 1;
- return SASL_OK;
+ openlog("browserid-server", LOG_NDELAY, LOG_AUTH);
+ syslog(LOG_DEBUG, "browserid_server_plug_init");
+ if (maxversion < SASL_SERVER_PLUG_VERSION) {
+ SETERROR( utils, "ANONYMOUS version mismatch" );
+ return SASL_BADVERS;
+ }
+
+ *out_version = SASL_SERVER_PLUG_VERSION;
+ *pluglist = browserid_server_plugins;
+ *plugcount = 1;
+ return SASL_OK;
}
/***************************** Client Section *****************************/
typedef struct client_context {
- char *out_buf;
- unsigned out_buf_len;
+ char *out_buf;
+ unsigned out_buf_len;
} client_context_t;
/**
@@ -276,22 +287,22 @@ typedef struct client_context {
* throught the client lifecycle. Doesn't send any data to the client.
*/
static int browserid_client_mech_new(void *glob_context,
- sasl_client_params_t * params,
- void **conn_context)
+ sasl_client_params_t * params,
+ void **conn_context)
{
- syslog(LOG_DEBUG, "browserid_client_mech_new");
- client_context_t *context;
+ syslog(LOG_DEBUG, "browserid_client_mech_new");
+ client_context_t *context;
- context = params->utils->malloc(sizeof(client_context_t));
- if (context == NULL) {
- MEMERROR( params->utils );
- return SASL_NOMEM;
- }
+ context = params->utils->malloc(sizeof(client_context_t));
+ if (context == NULL) {
+ MEMERROR( params->utils );
+ return SASL_NOMEM;
+ }
- memset(context, 0, sizeof(client_context_t));
+ memset(context, 0, sizeof(client_context_t));
- *conn_context = context;
- return SASL_OK;
+ *conn_context = context;
+ return SASL_OK;
}
/**
@@ -300,203 +311,206 @@ static int browserid_client_mech_new(void *glob_context,
* to figure out the hard stuff.
*/
static int browserid_client_mech_step(void *conn_context,
- sasl_client_params_t *params,
- const char *serverin,
- unsigned serverinlen,
- sasl_interact_t **prompt_need,
- const char **clientout,
- unsigned *clientoutlen,
- sasl_out_params_t *oparams)
+ sasl_client_params_t *params,
+ const char *serverin,
+ unsigned serverinlen,
+ sasl_interact_t **prompt_need,
+ const char **clientout,
+ unsigned *clientoutlen,
+ sasl_out_params_t *oparams)
{
- client_context_t *context = (client_context_t *) conn_context;
- const char *browser_assertion = NULL, *browser_audience = NULL;
- int browser_assertion_result = SASL_OK;
- int browser_audience_result = SASL_OK;
- int result;
- char *p;
-
- syslog(LOG_DEBUG, "browserid_client_mech_new");
-
- if (!params || !clientout || !clientoutlen || !oparams) {
- PARAMERROR( params->utils );
- return SASL_BADPARAM;
- }
-
- /* try to get the assertion */
- if (oparams->authid == NULL) {
- /* TODO get_authid should be get_assertion */
- browser_assertion_result = _plug_get_userid(params->utils,
- &browser_assertion,
- prompt_need);
-
- if ((browser_assertion_result != SASL_OK) && \
- (browser_assertion_result != SASL_INTERACT)) {
- return browser_assertion_result;
- }
-
-
- }
-
- /* try to get the audience */
- if (oparams->user == NULL) {
- /* TODO get_authid should be get_audience */
- browser_audience_result = _plug_get_authid(params->utils, &browser_audience, prompt_need);
-
- if ((browser_audience_result != SASL_OK) && \
- (browser_audience_result != SASL_INTERACT)) {
- return browser_audience_result;
- }
-
- }
-
- /* free prompts we got */
- if (prompt_need && *prompt_need) {
- params->utils->free(*prompt_need);
- *prompt_need = NULL;
- }
-
- /* if there are prompts not filled in */
- if ((browser_audience_result == SASL_INTERACT) || \
- (browser_assertion_result == SASL_INTERACT)) {
- /* make the prompt list, hijack user and auth slots */
- result =
- _plug_make_prompts(params->utils, prompt_need,
- browser_assertion_result == SASL_INTERACT ?
- "Please enter your assertion" : NULL,
- NULL,
- browser_audience_result == SASL_INTERACT ?
- "Please enter your interwebs (example.com)" : NULL,
- NULL,
- /* pass prompt, default */
- NULL, NULL,
- /* echo challange, prompt, default */
- NULL, NULL, NULL,
- /* realm challange, prompt, default */
- NULL, NULL, NULL);
- if (result != SASL_OK) goto cleanup;
- return SASL_INTERACT;
- }
- if (strlen(browser_assertion) == 0) {
- syslog(LOG_ERR, "browser_assertion is empty, failing");
+ client_context_t *context = (client_context_t *) conn_context;
+ const char *browser_assertion = NULL, *browser_audience = NULL;
+ int browser_assertion_result = SASL_OK;
+ int browser_audience_result = SASL_OK;
+ int result;
+ char *p;
+
+ syslog(LOG_DEBUG, "browserid_client_mech_new");
+
+ if (!params || !clientout || !clientoutlen || !oparams) {
+ PARAMERROR( params->utils );
return SASL_BADPARAM;
- }
+ }
+
+ /* try to get the assertion */
+ if (oparams->authid == NULL) {
+ /* TODO get_authid should be get_assertion */
+ browser_assertion_result = _plug_get_userid(params->utils,
+ &browser_assertion,
+ prompt_need);
+
+ if ((browser_assertion_result != SASL_OK) && \
+ (browser_assertion_result != SASL_INTERACT)) {
+ return browser_assertion_result;
+ }
+
+
+ }
+
+ /* try to get the audience */
+ if (oparams->user == NULL) {
+ /* TODO get_authid should be get_audience */
+ browser_audience_result = _plug_get_authid(params->utils, &browser_audience, prompt_need);
+
+ if ((browser_audience_result != SASL_OK) && \
+ (browser_audience_result != SASL_INTERACT)) {
+ return browser_audience_result;
+ }
+
+ }
+
+ /* free prompts we got */
+ if (prompt_need && *prompt_need) {
+ params->utils->free(*prompt_need);
+ *prompt_need = NULL;
+ }
+
+ /* if there are prompts not filled in */
+ if ((browser_audience_result == SASL_INTERACT) || \
+ (browser_assertion_result == SASL_INTERACT)) {
+ /* make the prompt list, hijack user and auth slots */
+ result =
+ _plug_make_prompts(params->utils, prompt_need,
+ browser_assertion_result == SASL_INTERACT ?
+ "Please enter your assertion" : NULL,
+ NULL,
+ browser_audience_result == SASL_INTERACT ?
+ "Please enter your interwebs (example.com)" : NULL,
+ NULL,
+ /* pass prompt, default */
+ NULL, NULL,
+ /* echo challange, prompt, default */
+ NULL, NULL, NULL,
+ /* realm challange, prompt, default */
+ NULL, NULL, NULL);
+ if (result != SASL_OK) goto cleanup;
+ return SASL_INTERACT;
+ }
+ if (strlen(browser_assertion) == 0) {
+ syslog(LOG_ERR, "browser_assertion is empty, failing");
+ return SASL_BADPARAM;
+ }
if (strlen(browser_assertion) > MAX_ASSERTION) {
- syslog(LOG_ERR, "browser_assertion is larger than we expected (%u), failing", strlen(browser_assertion));
+ syslog(LOG_ERR, "browser_assertion is larger than we expected "
+ "(%u), failing", strlen(browser_assertion));
return SASL_BADPARAM;
}
- if (strlen(browser_audience) == 0) {
- syslog(LOG_ERR, "browser_audience is empty, failing");
+ if (strlen(browser_audience) == 0) {
+ syslog(LOG_ERR, "browser_audience is empty, failing");
return SASL_BADPARAM;
- }
+ }
if (strlen(browser_audience) > MAX_AUDIENCE) {
- syslog(LOG_ERR, "browser_audience is larger than we expected (%u), failing", strlen(browser_audience));
+ syslog(LOG_ERR, "browser_audience is larger than we expected "
+ "(%u), failing", strlen(browser_audience));
return SASL_BADPARAM;
}
- syslog(LOG_DEBUG, "YO ASSERTION=[%s] AUDIENCE=[%s]", browser_assertion, browser_audience);
+ syslog(LOG_DEBUG, "YO ASSERTION=[%s] AUDIENCE=[%s]",
+ browser_assertion, browser_audience);
- result = params->canon_user(params->utils->conn, browser_assertion, 0,
- SASL_CU_AUTHZID, oparams);
+ result = params->canon_user(params->utils->conn, browser_assertion, 0,
+ SASL_CU_AUTHZID, oparams);
- if (result != SASL_OK) goto cleanup;
+ if (result != SASL_OK) goto cleanup;
- result = params->canon_user(params->utils->conn, browser_audience, 0,
- SASL_CU_AUTHID, oparams);
+ result = params->canon_user(params->utils->conn, browser_audience, 0,
+ SASL_CU_AUTHID, oparams);
- if (result != SASL_OK) goto cleanup;
+ if (result != SASL_OK) goto cleanup;
- syslog(LOG_DEBUG, "Got passed canon_user");
+ syslog(LOG_DEBUG, "Got passed canon_user");
- /* send assertion NUL audience NUL */
- *clientoutlen = (strlen(browser_assertion) + 1 + strlen(browser_audience));
+ /* send assertion NUL audience NUL */
+ *clientoutlen = (strlen(browser_assertion) + 1 + strlen(browser_audience));
- syslog(LOG_DEBUG, "clientoutlen is going to be %u", *clientoutlen);
+ syslog(LOG_DEBUG, "clientoutlen is going to be %u", *clientoutlen);
- result = _plug_buf_alloc(params->utils, &(context->out_buf),
- &(context->out_buf_len), *clientoutlen +1);
- if (result != SASL_OK) goto cleanup;
+ result = _plug_buf_alloc(params->utils, &(context->out_buf),
+ &(context->out_buf_len), *clientoutlen +1);
+ if (result != SASL_OK) goto cleanup;
- memset(context->out_buf, 0, *clientoutlen + 1);
- p = context->out_buf;
- if (browser_assertion && *browser_assertion) {
- memcpy(p, oparams->user, oparams->ulen);
- p += oparams->ulen;
- }
- memcpy(++p, oparams->authid, oparams->alen);
- p += oparams->alen;
+ memset(context->out_buf, 0, *clientoutlen + 1);
+ p = context->out_buf;
+ if (browser_assertion && *browser_assertion) {
+ memcpy(p, oparams->user, oparams->ulen);
+ p += oparams->ulen;
+ }
+ memcpy(++p, oparams->authid, oparams->alen);
+ p += oparams->alen;
- *clientout = context->out_buf;
+ *clientout = context->out_buf;
- oparams->doneflag = 1;
- oparams->mech_ssf = 0;
- oparams->maxoutbuf = 0;
- oparams->encode_context = NULL;
- oparams->encode = NULL;
- oparams->decode_context = NULL;
- oparams->decode = NULL;
- oparams->param_version = 0;
+ oparams->doneflag = 1;
+ oparams->mech_ssf = 0;
+ oparams->maxoutbuf = 0;
+ oparams->encode_context = NULL;
+ oparams->encode = NULL;
+ oparams->decode_context = NULL;
+ oparams->decode = NULL;
+ oparams->param_version = 0;
cleanup:
- /*return result;*/
- return SASL_OK;
+ /*return result;*/
+ return SASL_OK;
}
/**
* Client side connection is no longer in use.
*/
static void browserid_client_mech_dispose(void *conn_context,
- const sasl_utils_t *utils)
+ const sasl_utils_t *utils)
{
- syslog(LOG_DEBUG, "browserid_client_mech_dispose");
+ syslog(LOG_DEBUG, "browserid_client_mech_dispose");
- client_context_t *context = (client_context_t *) conn_context;
+ client_context_t *context = (client_context_t *) conn_context;
- if (!context) return;
+ if (!context) return;
- if (context->out_buf) utils->free(context->out_buf);
+ if (context->out_buf) utils->free(context->out_buf);
- utils->free(context);
+ utils->free(context);
- return;
+ return;
}
static sasl_client_plug_t browserid_client_plugins[] =
{
{
- "BROWSER-ID",
- 1, /* TODO... max_ssf */
- SASL_SEC_NOPLAINTEXT
- | SASL_SEC_NOANONYMOUS
- | SASL_SEC_MUTUAL_AUTH, /* security_flags */
- SASL_FEAT_NEEDSERVERFQDN
- | SASL_FEAT_ALLOWS_PROXY, /* features */
- NULL, /* required_prompts */
- NULL, /* glob_context */
- &browserid_client_mech_new, /* mech_new */
- &browserid_client_mech_step, /* mech_step */
- &browserid_client_mech_dispose, /* mech_dispose */
- &browserid_common_mech_free, /* mech_free */
- NULL, /* idle */
- NULL, /* spare1 */
- NULL /* spare2 */
+ "BROWSER-ID",
+ 1, /* TODO... max_ssf */
+ SASL_SEC_NOPLAINTEXT
+ | SASL_SEC_NOANONYMOUS
+ | SASL_SEC_MUTUAL_AUTH, /* security_flags */
+ SASL_FEAT_NEEDSERVERFQDN
+ | SASL_FEAT_ALLOWS_PROXY, /* features */
+ NULL, /* required_prompts */
+ NULL, /* glob_context */
+ &browserid_client_mech_new, /* mech_new */
+ &browserid_client_mech_step, /* mech_step */
+ &browserid_client_mech_dispose, /* mech_dispose */
+ &browserid_common_mech_free, /* mech_free */
+ NULL, /* idle */
+ NULL, /* spare1 */
+ NULL /* spare2 */
}
};
int browserid_client_plug_init(sasl_utils_t *utils,
- int maxversion,
- int *out_version,
- sasl_client_plug_t **pluglist,
- int *plugcount)
+ int maxversion,
+ int *out_version,
+ sasl_client_plug_t **pluglist,
+ int *plugcount)
{
- openlog("browserid-client", LOG_NDELAY, LOG_AUTH);
- syslog(LOG_EMERG, "browserid_client_plug_init_plugin initialized");
- if (maxversion < SASL_CLIENT_PLUG_VERSION) {
- SETERROR( utils, "ANONYMOUS version mismatch" );
- return SASL_BADVERS;
- }
-
- *out_version = SASL_CLIENT_PLUG_VERSION;
- *pluglist = browserid_client_plugins;
- *plugcount = 1;
- return SASL_OK;
+ openlog("browserid-client", LOG_NDELAY, LOG_AUTH);
+ syslog(LOG_EMERG, "browserid_client_plug_init_plugin initialized");
+ if (maxversion < SASL_CLIENT_PLUG_VERSION) {
+ SETERROR( utils, "ANONYMOUS version mismatch" );
+ return SASL_BADVERS;
+ }
+
+ *out_version = SASL_CLIENT_PLUG_VERSION;
+ *pluglist = browserid_client_plugins;
+ *plugcount = 1;
+ return SASL_OK;
}
View
22 plugins/browserid_init.c
@@ -29,38 +29,38 @@
#define SASL_CLIENT_PLUG_INIT( x ) \
extern sasl_client_plug_init_t x##_client_plug_init; \
PLUG_API int sasl_client_plug_init(const sasl_utils_t *utils, \
- int maxversion, int *out_version, \
+ int maxversion, int *out_version, \
sasl_client_plug_t **pluglist, \
- int *plugcount) { \
- return x##_client_plug_init(utils, maxversion, out_version, \
+ int *plugcount) { \
+ return x##_client_plug_init(utils, maxversion, out_version, \
pluglist, plugcount); \
}
#define SASL_SERVER_PLUG_INIT( x ) \
extern sasl_server_plug_init_t x##_server_plug_init; \
PLUG_API int sasl_server_plug_init(const sasl_utils_t *utils, \
- int maxversion, int *out_version, \
+ int maxversion, int *out_version, \
sasl_server_plug_t **pluglist, \
- int *plugcount) { \
- return x##_server_plug_init(utils, maxversion, out_version, \
+ int *plugcount) { \
+ return x##_server_plug_init(utils, maxversion, out_version, \
pluglist, plugcount); \
}
#ifdef WIN32
BOOL APIENTRY DllMain( HANDLE hModule,
- DWORD ul_reason_for_call,
- LPVOID lpReserved
+ DWORD ul_reason_for_call,
+ LPVOID lpReserved
)
{
- switch (ul_reason_for_call)
+ switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
- }
- return TRUE;
+ }
+ return TRUE;
}
#endif
View
8 plugins/session.c
@@ -30,7 +30,7 @@ int check_session(const sasl_utils_t *utils, const char *assertion, char *email)
MYSQL_RES *rs;
MYSQL_ROW row;
- char assertion_esc[strlen(assertion) + 20]; /* TODO... */
+ char assertion_esc[strlen(assertion) + 20]; /* TODO... */
char *select_email =
"SELECT email FROM browserid_session WHERE digest = MD5('%s')";
char select_email_esc[strlen(select_email) + strlen(assertion) + 1];
@@ -95,7 +95,6 @@ int create_session(const sasl_utils_t *utils, const char *assertion, const char
char insert_email_esc[MAX_EMAIL];
int rv = 0;
-
conn = _connect(utils);
if (conn == NULL) {
syslog(LOG_EMERG, "Error %u: %s\n", mysql_errno(conn),
@@ -169,11 +168,12 @@ static MYSQL * _connect(const sasl_utils_t *utils)
} else {
sscanf(port_s, "%u", &port);
}
- syslog(LOG_DEBUG, "mysql real connect with host=[%s] user=[%s] pass=[%s] for %s on port %u",
+ syslog(LOG_DEBUG, "mysql real connect with host=[%s] user=[%s] "
+ "pass=[%s] for %s on port %u",
host, user, passwd, db, port);
conn = mysql_init(NULL);
if (conn == NULL) {
- syslog(LOG_EMERG, "Unable to mysql_init, this can't end well.");
+ syslog(LOG_EMERG, "Unable to mysql_init, this can't end well.");
}
return mysql_real_connect(conn, host, user, passwd, db, port, NULL, 0);
}
View
32 plugins/verifier.c
@@ -95,7 +95,7 @@ static int json_map_key(void *ctx, const unsigned char *ukey, size_t len)
return 1;
}
-static size_t parse_json(void *ptr, size_t size, size_t nmemb, void *stream)
+static size_t parse_json(void *ptr, size_t size, size_t nmemb, void *stream)
{
size_t total_size = size * nmemb;
yajl_handle y_handle = (yajl_handle)stream;
@@ -117,8 +117,8 @@ int browserid_verify(const sasl_utils_t *utils,
CURL *handle;
CURLcode code;
const char *bid_url;
- char *bid_body;
- char *bid_body_fmt = "assertion=%s&audience=%s";
+ char *bid_body;
+ char *bid_body_fmt = "assertion=%s&audience=%s";
yajl_handle y_handle;
int r;
@@ -127,14 +127,14 @@ int browserid_verify(const sasl_utils_t *utils,
"browserid_endpoint", &bid_url, NULL);
if (r || !bid_url) {
bid_url =
- "https://browserid.org/verify";
+ "https://browserid.org/verify";
}
syslog(LOG_INFO, "bidurl = %s", bid_url);
- bid_body = malloc(strlen(bid_body_fmt) +
- strlen(assertion) + strlen(audience));
- sprintf(bid_body, bid_body_fmt, assertion, audience);
+ bid_body = malloc(strlen(bid_body_fmt) +
+ strlen(assertion) + strlen(audience));
+ sprintf(bid_body, bid_body_fmt, assertion, audience);
syslog(LOG_INFO, "bid_body = %s", bid_body);
strcpy(browserid_response->state, "");
@@ -161,11 +161,11 @@ int browserid_verify(const sasl_utils_t *utils,
}
if (0 != curl_easy_setopt(handle, CURLOPT_URL, bid_url))
- syslog(LOG_DEBUG, "curl setopt url failed");
- if (0 != curl_easy_setopt(handle, CURLOPT_POST, 1))
- syslog(LOG_DEBUG, "curl setopt post failed");
- if (0 != curl_easy_setopt(handle, CURLOPT_POSTFIELDS, bid_body))
- syslog(LOG_ERR, "curl setopt postfields failed");
+ syslog(LOG_ERR, "curl setopt url failed");
+ if (0 != curl_easy_setopt(handle, CURLOPT_POST, 1))
+ syslog(LOG_ERR, "curl setopt post failed");
+ if (0 != curl_easy_setopt(handle, CURLOPT_POSTFIELDS, bid_body))
+ syslog(LOG_ERR, "curl setopt postfields failed");
if (0 != curl_easy_setopt(handle, CURLOPT_FOLLOWLOCATION, 1))
syslog(LOG_DEBUG, "curl setopt follow");
@@ -173,10 +173,10 @@ int browserid_verify(const sasl_utils_t *utils,
syslog(LOG_DEBUG, "curl setopt ssl failed");
if (0 != curl_easy_setopt(handle, CURLOPT_WRITEFUNCTION, parse_json))
- syslog(LOG_DEBUG, "curl setopt write fn failed");
+ syslog(LOG_ERR, "curl setopt write fn failed");
if (0 != curl_easy_setopt(handle, CURLOPT_WRITEDATA, y_handle))
- syslog(LOG_DEBUG, "curl setopt writedata failed");
+ syslog(LOG_ERR, "curl setopt writedata failed");
code = curl_easy_perform(handle);
@@ -191,8 +191,8 @@ int browserid_verify(const sasl_utils_t *utils,
yajl_complete_parse(y_handle);
yajl_free(y_handle);
-
+
curl_easy_cleanup(handle);
- free(bid_body);
+ free(bid_body);
return 1;
}
Please sign in to comment.
Something went wrong with that request. Please try again.