[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: revise recovery logic to possib
From: |
gnunet |
Subject: |
[taler-anastasis] branch master updated: revise recovery logic to possibly work with payment and redirect challenges' |
Date: |
Wed, 10 Feb 2021 18:31:26 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new 0db1569 revise recovery logic to possibly work with payment and
redirect challenges'
0db1569 is described below
commit 0db1569525350095bfb2c4d9e3492d712d469294
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Wed Feb 10 18:31:23 2021 +0100
revise recovery logic to possibly work with payment and redirect challenges'
---
src/include/anastasis.h | 66 +++++++++++------
src/include/anastasis_service.h | 1 +
src/lib/anastasis_recovery.c | 160 ++++++++++++++++++++++++++--------------
3 files changed, 149 insertions(+), 78 deletions(-)
diff --git a/src/include/anastasis.h b/src/include/anastasis.h
index 93a6921..19470c8 100644
--- a/src/include/anastasis.h
+++ b/src/include/anastasis.h
@@ -68,12 +68,6 @@ struct ANASTASIS_ChallengeInformation
*/
const char *instructions;
- /**
- * Defines the url or mail address used for the challenge. Can be NULL.
- * // FIXME: is this really available? Where does this come from? is it an
URL!?
- */
- // const char *url;
-
/**
* true if challenged was already solved, else false.
*/
@@ -110,6 +104,13 @@ enum ANASTASIS_ChallengeStatus
*/
ANASTASIS_CHALLENGE_STATUS_INSTRUCTIONS,
+ /**
+ * A redirection URL needed to solve the challenge is provided. Also
+ * used if the answer we provided was wrong (or if no answer was
+ * provided, but one is needed).
+ */
+ ANASTASIS_CHALLENGE_STATUS_REDIRECT_FOR_AUTHENTICATION,
+
/**
* Payment is required before the challenge can be answered.
*/
@@ -120,6 +121,11 @@ enum ANASTASIS_ChallengeStatus
*/
ANASTASIS_CHALLENGE_STATUS_SERVER_FAILURE,
+ /**
+ * The server does not know this truth.
+ */
+ ANASTASIS_CHALLENGE_STATUS_TRUTH_UNKNOWN
+
};
@@ -138,13 +144,38 @@ struct ANASTASIS_ChallengeStartResponse
*/
const struct ANASTASIS_Challenge *challenge;
+ /**
+ * Details depending on @e cs
+ */
union
{
+
/**
- * Response with server-side instructions for the user, if
+ * Challenge details provided if
* @e cs is #ANASTASIS_CHALLENGE_STATUS_INSTRUCTIONS.
*/
- const char *instructions;
+ struct
+ {
+
+ /**
+ * HTTP status returned by the server. #MHD_HTTP_ALREADY_REPORTED
+ * if the server did already send the challenge to the user,
+ * #MHD_HTTP_FORBIDDEN if the answer was wrong (or missing).
+ */
+ unsigned int http_status;
+
+ /**
+ * Response with server-side instructions for the user.
+ */
+ const char *instructions;
+ } open_challenge;
+
+
+ /**
+ * Response with URL to redirect the user to, if
+ * @e cs is #ANASTASIS_CHALLENGE_STATUS_REDIRECT_FOR_AUTHENTICATION.
+ */
+ const char *redirect_url;
/**
* Response with instructions for how to pay, if
@@ -154,14 +185,14 @@ struct ANASTASIS_ChallengeStartResponse
{
/**
- * "taler://pay" URL with details how to pay for the challenge.
+ * "taler://pay" URI with details how to pay for the challenge.
*/
- const char *taler_pay_url;
+ const char *taler_pay_uri;
/**
- * Anastasis backend base URL requesting the payment.
+ * Payment secret from @e taler_pay_uri.
*/
- const char *server_url;
+ struct ANASTASIS_PaymentSecretP payment_secret;
} payment_required;
@@ -173,11 +204,6 @@ struct ANASTASIS_ChallengeStartResponse
struct
{
- /**
- * Error message (or NULL).
- */
- const char *message;
-
/**
* HTTP status returned by the server.
*/
@@ -296,15 +322,13 @@ struct ANASTASIS_DecryptionPolicy
/**
* Encrypted masterkey (encrypted with the policy key).
- * FIXME: why exposed to the client?
*/
- // struct ANASTASIS_CRYPTO_EncryptedMasterKeyP emk;
+ struct ANASTASIS_CRYPTO_EncryptedMasterKeyP emk;
/**
* Salt used to decrypt master key.
- * FIXME: why exposed to the client?
*/
- // struct ANASTASIS_CRYPTO_SaltP salt;
+ struct ANASTASIS_CRYPTO_SaltP salt;
};
diff --git a/src/include/anastasis_service.h b/src/include/anastasis_service.h
index 173eb1f..f2fca0d 100644
--- a/src/include/anastasis_service.h
+++ b/src/include/anastasis_service.h
@@ -438,6 +438,7 @@ struct ANASTASIS_KeyShareDownloadDetails
struct
{
+
/**
* HTTP status returned by the server. #MHD_HTTP_ALREADY_REPORTED
* if the server did already send the challenge to the user,
diff --git a/src/lib/anastasis_recovery.c b/src/lib/anastasis_recovery.c
index 7699a05..60087f2 100644
--- a/src/lib/anastasis_recovery.c
+++ b/src/lib/anastasis_recovery.c
@@ -142,6 +142,22 @@ struct ANASTASIS_Challenge
*/
void *af_cls;
+ /**
+ * Defines the base URL of the Anastasis provider used for the challenge.
+ */
+ char *url;
+
+ /**
+ * Which method is this challenge (E-Mail, Security Question, SMS...)
+ */
+ char *method;
+
+ /**
+ * Instructions for solving the challenge (generic, set client-side
+ * when challenge was established).
+ */
+ char *instructions;
+
/**
* Reference to the recovery process which is ongoing
*/
@@ -163,17 +179,6 @@ struct ANASTASIS_Challenge
*/
struct ANASTASIS_KeyShareLookupOperation *cro;
- /**
- * Callback which gives back the instructions and a status code of
- * the request to the user when solving a challenge is initiated.
- */
- ANASTASIS_ChallengeStartCallback csc;
-
- /**
- * Closure for the Challenge Start
- */
- void *csc_cls;
-
};
@@ -186,7 +191,6 @@ struct ANASTASIS_Challenge
*/
static void
keyshare_lookup_cb (void *cls,
- unsigned int http_status,
const struct ANASTASIS_KeyShareDownloadDetails *dd)
{
struct ANASTASIS_Challenge *c = cls;
@@ -195,61 +199,98 @@ keyshare_lookup_cb (void *cls,
struct ANASTASIS_DecryptionPolicy *rdps;
c->kslo = NULL;
- switch (http_status)
+ switch (dd->status)
{
- case MHD_HTTP_OK:
- c->ci.solved = true;
- c->af (c->af_cls,
- http_status,
- TALER_EC_NONE);
+ case ANASTASIS_KSD_SUCCESS:
+ {
+ struct ANASTASIS_ChallengeStartResponse csr = {
+ .cs = ANASTASIS_CHALLENGE_STATUS_SOLVED,
+ .challenge = c
+ };
+
+ c->ci.solved = true;
+ c->af (c->af_cls,
+ &csr);
+ }
break;
- case MHD_HTTP_PAYMENT_REQUIRED:
+ case ANASTASIS_KSD_PAYMENT_REQUIRED:
{
struct ANASTASIS_ChallengeStartResponse csr = {
.cs = ANASTASIS_CHALLENGE_STATUS_PAYMENT_REQUIRED,
- .details.payment_required.server_url = c->ci.url,
- .details.payment_required.taler_pay_url = response_string
+ .challenge = c,
+ .details.payment_required.taler_pay_uri
+ = dd->details.payment_required.taler_pay_uri,
+ .details.payment_required.payment_secret
+ = dd->details.payment_required.payment_secret
};
- c->csc (c->csc_cls,
- &csr);
- break;
+ c->af (c->af_cls,
+ &csr);
+ return;
}
- case MHD_HTTP_OK:
+ case ANASTASIS_KSD_INVALID_ANSWER:
{
struct ANASTASIS_ChallengeStartResponse csr = {
.cs = ANASTASIS_CHALLENGE_STATUS_INSTRUCTIONS,
- .details.instructions = response_string
+ .challenge = c,
+ .details.open_challenge.instructions
+ = dd->details.open_challenge.instructions,
+ .details.open_challenge.http_status
+ = dd->details.open_challenge.http_status
};
- c->csc (c->csc_cls,
- &csr);
- break;
+ c->af (c->af_cls,
+ &csr);
+ return;
+ }
+ case ANASTASIS_KSD_REDIRECT_FOR_AUTHENTICATION:
+ {
+ struct ANASTASIS_ChallengeStartResponse csr = {
+ .cs = ANASTASIS_CHALLENGE_STATUS_REDIRECT_FOR_AUTHENTICATION,
+ .challenge = c,
+ .details.redirect_url
+ = dd->details.redirect_url
+ };
+
+ c->af (c->af_cls,
+ &csr);
+ return;
}
+ case ANASTASIS_KSD_TRUTH_UNKNOWN:
+ {
+ struct ANASTASIS_ChallengeStartResponse csr = {
+ .cs = ANASTASIS_CHALLENGE_STATUS_TRUTH_UNKNOWN,
+ .challenge = c
+ };
+
+ c->af (c->af_cls,
+ &csr);
+ return;
+ }
+ case ANASTASIS_KSD_SERVER_ERROR:
+ case ANASTASIS_KSD_CLIENT_FAILURE:
default:
{
struct ANASTASIS_ChallengeStartResponse csr = {
.cs = ANASTASIS_CHALLENGE_STATUS_SERVER_FAILURE,
- .details.server_failure.message = response_string,
- .details.server_failure.http_status = http_status
+ .challenge = c,
+ .details.server_failure.ec
+ = dd->details.server_failure.ec,
+ .details.server_failure.http_status
+ = dd->details.server_failure.http_status
};
- c->csc (c->csc_cls,
- &csr);
- break;
+ c->af (c->af_cls,
+ &csr);
+ return;
}
- default:
- c->af (c->af_cls,
- http_status,
- -1 /* FIXME: use proper status! */);
- return;
}
GNUNET_assert (NULL != dd);
ANASTASIS_CRYPTO_user_identifier_derive (recovery->id_data,
&c->truth_salt,
&id);
- ANASTASIS_CRYPTO_keyshare_decrypt (dd->encrypted_key_share,
+ ANASTASIS_CRYPTO_keyshare_decrypt (&dd->details.eks,
&id,
&c->key_share);
c->recovery->solved_challenges[c->recovery->solved_challenge_pos++] = *c;
@@ -341,10 +382,15 @@ ANASTASIS_challenge_start (struct ANASTASIS_Challenge *c,
GNUNET_break (0);
return GNUNET_NO; /* already solved */
}
+ if (NULL != c->kslo)
+ {
+ GNUNET_break (0);
+ return GNUNET_NO; /* already solving */
+ }
c->af = af;
c->af_cls = af_cls;
c->kslo = ANASTASIS_keyshare_lookup (c->recovery->ctx,
- c->ci.url,
+ c->url,
&c->uuid,
&c->truth_key,
psp,
@@ -394,11 +440,11 @@ ANASTASIS_challenge_answer2 (struct ANASTASIS_Challenge
*c,
sizeof (answer_s),
"%llu",
(unsigned long long) answer);
- return ANASTASIS_challenge_answer2 (c,
- psp,
- answer_s,
- af,
- af_cls);
+ return ANASTASIS_challenge_answer (c,
+ psp,
+ answer_s,
+ af,
+ af_cls);
}
@@ -410,15 +456,15 @@ ANASTASIS_challenge_answer2 (struct ANASTASIS_Challenge
*c,
void
ANASTASIS_challenge_abort (struct ANASTASIS_Challenge *c)
{
- if (NULL == c->cro)
+ if (NULL == c->kslo)
{
GNUNET_break (0);
return;
}
ANASTASIS_keyshare_lookup_cancel (c->kslo);
c->kslo = NULL;
- c->csc = NULL;
- c->csc_cls = NULL;
+ c->af = NULL;
+ c->af_cls = NULL;
}
@@ -623,9 +669,11 @@ policy_lookup_cb (void *cls,
ANASTASIS_recovery_abort (r);
return;
}
- cs->ci.url = GNUNET_strdup (url);
- cs->ci.method = GNUNET_strdup (escrow_method);
- cs->ci.instructions = GNUNET_strdup (instructions);
+ cs->url = GNUNET_strdup (url);
+ cs->method = GNUNET_strdup (escrow_method);
+ cs->ci.method = cs->method;
+ cs->instructions = GNUNET_strdup (instructions);
+ cs->ci.instructions = cs->instructions;
}
json_decref (esc_methods);
@@ -751,8 +799,6 @@ ANASTASIS_recovery_begin (struct GNUNET_CURL_Context *ctx,
}
-]
-
void
ANASTASIS_recovery_abort (struct ANASTASIS_Recovery *r)
{
@@ -767,9 +813,9 @@ ANASTASIS_recovery_abort (struct ANASTASIS_Recovery *r)
{
struct ANASTASIS_Challenge *cs = r->ri.cs[i];
- GNUNET_free (cs->ci.url);
- GNUNET_free (cs->ci.method);
- GNUNET_free (cs->ci.instructions);
+ GNUNET_free (cs->url);
+ GNUNET_free (cs->method);
+ GNUNET_free (cs->instructions);
GNUNET_free (cs);
}
GNUNET_free (r->ri.cs);
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: revise recovery logic to possibly work with payment and redirect challenges',
gnunet <=