diff options
Diffstat (limited to 'src/backend/anastasis-httpd.c')
-rw-r--r-- | src/backend/anastasis-httpd.c | 152 |
1 files changed, 81 insertions, 71 deletions
diff --git a/src/backend/anastasis-httpd.c b/src/backend/anastasis-httpd.c index 9f5c87b..ebfb0ae 100644 --- a/src/backend/anastasis-httpd.c +++ b/src/backend/anastasis-httpd.c @@ -1,6 +1,6 @@ /* This file is part of Anastasis - (C) 2020 Anastasis SARL + (C) 2020-2022 Anastasis SARL Anastasis is free software; you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software @@ -26,17 +26,13 @@ #include "anastasis-httpd_mhd.h" #include "anastasis_database_lib.h" #include "anastasis-httpd_policy.h" +#include "anastasis-httpd_policy-meta.h" #include "anastasis-httpd_truth.h" #include "anastasis-httpd_terms.h" #include "anastasis-httpd_config.h" /** - * Backlog for listen operation on unix-domain sockets. - */ -#define UNIX_BACKLOG 500 - -/** * Upload limit to the service, in megabytes. */ unsigned long long int AH_upload_limit_mb; @@ -72,11 +68,6 @@ const struct GNUNET_CONFIGURATION_Handle *AH_cfg; char *AH_backend_url; /** - * Taler currency. - */ -char *AH_currency; - -/** * Our fulfillment URL. */ char *AH_fulfillment_url; @@ -87,9 +78,9 @@ char *AH_fulfillment_url; char *AH_business_name; /** - * Our server salt. + * Our provider salt. */ -struct ANASTASIS_CRYPTO_ProviderSaltP AH_server_salt; +struct ANASTASIS_CRYPTO_ProviderSaltP AH_provider_salt; /** * Number of policy uploads permitted per annual fee payment. @@ -295,7 +286,7 @@ url_handler (void *cls, &TMH_MHD_handler_agpl_redirect, MHD_HTTP_FOUND }, { "/terms", MHD_HTTP_METHOD_GET, NULL, NULL, 0, - &AH_handler_terms, MHD_HTTP_OK }, + &AH_handler_privacy, MHD_HTTP_OK }, { "/privacy", MHD_HTTP_METHOD_GET, NULL, NULL, 0, &AH_handler_terms, MHD_HTTP_OK }, @@ -360,12 +351,15 @@ url_handler (void *cls, strlen ("/policy/"))) { const char *account = url + strlen ("/policy/"); + const char *end = strchr (account, '/'); struct ANASTASIS_CRYPTO_AccountPublicKeyP account_pub; if (GNUNET_OK != GNUNET_STRINGS_string_to_data ( account, - strlen (account), + (NULL == end) + ? strlen (account) + : end - account, &account_pub, sizeof (struct ANASTASIS_CRYPTO_AccountPublicKeyP))) { @@ -374,14 +368,23 @@ url_handler (void *cls, TALER_EC_GENERIC_PARAMETER_MALFORMED, "account public key"); } + if ( (NULL != end) && + (0 != strcmp (end, + "/meta")) ) + return TMH_MHD_handler_static_response (&h404, + connection); if (0 == strcmp (method, MHD_HTTP_METHOD_GET)) { - return AH_policy_get (connection, - &account_pub); + if (NULL == end) + return AH_policy_get (connection, + &account_pub); + return AH_policy_meta_get (connection, + &account_pub); } - if (0 == strcmp (method, - MHD_HTTP_METHOD_POST)) + if ( (0 == strcmp (method, + MHD_HTTP_METHOD_POST)) && + (NULL == end) ) { return AH_handler_policy_post (connection, hc, @@ -389,6 +392,11 @@ url_handler (void *cls, upload_data, upload_data_size); } + if (0 == strcmp (method, + MHD_HTTP_METHOD_OPTIONS)) + { + return TALER_MHD_reply_cors_preflight (connection); + } return TMH_MHD_handler_static_response (&h405, connection); } @@ -398,12 +406,20 @@ url_handler (void *cls, { struct ANASTASIS_CRYPTO_TruthUUIDP tu; const char *pub_key_str; + const char *end; + size_t len; pub_key_str = &url[strlen ("/truth/")]; + end = strchr (pub_key_str, + '/'); + if (NULL == end) + len = strlen (pub_key_str); + else + len = end - pub_key_str; if (GNUNET_OK != GNUNET_STRINGS_string_to_data ( pub_key_str, - strlen (pub_key_str), + len, &tu, sizeof(tu))) { @@ -413,15 +429,19 @@ url_handler (void *cls, TALER_EC_GENERIC_PARAMETER_MALFORMED, "truth UUID"); } + if ( (NULL != end) && + (0 != strcmp (end, "/solve")) && + (0 != strcmp (end, "/challenge")) ) + return TMH_MHD_handler_static_response (&h404, + connection); if (0 == strcmp (method, - MHD_HTTP_METHOD_GET)) - { - return AH_handler_truth_get (connection, - &tu, - hc); - } - if (0 == strcmp (method, + MHD_HTTP_METHOD_OPTIONS)) + return TALER_MHD_reply_cors_preflight (connection); + if (0 != strcmp (method, MHD_HTTP_METHOD_POST)) + return TMH_MHD_handler_static_response (&h405, + connection); + if (NULL == end) { return AH_handler_truth_post (connection, hc, @@ -429,9 +449,27 @@ url_handler (void *cls, upload_data, upload_data_size); } - return TMH_MHD_handler_static_response (&h405, - connection); - } + if (0 == strcmp (end, + "/solve")) + { + return AH_handler_truth_solve (connection, + hc, + &tu, + upload_data, + upload_data_size); + } + if (0 == strcmp (end, + "/challenge")) + { + return AH_handler_truth_challenge (connection, + hc, + &tu, + upload_data, + upload_data_size); + } + /* should be impossible to get here */ + GNUNET_assert (0); + } /* end of "/truth/" prefix */ path_matched = false; for (unsigned int i = 0; NULL != handlers[i].url; i++) { @@ -474,7 +512,8 @@ do_shutdown (void *cls) { (void) cls; AH_resume_all_bc (); - AH_truth_shutdown (); + AH_truth_challenge_shutdown (); + AH_truth_solve_shutdown (); AH_truth_upload_shutdown (); if (NULL != mhd_task) { @@ -712,34 +751,6 @@ run (void *cls, return; } if (GNUNET_OK != - TALER_config_get_currency (config, - &AH_currency)) - { - GNUNET_SCHEDULER_shutdown (); - return; - } - if (0 != strcasecmp (AH_currency, - AH_annual_fee.currency)) - { - GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, - "anastasis", - "ANNUAL_FEE", - "currency mismatch"); - GNUNET_SCHEDULER_shutdown (); - return; - } - if (GNUNET_OK != - TALER_amount_cmp_currency (&AH_insurance, - &AH_annual_fee)) - { - GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, - "anastasis", - "INSURANCE", - "currency mismatch"); - GNUNET_SCHEDULER_shutdown (); - return; - } - if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_string (config, "anastasis-merchant-backend", "PAYMENT_BACKEND_URL", @@ -817,30 +828,30 @@ run (void *cls, return; } { - char *server_salt; + char *provider_salt; if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_string (config, "anastasis", - "SERVER_SALT", - &server_salt)) + "PROVIDER_SALT", + &provider_salt)) { GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "anastasis", - "SERVER_SALT"); + "PROVIDER_SALT"); GNUNET_SCHEDULER_shutdown (); return; } GNUNET_assert (GNUNET_YES == - GNUNET_CRYPTO_kdf (&AH_server_salt, - sizeof (AH_server_salt), - "anastasis-server-salt", - strlen ("anastasis-server-salt"), - server_salt, - strlen (server_salt), + GNUNET_CRYPTO_kdf (&AH_provider_salt, + sizeof (AH_provider_salt), + "anastasis-provider-salt", + strlen ("anastasis-provider-salt"), + provider_salt, + strlen (provider_salt), NULL, 0)); - GNUNET_free (server_salt); + GNUNET_free (provider_salt); } /* setup HTTP client event loop */ @@ -971,7 +982,6 @@ main (int argc, "CERTTYPE", "type of the TLS client certificate, defaults to PEM if not specified", &certtype), - GNUNET_GETOPT_OPTION_END }; |