challenger

OAuth 2.0-based authentication service that validates user can receive messages at a certain address
Log | Files | Refs | Submodules | README | LICENSE
commit 797670095433949d0b242d12c3479e883b36eb7e
parent d93664a59dcb1cf874eb56ab4b635321de6f6b4a
Author: Christian Grothoff <christian@grothoff.org>
Date:   Mon,  7 Apr 2025 20:29:42 +0200

-fix refcnt error and remove unnecessary json_object_del calls

Diffstat:

Mdebian/challenger-httpd.install | 1+


Msrc/challenger/challenger-httpd_authorize.c | 13+++++--------


Msrc/challenger/challenger-httpd_challenge.c | 7++-----


3 files changed, 8 insertions(+), 13 deletions(-)

diff --git a/debian/challenger-httpd.install b/debian/challenger-httpd.install
@@ -4,6 +4,7 @@ usr/lib/*/libchallengerdb.so.*
 usr/lib/*/challenger/libchallenger_plugin*.*
 usr/share/challenger/sql/*
 usr/share/challenger/spa/*
+usr/share/challenger/templates/*
 usr/share/challenger/config.d/*
 usr/share/man/man1/challenger-config.1
 usr/share/man/man1/challenger-admin.1
diff --git a/src/challenger/challenger-httpd_authorize.c b/src/challenger/challenger-httpd_authorize.c
@@ -202,12 +202,11 @@ CH_handler_authorize (struct CH_HandlerContext *hc,
                                    MHD_GET_ARGUMENT_KIND,
                                    "scope");
   {
-    json_t *last_address;
+    json_t *last_address = NULL;
     uint32_t address_attempts_left;
     uint32_t pin_transmissions_left;
     uint32_t auth_attempts_left;
     struct GNUNET_TIME_Absolute last_tx_time;
-
     bool solved;
     enum GNUNET_DB_QueryStatus qs;
 
@@ -276,9 +275,11 @@ CH_handler_authorize (struct CH_HandlerContext *hc,
                   "Redirect before %s now `%s'\n",
                   prev_full_url,
                   hc->full_url);
-
       GNUNET_free (prev_full_url);
-      return CH_spa_redirect (hc, NULL, 0);
+      json_decref (last_address);
+      return CH_spa_redirect (hc,
+                              NULL,
+                              0);
     }
     {
       json_t *args;
@@ -305,10 +306,6 @@ CH_handler_authorize (struct CH_HandlerContext *hc,
         GNUNET_JSON_pack_uint64 ("changes_left",
                                  address_attempts_left)
         );
-
-      GNUNET_break (0 ==
-                    json_object_del (args,
-                                     "nonce"));
       resp = TALER_MHD_make_json_steal (args);
       GNUNET_break (MHD_YES ==
                     MHD_add_response_header (resp,
diff --git a/src/challenger/challenger-httpd_challenge.c b/src/challenger/challenger-httpd_challenge.c
@@ -366,8 +366,8 @@ send_tan (struct ChallengeContext *bc)
     root = GNUNET_JSON_PACK (
       GNUNET_JSON_pack_string ("challenger_url",
                                my_url),
-      GNUNET_JSON_pack_object_steal ("address",
-                                     bc->address),
+      GNUNET_JSON_pack_object_incref ("address",
+                                      bc->address),
       GNUNET_JSON_pack_int64 ("pin",
                               bc->tan));
     GNUNET_free (my_url);
@@ -808,9 +808,6 @@ CH_handler_challenge (struct CH_HandlerContext *hc,
                                       CH_validation_duration)))
       );
     http_status = MHD_HTTP_OK;
-    GNUNET_break (0 ==
-                  json_object_del (args,
-                                   "nonce"));
     resp = TALER_MHD_make_json (args);
     GNUNET_break (MHD_YES ==
                   MHD_add_response_header (resp,