challenger

OAuth 2.0-based authentication service that validates user can receive messages at a certain address
Log | Files | Refs | Submodules | README | LICENSE

commit c0aea528e2a7d470558792270564c0b0b80cfa95
parent 8a7f647601d12ddd33513dced5c19378ebc97e31
Author: Christian Grothoff <grothoff@gnunet.org>
Date:   Wed, 15 Jul 2026 23:59:49 +0200

avoid returning -1 as uint32_t

Diffstat:
Msrc/challengerdb/validate_solve_pin.c | 27+++++++++++++++++----------
Msrc/include/challenger-database/validate_solve_pin.h | 5++++-
2 files changed, 21 insertions(+), 11 deletions(-)

diff --git a/src/challengerdb/validate_solve_pin.c b/src/challengerdb/validate_solve_pin.c @@ -28,16 +28,17 @@ enum GNUNET_DB_QueryStatus CHALLENGERDB_validate_solve_pin (struct CHALLENGERDB_PostgresContext *ctx, - const struct CHALLENGER_ValidationNonceP *nonce, - uint32_t new_pin, - bool *solved, - bool *exhausted, - bool *no_challenge, - char **state, - uint32_t *addr_left, - uint32_t *auth_attempts_left, - uint32_t *pin_transmissions_left, - char **client_redirect_uri) + const struct CHALLENGER_ValidationNonceP *nonce + , + uint32_t new_pin, + bool *solved, + bool *exhausted, + bool *no_challenge, + char **state, + uint32_t *addr_left, + uint32_t *auth_attempts_left, + uint32_t *pin_transmissions_left, + char **client_redirect_uri) { struct GNUNET_PQ_QueryParam params[] = { GNUNET_PQ_query_param_auto_from_type (nonce), @@ -95,5 +96,11 @@ CHALLENGERDB_validate_solve_pin (struct CHALLENGERDB_PostgresContext *ctx, return qs; if (not_found) return GNUNET_DB_STATUS_SUCCESS_NO_RESULTS; + /* On the solved path the stored procedure returns the -1 sentinel (kept in + the DB to mark the challenge as solved), which the uint32 result spec reads + as 4294967295. That value is not meaningful to the caller (which only + reads it when !solved); normalize it to 0 to avoid leaking the sentinel. */ + if (*solved) + *auth_attempts_left = 0; return qs; } diff --git a/src/include/challenger-database/validate_solve_pin.h b/src/include/challenger-database/validate_solve_pin.h @@ -38,7 +38,10 @@ * @param[out] no_challenge set to true if we never even issued a challenge * @param[out] state set to client's OAuth2 state if available * @param[out] addr_left set to number of address changes remaining - * @param[out] auth_attempts_left set to number of authentication attempts remaining + * @param[out] auth_attempts_left set to number of authentication attempts + * remaining; only meaningful when @a solved is false (on the solved + * path the stored procedure uses a -1 sentinel, which is normalized + * to 0 here) * @param[out] pin_transmissions_left set to number of times the PIN can still be re-requested * @param[out] client_redirect_uri set to OAuth2 client redirect URI * @return transaction status: