commit ae18c202557cebfba21f2193e2d5df1a267c1b96
parent 3015d13f6e6d11faa8348772756b1a56931de4fd
Author: Christian Grothoff <christian@grothoff.org>
Date: Wed, 8 Dec 2021 09:27:39 +0100
auto-prefix -a password overrides with RFC 8959 prefix
Diffstat:
1 file changed, 24 insertions(+), 0 deletions(-)
diff --git a/src/backend/taler-merchant-httpd.c b/src/backend/taler-merchant-httpd.c
@@ -164,6 +164,10 @@ TMH_check_auth (const char *token,
dec_len = GNUNET_STRINGS_urldecode (token,
strlen (token),
&dec);
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Checking against token %s with salt %s\n",
+ dec,
+ TALER_B2S (salt));
GNUNET_assert (GNUNET_YES ==
GNUNET_CRYPTO_kdf (&val,
sizeof (val),
@@ -191,6 +195,10 @@ TMH_compute_auth (const char *token,
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
salt,
sizeof (*salt));
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Computing initial auth using token %s with salt %s\n",
+ token,
+ TALER_B2S (salt));
GNUNET_assert (GNUNET_YES ==
GNUNET_CRYPTO_kdf (hash,
sizeof (*hash),
@@ -1174,6 +1182,8 @@ url_handler (void *cls,
(NULL != hc->instance) )
{
/* Override default instance access control */
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Overriding access control\n");
TMH_compute_auth (TMH_default_auth,
&hc->instance->auth.auth_salt,
&hc->instance->auth.auth_hash);
@@ -1681,6 +1691,20 @@ run (void *cls,
if ( (NULL != tok) &&
(NULL == TMH_default_auth) )
TMH_default_auth = GNUNET_strdup (tok);
+ if ( (NULL != TMH_default_auth) &&
+ (0 != strcasecmp (TMH_default_auth,
+ RFC_8959_PREFIX,
+ strlen (RFC_8959_PREFIX))) )
+ {
+ char *tmp;
+
+ GNUNET_asprintf (&tmp,
+ "%s%s",
+ RFC_8959_PREFIX,
+ TMH_default_auth);
+ GNUNET_free (TMH_default_auth);
+ TMH_default_auth = tmp;
+ }
cfg = config;
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Starting taler-merchant-httpd\n");
