commit f5f0a46262229d2c2cc0385d466c53d8be8a53a2
parent f6dd87633dbba6d42e2b5e2a3949205205a4ee31
Author: Christian Grothoff <christian@grothoff.org>
Date: Mon, 19 Jul 2021 20:46:09 +0200
minor joint fixes from hacking workshop
Diffstat:
2 files changed, 37 insertions(+), 24 deletions(-)
diff --git a/src/backend/taler-merchant-httpd.c b/src/backend/taler-merchant-httpd.c
@@ -985,6 +985,7 @@ extract_token (const char **auth)
{
const char *bearer = "Bearer ";
const char *tok = *auth;
+
if (0 != strncmp (tok, bearer, strlen (bearer)))
{
*auth = NULL;
@@ -1032,11 +1033,13 @@ prefix_match (const struct TMH_RequestHandler *rh,
return false;
if (! rh->have_id_segment)
{
+ /* Require /$PREFIX/$SUFFIX or /$PREFIX */
if (NULL != suffix_url)
return false; /* too many segments to match */
- if ( (NULL == infix_url)
+ if ( (NULL == infix_url) /* either or */
^ (NULL == rh->url_suffix) )
return false; /* suffix existence mismatch */
+ /* If /$PREFIX/$SUFFIX, check $SUFFIX matches */
if ( (NULL != infix_url) &&
( (infix_strlen != strlen (rh->url_suffix)) ||
(0 != memcmp (infix_url,
@@ -1046,8 +1049,8 @@ prefix_match (const struct TMH_RequestHandler *rh,
}
else
{
- if ( (NULL == infix_url)
- ^ (! rh->have_id_segment) ) // FIXME: have_id_segment is always 'true' here!
+ /* Require /$PREFIX/$ID or /$PREFIX/$ID/$SUFFIX */
+ if (NULL == infix_url)
return false; /* infix existence mismatch */
if ( ( (NULL == suffix_url)
^ (NULL == rh->url_suffix) ) )
@@ -1153,7 +1156,7 @@ url_handler (void *cls,
.have_id_segment = true,
.handler = &TMH_private_delete_instances_default_ID
},
- /* PATCH /instances/$ID/ */
+ /* PATCH /instances/$ID */
{
.url_prefix = "/instances/",
.method = MHD_HTTP_METHOD_PATCH,
@@ -1559,22 +1562,26 @@ url_handler (void *cls,
};
struct TMH_HandlerContext *hc = *con_cls;
struct TMH_RequestHandler *handlers;
- bool use_private = false;
bool use_default = false;
(void) cls;
(void) version;
if (NULL != hc)
{
+ /* MHD calls us again for a request, for first call
+ see 'else' case below */
GNUNET_assert (NULL != hc->rh);
GNUNET_SCHEDULER_begin_async_scope (&hc->async_scope_id);
if ( (hc->has_body) &&
(NULL == hc->request_body) )
{
- int res;
+ size_t mul = hc->rh->max_upload;
+ enum GNUNET_GenericReturnValue res;
+ if (0 == mul)
+ mul = DEFAULT_MAX_UPLOAD_SIZE;
if ( (hc->total_upload + *upload_data_size < hc->total_upload) ||
- (hc->total_upload + *upload_data_size > hc->rh->max_upload) )
+ (hc->total_upload + *upload_data_size > mul) )
{
/* Client exceeds upload limit. Should _usually_ be checked earlier
when we look at the MHD_HTTP_HEADER_CONTENT_LENGTH, alas with
@@ -1584,7 +1591,7 @@ url_handler (void *cls,
for the upload to complete and then fail). This could theoretically
cause some clients to retry, alas broken or malicious clients
are likely to retry anyway, so little we can do about it, and
- failing earlier seems the best option here. *///
+ failing earlier seems the best option here. */
GNUNET_break_op (0);
return MHD_NO;
}
@@ -1600,8 +1607,9 @@ url_handler (void *cls,
if ( (GNUNET_NO == res) ||
/* or, need more data to accomplish parsing */
(NULL == hc->request_body) )
- return MHD_YES;
+ return MHD_YES; /* let MHD call us *again* */
}
+ /* Upload complete (if any), call handler to generate reply */
return hc->rh->handler (hc->rh,
connection,
hc);
@@ -1618,7 +1626,8 @@ url_handler (void *cls,
MHD_HEADER_KIND,
"Taler-Correlation-Id");
if ( (NULL != correlation_id) &&
- (GNUNET_YES != GNUNET_CURL_is_valid_scope_id (correlation_id)) )
+ (GNUNET_YES !=
+ GNUNET_CURL_is_valid_scope_id (correlation_id)) )
{
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"Illegal incoming correlation ID\n");
@@ -1680,7 +1689,7 @@ url_handler (void *cls,
TMH_compute_auth (TMH_default_auth,
&hc->instance->auth.auth_salt,
&hc->instance->auth.auth_hash);
- GNUNET_free (TMH_default_auth);
+ GNUNET_free (TMH_default_auth)
}
}
if (NULL != hc->instance)
@@ -1698,7 +1707,6 @@ url_handler (void *cls,
{
handlers = private_handlers;
url += strlen (private_prefix) - 1;
- use_private = true;
}
else
{
@@ -1715,15 +1723,17 @@ url_handler (void *cls,
size_t prefix_strlen; /* i.e. 8 for "/orders/", or 7 for "/config" */
const char *infix_url = NULL; /* i.e. "$ORDER_ID", no '/'-es */
size_t infix_strlen = 0; /* number of characters in infix_url */
- const char *suffix_url = NULL; /* i.e. "/refund", includes '/' at the beginning */
+ const char *suffix_url = NULL; /* i.e. "refund", excludes '/' at the beginning */
size_t suffix_strlen = 0; /* number of characters in suffix_url */
+ /* parse the URL into the three different components */
{
const char *slash;
slash = strchr (&url[1], '/');
if (NULL == slash)
{
+ /* the prefix was everything */
prefix_strlen = strlen (url);
}
else
@@ -1733,11 +1743,12 @@ url_handler (void *cls,
slash = strchr (&infix_url[1], '/');
if (NULL == slash)
{
+ /* the infix was the rest */
infix_strlen = strlen (infix_url);
}
else
{
- infix_strlen = slash - infix_url;
+ infix_strlen = slash - infix_url; /* excludes both '/'-es */
suffix_url = slash + 1; /* skip the '/' */
suffix_strlen = strlen (suffix_url);
}
@@ -1746,6 +1757,7 @@ url_handler (void *cls,
}
}
+ /* find matching handler */
{
bool url_found = false;
@@ -1862,7 +1874,7 @@ url_handler (void *cls,
}
/* Access control for private handlers */
- if (use_private)
+ if (private_handlers == handlers)
{
const char *auth;
bool auth_ok;
@@ -1927,7 +1939,7 @@ url_handler (void *cls,
MHD_HTTP_NOT_FOUND,
TALER_EC_MERCHANT_GENERIC_INSTANCE_UNKNOWN,
url);
- if ( (NULL != hc->instance) &&
+ if ( (NULL != hc->instance) && /* make static analysis happy */
(! hc->rh->skip_instance) &&
(hc->instance->deleted) &&
(! hc->rh->allow_deleted_instance) )
@@ -1935,8 +1947,10 @@ url_handler (void *cls,
MHD_HTTP_NOT_FOUND,
TALER_EC_MERCHANT_GENERIC_INSTANCE_DELETED,
hc->instance->settings.id);
+ /* parse request body */
hc->has_body = ( (0 == strcasecmp (method,
MHD_HTTP_METHOD_POST)) ||
+ /* PUT is not yet used */
(0 == strcasecmp (method,
MHD_HTTP_METHOD_PATCH)) );
if (hc->has_body)
@@ -1952,12 +1966,14 @@ url_handler (void *cls,
{
unsigned long long cv;
size_t mul = hc->rh->max_upload;
+ char dummy;
if (0 == mul)
mul = DEFAULT_MAX_UPLOAD_SIZE;
if (1 != sscanf (cl,
- "%llu",
- &cv))
+ "%llu%c",
+ &cv,
+ &dummy))
{
/* Not valid HTTP request, just close connection. */
GNUNET_break_op (0);
@@ -1973,11 +1989,8 @@ url_handler (void *cls,
}
}
GNUNET_break (NULL == hc->request_body); /* can't have it already */
- return MHD_YES; /* proceed with upload */
}
- return hc->rh->handler (hc->rh,
- connection,
- hc);
+ return MHD_YES; /* wait for MHD to call us again */
}
diff --git a/src/backend/taler-merchant-httpd.h b/src/backend/taler-merchant-httpd.h
@@ -219,7 +219,7 @@ struct TMH_RequestHandler
const char *url_suffix;
/**
- * Method the handler is for, NULL for "all".
+ * HTTP method the handler is for, NULL for "all".
*/
const char *method;
@@ -240,7 +240,7 @@ struct TMH_RequestHandler
/**
* Maximum upload size allowed for this handler.
- * 0 for DEFAULT_MAX_UPLOAD_SIZE
+ * 0 for #DEFAULT_MAX_UPLOAD_SIZE.
*/
size_t max_upload;
