/** * Callback invoked from identity service with ego information. * An @a ego of NULL means the ego was not found. * * @param cls closure with the configuration * @param ego an ego known to identity service, or NULL */ static void identity_cb (void *cls, const struct GNUNET_IDENTITY_Ego *ego) { const struct GNUNET_CONFIGURATION_Handle *cfg = cls; el = NULL; if (NULL == ego) { if (NULL != ego_name) { fprintf (stderr, _("Ego `%s' not known to identity service\n"), ego_name); } GNUNET_SCHEDULER_shutdown (); ret = -1; return; } zone_pkey = *GNUNET_IDENTITY_ego_get_private_key (ego); GNUNET_free_non_null (ego_name); ego_name = NULL; GNUNET_CLIENT_service_test ("namestore", cfg, GNUNET_TIME_UNIT_SECONDS, &testservice_task, (void *) cfg); }
/** * Method called to inform about the egos of this peer. * * When used with #GNUNET_IDENTITY_connect, this function is * initially called for all egos and then again whenever a * ego's name changes or if it is deleted. At the end of * the initial pass over all egos, the function is once called * with 'NULL' for @a ego. That does NOT mean that the callback won't * be invoked in the future or that there was an error. * * When used with #GNUNET_IDENTITY_create or #GNUNET_IDENTITY_get, * this function is only called ONCE, and 'NULL' being passed in * @a ego does indicate an error (i.e. name is taken or no default * value is known). If @a ego is non-NULL and if '*ctx' * is set in those callbacks, the value WILL be passed to a subsequent * call to the identity callback of #GNUNET_IDENTITY_connect (if * that one was not NULL). * * When an identity is renamed, this function is called with the * (known) @a ego but the NEW @a name. * * When an identity is deleted, this function is called with the * (known) ego and "NULL" for the @a name. In this case, * the @a ego is henceforth invalid (and the @a ctx should also be * cleaned up). * * @param cls closure * @param ego ego handle * @param ctx context for application to store data for this ego * (during the lifetime of this process, initially NULL) * @param name name assigned by the user for this ego, * NULL if the user just deleted the ego and it * must thus no longer be used */ static void identity_cb (void *cls, struct GNUNET_IDENTITY_Ego *ego, void **ctx, const char *name) { const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone_key; struct GNUNET_GNSRECORD_Data rd; char *rd_string; char *peername; if (NULL == name) return; if (NULL == ego) { if (NULL == qe) { fprintf (stderr, "Failed to find master-zone ego\n"); GNUNET_SCHEDULER_shutdown (); return; } GNUNET_IDENTITY_disconnect (identity); identity = NULL; return; } GNUNET_assert (NULL != name); if (0 != strcmp (name, "master-zone")) { fprintf (stderr, "Unexpected name %s\n", name); return; } zone_key = GNUNET_IDENTITY_ego_get_private_key (ego); rd.expiration_time = GNUNET_TIME_UNIT_FOREVER_ABS.abs_value_us; peername = GNUNET_strdup (GNUNET_i2s_full (&id)); GNUNET_asprintf (&rd_string, "6 %s %s", peername, "www"); GNUNET_free (peername); GNUNET_assert (GNUNET_OK == GNUNET_GNSRECORD_string_to_value (GNUNET_GNSRECORD_TYPE_VPN, rd_string, (void**) &rd.data, &rd.data_size)); rd.record_type = GNUNET_GNSRECORD_TYPE_VPN; qe = GNUNET_NAMESTORE_records_store (namestore, zone_key, "www", 1, &rd, &commence_testing, NULL); GNUNET_free ((void**)rd.data); GNUNET_free (rd_string); }
static void identity_cb (void *cls, struct GNUNET_IDENTITY_Ego *ego, void **ctx, const char *name) { struct GNUNET_GNSRECORD_Data rd; struct GNUNET_CRYPTO_EcdsaPublicKey pub; if (NULL == name) return; if (NULL == ego) return; if (0 == strcmp (name, "phone-ego")) { GNUNET_IDENTITY_ego_get_public_key (ego, &pub); GNUNET_asprintf (&gns_name, "phone.%s", GNUNET_GNSRECORD_pkey_to_zkey (&pub)); phone = GNUNET_CONVERSATION_phone_create (cfg, ego, &phone_event_handler, NULL); GNUNET_assert (NULL != phone); memset (&rd, 0, sizeof (rd)); GNUNET_CONVERSATION_phone_get_record (phone, &rd); GNUNET_assert (rd.record_type == GNUNET_GNSRECORD_TYPE_PHONE); rd.expiration_time = UINT64_MAX; qe = GNUNET_NAMESTORE_records_store (ns, GNUNET_IDENTITY_ego_get_private_key (ego), "phone" /* GNS label */, 1, &rd, &namestore_put_cont, NULL); return; } if (0 == strcmp (name, "caller-ego")) { GNUNET_IDENTITY_ego_get_public_key (ego, &pub); GNUNET_asprintf (&gns_caller_id, "%s", GNUNET_GNSRECORD_pkey_to_zkey (&pub)); call = GNUNET_CONVERSATION_call_start (cfg, ego, ego, gns_name, &call_speaker, &call_mic, &call_event_handler, NULL); return; } }
/** * * Update identity information for ego. If attribute map is * dirty, first update the attributes. * * @param cls the ego to update * param tc task context * */ static void update_identities(void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc) { struct EgoEntry *next_ego = cls; const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key; if (NULL == next_ego) { if (min_rel_exp.rel_value_us < MIN_WAIT_TIME.rel_value_us) min_rel_exp = MIN_WAIT_TIME; GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, ">>> Finished. Rescheduling in %d\n", min_rel_exp.rel_value_us); ns_it = NULL; //finished -> TODO reschedule update_task = GNUNET_SCHEDULER_add_delayed (min_rel_exp, &update_identities, ego_head); min_rel_exp.rel_value_us = 0; return; } priv_key = GNUNET_IDENTITY_ego_get_private_key (next_ego->ego); if (GNUNET_YES == next_ego->attributes_dirty) { //Starting over. We must update the Attributes for they might have changed. ns_it = GNUNET_NAMESTORE_zone_iteration_start (ns_handle, priv_key, &attribute_collect, next_ego); } else { //Ego will be dirty next time next_ego->attributes_dirty = GNUNET_YES; ns_it = GNUNET_NAMESTORE_zone_iteration_start (ns_handle, priv_key, &token_collect, next_ego); } }
/** * This function updates the old token with new attributes, * removes deleted attributes and expiration times. * * @param cls the ego entry * @param tc task context */ static void handle_token_update (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc) { char *token_header; char *token_payload; char *token_payload_json; char *new_token; char *new_payload_str; char *new_payload_base64; char *sig_str; char *key; char *padding; const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key; struct EgoEntry *ego_entry = cls; struct GNUNET_GNSRECORD_Data token_record; struct GNUNET_CRYPTO_EccSignaturePurpose *purpose; struct GNUNET_CRYPTO_EcdsaSignature sig; struct GNUNET_HashCode key_hash; struct GNUNET_TIME_Relative token_rel_exp; struct GNUNET_TIME_Relative token_ttl; struct GNUNET_TIME_Absolute token_exp; struct GNUNET_TIME_Absolute token_nbf; struct GNUNET_TIME_Absolute new_exp; struct GNUNET_TIME_Absolute new_iat; struct GNUNET_TIME_Absolute new_nbf; json_t *payload_json; json_t *value; json_t *cur_value; json_t *new_payload_json; json_t *token_nbf_json; json_t *token_exp_json; json_error_t json_err; priv_key = GNUNET_IDENTITY_ego_get_private_key (ego_entry->ego); //Note: We need the token expiration time here. Not the record expiration //time. //There are two types of tokens: Token that expire on GNS level with //an absolute expiration time. Those are basically tokens that will //be automatically revoked on (record)expiration. //Tokens stored with relative expiration times will expire on the token level (token expiration) //but this service will reissue new tokens that can be retrieved from GNS //automatically. token_header = strtok (token, "."); token_payload = strtok (NULL, "."); GNUNET_STRINGS_base64_decode (token_payload, strlen (token_payload), &token_payload_json); payload_json = json_loads (token_payload_json, JSON_DECODE_ANY, &json_err); GNUNET_free (token_payload_json); token_exp_json = json_object_get (payload_json, "exp"); token_nbf_json = json_object_get (payload_json, "nbf"); token_exp.abs_value_us = json_integer_value(token_exp_json); token_nbf.abs_value_us = json_integer_value(token_nbf_json); token_rel_exp = GNUNET_TIME_absolute_get_difference (token_nbf, token_exp); token_ttl = GNUNET_TIME_absolute_get_remaining (token_exp); if (0 != GNUNET_TIME_absolute_get_remaining (token_exp).rel_value_us) { //This token is not yet expired! Save and skip if (min_rel_exp.rel_value_us > token_ttl.rel_value_us) { min_rel_exp = token_ttl; } json_decref (payload_json); GNUNET_free (token); token = NULL; GNUNET_free (label); label = NULL; GNUNET_NAMESTORE_zone_iterator_next (ns_it); return; } GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Token is expired. Create a new one\n"); new_exp = GNUNET_TIME_relative_to_absolute (token_rel_exp); new_nbf = GNUNET_TIME_absolute_get (); new_iat = new_nbf; new_payload_json = json_object(); json_object_foreach(payload_json, key, value) { if (0 == strcmp (key, "exp")) { json_object_set_new (new_payload_json, key, json_integer (new_exp.abs_value_us)); } else if (0 == strcmp (key, "nbf")) { json_object_set_new (new_payload_json, key, json_integer (new_nbf.abs_value_us)); } else if (0 == strcmp (key, "iat")) { json_object_set_new (new_payload_json, key, json_integer (new_iat.abs_value_us)); } else if ((0 == strcmp (key, "iss")) || (0 == strcmp (key, "aud")) || (0 == strcmp (key, "sub")) || (0 == strcmp (key, "rnl"))) { json_object_set (new_payload_json, key, value); } else { GNUNET_CRYPTO_hash (key, strlen (key), &key_hash); //Check if attr still exists. omit of not if (GNUNET_NO != GNUNET_CONTAINER_multihashmap_contains (ego_entry->attr_map, &key_hash)) { cur_value = GNUNET_CONTAINER_multihashmap_get (ego_entry->attr_map, &key_hash); json_object_set (new_payload_json, key, cur_value); } } } // reassemble and set new_payload_str = json_dumps (new_payload_json, JSON_COMPACT); json_decref (payload_json); json_decref (new_payload_json); GNUNET_STRINGS_base64_encode (new_payload_str, strlen (new_payload_str), &new_payload_base64); //Remove padding padding = strtok(new_payload_base64, "="); while (NULL != padding) padding = strtok(NULL, "="); GNUNET_asprintf (&new_token, "%s,%s", token_header, new_payload_base64); purpose = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + strlen (new_token)); purpose->size = htonl (strlen (new_token) + sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose)); purpose->purpose = htonl(GNUNET_SIGNATURE_PURPOSE_GNUID_TOKEN); memcpy (&purpose[1], new_token, strlen (new_token)); if (GNUNET_OK != GNUNET_CRYPTO_ecdsa_sign (priv_key, purpose, &sig)) GNUNET_break(0); GNUNET_free (new_token); sig_str = GNUNET_STRINGS_data_to_string_alloc (&sig, sizeof (struct GNUNET_CRYPTO_EcdsaSignature)); GNUNET_asprintf (&new_token, "%s.%s.%s", token_header, new_payload_base64, sig_str); GNUNET_free (sig_str); GNUNET_free (new_payload_str); GNUNET_free (new_payload_base64); GNUNET_free (purpose); token_record.data = new_token; token_record.data_size = strlen (new_token); token_record.expiration_time = new_exp.abs_value_us; token_record.record_type = GNUNET_GNSRECORD_TYPE_ID_TOKEN; token_record.flags = GNUNET_GNSRECORD_RF_NONE | GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION; ns_qe = GNUNET_NAMESTORE_records_store (ns_handle, priv_key, label, 1, &token_record, &store_token_cont, ego_entry); GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, ">>> Updating Token w/ %s\n", new_token); GNUNET_free (new_token); GNUNET_free (token); token = NULL; GNUNET_free (label); label = NULL; }