summaryrefslogtreecommitdiff
path: root/http.c
diff options
context:
space:
mode:
authorGravatar default2023-01-08 10:11:33 +0100
committerGravatar default2023-01-08 10:11:33 +0100
commit7bcac99c88db36041c56a80621d172ed315759d3 (patch)
tree6d36efdac0275d915aea8361a520da41f14cef05 /http.c
parentMove the ~/error directory to where it belongs. (diff)
downloadpenes-snac2-7bcac99c88db36041c56a80621d172ed315759d3.tar.gz
penes-snac2-7bcac99c88db36041c56a80621d172ed315759d3.tar.xz
penes-snac2-7bcac99c88db36041c56a80621d172ed315759d3.zip
Don't use goto in check_signature().
It seems to interfere with cleanup functions in llvm.
Diffstat (limited to 'http.c')
-rw-r--r--http.c24
1 files changed, 15 insertions, 9 deletions
diff --git a/http.c b/http.c
index 1b9fc71..2e721f1 100644
--- a/http.c
+++ b/http.c
@@ -103,7 +103,7 @@ d_char *http_signed_request(snac *snac, char *method, char *url,
103} 103}
104 104
105 105
106int check_signature(snac *snac, char *req) 106static int _check_signature(snac *snac, char *req)
107/* check the signature */ 107/* check the signature */
108{ 108{
109 char *sig_hdr = xs_dict_get(req, "signature"); 109 char *sig_hdr = xs_dict_get(req, "signature");
@@ -141,7 +141,7 @@ int check_signature(snac *snac, char *req)
141 141
142 if (keyId == NULL || headers == NULL || signature == NULL) { 142 if (keyId == NULL || headers == NULL || signature == NULL) {
143 snac_debug(snac, 0, xs_fmt("check_signature bad signature header")); 143 snac_debug(snac, 0, xs_fmt("check_signature bad signature header"));
144 goto error; 144 return 0;
145 } 145 }
146 146
147 /* strip the # from the keyId */ 147 /* strip the # from the keyId */
@@ -152,13 +152,13 @@ int check_signature(snac *snac, char *req)
152 xs *actor = NULL; 152 xs *actor = NULL;
153 if (!valid_status(actor_get(snac, keyId, &actor))) { 153 if (!valid_status(actor_get(snac, keyId, &actor))) {
154 snac_debug(snac, 0, xs_fmt("check_signature unknown actor %s", keyId)); 154 snac_debug(snac, 0, xs_fmt("check_signature unknown actor %s", keyId));
155 goto error; 155 return 0;
156 } 156 }
157 157
158 if ((p = xs_dict_get(actor, "publicKey")) == NULL || 158 if ((p = xs_dict_get(actor, "publicKey")) == NULL ||
159 ((pubkey = xs_dict_get(p, "publicKeyPem")) == NULL)) { 159 ((pubkey = xs_dict_get(p, "publicKeyPem")) == NULL)) {
160 snac_debug(snac, 0, xs_fmt("check_signature cannot get pubkey from %s", keyId)); 160 snac_debug(snac, 0, xs_fmt("check_signature cannot get pubkey from %s", keyId));
161 goto error; 161 return 0;
162 } 162 }
163 163
164 /* now build the string to be signed */ 164 /* now build the string to be signed */
@@ -193,7 +193,7 @@ int check_signature(snac *snac, char *req)
193 snac_debug(snac, 0, 193 snac_debug(snac, 0,
194 xs_fmt("check_signature cannot find header %s", v)); 194 xs_fmt("check_signature cannot find header %s", v));
195 195
196 goto error; 196 return 0;
197 } 197 }
198 198
199 ss = xs_fmt("%s: %s", v, hc); 199 ss = xs_fmt("%s: %s", v, hc);
@@ -205,13 +205,19 @@ int check_signature(snac *snac, char *req)
205 205
206 if (xs_evp_verify(pubkey, sig_str, strlen(sig_str), signature) != 1) { 206 if (xs_evp_verify(pubkey, sig_str, strlen(sig_str), signature) != 1) {
207 snac_debug(snac, 0, xs_fmt("check_signature rsa verify error %s", keyId)); 207 snac_debug(snac, 0, xs_fmt("check_signature rsa verify error %s", keyId));
208 goto error; 208 return 0;
209 } 209 }
210 210
211 return 1; 211 return 1;
212}
212 213
213error: 214
214 { 215int check_signature(snac *snac, char *req)
216/* checks the signature and archives the error */
217{
218 int ret;
219
220 if ((ret = _check_signature(snac, req)) == 0) {
215 xs *ntid = tid(0); 221 xs *ntid = tid(0);
216 xs *fn = xs_fmt("%s/error/check_signature_%s.json", srv_basedir, ntid); 222 xs *fn = xs_fmt("%s/error/check_signature_%s.json", srv_basedir, ntid);
217 FILE *f; 223 FILE *f;
@@ -224,5 +230,5 @@ error:
224 } 230 }
225 } 231 }
226 232
227 return 0; 233 return ret;
228} 234}
HIC SVNT DRACONES