From: Schanzenbach, Martin Date: Fri, 6 Oct 2017 08:14:10 +0000 (+0200) Subject: -do not persist sensitive data X-Git-Tag: gnunet-0.11.0rc0~24^2~45 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=7807374c7247af1d139ff70b4af047c227229a6e;p=oweals%2Fgnunet.git -do not persist sensitive data --- diff --git a/src/identity-provider/gnunet-service-identity-provider.c b/src/identity-provider/gnunet-service-identity-provider.c index 3dcb2792e..8960ea162 100644 --- a/src/identity-provider/gnunet-service-identity-provider.c +++ b/src/identity-provider/gnunet-service-identity-provider.c @@ -1765,8 +1765,7 @@ cleanup_ticket_issue_handle (struct TicketIssueHandle *handle) static void send_ticket_result (struct IdpClient *client, uint32_t r_id, - const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket, - const struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs) + const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket) { struct TicketResultMessage *irm; struct GNUNET_MQ_Envelope *env; @@ -1774,8 +1773,7 @@ send_ticket_result (struct IdpClient *client, /* store ticket in DB */ if (GNUNET_OK != TKT_database->store_ticket (TKT_database->cls, - ticket, - attrs)) + ticket)) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Unable to store ticket after issue\n"); @@ -1810,8 +1808,7 @@ store_ticket_issue_cont (void *cls, } send_ticket_result (handle->client, handle->r_id, - &handle->ticket, - handle->attrs); + &handle->ticket); cleanup_ticket_issue_handle (handle); } @@ -2083,8 +2080,7 @@ process_parallel_lookup2 (void *cls, uint32_t rd_count, /* Store ticket in DB */ if (GNUNET_OK != TKT_database->store_ticket (TKT_database->cls, - &handle->ticket, - handle->attrs)) + &handle->ticket)) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Unable to store ticket after consume\n"); @@ -2664,8 +2660,7 @@ struct TicketIterationProcResult */ static void ticket_iterate_proc (void *cls, - const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket, - const struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs) + const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket) { struct TicketIterationProcResult *proc = cls; @@ -2676,18 +2671,10 @@ ticket_iterate_proc (void *cls, proc->res_iteration_finished = IT_SUCCESS_NOT_MORE_RESULTS_AVAILABLE; return; } - if ((NULL == ticket) || (NULL == attrs)) - { - /* error */ - proc->res_iteration_finished = IT_START; - GNUNET_break (0); - return; - } proc->res_iteration_finished = IT_SUCCESS_MORE_AVAILABLE; send_ticket_result (proc->ti->client, proc->ti->r_id, - ticket, - attrs); + ticket); } diff --git a/src/identity-provider/plugin_identity_provider_sqlite.c b/src/identity-provider/plugin_identity_provider_sqlite.c index 464ea29cb..7a19ba827 100644 --- a/src/identity-provider/plugin_identity_provider_sqlite.c +++ b/src/identity-provider/plugin_identity_provider_sqlite.c @@ -27,7 +27,6 @@ #include "platform.h" #include "gnunet_identity_provider_service.h" #include "gnunet_identity_provider_plugin.h" -#include "identity_attribute.h" #include "gnunet_sq_lib.h" #include @@ -253,8 +252,7 @@ database_setup (struct Plugin *plugin) "CREATE TABLE identity001tickets (" " identity BLOB NOT NULL DEFAULT ''," " audience BLOB NOT NULL DEFAULT ''," - " rnd INT8 NOT NULL DEFAULT ''," - " attributes BLOB NOT NULL DEFAULT ''" + " rnd INT8 NOT NULL DEFAULT ''" ")", NULL, NULL, NULL) != SQLITE_OK)) { @@ -269,8 +267,8 @@ database_setup (struct Plugin *plugin) if ( (SQLITE_OK != sq_prepare (plugin->dbh, - "INSERT INTO identity001tickets (identity, audience, rnd, attributes)" - " VALUES (?, ?, ?, ?)", + "INSERT INTO identity001tickets (identity, audience, rnd)" + " VALUES (?, ?, ?)", &plugin->store_ticket)) || (SQLITE_OK != sq_prepare (plugin->dbh, @@ -278,13 +276,13 @@ database_setup (struct Plugin *plugin) &plugin->delete_ticket)) || (SQLITE_OK != sq_prepare (plugin->dbh, - "SELECT identity,audience,rnd,attributes" + "SELECT identity,audience,rnd" " FROM identity001tickets WHERE identity=?" " ORDER BY rnd LIMIT 1 OFFSET ?", &plugin->iterate_tickets)) || (SQLITE_OK != sq_prepare (plugin->dbh, - "SELECT identity,audience,rnd,attributes" + "SELECT identity,audience,rnd" " FROM identity001tickets WHERE audience=?" " ORDER BY rnd LIMIT 1 OFFSET ?", &plugin->iterate_tickets_by_audience)) ) @@ -356,25 +354,14 @@ database_shutdown (struct Plugin *plugin) * * @param cls closure (internal context for the plugin) * @param ticket the ticket to persist - * @param attrs attributes to persist * @return #GNUNET_OK on success, else #GNUNET_SYSERR */ static int identity_provider_sqlite_store_ticket (void *cls, - const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket, - const struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs) + const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket) { struct Plugin *plugin = cls; int n; - size_t attrs_size; - char *attrs_serialized; - - attrs_size = attribute_list_serialize_get_size (attrs); - - attrs_serialized = GNUNET_malloc (attrs_size); - - attribute_list_serialize (attrs, - attrs_serialized); { /* First delete duplicates */ @@ -402,7 +389,6 @@ identity_provider_sqlite_store_ticket (void *cls, GNUNET_SQ_query_param_auto_from_type (&ticket->identity), GNUNET_SQ_query_param_auto_from_type (&ticket->audience), GNUNET_SQ_query_param_uint64 (&ticket->rnd), - GNUNET_SQ_query_param_fixed_size (attrs_serialized, attrs_size), GNUNET_SQ_query_param_end }; @@ -517,8 +503,6 @@ get_ticket_and_call_iterator (struct Plugin *plugin, void *iter_cls) { struct GNUNET_IDENTITY_PROVIDER_Ticket2 ticket; - size_t attrs_size; - void *attrs_serialized; int ret; int sret; @@ -529,7 +513,6 @@ get_ticket_and_call_iterator (struct Plugin *plugin, GNUNET_SQ_result_spec_auto_from_type (&ticket.identity), GNUNET_SQ_result_spec_auto_from_type (&ticket.audience), GNUNET_SQ_result_spec_uint64 (&ticket.rnd), - GNUNET_SQ_result_spec_variable_size (&attrs_serialized, &attrs_size), GNUNET_SQ_result_spec_end }; @@ -542,23 +525,10 @@ get_ticket_and_call_iterator (struct Plugin *plugin, } else { - struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs; - - attrs = attribute_list_deserialize (attrs_serialized, attrs_size); - - if (NULL == attrs) - { - GNUNET_break (0); - ret = GNUNET_SYSERR; - } - else - { if (NULL != iter) iter (iter_cls, - &ticket, - attrs); + &ticket); ret = GNUNET_YES; - } } GNUNET_SQ_cleanup_result (rs); } diff --git a/src/include/gnunet_identity_provider_plugin.h b/src/include/gnunet_identity_provider_plugin.h index 5867a5b80..9e779bde7 100644 --- a/src/include/gnunet_identity_provider_plugin.h +++ b/src/include/gnunet_identity_provider_plugin.h @@ -48,11 +48,9 @@ extern "C" * * @param cls closure * @param ticket the ticket - * @prarm attrs the attributes */ typedef void (*GNUNET_IDENTITY_PROVIDER_TicketIterator) (void *cls, - const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket, - const struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs); + const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket); /** @@ -71,12 +69,10 @@ struct GNUNET_IDENTITY_PROVIDER_PluginFunctions * * @param cls closure (internal context for the plugin) * @param ticket the ticket to store - * @param attrs the attributes shared with the ticket * @return #GNUNET_OK on success, else #GNUNET_SYSERR */ int (*store_ticket) (void *cls, - const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket, - const struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs); + const struct GNUNET_IDENTITY_PROVIDER_Ticket2 *ticket); /** * Delete a ticket from the database.