summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFulup Ar Foll <fulup@iot.bzh>2015-12-12 13:58:00 +0100
committerFulup Ar Foll <fulup@iot.bzh>2015-12-12 13:58:00 +0100
commit37c1f71d519420addb71c6137e551ecb51336f7c (patch)
tree6f08303f8ed7dc4d9307690607c07148cf7dca3e
parentd00571d3c5365f40e7ec2ec3ab0f636afa0db480 (diff)
Added --token=xxxxx for initial shared secret
-rw-r--r--include/local-def.h2
-rw-r--r--nbproject/configurations.xml132
-rw-r--r--nbproject/private/Default.properties7
-rw-r--r--src/afbs-api.c7
-rw-r--r--src/config.c2
-rw-r--r--src/main.c2
-rw-r--r--src/session.c14
7 files changed, 44 insertions, 122 deletions
diff --git a/include/local-def.h b/include/local-def.h
index 791f4c19..b37cd757 100644
--- a/include/local-def.h
+++ b/include/local-def.h
@@ -80,7 +80,7 @@ extern int verbose; // this is the only global variable
typedef enum {AFB_PLUGIN_JSON=123456789, AFB_PLUGIN_JSCRIPT=987654321, AFB_PLUGIN_RAW=987123546} AFB_pluginT;
// prebuild json error are constructed in config.c
-typedef enum { AFB_FALSE, AFB_TRUE, AFB_FATAL, AFB_FAIL, AFB_WARNING, AFB_EMPTY, AFB_SUCCESS, AFB_DONE} AFB_error;
+typedef enum { AFB_FALSE, AFB_TRUE, AFB_FATAL, AFB_FAIL, AFB_WARNING, AFB_EMPTY, AFB_SUCCESS, AFB_DONE, AFB_UNAUTH} AFB_error;
extern char *ERROR_LABEL[];
#define ERROR_LABEL_DEF {"false", "true","fatal", "fail", "warning", "empty", "success"}
diff --git a/nbproject/configurations.xml b/nbproject/configurations.xml
index 5fcbb4ea..3d743b11 100644
--- a/nbproject/configurations.xml
+++ b/nbproject/configurations.xml
@@ -47,7 +47,6 @@
</toolsSet>
<flagsDictionary>
<element flagsID="0" commonFlags="-fPIE"/>
- <element flagsID="1" commonFlags="-mtune=generic -march=x86-64 -fPIE"/>
</flagsDictionary>
<codeAssistance>
</codeAssistance>
@@ -57,6 +56,13 @@
<buildCommand>${MAKE} -f Makefile</buildCommand>
<cleanCommand>${MAKE} -f Makefile clean</cleanCommand>
<executablePath>build/src/afb-daemon</executablePath>
+ <cTool>
+ <incDir>
+ <pElem>include</pElem>
+ <pElem>/usr/include/json-c</pElem>
+ <pElem>build/src</pElem>
+ </incDir>
+ </cTool>
</makeTool>
<preBuild>
<preBuildCommandWorkingDir>build</preBuildCommandWorkingDir>
@@ -66,144 +72,34 @@
</makefileType>
<item path="src/afbs-api.c" ex="false" tool="0" flavor2="2">
<cTool flags="0">
- <incDir>
- <pElem>include</pElem>
- <pElem>/usr/include/json-c</pElem>
- <pElem>build/src</pElem>
- </incDir>
</cTool>
</item>
<item path="src/alsa-api.c" ex="false" tool="0" flavor2="2">
- <cTool flags="1">
- <incDir>
- <pElem>src</pElem>
- <pElem>/usr/include/json-c</pElem>
- <pElem>include</pElem>
- <pElem>/usr/include/uuid</pElem>
- <pElem>build/src</pElem>
- </incDir>
- <preprocessorList>
- <Elem>__PIC__=2</Elem>
- <Elem>__PIE__=2</Elem>
- <Elem>__REGISTER_PREFIX__=</Elem>
- <Elem>__USER_LABEL_PREFIX__=</Elem>
- <Elem>__pic__=2</Elem>
- <Elem>__pie__=2</Elem>
- </preprocessorList>
+ <cTool flags="0">
</cTool>
</item>
<item path="src/config.c" ex="false" tool="0" flavor2="2">
- <cTool flags="1">
- <incDir>
- <pElem>src</pElem>
- <pElem>/usr/include/json-c</pElem>
- <pElem>include</pElem>
- <pElem>/usr/include/uuid</pElem>
- <pElem>build/src</pElem>
- </incDir>
- <preprocessorList>
- <Elem>__PIC__=2</Elem>
- <Elem>__PIE__=2</Elem>
- <Elem>__REGISTER_PREFIX__=</Elem>
- <Elem>__USER_LABEL_PREFIX__=</Elem>
- <Elem>__pic__=2</Elem>
- <Elem>__pie__=2</Elem>
- </preprocessorList>
+ <cTool flags="0">
</cTool>
</item>
<item path="src/dbus-api.c" ex="false" tool="0" flavor2="2">
- <cTool flags="1">
- <incDir>
- <pElem>src</pElem>
- <pElem>/usr/include/json-c</pElem>
- <pElem>include</pElem>
- <pElem>/usr/include/uuid</pElem>
- <pElem>build/src</pElem>
- </incDir>
- <preprocessorList>
- <Elem>__PIC__=2</Elem>
- <Elem>__PIE__=2</Elem>
- <Elem>__REGISTER_PREFIX__=</Elem>
- <Elem>__USER_LABEL_PREFIX__=</Elem>
- <Elem>__pic__=2</Elem>
- <Elem>__pie__=2</Elem>
- </preprocessorList>
+ <cTool flags="0">
</cTool>
</item>
<item path="src/http-svc.c" ex="false" tool="0" flavor2="2">
- <cTool flags="1">
- <incDir>
- <pElem>src</pElem>
- <pElem>/usr/include/json-c</pElem>
- <pElem>include</pElem>
- <pElem>/usr/include/uuid</pElem>
- <pElem>build/src</pElem>
- </incDir>
- <preprocessorList>
- <Elem>__PIC__=2</Elem>
- <Elem>__PIE__=2</Elem>
- <Elem>__REGISTER_PREFIX__=</Elem>
- <Elem>__USER_LABEL_PREFIX__=</Elem>
- <Elem>__pic__=2</Elem>
- <Elem>__pie__=2</Elem>
- </preprocessorList>
+ <cTool flags="0">
</cTool>
</item>
<item path="src/main.c" ex="false" tool="0" flavor2="2">
- <cTool flags="1">
- <incDir>
- <pElem>src</pElem>
- <pElem>/usr/include/json-c</pElem>
- <pElem>include</pElem>
- <pElem>/usr/include/uuid</pElem>
- <pElem>build/src</pElem>
- </incDir>
- <preprocessorList>
- <Elem>__PIC__=2</Elem>
- <Elem>__PIE__=2</Elem>
- <Elem>__REGISTER_PREFIX__=</Elem>
- <Elem>__USER_LABEL_PREFIX__=</Elem>
- <Elem>__pic__=2</Elem>
- <Elem>__pie__=2</Elem>
- </preprocessorList>
+ <cTool flags="0">
</cTool>
</item>
<item path="src/rest-api.c" ex="false" tool="0" flavor2="2">
- <cTool flags="1">
- <incDir>
- <pElem>src</pElem>
- <pElem>/usr/include/json-c</pElem>
- <pElem>include</pElem>
- <pElem>/usr/include/uuid</pElem>
- <pElem>build/src</pElem>
- </incDir>
- <preprocessorList>
- <Elem>__PIC__=2</Elem>
- <Elem>__PIE__=2</Elem>
- <Elem>__REGISTER_PREFIX__=</Elem>
- <Elem>__USER_LABEL_PREFIX__=</Elem>
- <Elem>__pic__=2</Elem>
- <Elem>__pie__=2</Elem>
- </preprocessorList>
+ <cTool flags="0">
</cTool>
</item>
<item path="src/session.c" ex="false" tool="0" flavor2="2">
- <cTool flags="1">
- <incDir>
- <pElem>src</pElem>
- <pElem>/usr/include/json-c</pElem>
- <pElem>/usr/include/uuid</pElem>
- <pElem>include</pElem>
- <pElem>build/src</pElem>
- </incDir>
- <preprocessorList>
- <Elem>__PIC__=2</Elem>
- <Elem>__PIE__=2</Elem>
- <Elem>__REGISTER_PREFIX__=</Elem>
- <Elem>__USER_LABEL_PREFIX__=</Elem>
- <Elem>__pic__=2</Elem>
- <Elem>__pie__=2</Elem>
- </preprocessorList>
+ <cTool flags="0">
</cTool>
</item>
</conf>
diff --git a/nbproject/private/Default.properties b/nbproject/private/Default.properties
index 0f8ddbcc..de73bf9e 100644
--- a/nbproject/private/Default.properties
+++ b/nbproject/private/Default.properties
@@ -1 +1,8 @@
+/home/fulup/Workspace/afb-daemon/src/session.c=/home/fulup/Workspace/afb-daemon/build/src#-g3 -gdwarf-2 -fPIE -I/home/fulup/Workspace/afb-daemon/include -I/usr/include/json-c -o CMakeFiles/afb-daemon.dir/session.c.o -c /home/fulup/Workspace/afb-daemon/src/session.c
+/home/fulup/Workspace/afb-daemon/src/alsa-api.c=/home/fulup/Workspace/afb-daemon/build/src#-g3 -gdwarf-2 -fPIE -I/home/fulup/Workspace/afb-daemon/include -I/usr/include/json-c -o CMakeFiles/afb-daemon.dir/alsa-api.c.o -c /home/fulup/Workspace/afb-daemon/src/alsa-api.c
+/home/fulup/Workspace/afb-daemon/src/main.c=/home/fulup/Workspace/afb-daemon/build/src#-g3 -gdwarf-2 -fPIE -I/home/fulup/Workspace/afb-daemon/include -I/usr/include/json-c -o CMakeFiles/afb-daemon.dir/main.c.o -c /home/fulup/Workspace/afb-daemon/src/main.c
+/home/fulup/Workspace/afb-daemon/src/dbus-api.c=/home/fulup/Workspace/afb-daemon/build/src#-g3 -gdwarf-2 -fPIE -I/home/fulup/Workspace/afb-daemon/include -I/usr/include/json-c -o CMakeFiles/afb-daemon.dir/dbus-api.c.o -c /home/fulup/Workspace/afb-daemon/src/dbus-api.c
+/home/fulup/Workspace/afb-daemon/src/http-svc.c=/home/fulup/Workspace/afb-daemon/build/src#-g3 -gdwarf-2 -fPIE -I/home/fulup/Workspace/afb-daemon/include -I/usr/include/json-c -o CMakeFiles/afb-daemon.dir/http-svc.c.o -c /home/fulup/Workspace/afb-daemon/src/http-svc.c
/home/fulup/Workspace/afb-daemon/src/afbs-api.c=/home/fulup/Workspace/afb-daemon/build/src#-g3 -gdwarf-2 -fPIE -I/home/fulup/Workspace/afb-daemon/include -I/usr/include/json-c -o CMakeFiles/afb-daemon.dir/afbs-api.c.o -c /home/fulup/Workspace/afb-daemon/src/afbs-api.c
+/home/fulup/Workspace/afb-daemon/src/rest-api.c=/home/fulup/Workspace/afb-daemon/build/src#-g3 -gdwarf-2 -fPIE -I/home/fulup/Workspace/afb-daemon/include -I/usr/include/json-c -o CMakeFiles/afb-daemon.dir/rest-api.c.o -c /home/fulup/Workspace/afb-daemon/src/rest-api.c
+/home/fulup/Workspace/afb-daemon/src/config.c=/home/fulup/Workspace/afb-daemon/build/src#-g3 -gdwarf-2 -fPIE -I/home/fulup/Workspace/afb-daemon/include -I/usr/include/json-c -o CMakeFiles/afb-daemon.dir/config.c.o -c /home/fulup/Workspace/afb-daemon/src/config.c
diff --git a/src/afbs-api.c b/src/afbs-api.c
index 42ea7597..44fa0334 100644
--- a/src/afbs-api.c
+++ b/src/afbs-api.c
@@ -40,6 +40,13 @@ STATIC json_object* clientContextCreate (AFB_request *request) {
}
// request a new client context token and check result
+ if (AFB_UNAUTH == ctxTokenCreate (request)) {
+ request->errcode=MHD_HTTP_UNAUTHORIZED;
+ jresp= jsonNewMessage(AFB_FAIL, "No/Invalid initial token provided [should match --token=xxxx]");
+ return (jresp);
+ }
+
+ // request a new client context token and check result
if (AFB_SUCCESS != ctxTokenCreate (request)) {
request->errcode=MHD_HTTP_UNAUTHORIZED;
jresp= jsonNewMessage(AFB_FAIL, "Token Session Not Activated [restart with --token=xxxx]");
diff --git a/src/config.c b/src/config.c
index 2ec90595..2e7611a5 100644
--- a/src/config.c
+++ b/src/config.c
@@ -21,13 +21,11 @@
*/
-
#include "../include/local-def.h"
#include <stdarg.h>
#include <sys/stat.h>
#include <sys/types.h>
-
#define AFB_CONFIG_JTYPE "AFB_config"
PUBLIC char *ERROR_LABEL[]=ERROR_LABEL_DEF;
diff --git a/src/main.c b/src/main.c
index 8a4532d5..5d898ae6 100644
--- a/src/main.c
+++ b/src/main.c
@@ -109,7 +109,7 @@ static AFB_options cliOptions [] = {
{SET_SMACK ,1,"smack" , "Set Smack Label [default demo]"},
{SET_PLUGINS ,1,"mods" , "Enable module [default all]"},
- {SET_AUTH_TOKEN ,1,"token" , "Initial Secret [default=non]"},
+ {SET_AUTH_TOKEN ,1,"token" , "Initial Secret [default=no-session, --token="" for session without authentication]"},
{DISPLAY_VERSION ,0,"version" , "Display version and copyright"},
{DISPLAY_HELP ,0,"help" , "Display this help"},
diff --git a/src/session.c b/src/session.c
index a5a00406..56620f35 100644
--- a/src/session.c
+++ b/src/session.c
@@ -476,9 +476,23 @@ PUBLIC AFB_error ctxTokenCreate (AFB_request *request) {
int oldTnkValid;
const char *ornew;
uuid_t newuuid;
+ const char *token;
if (request->client == NULL) return AFB_EMPTY;
+ // if config->token!="" then verify that we have the right initial share secret
+ if (request->config->token[0] != '\0') {
+
+ // check for initial token secret and return if not presented
+ token = MHD_lookup_connection_value(request->connection, MHD_GET_ARGUMENT_KIND, "token");
+ if (token == NULL) return AFB_UNAUTH;
+
+ // verify that presented initial tokens fit
+ if (strcmp(request->config->token, token)) return AFB_UNAUTH;
+
+ }
+
+
// create a UUID as token value
uuid_generate(newuuid);
uuid_unparse_lower(newuuid, request->client->token);