diff options
| author |   Fulup Ar Foll <fulup@iot.bzh> | 2015-12-12 13:58:00 +0100 |
|---|---|---|
| committer | Fulup Ar Foll <fulup@iot.bzh> | 2015-12-12 13:58:00 +0100 |
| commit | 37c1f71d519420addb71c6137e551ecb51336f7c (patch) | |
| tree | 6f08303f8ed7dc4d9307690607c07148cf7dca3e /src/session.c | |
| parent | d00571d3c5365f40e7ec2ec3ab0f636afa0db480 (diff) | |
Added --token=xxxxx for initial shared secret
Diffstat (limited to 'src/session.c')
| -rw-r--r-- | src/session.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/src/session.c b/src/session.c index a5a00406..56620f35 100644 --- a/src/session.c +++ b/src/session.c @@ -476,9 +476,23 @@ PUBLIC AFB_error ctxTokenCreate (AFB_request *request) { int oldTnkValid; const char *ornew; uuid_t newuuid; + const char *token; if (request->client == NULL) return AFB_EMPTY; + // if config->token!="" then verify that we have the right initial share secret + if (request->config->token[0] != '\0') { + + // check for initial token secret and return if not presented + token = MHD_lookup_connection_value(request->connection, MHD_GET_ARGUMENT_KIND, "token"); + if (token == NULL) return AFB_UNAUTH; + + // verify that presented initial tokens fit + if (strcmp(request->config->token, token)) return AFB_UNAUTH; + + } + + // create a UUID as token value uuid_generate(newuuid); uuid_unparse_lower(newuuid, request->client->token); |