* More work on OpenID 1.1 Relying Party support

* Changed the startup order to put the citadel.control lock check happen *before* the databases
  are opened.  Otherwise it can corrupt the databases before the lock check shuts it down.

diff --git a/citadel/configure.ac b/citadel/configure.ac
index c36130b04719eafa3f616a4b581ff517887fd7d9..cd32b4496a2ae7ed921d5431471d5daa1a767c58 100644 (file)
--- a/citadel/configure.ac
+++ b/citadel/configure.ac
@@ -624,7 +624,7 @@ AC_CHECK_HEADER(expat.h,
 
 dnl Checks for libcurl.
 AC_CHECK_HEADER(curl/curl.h,
-       [AC_CHECK_LIB(curl, curl_easy_init,
+       [AC_CHECK_LIB(curl, curl_version,
                [
                        SERVER_LIBS="-lcurl $SERVER_LIBS"
                ],

diff --git a/citadel/control.c b/citadel/control.c
index 671a9cc741d84433d0ea011ee623f67e6ed78c34..8da8192fa07ae82089d9a7d6ec8c65783d29f69e 100644 (file)
--- a/citadel/control.c
+++ b/citadel/control.c
@@ -172,6 +172,7 @@ void get_control(void)
        rewind(control_fp);
        fread(&CitControl, sizeof(struct CitControl), 1, control_fp);
        already_have_control = 1;
+       chown(file_citadel_control, config.c_ctdluid, (-1));
 }
 
 /*

diff --git a/citadel/modules/openid/serv_openid_rp.c b/citadel/modules/openid/serv_openid_rp.c
index 05dbbd6822bbb77178a176002e7178ccc07d938e..fc691246f5a014ebefbdf2ef617da28d085fd30d 100644 (file)
--- a/citadel/modules/openid/serv_openid_rp.c
+++ b/citadel/modules/openid/serv_openid_rp.c
@@ -33,6 +33,16 @@
 #include "ctdl_module.h"
 
 
+struct associate_handle {
+       char claimed_id[256];
+       char assoc_type[32];
+       time_t expires_in;
+       char assoc_handle[128];
+       char mac_key[128];
+};
+
+
+
 /* 
  * Locate a <link> tag and, given its 'rel=' parameter, return its 'href' parameter
  */
@@ -178,6 +188,36 @@ int fetch_http(char *url, char *target_buf, int maxbytes)
 }
 
 
+#define ASSOCIATE_RESPONSE_SIZE        4096
+
+/*
+ * libcurl callback function for prepare_openid_associate_request()
+ */
+size_t associate_callback(void *ptr, size_t size, size_t nmemb, void *stream)
+{
+       char *response = (char *) stream;
+       int got_bytes = (size * nmemb);
+       int len = strlen(response);
+
+       if ((len + got_bytes + 1) < ASSOCIATE_RESPONSE_SIZE) {
+               memcpy(&response[len], ptr, got_bytes);
+               response[len+got_bytes] = 0;
+       }
+
+       return got_bytes;
+}
+
+
+/*
+ * Process the response from an "associate" request
+ */
+void process_associate_response(associate_response)
+{
+       // FIXME finish this
+}
+
+
+
 /*
  * Establish a shared secret with an OpenID Identity Provider by sending
  * an "associate" request.
@@ -188,6 +228,9 @@ void prepare_openid_associate_request(char *openid_server, char *openid_delegate
        CURLcode res;
        struct curl_httppost *formpost=NULL;
        struct curl_httppost *lastptr=NULL;
+       char associate_response[ASSOCIATE_RESPONSE_SIZE];
+
+       memset(associate_response, 0, ASSOCIATE_RESPONSE_SIZE);
 
        curl_formadd(&formpost,
                        &lastptr,
@@ -208,16 +251,13 @@ void prepare_openid_associate_request(char *openid_server, char *openid_delegate
                curl_easy_setopt(curl, CURLOPT_URL, openid_server);
                curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
                curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
-               //curl_easy_setopt(curl, CURLOPT_WRITEDATA, &fh);
-               //curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, fh_callback);
-               //curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, errmsg);
+               curl_easy_setopt(curl, CURLOPT_WRITEDATA, associate_response);
+               curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, associate_callback);
                curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1);
                        
                curl_easy_setopt(curl, CURLOPT_HTTPPOST, formpost);
                res = curl_easy_perform(curl);
-
-               // FIXME not finished
-
+               process_associate_response(associate_response);
                curl_easy_cleanup(curl);
        }
        curl_formfree(formpost);

diff --git a/citadel/modules/rssclient/serv_rssclient.c b/citadel/modules/rssclient/serv_rssclient.c
index f176ae7c5846036da958f4ad97c2bca4da6e2316..4db28dbb5d3d82498dfebe2c3d80fb0974117e8d 100644 (file)
--- a/citadel/modules/rssclient/serv_rssclient.c
+++ b/citadel/modules/rssclient/serv_rssclient.c
@@ -557,6 +557,7 @@ CTDL_MODULE_INIT(rssclient)
 {
        if (threading)
        {
+               CtdlLogPrintf(CTDL_INFO, "%s\n", curl_version());
                CtdlThreadSchedule ("RSS Client", CTDLTHREAD_BIGSTACK, rssclient_scan, NULL, 0);
        }
        /* return our Subversion id for the Log */

diff --git a/citadel/server_main.c b/citadel/server_main.c
index 37c77ddcd4fa8068ba0b16436d089f3d5d21900d..be547e12ee85a36a7152f5004cc816c624368725 100644 (file)
--- a/citadel/server_main.c
+++ b/citadel/server_main.c
@@ -214,6 +214,10 @@ int main(int argc, char **argv)
        CtdlLogPrintf(CTDL_INFO, "Loading citadel.config\n");
        get_config();
        config.c_ipgm_secret = rand();
+
+       CtdlLogPrintf(CTDL_INFO, "Acquiring control record\n");
+       get_control();
+
        put_config();
 
 #ifdef HAVE_RUN_DIR
@@ -244,11 +248,8 @@ int main(int argc, char **argv)
         */
        master_startup();
 
-       CtdlLogPrintf(CTDL_INFO, "Acquiring control record\n");
-       get_control();
-
        
-/**
+/*
  * Initialise the user 0 to have a name. It would be nice to do it in InitializeMasterCC
  * since it is contained within the MasterCC but we can't because the DB isn't available
  * at that time so we do it seperate.