LCOV - code coverage report
Current view: top level - lib - sync_api_upload.c (source / functions) Hit Total Coverage
Test: GNU Taler coverage report Lines: 0 156 0.0 %
Date: 2020-10-21 06:15:51 Functions: 0 4 0.0 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /*
       2             :   This file is part of TALER
       3             :   Copyright (C) 2014-2019 Taler Systems SA
       4             : 
       5             :   TALER is free software; you can redistribute it and/or modify
       6             :   it under the terms of the GNU Lesser General Public License as
       7             :   published by the Free Software Foundation; either version 2.1,
       8             :   or (at your option) any later version.
       9             : 
      10             :   TALER is distributed in the hope that it will be useful, but
      11             :   WITHOUT ANY WARRANTY; without even the implied warranty of
      12             :   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      13             :   GNU Lesser General Public License for more details.
      14             : 
      15             :   You should have received a copy of the GNU Lesser General Public
      16             :   License along with TALER; see the file COPYING.LGPL.  If not,
      17             :   see <http://www.gnu.org/licenses/>
      18             : */
      19             : 
      20             : /**
      21             :  * @file lib/sync_api_upload.c
      22             :  * @brief Implementation of the upload POST
      23             :  * @author Christian Grothoff
      24             :  */
      25             : #include "platform.h"
      26             : #include <curl/curl.h>
      27             : #include <jansson.h>
      28             : #include <microhttpd.h> /* just for HTTP status codes */
      29             : #include <gnunet/gnunet_util_lib.h>
      30             : #include <gnunet/gnunet_curl_lib.h>
      31             : #include <taler/taler_signatures.h>
      32             : #include <taler/taler_json_lib.h>
      33             : #include "sync_service.h"
      34             : #include "sync_api_curl_defaults.h"
      35             : 
      36             : 
      37             : /**
      38             :  * @brief Handle for an upload operation.
      39             :  */
      40             : struct SYNC_UploadOperation
      41             : {
      42             : 
      43             :   /**
      44             :    * The url for this request.
      45             :    */
      46             :   char *url;
      47             : 
      48             :   /**
      49             :    * Handle for the request.
      50             :    */
      51             :   struct GNUNET_CURL_Job *job;
      52             : 
      53             :   /**
      54             :    * Reference to the execution context.
      55             :    */
      56             :   struct GNUNET_CURL_Context *ctx;
      57             : 
      58             :   /**
      59             :    * Function to call with the result.
      60             :    */
      61             :   SYNC_UploadCallback cb;
      62             : 
      63             :   /**
      64             :    * Closure for @e cb.
      65             :    */
      66             :   void *cb_cls;
      67             : 
      68             :   /**
      69             :    * Payment URI we received from the service, or NULL.
      70             :    */
      71             :   char *pay_uri;
      72             : 
      73             :   /**
      74             :    * Hash of the data we are uploading.
      75             :    */
      76             :   struct GNUNET_HashCode new_upload_hash;
      77             : };
      78             : 
      79             : 
      80             : /**
      81             :  * Function called when we're done processing the
      82             :  * HTTP /backup request.
      83             :  *
      84             :  * @param cls the `struct SYNC_UploadOperation`
      85             :  * @param response_code HTTP response code, 0 on error
      86             :  * @param response
      87             :  */
      88             : static void
      89           0 : handle_upload_finished (void *cls,
      90             :                         long response_code,
      91             :                         const void *data,
      92             :                         size_t data_size)
      93             : {
      94           0 :   struct SYNC_UploadOperation *uo = cls;
      95           0 :   enum TALER_ErrorCode ec = TALER_EC_INVALID;
      96             :   struct SYNC_UploadDetails ud;
      97             :   struct SYNC_UploadDetails *udp;
      98             : 
      99           0 :   uo->job = NULL;
     100           0 :   udp = NULL;
     101           0 :   memset (&ud, 0, sizeof (ud));
     102           0 :   switch (response_code)
     103             :   {
     104           0 :   case 0:
     105           0 :     break;
     106           0 :   case MHD_HTTP_NO_CONTENT:
     107           0 :     ud.us = SYNC_US_SUCCESS;
     108           0 :     ud.details.curr_backup_hash = &uo->new_upload_hash;
     109           0 :     udp = &ud;
     110           0 :     ec = TALER_EC_NONE;
     111           0 :     break;
     112           0 :   case MHD_HTTP_NOT_MODIFIED:
     113           0 :     ud.us = SYNC_US_SUCCESS;
     114           0 :     ud.details.curr_backup_hash = &uo->new_upload_hash;
     115           0 :     udp = &ud;
     116           0 :     ec = TALER_EC_NONE;
     117           0 :     break;
     118           0 :   case MHD_HTTP_BAD_REQUEST:
     119           0 :     GNUNET_break (0);
     120           0 :     ec = TALER_JSON_get_error_code2 (data,
     121             :                                      data_size);
     122           0 :     break;
     123           0 :   case MHD_HTTP_PAYMENT_REQUIRED:
     124           0 :     ud.us = SYNC_US_PAYMENT_REQUIRED;
     125           0 :     ud.details.payment_request = uo->pay_uri;
     126           0 :     udp = &ud;
     127           0 :     ec = TALER_EC_NONE;
     128           0 :     break;
     129           0 :   case MHD_HTTP_FORBIDDEN:
     130           0 :     GNUNET_break (0);
     131           0 :     ec = TALER_JSON_get_error_code2 (data,
     132             :                                      data_size);
     133           0 :     break;
     134           0 :   case MHD_HTTP_CONFLICT:
     135           0 :     ud.us = SYNC_US_CONFLICTING_BACKUP;
     136           0 :     GNUNET_CRYPTO_hash (data,
     137             :                         data_size,
     138             :                         &ud.details.recovered_backup.existing_backup_hash);
     139             :     ud.details.recovered_backup.existing_backup_size
     140           0 :       = data_size;
     141             :     ud.details.recovered_backup.existing_backup
     142           0 :       = data;
     143           0 :     udp = &ud;
     144           0 :     ec = TALER_EC_NONE;
     145           0 :     break;
     146           0 :   case MHD_HTTP_GONE:
     147           0 :     ec = TALER_JSON_get_error_code2 (data,
     148             :                                      data_size);
     149           0 :     break;
     150           0 :   case MHD_HTTP_LENGTH_REQUIRED:
     151           0 :     GNUNET_break (0);
     152           0 :     break;
     153           0 :   case MHD_HTTP_REQUEST_ENTITY_TOO_LARGE:
     154           0 :     ec = TALER_JSON_get_error_code2 (data,
     155             :                                      data_size);
     156           0 :     break;
     157           0 :   case MHD_HTTP_TOO_MANY_REQUESTS:
     158           0 :     ec = TALER_JSON_get_error_code2 (data,
     159             :                                      data_size);
     160           0 :     break;
     161           0 :   case MHD_HTTP_INTERNAL_SERVER_ERROR:
     162           0 :     GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
     163             :                 "Internal server error: `%.*s\n",
     164             :                 (int) data_size,
     165             :                 (const char *) data);
     166           0 :     break;
     167             :   }
     168           0 :   if (NULL != uo->cb)
     169             :   {
     170           0 :     uo->cb (uo->cb_cls,
     171             :             ec,
     172             :             response_code,
     173             :             udp);
     174           0 :     uo->cb = NULL;
     175             :   }
     176           0 :   SYNC_upload_cancel (uo);
     177           0 : }
     178             : 
     179             : 
     180             : /**
     181             :  * Handle HTTP header received by curl.
     182             :  *
     183             :  * @param buffer one line of HTTP header data
     184             :  * @param size size of an item
     185             :  * @param nitems number of items passed
     186             :  * @param userdata our `struct SYNC_DownloadOperation *`
     187             :  * @return `size * nitems`
     188             :  */
     189             : static size_t
     190           0 : handle_header (char *buffer,
     191             :                size_t size,
     192             :                size_t nitems,
     193             :                void *userdata)
     194             : {
     195           0 :   struct SYNC_UploadOperation *uo = userdata;
     196           0 :   size_t total = size * nitems;
     197             :   char *ndup;
     198             :   const char *hdr_type;
     199             :   char *hdr_val;
     200             :   char *sp;
     201             : 
     202           0 :   ndup = GNUNET_strndup (buffer,
     203             :                          total);
     204           0 :   hdr_type = strtok_r (ndup,
     205             :                        ":",
     206             :                        &sp);
     207           0 :   if (NULL == hdr_type)
     208             :   {
     209           0 :     GNUNET_free (ndup);
     210           0 :     return total;
     211             :   }
     212           0 :   hdr_val = strtok_r (NULL,
     213             :                       "",
     214             :                       &sp);
     215           0 :   if (NULL == hdr_val)
     216             :   {
     217           0 :     GNUNET_free (ndup);
     218           0 :     return total;
     219             :   }
     220           0 :   if (' ' == *hdr_val)
     221           0 :     hdr_val++;
     222           0 :   if (0 == strcasecmp (hdr_type,
     223             :                        "Taler"))
     224             :   {
     225             :     size_t len;
     226             : 
     227             :     /* found payment URI we care about! */
     228           0 :     uo->pay_uri = GNUNET_strdup (hdr_val);
     229           0 :     len = strlen (uo->pay_uri);
     230           0 :     while ( (len > 0) &&
     231           0 :             ( ('\n' == uo->pay_uri[len - 1]) ||
     232           0 :               ('\r' == uo->pay_uri[len - 1]) ) )
     233             :     {
     234           0 :       len--;
     235           0 :       uo->pay_uri[len] = '\0';
     236             :     }
     237             :   }
     238           0 :   GNUNET_free (ndup);
     239           0 :   return total;
     240             : }
     241             : 
     242             : 
     243             : /**
     244             :  * Upload a @a backup to a Sync server. Note that @a backup must
     245             :  * have already been compressed, padded and encrypted by the
     246             :  * client.
     247             :  *
     248             :  * While @a pub is theoretically protected by the HTTPS protocol and
     249             :  * required to access the backup, it should be assumed that an
     250             :  * adversary might be able to download the backups from the Sync
     251             :  * server -- or even run the Sync server. Thus, strong encryption
     252             :  * is essential and NOT implemented by this function.
     253             :  *
     254             :  * The use of Anastasis to safely store the Sync encryption keys and
     255             :  * @a pub is recommended.  Storing @a priv in Anastasis depends on
     256             :  * your priorities: without @a priv, further updates to the backup are
     257             :  * not possible, and the user would have to pay for another
     258             :  * account. OTOH, without @a priv an adversary that compromised
     259             :  * Anastasis can only read the backups, but not alter or destroy them.
     260             :  *
     261             :  * @param ctx for HTTP client request processing
     262             :  * @param base_url base URL of the Sync server
     263             :  * @param priv private key of an account with the server
     264             :  * @param prev_backup_hash hash of the previous backup, NULL for the first upload ever
     265             :  * @param backup_size number of bytes in @a backup
     266             :  * @param payment_requested #GNUNET_YES if the client wants to pay more for the account now
     267             :  * @param paid_order_id order ID of a recent payment made, or NULL for none
     268             :  * @param cb function to call with the result
     269             :  * @param cb_cls closure for @a cb
     270             :  * @return handle for the operation
     271             :  */
     272             : struct SYNC_UploadOperation *
     273           0 : SYNC_upload (struct GNUNET_CURL_Context *ctx,
     274             :              const char *base_url,
     275             :              struct SYNC_AccountPrivateKeyP *priv,
     276             :              const struct GNUNET_HashCode *prev_backup_hash,
     277             :              size_t backup_size,
     278             :              const void *backup,
     279             :              int payment_requested,
     280             :              const char *paid_order_id,
     281             :              SYNC_UploadCallback cb,
     282             :              void *cb_cls)
     283             : {
     284             :   struct SYNC_AccountSignatureP account_sig;
     285             :   struct SYNC_UploadOperation *uo;
     286             :   CURL *eh;
     287             :   struct curl_slist *job_headers;
     288           0 :   struct SYNC_UploadSignaturePS usp = {
     289           0 :     .purpose.purpose = htonl (TALER_SIGNATURE_SYNC_BACKUP_UPLOAD),
     290           0 :     .purpose.size = htonl (sizeof (usp))
     291             :   };
     292             : 
     293           0 :   if (NULL != prev_backup_hash)
     294           0 :     usp.old_backup_hash = *prev_backup_hash;
     295           0 :   GNUNET_CRYPTO_hash (backup,
     296             :                       backup_size,
     297             :                       &usp.new_backup_hash);
     298           0 :   GNUNET_CRYPTO_eddsa_sign (&priv->eddsa_priv,
     299             :                             &usp,
     300             :                             &account_sig.eddsa_sig);
     301             : 
     302             :   /* setup our HTTP headers */
     303           0 :   job_headers = NULL;
     304             :   {
     305             :     struct curl_slist *ext;
     306             :     char *val;
     307             :     char *hdr;
     308             : 
     309             :     /* Set Sync-Signature header */
     310           0 :     val = GNUNET_STRINGS_data_to_string_alloc (&account_sig,
     311             :                                                sizeof (account_sig));
     312           0 :     GNUNET_asprintf (&hdr,
     313             :                      "Sync-Signature: %s",
     314             :                      val);
     315           0 :     GNUNET_free (val);
     316           0 :     ext = curl_slist_append (job_headers,
     317             :                              hdr);
     318           0 :     GNUNET_free (hdr);
     319           0 :     if (NULL == ext)
     320             :     {
     321           0 :       GNUNET_break (0);
     322           0 :       curl_slist_free_all (job_headers);
     323           0 :       return NULL;
     324             :     }
     325           0 :     job_headers = ext;
     326             : 
     327             :     /* set If-None-Match header */
     328           0 :     val = GNUNET_STRINGS_data_to_string_alloc (&usp.new_backup_hash,
     329             :                                                sizeof (struct GNUNET_HashCode));
     330           0 :     GNUNET_asprintf (&hdr,
     331             :                      "%s: %s",
     332             :                      MHD_HTTP_HEADER_IF_NONE_MATCH,
     333             :                      val);
     334           0 :     GNUNET_free (val);
     335           0 :     ext = curl_slist_append (job_headers,
     336             :                              hdr);
     337           0 :     GNUNET_free (hdr);
     338           0 :     if (NULL == ext)
     339             :     {
     340           0 :       GNUNET_break (0);
     341           0 :       curl_slist_free_all (job_headers);
     342           0 :       return NULL;
     343             :     }
     344           0 :     job_headers = ext;
     345             : 
     346             :     /* Setup If-Match header */
     347           0 :     if (NULL != prev_backup_hash)
     348             :     {
     349           0 :       val = GNUNET_STRINGS_data_to_string_alloc (&usp.old_backup_hash,
     350             :                                                  sizeof (struct
     351             :                                                          GNUNET_HashCode));
     352           0 :       GNUNET_asprintf (&hdr,
     353             :                        "If-Match: %s",
     354             :                        val);
     355           0 :       GNUNET_free (val);
     356           0 :       ext = curl_slist_append (job_headers,
     357             :                                hdr);
     358           0 :       GNUNET_free (hdr);
     359           0 :       if (NULL == ext)
     360             :       {
     361           0 :         GNUNET_break (0);
     362           0 :         curl_slist_free_all (job_headers);
     363           0 :         return NULL;
     364             :       }
     365           0 :       job_headers = ext;
     366             :     }
     367             :   }
     368             :   /* Finished setting up headers */
     369             : 
     370           0 :   uo = GNUNET_new (struct SYNC_UploadOperation);
     371           0 :   uo->new_upload_hash = usp.new_backup_hash;
     372             :   {
     373             :     char *path;
     374             :     char *account_s;
     375             :     struct SYNC_AccountPublicKeyP pub;
     376             : 
     377           0 :     GNUNET_CRYPTO_eddsa_key_get_public (&priv->eddsa_priv,
     378             :                                         &pub.eddsa_pub);
     379           0 :     account_s = GNUNET_STRINGS_data_to_string_alloc (&pub,
     380             :                                                      sizeof (pub));
     381           0 :     GNUNET_asprintf (&path,
     382             :                      "backups/%s",
     383             :                      account_s);
     384           0 :     GNUNET_free (account_s);
     385           0 :     uo->url = (GNUNET_YES == payment_requested)
     386           0 :               ? TALER_url_join (base_url,
     387             :                                 path,
     388             :                                 "pay",
     389             :                                 "y",
     390             :                                 (NULL != paid_order_id)
     391             :                                 ? "paying"
     392             :                                 : NULL,
     393             :                                 paid_order_id,
     394             :                                 NULL)
     395           0 :               : TALER_url_join (base_url,
     396             :                                 path,
     397             :                                 (NULL != paid_order_id)
     398             :                                 ? "paying"
     399             :                                 : NULL,
     400             :                                 paid_order_id,
     401             :                                 NULL);
     402           0 :     GNUNET_free (path);
     403             :   }
     404           0 :   uo->ctx = ctx;
     405           0 :   uo->cb = cb;
     406           0 :   uo->cb_cls = cb_cls;
     407           0 :   eh = SYNC_curl_easy_get_ (uo->url);
     408           0 :   GNUNET_assert (CURLE_OK ==
     409             :                  curl_easy_setopt (eh,
     410             :                                    CURLOPT_POSTFIELDS,
     411             :                                    backup));
     412           0 :   GNUNET_assert (CURLE_OK ==
     413             :                  curl_easy_setopt (eh,
     414             :                                    CURLOPT_POSTFIELDSIZE,
     415             :                                    (long) backup_size));
     416           0 :   GNUNET_assert (CURLE_OK ==
     417             :                  curl_easy_setopt (eh,
     418             :                                    CURLOPT_HEADERFUNCTION,
     419             :                                    &handle_header));
     420           0 :   GNUNET_assert (CURLE_OK ==
     421             :                  curl_easy_setopt (eh,
     422             :                                    CURLOPT_HEADERDATA,
     423             :                                    uo));
     424           0 :   uo->job = GNUNET_CURL_job_add_raw (ctx,
     425             :                                      eh,
     426             :                                      job_headers,
     427             :                                      &handle_upload_finished,
     428             :                                      uo);
     429           0 :   curl_slist_free_all (job_headers);
     430           0 :   return uo;
     431             : }
     432             : 
     433             : 
     434             : /**
     435             :  * Cancel the upload.  Note that aborting an upload does NOT guarantee
     436             :  * that it did not complete, it is possible that the server did
     437             :  * receive the full request before the upload is aborted.
     438             :  *
     439             :  * @param uo operation to cancel.
     440             :  */
     441             : void
     442           0 : SYNC_upload_cancel (struct SYNC_UploadOperation *uo)
     443             : {
     444           0 :   if (NULL != uo->job)
     445             :   {
     446           0 :     GNUNET_CURL_job_cancel (uo->job);
     447           0 :     uo->job = NULL;
     448             :   }
     449           0 :   GNUNET_free (uo->pay_uri);
     450           0 :   GNUNET_free (uo->url);
     451           0 :   GNUNET_free (uo);
     452           0 : }
     453             : 
     454             : 
     455             : /* end of sync_api_upload.c */

Generated by: LCOV version 1.14