HTTP /restful/rhizome/newsince/... token validation

Ensure that token has the same UUID as the Rhizome database.
This commit is contained in:
Andrew Bettison 2013-11-19 16:56:24 +10:30
parent fce0893173
commit 6e4acb6ab9
2 changed files with 7 additions and 0 deletions

View File

@ -380,6 +380,8 @@ static int strn_to_list_token(const char *str, uint64_t *rowidp, const char **af
unsigned char token[sizeof rhizome_db_uuid.u.binary + sizeof *rowidp]; unsigned char token[sizeof rhizome_db_uuid.u.binary + sizeof *rowidp];
if (base64url_decode(token, sizeof token, str, 0, afterp, 0, NULL) != sizeof token) if (base64url_decode(token, sizeof token, str, 0, afterp, 0, NULL) != sizeof token)
return 0; return 0;
if (cmp_uuid_t(&rhizome_db_uuid, (uuid_t *) &token) != 0)
return 0;
memcpy(rowidp, token + sizeof rhizome_db_uuid.u.binary, sizeof *rowidp); memcpy(rowidp, token + sizeof rhizome_db_uuid.u.binary, sizeof *rowidp);
return 1; return 1;
} }

5
uuid.h
View File

@ -22,6 +22,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#include <stdint.h> #include <stdint.h>
#include <alloca.h> #include <alloca.h>
#include <string.h>
#include "strbuf.h" #include "strbuf.h"
#ifndef __SERVALDNA_UUID_H_INLINE #ifndef __SERVALDNA_UUID_H_INLINE
@ -73,6 +74,10 @@ enum uuid_version {
UUID_VERSION_NAME_SHA1 = 5 UUID_VERSION_NAME_SHA1 = 5
}; };
__SERVALDNA_UUID_H_INLINE int cmp_uuid_t(const uuid_t *a, const uuid_t *b) {
return memcmp(a->u.binary, b->u.binary, sizeof a->u.binary);
}
__SERVALDNA_UUID_H_INLINE int uuid_is_valid(const uuid_t *any_uuid) { __SERVALDNA_UUID_H_INLINE int uuid_is_valid(const uuid_t *any_uuid) {
return (any_uuid->u.record.clock_seq_hi_and_reserved & 0xc0) == 0x80; return (any_uuid->u.record.clock_seq_hi_and_reserved & 0xc0) == 0x80;
} }