Commit Graph

44 Commits

Author SHA1 Message Date
Andrew Bettison
3c993f0273 Add fromhere=2 to Rhizome list output
Need a way for the client to distinguish between authenticated (certain)
and unauthenticated (likely) author SIDs in the context of a bundle list,
since the bundle list does not verify manifest signatures for performance
and battery life reasons.
2015-11-02 12:26:40 +10:30
Andrew Bettison
419364b5a9 Improve REST HTTP response status codes
List all the HTTP status codes in the REST API tech doc.

Only use 403 Forbidden for requests originating from a disallowed
origin (ie, not localhost).

- Return 400 for missing, unknown, duplicate and out-of-order form
  parts in POST requests.
- Return 415 Unsupported Media Type for unsupported form part
  Content-Disposition and Content-Type (including unsupported
  charset).
- Return 414 Request-URI Too Long for any buffer exhaustion while
  parsing request.
- Return 419 Authentication Timeout for missing crypto secret.
2015-11-02 12:26:40 +10:30
Andrew Bettison
6123503c15 Improve Rhizome HTTP status codes
Also improve some reason phrases and test them
2015-09-21 18:43:24 +09:30
Jeremy Lakeman
84caf21969 Use section linking to define httpd pages 2015-08-24 12:49:09 +09:30
Andrew Bettison
7d9a5faa4e Move if(config.debug.xxx) tests into DEBUGF()
Original DEBUG() and DEBUGF() macros renamed to _DEBUG() and _DEBUGF()
New DEBUG() and DEBUGF() macros, first argument is flagname
New DEBUGF2(foo, bar, ...) macro does if(config.debug.foo||config.debug.bar) test
Replace almost all config.debug.xxx references to IF_DEBUG(xxx)
2015-07-13 16:00:05 +09:30
Andrew Bettison
6febcc350d Replace RESTful newsince polling with triggers
Remove the 'api.restful.newsince_poll_ms' config option, no longer
needed.
2015-06-02 02:23:06 +09:30
Andrew Bettison
f602674ea5 RESTful Rhizome add/insert always return HTTP 201
The 200 status is reserved to indicate a well-formed and
legal request but the bundle was not added because the
store rejected it.
2015-04-13 14:39:51 +09:30
Andrew Bettison
7734e24006 /restful/rhizome/append on existing journal
Refactor Rhizome insert/append logic into functions used by both CLI and
RESTful API.  Improve RESTful diagnostic messages.
2015-03-30 18:24:12 +10:30
Andrew Bettison
99ff49d502 /restful/rhizome/insert reject out-of-order parameters
Must have the 'bundle-secret', 'bundle-author' and 'bundle-id'
parameters before the 'manifest' part
2015-03-28 05:09:38 +10:30
Andrew Bettison
ccf4824605 Add 'manifest-id' parameter to /restful/rhizome/insert 2015-03-28 05:09:38 +10:30
Andrew Bettison
da22816784 Add 'rhizome add file --bundle=BID' option
A convenience to re-use an existing manifest, instead of having
to extract the manifest, erase some fields, then pass the result
back into the 'rhizome add file' command
2015-03-28 05:09:38 +10:30
Andrew Bettison
7f564e4dcf Make strn_to_xxx() functions consistent
All strn_to_xxx() functions should take a 'size_t len' parameter

All functions that take a 'const char **endp' parameter should
be named parse_xxx(), and should also have a 'ssize_t len' parameter
which can be -1 to indicate a null-terminated string
2015-03-28 04:53:09 +10:30
Andrew Bettison
015b4a0b07 Refactor and improve "journal append"
Distinguish between fatal and user-supplied-input errors, return
error descriptive text in a strbuf to allow dynamic content, apply
user-supplied field assgnments/deletions _after_ copying existing
manifest fields, use exit status 4 (invalid manifest) when applying
journal append to a non-journal or vice versa
2015-03-23 17:38:46 +10:30
Andrew Bettison
217fc7cde9 Improve diagnostic logging and HTTP responses 2015-03-16 22:40:46 +10:30
Andrew Bettison
4d5cded047 Change return type of rhizome_fill_manifest()
To help improve diagnostic feedback through APIs
2015-03-16 22:40:08 +10:30
Andrew Bettison
c9131f43a2 POST /restful/rhizome/append for journals 2015-03-02 18:52:12 +10:30
Andrew Bettison
4b234fbfbd Fix /restful/rhizome/insert HTTP status code
Return 403 "Forbidden" instead of 501 "Not implemented" when
given a journal bundle
2015-03-02 18:49:51 +10:30
gardners
2802f75fa2 allow blank format field in post, so that libcurl can be used to
insert rhizome bundles.
2015-02-15 17:48:47 +10:30
Jeremy Lakeman
ce21c64809 Allow serving of static http content from [etc]/static/ 2014-12-01 10:21:35 +10:30
Andrew Bettison
081f7ab8c8 Add recent bundle secret improvements to RESTful API
The "#passphrase" notation was already supported, and now the RESTful
API can be used to create and update anonymous and authored bundles
using only the bundle secret, just like the CLI.
2014-11-14 17:31:08 +10:30
Andrew Bettison
d8f26a76ee Accept '#passphrase' for bundle secret arguments
As well as a hex string.  Applies to CLI and also REST API.
Maximum pass phrase length is 80 ASCII chars.
2014-11-14 13:11:44 +10:30
Jeremy Lakeman
851144ea0a Refactor keyring identity iteration 2014-10-31 15:19:59 +10:30
Jeremy Lakeman
2c72875508 Ensure sql lock failures are returned. 2014-09-12 15:24:23 +09:30
Jeremy Lakeman
31cf3a67b5 Allow lcal http servers to perform cross site scripting of restful APIs 2014-07-28 12:54:57 +09:30
Andrew Bettison
d436705e64 Fix conflict on UNUSED() macro from OpenJDK 7
The OpenJDK 7 recently introduced the UNUSED() macro in their jni_md.h
header file, which is included from <jni.h>.  This causes a
compile-error if "constants.h", which defines our own UNUSED() macro, is
included as well as <jni.h>.

The OpenJDK UNUSED() macro is unsuitable for our own use, because it
prefixes the unused identifier with "UNUSED_" whereas we depend on the
parameter name remaining unchanged.

I have reported this as a Request for Enhancement with Oracle Java,
asking them to remove the UNUSED() macro, since it is not used by any
JNI or Java extension header files.  Review ID: JI-9013689.

In the meantime, constants.h now undefines UNUSED before defining it, so
including <jni.h> before "constants.h" will avoid a compile error.
2014-07-23 11:55:55 +09:30
Andrew Bettison
8842f32b19 Rhizome Java API: insert journal is not implemented
Change the HTTP response code for unimplemented operations from 403 to
501
2014-07-10 22:23:11 +09:30
Andrew Bettison
e35bf77938 Rhizome Java API: insert/update empty bundle 2014-07-10 22:06:46 +09:30
Andrew Bettison
04b2a20e54 Rhizome Java API: improved form-data headers
Change manifest Content-Type from rhizome-manifest/text to
rhizome/manifest; format="text+binarysig"

Add "Content-Transfer-Encoding" form-part headers to Java API
sent form parts, although not currently checked by Rhizome
RESTful interface
2014-07-10 21:12:40 +09:30
Andrew Bettison
a81d05b4f6 Rhizome Java API: insert bundle 2014-07-10 06:43:17 +09:30
Andrew Bettison
3715c5bf0b Rhizome Java API: negative fetch tests 2014-07-10 06:30:50 +09:30
Andrew Bettison
2aec8f31a4 Rhizome Java API: get decrypted payload 2014-07-10 06:30:50 +09:30
Andrew Bettison
cf43635789 Improve Rhizome HTTP RESTful interface
Add RHIZOME_BUNDLE_STATUS_READONLY enum value

Tighten up switch statements on bundle and payload status enums (no
default labels)

Rename some recently added enum entries

Return bundle status and payload status in HTTP responses

Add test for failing to decrypt a foreign encrypted bundle payload,
fix bug that caused an assertion failure

Add tests for fetching a non-existent manifest and fetching bundles
whose payload blob is not in the store
2014-07-10 06:29:51 +09:30
Andrew Bettison
34b6ff48bf Rhizome Java API: get raw payload
Added more "Serval-Rhizome-Bundle-xxx" headers to /restful/rhizome/
responses, so that a more complete manifest can be constructed from
them
2014-07-10 06:29:09 +09:30
Andrew Bettison
93e67ede63 Rhizome Java API: get manifest
Fixes assertion violation in GET /restful/rhizome/<BID>.rhm when <BID>
not found
2014-07-10 06:29:09 +09:30
Andrew Bettison
067340bbba Change HTTP Authorization realm to "Serval RESTful API"
Was "Serval Rhizome", which is not accurate
2014-06-30 11:11:01 +09:30
Andrew Bettison
11e9d38299 Rename config 'rhizome.api.restful' to 'api.restful' 2014-06-30 11:11:01 +09:30
Jeremy Lakeman
804cc93be6 Fix HTTP transfers of large payloads 2014-06-27 15:07:26 +09:30
Andrew Bettison
819b8dc9e7 MeshMS RESTful API stricter on incoming form data
/restful/meshms/SID/SID/sendmessage now enforces Content-Disposition:
form-data (was ignoring), and enforces Content-Type: text/plain;
charset=utf-8 (was ignoring)

New negative test cases to ensure that these are treated strictly
2014-06-23 12:27:09 +09:30
Jeremy Lakeman
7ff89afcf4 Reinstate rhizome database storage limit
- old / large payloads should be evicted to fit more payloads
- if there isn't enough space, new payloads will not be added
2014-06-19 11:09:09 +09:30
Andrew Bettison
008dd6ab21 Add size_t arg to strn_to_sid_t() 2014-04-29 13:39:21 +09:30
Andrew Bettison
a77b0702b1 Rename uuid_t --> serval_uuid_t
To avoid compile errors on OSX
2014-02-17 13:26:03 +10:30
Andrew Bettison
0769fa54e8 Improve MeshMS RESTful HTTP failure reporting
Add "meshms_status_code" element to simple JSON responses
2014-02-07 16:28:40 +10:30
Andrew Bettison
fd86a3d17f Implement HTTP POST /restful/meshms/<SID>/<SID>/sendmessage
Rename struct meshms_ply fields from "buffer" to "record" for
consistency with comment terminology
2014-02-05 14:28:15 +10:30
Andrew Bettison
fb2709d10c Create rhizome_restful.c, meshms_restful.c
Move code from rhizome_http.c into rhizome_restful.c and
meshms_restful.c
2014-02-03 23:05:15 +10:30