Merge pull request #144 from indigo-dc/comments

Comments & Refactoring
indigo-dc · Dec 14, 2018 · 4d2b344 · 4d2b344
2 parents 3939c71 + 4feed5f
commit 4d2b344
Show file tree

Hide file tree

Showing 24 changed files with 589 additions and 372 deletions.
diff --git a/debian/changelog b/debian/changelog
@@ -149,5 +149,6 @@ oidc-agent (2.1.3) UNRELEASED; urgency=medium
   * Fixed a problem with unity OP where access token did not have any scope
   * Fixed strange additional parameters in the auth code exchange request 
   * Fixed superflous error logs when checking if a string is a json object
+  * Changed encoding for memory encryption from hex to base64 
 
  -- Marcus Hardt <[email protected]>  Thu, 13 Dec 2018 13:57:47 +0100
diff --git a/src/account/account.c b/src/account/account.c
@@ -1,11 +1,11 @@
 #include "account.h"
 
-#include "utils/cryptUtils.h"
+#include "utils/crypt/cryptUtils.h"
+#include "utils/crypt/memoryCrypt.h"
 #include "utils/file_io/fileUtils.h"
 #include "utils/file_io/oidc_file_io.h"
 #include "utils/json.h"
 #include "utils/listUtils.h"
-#include "utils/memoryCrypt.h"
 
 #include <syslog.h>
 
@@ -246,7 +246,7 @@ struct oidc_account* decryptAccount(const char* accountname,
     oidc_setArgNullFuncError(__func__);
     return NULL;
   }
-  unsigned char* decrypted = decryptOidcFile(accountname, password);
+  char* decrypted = decryptOidcFile(accountname, password);
   if (NULL == decrypted) {
     return NULL;
   }

diff --git a/src/ipc/cryptCommunicator.c b/src/ipc/cryptCommunicator.c
@@ -1,7 +1,7 @@
 #include "cryptCommunicator.h"
 #include "ipc.h"
 #include "settings.h"
-#include "utils/crypt.h"
+#include "utils/crypt/crypt.h"
 #include "utils/json.h"
 #include "utils/memzero.h"
 #include "utils/oidc_error.h"

diff --git a/src/ipc/cryptIpc.c b/src/ipc/cryptIpc.c
@@ -1,6 +1,6 @@
 #include "cryptIpc.h"
 #include "ipc.h"
-#include "utils/crypt.h"
+#include "utils/crypt/crypt.h"
 #include "utils/json.h"
 #include "utils/memory.h"
 #include "utils/oidc_error.h"

diff --git a/src/oidc-agent/agent_handler.c b/src/oidc-agent/agent_handler.c
@@ -13,7 +13,8 @@
 #include "oidc/flows/openid_config.h"
 #include "oidc/flows/registration.h"
 #include "oidc/flows/revoke.h"
-#include "utils/crypt.h"
+#include "utils/crypt/crypt.h"
+#include "utils/crypt/cryptUtils.h"
 #include "utils/json.h"
 #include "utils/listUtils.h"
 

diff --git a/src/oidc-agent/lock_state.c b/src/oidc-agent/lock_state.c
@@ -3,7 +3,7 @@
 
 #include "agent_state.h"
 #include "list/list.h"
-#include "utils/cryptUtils.h"
+#include "utils/crypt/cryptUtils.h"
 #include "utils/memory.h"
 #include "utils/oidc_error.h"
 

diff --git a/src/oidc-agent/lock_state.h b/src/oidc-agent/lock_state.h
@@ -2,17 +2,13 @@
 #define LOCK_STATE_H
 
 #include "list/list.h"
-#include "utils/crypt.h"
-#include "utils/cryptUtils.h"
 #include "utils/oidc_error.h"
 
 struct lock_state {
   short          locked;
   struct hashed* hash;
 };
 
-void lock_state_setHash(struct lock_state* l, struct hashed* h);
-
 oidc_error_t unlock(list_t* loaded, const char* password);
 oidc_error_t lock(list_t* loaded, const char* password);
 

diff --git a/src/oidc-agent/oidc-agent.c b/src/oidc-agent/oidc-agent.c
@@ -12,9 +12,9 @@
 #include "privileges/agent_privileges.h"
 #include "settings.h"
 #include "utils/accountUtils.h"
+#include "utils/crypt/memoryCrypt.h"
 #include "utils/disableTracing.h"
 #include "utils/listUtils.h"
-#include "utils/memoryCrypt.h"
 #include "utils/oidc_error.h"
 #include "utils/printer.h"
 

diff --git a/src/oidc-gen/gen_handler.c b/src/oidc-gen/gen_handler.c
@@ -9,7 +9,7 @@
 #include "oidc-agent/oidc/device_code.h"
 #include "oidc-gen/parse_ipc.h"
 #include "settings.h"
-#include "utils/cryptUtils.h"
+#include "utils/crypt/cryptUtils.h"
 #include "utils/file_io/fileUtils.h"
 #include "utils/file_io/file_io.h"
 #include "utils/file_io/oidc_file_io.h"

diff --git a/src/settings.h b/src/settings.h
@@ -2,12 +2,24 @@
 #define OIDC_SETTINGS_H
 
 // env var names
+/**
+ * the name of the environment variable used to locate the IPC socket
+ */
 #define OIDC_SOCK_ENV_NAME "OIDC_SOCK"
+/**
+ * the name of the environment variable that holds the agent pid
+ */
 #define OIDC_PID_ENV_NAME "OIDCD_PID"
 
+/**
+ * the scope used as default value
+ */
 #define DEFAULT_SCOPE "openid profile offline_access"
 
 // file names
+/**
+ * the path to the config dir, if not provided via make
+ */
 #ifndef CONFIG_PATH
 #define CONFIG_PATH "/etc"
 #endif
@@ -16,7 +28,13 @@
 #define PRIVILEGES_PATH CONFIG_PATH "/oidc-agent/privileges"
 
 #define MAX_PASS_TRIES 3
+/**
+ * maximum number of polling tries
+ */
 #define MAX_POLL 10
+/**
+ * the delta between two pollings in milliseconds
+ */
 #define DELTA_POLL 1000  // milliseconds
 
 #define CONF_ENDPOINT_SUFFIX ".well-known/openid-configuration"
@@ -28,6 +46,11 @@ static char* possibleCertFiles[] = {
     "/etc/pki/tls/cacert.pem"              // OpenELEC
 };
 
+/**
+ * prefix for tmp-files generated during account generation;
+ * if dynamic client registration is used, the client config is temporarily
+ * saved in a file prefixed with that string
+ */
 #define CLIENT_TMP_PREFIX "/tmp/oidc-gen:"
 
 #endif  // OIDC_SETTINGS_H
diff --git a/src/utils/accountUtils.c b/src/utils/accountUtils.c
@@ -3,6 +3,11 @@
 #include <syslog.h>
 #include <time.h>
 
+/**
+ * @brief returns the minimum death time in an account list
+ * @param accounts a list of (loaded) accounts
+ * @return the minimum time of death; might be @c 0
+ */
 time_t getMinDeath(list_t* accounts) {
   syslog(LOG_AUTHPRIV | LOG_DEBUG, "Getting min death time for accounts");
   time_t           min = 0;
@@ -22,6 +27,13 @@ time_t getMinDeath(list_t* accounts) {
   return min;
 }
 
+/**
+ * @brief returns an account that death was prior to the current time
+ * @param accounts a list of (loaded) accounts - searchspace
+ * only one death account is returned per call; to find all death accounts in @p
+ * accounts @c getDeathAccount should be called until it returns @c NULL
+ * @return a pointer to a dead account or @c NULL
+ */
 struct oidc_account* getDeathAccount(list_t* accounts) {
   syslog(LOG_AUTHPRIV | LOG_DEBUG, "Searching for death accounts");
   list_node_t*     node;

diff --git a/src/utils/colors.c b/src/utils/colors.c
@@ -5,21 +5,47 @@
 
 #include <stdio.h>
 
+/**
+ * @brief prints a message in a specific color
+ * @param out the FD where the message should be printed
+ * @param colorCode the color code
+ * @param fmt the format string of the message
+ * @param args the arguments of the message
+ * @return the return value of the @c vfprintf function
+ */
 int _vprintColored(FILE* out, char* colorCode, char* fmt, va_list args) {
   char* colored = oidc_sprintf("%s%s%s", colorCode, fmt, C_RESET);
   int   ret     = vfprintf(out, colored, args);
   secFree(colored);
   return ret;
 }
 
+/**
+ * @brief prints an message colored in C_ERROR
+ * @param fmt the format string of the message
+ * @param args the arguments of the message
+ * @return the return value of the @c _vprintColored function
+ */
 int printErrorColored(char* fmt, va_list args) {
   return _vprintColored(stderr, C_ERROR, fmt, args);
 }
 
+/**
+ * @brief prints an message colored in C_PROMPT
+ * @param fmt the format string of the message
+ * @param args the arguments of the message
+ * @return the return value of the @c _vprintColored function
+ */
 int printPromptColored(char* fmt, va_list args) {
   return _vprintColored(stderr, C_PROMPT, fmt, args);
 }
 
+/**
+ * @brief prints an message colored in C_IMPORTANT
+ * @param fmt the format string of the message
+ * @param args the arguments of the message
+ * @return the return value of the @c _vprintColored function
+ */
 int printImportantColored(char* fmt, va_list args) {
   return _vprintColored(stderr, C_IMPORTANT, fmt, args);
 }