forked from cory/tildefriends
		
	Merge branch 'main' of https://dev.tildefriends.net/cory/tildefriends
This commit is contained in:
		
							
								
								
									
										164
									
								
								src/httpd.js.c
									
									
									
									
									
								
							
							
						
						
									
										164
									
								
								src/httpd.js.c
									
									
									
									
									
								
							| @@ -31,6 +31,10 @@ | |||||||
|  |  | ||||||
| #define tf_countof(a) ((int)(sizeof((a)) / sizeof(*(a)))) | #define tf_countof(a) ((int)(sizeof((a)) / sizeof(*(a)))) | ||||||
|  |  | ||||||
|  | #define CYAN "\e[1;36m" | ||||||
|  | #define MAGENTA "\e[1;35m" | ||||||
|  | #define RESET "\e[0m" | ||||||
|  |  | ||||||
| const int64_t k_refresh_interval = 1ULL * 7 * 24 * 60 * 60 * 1000; | const int64_t k_refresh_interval = 1ULL * 7 * 24 * 60 * 60 * 1000; | ||||||
|  |  | ||||||
| static JSValue _authenticate_jwt(JSContext* context, const char* jwt); | static JSValue _authenticate_jwt(JSContext* context, const char* jwt); | ||||||
| @@ -416,6 +420,7 @@ static JSValue _httpd_endpoint_start(JSContext* context, JSValueConst this_val, | |||||||
| 	*listener = (httpd_listener_t) { .context = context, .tls = JS_DupValue(context, argv[1]) }; | 	*listener = (httpd_listener_t) { .context = context, .tls = JS_DupValue(context, argv[1]) }; | ||||||
| 	tf_tls_context_t* tls = tf_tls_context_get(listener->tls); | 	tf_tls_context_t* tls = tf_tls_context_get(listener->tls); | ||||||
| 	int assigned_port = tf_http_listen(http, port, tls, _httpd_listener_cleanup, listener); | 	int assigned_port = tf_http_listen(http, port, tls, _httpd_listener_cleanup, listener); | ||||||
|  | 	tf_printf(CYAN "~😎 Tilde Friends" RESET " is now up at " MAGENTA "http%s://127.0.0.1:%d/" RESET ".\n", tls ? "s" : "", assigned_port); | ||||||
| 	return JS_NewInt32(context, assigned_port); | 	return JS_NewInt32(context, assigned_port); | ||||||
| } | } | ||||||
|  |  | ||||||
| @@ -1213,6 +1218,94 @@ static bool _verify_password(const char* password, const char* hash) | |||||||
| 	return out_hash && strcmp(hash, out_hash) == 0; | 	return out_hash && strcmp(hash, out_hash) == 0; | ||||||
| } | } | ||||||
|  |  | ||||||
|  | static const char* _get_code_of_conduct(tf_ssb_t* ssb) | ||||||
|  | { | ||||||
|  | 	JSContext* context = tf_ssb_get_context(ssb); | ||||||
|  | 	const char* settings = tf_ssb_db_get_property(ssb, "core", "settings"); | ||||||
|  | 	JSValue settings_value = settings ? JS_ParseJSON(context, settings, strlen(settings), NULL) : JS_UNDEFINED; | ||||||
|  | 	JSValue code_of_conduct_value = JS_GetPropertyStr(context, settings_value, "code_of_conduct"); | ||||||
|  | 	const char* code_of_conduct = JS_ToCString(context, code_of_conduct_value); | ||||||
|  | 	const char* result = tf_strdup(code_of_conduct); | ||||||
|  | 	JS_FreeCString(context, code_of_conduct); | ||||||
|  | 	JS_FreeValue(context, code_of_conduct_value); | ||||||
|  | 	JS_FreeValue(context, settings_value); | ||||||
|  | 	tf_free((void*)settings); | ||||||
|  | 	return result; | ||||||
|  | } | ||||||
|  |  | ||||||
|  | static bool _make_administrator_if_first(tf_ssb_t* ssb, const char* account_name_copy, bool may_become_first_admin) | ||||||
|  | { | ||||||
|  | 	JSContext* context = tf_ssb_get_context(ssb); | ||||||
|  | 	const char* settings = tf_ssb_db_get_property(ssb, "core", "settings"); | ||||||
|  | 	JSValue settings_value = settings ? JS_ParseJSON(context, settings, strlen(settings), NULL) : JS_UNDEFINED; | ||||||
|  | 	if (JS_IsUndefined(settings_value)) | ||||||
|  | 	{ | ||||||
|  | 		settings_value = JS_NewObject(context); | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	bool have_administrator = false; | ||||||
|  | 	JSValue permissions = JS_GetPropertyStr(context, settings_value, "permissions"); | ||||||
|  |  | ||||||
|  | 	JSPropertyEnum* ptab = NULL; | ||||||
|  | 	uint32_t plen = 0; | ||||||
|  | 	JS_GetOwnPropertyNames(context, &ptab, &plen, permissions, JS_GPN_STRING_MASK); | ||||||
|  | 	for (int i = 0; i < (int)plen; i++) | ||||||
|  | 	{ | ||||||
|  | 		JSPropertyDescriptor desc = { 0 }; | ||||||
|  | 		if (JS_GetOwnProperty(context, &desc, permissions, ptab[i].atom) == 1) | ||||||
|  | 		{ | ||||||
|  | 			int permission_length = tf_util_get_length(context, desc.value); | ||||||
|  | 			for (int i = 0; i < permission_length; i++) | ||||||
|  | 			{ | ||||||
|  | 				JSValue entry = JS_GetPropertyUint32(context, desc.value, i); | ||||||
|  | 				const char* permission = JS_ToCString(context, entry); | ||||||
|  | 				if (permission && strcmp(permission, "administration") == 0) | ||||||
|  | 				{ | ||||||
|  | 					have_administrator = true; | ||||||
|  | 				} | ||||||
|  | 				JS_FreeCString(context, permission); | ||||||
|  | 				JS_FreeValue(context, entry); | ||||||
|  | 			} | ||||||
|  | 			JS_FreeValue(context, desc.setter); | ||||||
|  | 			JS_FreeValue(context, desc.getter); | ||||||
|  | 			JS_FreeValue(context, desc.value); | ||||||
|  | 		} | ||||||
|  | 	} | ||||||
|  | 	for (uint32_t i = 0; i < plen; ++i) | ||||||
|  | 	{ | ||||||
|  | 		JS_FreeAtom(context, ptab[i].atom); | ||||||
|  | 	} | ||||||
|  | 	js_free(context, ptab); | ||||||
|  |  | ||||||
|  | 	if (!have_administrator && may_become_first_admin) | ||||||
|  | 	{ | ||||||
|  | 		if (JS_IsUndefined(permissions)) | ||||||
|  | 		{ | ||||||
|  | 			permissions = JS_NewObject(context); | ||||||
|  | 			JS_SetPropertyStr(context, settings_value, "permissions", JS_DupValue(context, permissions)); | ||||||
|  | 		} | ||||||
|  | 		JSValue user = JS_GetPropertyStr(context, permissions, account_name_copy); | ||||||
|  | 		if (JS_IsUndefined(user)) | ||||||
|  | 		{ | ||||||
|  | 			user = JS_NewArray(context); | ||||||
|  | 			JS_SetPropertyStr(context, permissions, account_name_copy, JS_DupValue(context, user)); | ||||||
|  | 		} | ||||||
|  | 		JS_SetPropertyUint32(context, user, tf_util_get_length(context, user), JS_NewString(context, "administration")); | ||||||
|  | 		JS_FreeValue(context, user); | ||||||
|  |  | ||||||
|  | 		JSValue settings_json = JS_JSONStringify(context, settings_value, JS_NULL, JS_NULL); | ||||||
|  | 		const char* settings_string = JS_ToCString(context, settings_json); | ||||||
|  | 		tf_ssb_db_set_property(ssb, "core", "settings", settings_string); | ||||||
|  | 		JS_FreeCString(context, settings_string); | ||||||
|  | 		JS_FreeValue(context, settings_json); | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	JS_FreeValue(context, permissions); | ||||||
|  | 	JS_FreeValue(context, settings_value); | ||||||
|  | 	tf_free((void*)settings); | ||||||
|  | 	return have_administrator; | ||||||
|  | } | ||||||
|  |  | ||||||
| static void _httpd_endpoint_login(tf_http_request_t* request) | static void _httpd_endpoint_login(tf_http_request_t* request) | ||||||
| { | { | ||||||
| 	tf_task_t* task = request->user_data; | 	tf_task_t* task = request->user_data; | ||||||
| @@ -1310,6 +1403,8 @@ static void _httpd_endpoint_login(tf_http_request_t* request) | |||||||
| 		tf_free(post_form_data); | 		tf_free(post_form_data); | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
|  | 	bool have_administrator = _make_administrator_if_first(ssb, account_name_copy, may_become_first_admin); | ||||||
|  |  | ||||||
| 	if (session_is_new && _form_data_get(form_data, "return") && !login_error) | 	if (session_is_new && _form_data_get(form_data, "return") && !login_error) | ||||||
| 	{ | 	{ | ||||||
| 		const char* return_url = _form_data_get(form_data, "return"); | 		const char* return_url = _form_data_get(form_data, "return"); | ||||||
| @@ -1334,69 +1429,8 @@ static void _httpd_endpoint_login(tf_http_request_t* request) | |||||||
| 	{ | 	{ | ||||||
| 		tf_http_request_ref(request); | 		tf_http_request_ref(request); | ||||||
|  |  | ||||||
| 		const char* settings = tf_ssb_db_get_property(ssb, "core", "settings"); |  | ||||||
| 		JSValue settings_value = settings ? JS_ParseJSON(context, settings, strlen(settings), NULL) : JS_UNDEFINED; |  | ||||||
| 		JSValue code_of_conduct_value = JS_GetPropertyStr(context, settings_value, "code_of_conduct"); |  | ||||||
| 		const char* code_of_conduct = JS_ToCString(context, code_of_conduct_value); |  | ||||||
|  |  | ||||||
| 		bool have_administrator = false; |  | ||||||
| 		JSValue permissions = JS_GetPropertyStr(context, settings_value, "permissions"); |  | ||||||
|  |  | ||||||
| 		JSPropertyEnum* ptab = NULL; |  | ||||||
| 		uint32_t plen = 0; |  | ||||||
| 		JS_GetOwnPropertyNames(context, &ptab, &plen, permissions, JS_GPN_STRING_MASK); |  | ||||||
| 		for (int i = 0; i < (int)plen; i++) |  | ||||||
| 		{ |  | ||||||
| 			JSPropertyDescriptor desc = { 0 }; |  | ||||||
| 			if (JS_GetOwnProperty(context, &desc, permissions, ptab[i].atom) == 1) |  | ||||||
| 			{ |  | ||||||
| 				int permission_length = tf_util_get_length(context, desc.value); |  | ||||||
| 				for (int i = 0; i < permission_length; i++) |  | ||||||
| 				{ |  | ||||||
| 					JSValue entry = JS_GetPropertyUint32(context, desc.value, i); |  | ||||||
| 					const char* permission = JS_ToCString(context, entry); |  | ||||||
| 					if (permission && strcmp(permission, "administration") == 0) |  | ||||||
| 					{ |  | ||||||
| 						have_administrator = true; |  | ||||||
| 					} |  | ||||||
| 					JS_FreeCString(context, permission); |  | ||||||
| 					JS_FreeValue(context, entry); |  | ||||||
| 				} |  | ||||||
| 				JS_FreeValue(context, desc.setter); |  | ||||||
| 				JS_FreeValue(context, desc.getter); |  | ||||||
| 				JS_FreeValue(context, desc.value); |  | ||||||
| 			} |  | ||||||
| 		} |  | ||||||
| 		for (uint32_t i = 0; i < plen; ++i) |  | ||||||
| 		{ |  | ||||||
| 			JS_FreeAtom(context, ptab[i].atom); |  | ||||||
| 		} |  | ||||||
| 		js_free(context, ptab); |  | ||||||
|  |  | ||||||
| 		if (!have_administrator && may_become_first_admin) |  | ||||||
| 		{ |  | ||||||
| 			if (JS_IsUndefined(permissions)) |  | ||||||
| 			{ |  | ||||||
| 				permissions = JS_NewObject(context); |  | ||||||
| 				JS_SetPropertyStr(context, settings_value, "permissions", permissions); |  | ||||||
| 			} |  | ||||||
| 			JSValue user = JS_GetPropertyStr(context, permissions, account_name_copy); |  | ||||||
| 			if (JS_IsUndefined(user)) |  | ||||||
| 			{ |  | ||||||
| 				user = JS_NewArray(context); |  | ||||||
| 				JS_SetPropertyStr(context, permissions, account_name_copy, user); |  | ||||||
| 			} |  | ||||||
| 			JS_SetPropertyUint32(context, user, tf_util_get_length(context, user), JS_NewString(context, "administration")); |  | ||||||
|  |  | ||||||
| 			JSValue settings_json = JS_JSONStringify(context, settings_value, JS_NULL, JS_NULL); |  | ||||||
| 			const char* settings_string = JS_ToCString(context, settings_json); |  | ||||||
| 			tf_ssb_db_set_property(ssb, "core", "settings", settings_string); |  | ||||||
| 			JS_FreeCString(context, settings_string); |  | ||||||
| 			JS_FreeValue(context, settings_json); |  | ||||||
| 		} |  | ||||||
| 		JS_FreeValue(context, permissions); |  | ||||||
|  |  | ||||||
| 		login_request_t* login = tf_malloc(sizeof(login_request_t)); | 		login_request_t* login = tf_malloc(sizeof(login_request_t)); | ||||||
|  | 		const char* code_of_conduct = _get_code_of_conduct(ssb); | ||||||
| 		*login = (login_request_t) { | 		*login = (login_request_t) { | ||||||
| 			.request = request, | 			.request = request, | ||||||
| 			.name = account_name_copy, | 			.name = account_name_copy, | ||||||
| @@ -1404,14 +1438,10 @@ static void _httpd_endpoint_login(tf_http_request_t* request) | |||||||
| 			.error = login_error, | 			.error = login_error, | ||||||
| 			.session_cookie = send_session, | 			.session_cookie = send_session, | ||||||
| 			.session_is_new = session_is_new, | 			.session_is_new = session_is_new, | ||||||
| 			.code_of_conduct = tf_strdup(code_of_conduct), | 			.code_of_conduct = code_of_conduct, | ||||||
| 			.have_administrator = have_administrator, | 			.have_administrator = have_administrator, | ||||||
| 		}; | 		}; | ||||||
|  |  | ||||||
| 		JS_FreeCString(context, code_of_conduct); |  | ||||||
| 		JS_FreeValue(context, code_of_conduct_value); |  | ||||||
| 		JS_FreeValue(context, settings_value); |  | ||||||
| 		tf_free((void*)settings); |  | ||||||
| 		tf_file_read(request->user_data, "core/auth.html", _httpd_endpoint_login_file_read_callback, login); | 		tf_file_read(request->user_data, "core/auth.html", _httpd_endpoint_login_file_read_callback, login); | ||||||
| 		jwt = JS_UNDEFINED; | 		jwt = JS_UNDEFINED; | ||||||
| 		account_name_copy = NULL; | 		account_name_copy = NULL; | ||||||
|   | |||||||
							
								
								
									
										55
									
								
								src/main.c
									
									
									
									
									
								
							
							
						
						
									
										55
									
								
								src/main.c
									
									
									
									
									
								
							| @@ -48,6 +48,7 @@ static int _tf_command_import(const char* file, int argc, char* argv[]); | |||||||
| static int _tf_command_export(const char* file, int argc, char* argv[]); | static int _tf_command_export(const char* file, int argc, char* argv[]); | ||||||
| static int _tf_command_run(const char* file, int argc, char* argv[]); | static int _tf_command_run(const char* file, int argc, char* argv[]); | ||||||
| static int _tf_command_sandbox(const char* file, int argc, char* argv[]); | static int _tf_command_sandbox(const char* file, int argc, char* argv[]); | ||||||
|  | static int _tf_command_verify(const char* file, int argc, char* argv[]); | ||||||
| static int _tf_command_usage(const char* file); | static int _tf_command_usage(const char* file); | ||||||
|  |  | ||||||
| typedef struct _command_t | typedef struct _command_t | ||||||
| @@ -62,6 +63,7 @@ const command_t k_commands[] = { | |||||||
| 	{ "sandbox", _tf_command_sandbox, "Run a sandboxed tildefriends sandbox process (used internally)." }, | 	{ "sandbox", _tf_command_sandbox, "Run a sandboxed tildefriends sandbox process (used internally)." }, | ||||||
| 	{ "import", _tf_command_import, "Import apps to SSB." }, | 	{ "import", _tf_command_import, "Import apps to SSB." }, | ||||||
| 	{ "export", _tf_command_export, "Export apps from SSB." }, | 	{ "export", _tf_command_export, "Export apps from SSB." }, | ||||||
|  | 	{ "verify", _tf_command_verify, "Verify a feed." }, | ||||||
| 	{ "test", _tf_command_test, "Test SSB." }, | 	{ "test", _tf_command_test, "Test SSB." }, | ||||||
| }; | }; | ||||||
|  |  | ||||||
| @@ -266,6 +268,59 @@ static int _tf_command_export(const char* file, int argc, char* argv[]) | |||||||
| 	tf_ssb_destroy(ssb); | 	tf_ssb_destroy(ssb); | ||||||
| 	return EXIT_SUCCESS; | 	return EXIT_SUCCESS; | ||||||
| } | } | ||||||
|  |  | ||||||
|  | static int _tf_command_verify(const char* file, int argc, char* argv[]) | ||||||
|  | { | ||||||
|  | 	const char* identity = NULL; | ||||||
|  | 	const char* db_path = k_db_path_default; | ||||||
|  | 	bool show_usage = false; | ||||||
|  |  | ||||||
|  | 	while (!show_usage) | ||||||
|  | 	{ | ||||||
|  | 		static const struct option k_options[] = { | ||||||
|  | 			{ "id", required_argument, NULL, 'u' }, | ||||||
|  | 			{ "db-path", required_argument, NULL, 'd' }, | ||||||
|  | 			{ "help", no_argument, NULL, 'h' }, | ||||||
|  | 			{ 0 }, | ||||||
|  | 		}; | ||||||
|  | 		int c = getopt_long(argc, argv, "i:d:h", k_options, NULL); | ||||||
|  | 		if (c == -1) | ||||||
|  | 		{ | ||||||
|  | 			break; | ||||||
|  | 		} | ||||||
|  |  | ||||||
|  | 		switch (c) | ||||||
|  | 		{ | ||||||
|  | 		case '?': | ||||||
|  | 		case 'h': | ||||||
|  | 		default: | ||||||
|  | 			show_usage = true; | ||||||
|  | 			break; | ||||||
|  | 		case 'i': | ||||||
|  | 			identity = optarg; | ||||||
|  | 			break; | ||||||
|  | 		case 'd': | ||||||
|  | 			db_path = optarg; | ||||||
|  | 			break; | ||||||
|  | 		} | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	if (show_usage) | ||||||
|  | 	{ | ||||||
|  | 		tf_printf("\n%s import [options] [paths...]\n\n", file); | ||||||
|  | 		tf_printf("options:\n"); | ||||||
|  | 		tf_printf("  -i, --identity identity  Identity to verify.\n"); | ||||||
|  | 		tf_printf("  -d, --db-path db_path    SQLite database path (default: %s).\n", k_db_path_default); | ||||||
|  | 		tf_printf("  -h, --help               Show this usage information.\n"); | ||||||
|  | 		return EXIT_FAILURE; | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	tf_printf("Verifying %s...\n", identity); | ||||||
|  | 	tf_ssb_t* ssb = tf_ssb_create(NULL, NULL, db_path, NULL); | ||||||
|  | 	bool verified = tf_ssb_db_verify(ssb, identity); | ||||||
|  | 	tf_ssb_destroy(ssb); | ||||||
|  | 	return verified ? EXIT_SUCCESS : EXIT_FAILURE; | ||||||
|  | } | ||||||
| #endif | #endif | ||||||
|  |  | ||||||
| typedef struct tf_run_args_t | typedef struct tf_run_args_t | ||||||
|   | |||||||
							
								
								
									
										47
									
								
								src/ssb.c
									
									
									
									
									
								
							
							
						
						
									
										47
									
								
								src/ssb.c
									
									
									
									
									
								
							| @@ -1019,7 +1019,18 @@ static bool _tf_ssb_verify_and_strip_signature_internal(JSContext* context, JSVa | |||||||
|  |  | ||||||
| bool tf_ssb_verify_and_strip_signature(JSContext* context, JSValue val, char* out_id, size_t out_id_size, char* out_signature, size_t out_signature_size, int* out_flags) | bool tf_ssb_verify_and_strip_signature(JSContext* context, JSValue val, char* out_id, size_t out_id_size, char* out_signature, size_t out_signature_size, int* out_flags) | ||||||
| { | { | ||||||
| 	if (_tf_ssb_verify_and_strip_signature_internal(context, val, out_id, out_id_size, out_signature, out_signature_size)) | 	JSValue reordered = JS_NewObject(context); | ||||||
|  | 	JS_SetPropertyStr(context, reordered, "previous", JS_GetPropertyStr(context, val, "previous")); | ||||||
|  | 	JS_SetPropertyStr(context, reordered, "author", JS_GetPropertyStr(context, val, "author")); | ||||||
|  | 	JS_SetPropertyStr(context, reordered, "sequence", JS_GetPropertyStr(context, val, "sequence")); | ||||||
|  | 	JS_SetPropertyStr(context, reordered, "timestamp", JS_GetPropertyStr(context, val, "timestamp")); | ||||||
|  | 	JS_SetPropertyStr(context, reordered, "hash", JS_GetPropertyStr(context, val, "hash")); | ||||||
|  | 	JS_SetPropertyStr(context, reordered, "content", JS_GetPropertyStr(context, val, "content")); | ||||||
|  | 	JS_SetPropertyStr(context, reordered, "signature", JS_GetPropertyStr(context, val, "signature")); | ||||||
|  | 	bool result = _tf_ssb_verify_and_strip_signature_internal(context, reordered, out_id, out_id_size, out_signature, out_signature_size); | ||||||
|  | 	JS_FreeValue(context, reordered); | ||||||
|  |  | ||||||
|  | 	if (result) | ||||||
| 	{ | 	{ | ||||||
| 		if (out_flags) | 		if (out_flags) | ||||||
| 		{ | 		{ | ||||||
| @@ -1027,27 +1038,26 @@ bool tf_ssb_verify_and_strip_signature(JSContext* context, JSValue val, char* ou | |||||||
| 		} | 		} | ||||||
| 		return true; | 		return true; | ||||||
| 	} | 	} | ||||||
| 	else |  | ||||||
|  | 	reordered = JS_NewObject(context); | ||||||
|  | 	JS_SetPropertyStr(context, reordered, "previous", JS_GetPropertyStr(context, val, "previous")); | ||||||
|  | 	JS_SetPropertyStr(context, reordered, "sequence", JS_GetPropertyStr(context, val, "sequence")); | ||||||
|  | 	JS_SetPropertyStr(context, reordered, "author", JS_GetPropertyStr(context, val, "author")); | ||||||
|  | 	JS_SetPropertyStr(context, reordered, "timestamp", JS_GetPropertyStr(context, val, "timestamp")); | ||||||
|  | 	JS_SetPropertyStr(context, reordered, "hash", JS_GetPropertyStr(context, val, "hash")); | ||||||
|  | 	JS_SetPropertyStr(context, reordered, "content", JS_GetPropertyStr(context, val, "content")); | ||||||
|  | 	JS_SetPropertyStr(context, reordered, "signature", JS_GetPropertyStr(context, val, "signature")); | ||||||
|  | 	result = _tf_ssb_verify_and_strip_signature_internal(context, reordered, out_id, out_id_size, out_signature, out_signature_size); | ||||||
|  | 	JS_FreeValue(context, reordered); | ||||||
|  | 	if (result) | ||||||
| 	{ | 	{ | ||||||
| 		JSValue reordered = JS_NewObject(context); | 		if (out_flags) | ||||||
| 		JS_SetPropertyStr(context, reordered, "previous", JS_GetPropertyStr(context, val, "previous")); |  | ||||||
| 		JS_SetPropertyStr(context, reordered, "sequence", JS_GetPropertyStr(context, val, "sequence")); |  | ||||||
| 		JS_SetPropertyStr(context, reordered, "author", JS_GetPropertyStr(context, val, "author")); |  | ||||||
| 		JS_SetPropertyStr(context, reordered, "timestamp", JS_GetPropertyStr(context, val, "timestamp")); |  | ||||||
| 		JS_SetPropertyStr(context, reordered, "hash", JS_GetPropertyStr(context, val, "hash")); |  | ||||||
| 		JS_SetPropertyStr(context, reordered, "content", JS_GetPropertyStr(context, val, "content")); |  | ||||||
| 		JS_SetPropertyStr(context, reordered, "signature", JS_GetPropertyStr(context, val, "signature")); |  | ||||||
| 		bool result = _tf_ssb_verify_and_strip_signature_internal(context, reordered, out_id, out_id_size, out_signature, out_signature_size); |  | ||||||
| 		JS_FreeValue(context, reordered); |  | ||||||
| 		if (result) |  | ||||||
| 		{ | 		{ | ||||||
| 			if (out_flags) | 			*out_flags = k_tf_ssb_message_flag_sequence_before_author; | ||||||
| 			{ |  | ||||||
| 				*out_flags = k_tf_ssb_message_flag_sequence_before_author; |  | ||||||
| 			} |  | ||||||
| 			return true; |  | ||||||
| 		} | 		} | ||||||
|  | 		return true; | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
| 	return false; | 	return false; | ||||||
| } | } | ||||||
|  |  | ||||||
| @@ -3608,7 +3618,6 @@ void tf_ssb_verify_strip_and_store_message(tf_ssb_t* ssb, JSValue value, tf_ssb_ | |||||||
| 	} | 	} | ||||||
| 	else | 	else | ||||||
| 	{ | 	{ | ||||||
| 		printf("nope\n"); |  | ||||||
| 		_tf_ssb_verify_strip_and_store_finish(async); | 		_tf_ssb_verify_strip_and_store_finish(async); | ||||||
| 	} | 	} | ||||||
| } | } | ||||||
|   | |||||||
							
								
								
									
										107
									
								
								src/ssb.db.c
									
									
									
									
									
								
							
							
						
						
									
										107
									
								
								src/ssb.db.c
									
									
									
									
									
								
							| @@ -735,12 +735,13 @@ bool tf_ssb_db_blob_store(tf_ssb_t* ssb, const uint8_t* blob, size_t size, char* | |||||||
| 	return result; | 	return result; | ||||||
| } | } | ||||||
|  |  | ||||||
| bool tf_ssb_db_get_message_by_author_and_sequence( | bool tf_ssb_db_get_message_by_author_and_sequence(tf_ssb_t* ssb, const char* author, int64_t sequence, char* out_message_id, size_t out_message_id_size, char* out_previous, | ||||||
| 	tf_ssb_t* ssb, const char* author, int64_t sequence, char* out_message_id, size_t out_message_id_size, double* out_timestamp, char** out_content) | 	size_t out_previous_size, char* out_author, size_t out_author_size, double* out_timestamp, char** out_content, char* out_hash, size_t out_hash_size, char* out_signature, | ||||||
|  | 	size_t out_signature_size, int* out_flags) | ||||||
| { | { | ||||||
| 	bool found = false; | 	bool found = false; | ||||||
| 	sqlite3_stmt* statement; | 	sqlite3_stmt* statement; | ||||||
| 	const char* query = "SELECT id, timestamp, json(content) FROM messages WHERE author = ?1 AND sequence = ?2"; | 	const char* query = "SELECT id, previous, author, timestamp, json(content), hash, signature, flags FROM messages WHERE author = ?1 AND sequence = ?2"; | ||||||
| 	sqlite3* db = tf_ssb_acquire_db_reader(ssb); | 	sqlite3* db = tf_ssb_acquire_db_reader(ssb); | ||||||
| 	if (sqlite3_prepare(db, query, -1, &statement, NULL) == SQLITE_OK) | 	if (sqlite3_prepare(db, query, -1, &statement, NULL) == SQLITE_OK) | ||||||
| 	{ | 	{ | ||||||
| @@ -748,15 +749,45 @@ bool tf_ssb_db_get_message_by_author_and_sequence( | |||||||
| 		{ | 		{ | ||||||
| 			if (out_message_id) | 			if (out_message_id) | ||||||
| 			{ | 			{ | ||||||
| 				strncpy(out_message_id, (const char*)sqlite3_column_text(statement, 0), out_message_id_size - 1); | 				snprintf(out_message_id, out_message_id_size, "%s", (const char*)sqlite3_column_text(statement, 0)); | ||||||
|  | 			} | ||||||
|  | 			if (out_previous) | ||||||
|  | 			{ | ||||||
|  | 				if (sqlite3_column_type(statement, 1) == SQLITE_NULL) | ||||||
|  | 				{ | ||||||
|  | 					if (out_previous_size) | ||||||
|  | 					{ | ||||||
|  | 						*out_previous = '\0'; | ||||||
|  | 					} | ||||||
|  | 				} | ||||||
|  | 				else | ||||||
|  | 				{ | ||||||
|  | 					snprintf(out_previous, out_previous_size, "%s", (const char*)sqlite3_column_text(statement, 1)); | ||||||
|  | 				} | ||||||
|  | 			} | ||||||
|  | 			if (out_author) | ||||||
|  | 			{ | ||||||
|  | 				snprintf(out_author, out_author_size, "%s", (const char*)sqlite3_column_text(statement, 2)); | ||||||
| 			} | 			} | ||||||
| 			if (out_timestamp) | 			if (out_timestamp) | ||||||
| 			{ | 			{ | ||||||
| 				*out_timestamp = sqlite3_column_double(statement, 1); | 				*out_timestamp = sqlite3_column_double(statement, 3); | ||||||
| 			} | 			} | ||||||
| 			if (out_content) | 			if (out_content) | ||||||
| 			{ | 			{ | ||||||
| 				*out_content = tf_strdup((const char*)sqlite3_column_text(statement, 2)); | 				*out_content = tf_strdup((const char*)sqlite3_column_text(statement, 4)); | ||||||
|  | 			} | ||||||
|  | 			if (out_hash) | ||||||
|  | 			{ | ||||||
|  | 				snprintf(out_hash, out_hash_size, "%s", (const char*)sqlite3_column_text(statement, 5)); | ||||||
|  | 			} | ||||||
|  | 			if (out_signature) | ||||||
|  | 			{ | ||||||
|  | 				snprintf(out_signature, out_signature_size, "%s", (const char*)sqlite3_column_text(statement, 6)); | ||||||
|  | 			} | ||||||
|  | 			if (out_flags) | ||||||
|  | 			{ | ||||||
|  | 				*out_flags = sqlite3_column_int(statement, 7); | ||||||
| 			} | 			} | ||||||
| 			found = true; | 			found = true; | ||||||
| 		} | 		} | ||||||
| @@ -1592,6 +1623,7 @@ bool tf_ssb_db_set_account_password(tf_ssb_t* ssb, const char* name, const char* | |||||||
| 		if (sqlite3_bind_text(statement, 1, name, -1, NULL) == SQLITE_OK && sqlite3_bind_text(statement, 2, user_string, user_length, NULL) == SQLITE_OK) | 		if (sqlite3_bind_text(statement, 1, name, -1, NULL) == SQLITE_OK && sqlite3_bind_text(statement, 2, user_string, user_length, NULL) == SQLITE_OK) | ||||||
| 		{ | 		{ | ||||||
| 			result = sqlite3_step(statement) == SQLITE_DONE; | 			result = sqlite3_step(statement) == SQLITE_DONE; | ||||||
|  | 			tf_printf("set account password = %d\n", result); | ||||||
| 		} | 		} | ||||||
| 		sqlite3_finalize(statement); | 		sqlite3_finalize(statement); | ||||||
| 	} | 	} | ||||||
| @@ -1634,6 +1666,7 @@ bool tf_ssb_db_register_account(tf_ssb_t* ssb, const char* name, const char* pas | |||||||
| 	{ | 	{ | ||||||
| 		if (sqlite3_bind_text(statement, 1, value, value_length, NULL) == SQLITE_OK) | 		if (sqlite3_bind_text(statement, 1, value, value_length, NULL) == SQLITE_OK) | ||||||
| 		{ | 		{ | ||||||
|  | 			tf_printf("added user to properties\n"); | ||||||
| 			result = sqlite3_step(statement) == SQLITE_DONE; | 			result = sqlite3_step(statement) == SQLITE_DONE; | ||||||
| 		} | 		} | ||||||
| 		sqlite3_finalize(statement); | 		sqlite3_finalize(statement); | ||||||
| @@ -1784,3 +1817,65 @@ void tf_ssb_db_resolve_index_async(tf_ssb_t* ssb, const char* host, void (*callb | |||||||
| 	}; | 	}; | ||||||
| 	tf_ssb_run_work(ssb, _tf_ssb_db_resolve_index_work, _tf_ssb_db_resolve_index_after_work, request); | 	tf_ssb_run_work(ssb, _tf_ssb_db_resolve_index_work, _tf_ssb_db_resolve_index_after_work, request); | ||||||
| } | } | ||||||
|  |  | ||||||
|  | bool tf_ssb_db_verify(tf_ssb_t* ssb, const char* id) | ||||||
|  | { | ||||||
|  | 	JSContext* context = tf_ssb_get_context(ssb); | ||||||
|  | 	bool verified = true; | ||||||
|  | 	int64_t sequence = -1; | ||||||
|  | 	if (tf_ssb_db_get_latest_message_by_author(ssb, id, &sequence, NULL, 0)) | ||||||
|  | 	{ | ||||||
|  | 		for (int64_t i = 1; i <= sequence; i++) | ||||||
|  | 		{ | ||||||
|  | 			char message_id[k_id_base64_len]; | ||||||
|  | 			char previous[256]; | ||||||
|  | 			double timestamp; | ||||||
|  | 			char* content = NULL; | ||||||
|  | 			char hash[32]; | ||||||
|  | 			char signature[256]; | ||||||
|  | 			int flags = 0; | ||||||
|  | 			if (tf_ssb_db_get_message_by_author_and_sequence(ssb, id, i, message_id, sizeof(message_id), previous, sizeof(previous), NULL, 0, ×tamp, &content, hash, | ||||||
|  | 					sizeof(hash), signature, sizeof(signature), &flags)) | ||||||
|  | 			{ | ||||||
|  | 				JSValue message = tf_ssb_format_message(context, previous, id, i, timestamp, hash, content, signature, flags); | ||||||
|  | 				char calculated_id[k_id_base64_len]; | ||||||
|  | 				char extracted_signature[256]; | ||||||
|  | 				int calculated_flags = 0; | ||||||
|  | 				if (!tf_ssb_verify_and_strip_signature(context, message, calculated_id, sizeof(calculated_id), extracted_signature, sizeof(extracted_signature), &calculated_flags)) | ||||||
|  | 				{ | ||||||
|  | 					tf_printf("author=%s sequence=%" PRId64 " verify failed.\n", id, i); | ||||||
|  | 					verified = false; | ||||||
|  | 				} | ||||||
|  | 				if (calculated_flags != flags) | ||||||
|  | 				{ | ||||||
|  | 					tf_printf("author=%s sequence=%" PRId64 " flag mismatch %d => %d.\n", id, i, flags, calculated_flags); | ||||||
|  | 					verified = false; | ||||||
|  | 				} | ||||||
|  | 				if (strcmp(message_id, calculated_id)) | ||||||
|  | 				{ | ||||||
|  | 					tf_printf("author=%s sequence=%" PRId64 " id mismatch %s => %s.\n", id, i, message_id, calculated_id); | ||||||
|  | 					verified = false; | ||||||
|  | 				} | ||||||
|  | 				JS_FreeValue(context, message); | ||||||
|  | 				tf_free(content); | ||||||
|  |  | ||||||
|  | 				if (!verified) | ||||||
|  | 				{ | ||||||
|  | 					break; | ||||||
|  | 				} | ||||||
|  | 			} | ||||||
|  | 			else | ||||||
|  | 			{ | ||||||
|  | 				tf_printf("Unable to find message with sequence=%" PRId64 " for author=%s.", i, id); | ||||||
|  | 				verified = false; | ||||||
|  | 				break; | ||||||
|  | 			} | ||||||
|  | 		} | ||||||
|  | 	} | ||||||
|  | 	else | ||||||
|  | 	{ | ||||||
|  | 		tf_printf("Unable to get latest message for author '%s'.\n", id); | ||||||
|  | 		verified = false; | ||||||
|  | 	} | ||||||
|  | 	return verified; | ||||||
|  | } | ||||||
|   | |||||||
| @@ -126,8 +126,9 @@ JSValue tf_ssb_db_get_message_by_id(tf_ssb_t* ssb, const char* id, bool is_keys) | |||||||
| ** @param[out] out_content Populated with the message content.  Free with tf_free(). | ** @param[out] out_content Populated with the message content.  Free with tf_free(). | ||||||
| ** @return True if the message was found and retrieved. | ** @return True if the message was found and retrieved. | ||||||
| */ | */ | ||||||
| bool tf_ssb_db_get_message_by_author_and_sequence( | bool tf_ssb_db_get_message_by_author_and_sequence(tf_ssb_t* ssb, const char* author, int64_t sequence, char* out_message_id, size_t out_message_id_size, char* out_previous, | ||||||
| 	tf_ssb_t* ssb, const char* author, int64_t sequence, char* out_message_id, size_t out_message_id_size, double* out_timestamp, char** out_content); | 	size_t out_previous_size, char* out_author, size_t out_author_size, double* out_timestamp, char** out_content, char* out_hash, size_t out_hash_size, char* out_signature, | ||||||
|  | 	size_t out_signature_size, int* out_flags); | ||||||
|  |  | ||||||
| /** | /** | ||||||
| ** Get information about the last message from an author. | ** Get information about the last message from an author. | ||||||
| @@ -379,6 +380,8 @@ bool tf_ssb_db_set_property(tf_ssb_t* ssb, const char* id, const char* key, cons | |||||||
| */ | */ | ||||||
| void tf_ssb_db_resolve_index_async(tf_ssb_t* ssb, const char* host, void (*callback)(const char* path, void* user_data), void* user_data); | void tf_ssb_db_resolve_index_async(tf_ssb_t* ssb, const char* host, void (*callback)(const char* path, void* user_data), void* user_data); | ||||||
|  |  | ||||||
|  | bool tf_ssb_db_verify(tf_ssb_t* ssb, const char* id); | ||||||
|  |  | ||||||
| /** | /** | ||||||
| ** An SQLite authorizer callback.  See https://www.sqlite.org/c3ref/set_authorizer.html for use. | ** An SQLite authorizer callback.  See https://www.sqlite.org/c3ref/set_authorizer.html for use. | ||||||
| ** @param user_data User data registered with the authorizer. | ** @param user_data User data registered with the authorizer. | ||||||
|   | |||||||
							
								
								
									
										24
									
								
								src/ssb.js.c
									
									
									
									
									
								
							
							
						
						
									
										24
									
								
								src/ssb.js.c
									
									
									
									
									
								
							| @@ -576,29 +576,6 @@ static JSValue _tf_ssb_appendMessageWithIdentity(JSContext* context, JSValueCons | |||||||
| 	return result; | 	return result; | ||||||
| } | } | ||||||
|  |  | ||||||
| static JSValue _tf_ssb_getMessage(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) |  | ||||||
| { |  | ||||||
| 	JSValue result = JS_NULL; |  | ||||||
| 	tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); |  | ||||||
| 	if (ssb) |  | ||||||
| 	{ |  | ||||||
| 		const char* id = JS_ToCString(context, argv[0]); |  | ||||||
| 		int64_t sequence = 0; |  | ||||||
| 		JS_ToInt64(context, &sequence, argv[1]); |  | ||||||
| 		double timestamp = -1.0; |  | ||||||
| 		char* contents = NULL; |  | ||||||
| 		if (tf_ssb_db_get_message_by_author_and_sequence(ssb, id, sequence, NULL, 0, ×tamp, &contents)) |  | ||||||
| 		{ |  | ||||||
| 			result = JS_NewObject(context); |  | ||||||
| 			JS_SetPropertyStr(context, result, "timestamp", JS_NewFloat64(context, timestamp)); |  | ||||||
| 			JS_SetPropertyStr(context, result, "content", JS_NewString(context, contents)); |  | ||||||
| 			tf_free(contents); |  | ||||||
| 		} |  | ||||||
| 		JS_FreeCString(context, id); |  | ||||||
| 	} |  | ||||||
| 	return result; |  | ||||||
| } |  | ||||||
|  |  | ||||||
| static JSValue _tf_ssb_blobGet(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) | static JSValue _tf_ssb_blobGet(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) | ||||||
| { | { | ||||||
| 	JSValue result = JS_NULL; | 	JSValue result = JS_NULL; | ||||||
| @@ -1891,7 +1868,6 @@ void tf_ssb_register(JSContext* context, tf_ssb_t* ssb) | |||||||
| 	JS_SetPropertyStr(context, object, "getAllIdentities", JS_NewCFunction(context, _tf_ssb_getAllIdentities, "getAllIdentities", 0)); | 	JS_SetPropertyStr(context, object, "getAllIdentities", JS_NewCFunction(context, _tf_ssb_getAllIdentities, "getAllIdentities", 0)); | ||||||
| 	JS_SetPropertyStr(context, object, "getActiveIdentity", JS_NewCFunction(context, _tf_ssb_getActiveIdentity, "getActiveIdentity", 3)); | 	JS_SetPropertyStr(context, object, "getActiveIdentity", JS_NewCFunction(context, _tf_ssb_getActiveIdentity, "getActiveIdentity", 3)); | ||||||
| 	JS_SetPropertyStr(context, object, "getIdentityInfo", JS_NewCFunction(context, _tf_ssb_getIdentityInfo, "getIdentityInfo", 3)); | 	JS_SetPropertyStr(context, object, "getIdentityInfo", JS_NewCFunction(context, _tf_ssb_getIdentityInfo, "getIdentityInfo", 3)); | ||||||
| 	JS_SetPropertyStr(context, object, "getMessage", JS_NewCFunction(context, _tf_ssb_getMessage, "getMessage", 2)); |  | ||||||
| 	JS_SetPropertyStr(context, object, "blobGet", JS_NewCFunction(context, _tf_ssb_blobGet, "blobGet", 1)); | 	JS_SetPropertyStr(context, object, "blobGet", JS_NewCFunction(context, _tf_ssb_blobGet, "blobGet", 1)); | ||||||
| 	JS_SetPropertyStr(context, object, "messageContentGet", JS_NewCFunction(context, _tf_ssb_messageContentGet, "messageContentGet", 1)); | 	JS_SetPropertyStr(context, object, "messageContentGet", JS_NewCFunction(context, _tf_ssb_messageContentGet, "messageContentGet", 1)); | ||||||
| 	JS_SetPropertyStr(context, object, "connections", JS_NewCFunction(context, _tf_ssb_connections, "connections", 0)); | 	JS_SetPropertyStr(context, object, "connections", JS_NewCFunction(context, _tf_ssb_connections, "connections", 0)); | ||||||
|   | |||||||
| @@ -83,6 +83,13 @@ try: | |||||||
| 	driver.switch_to.frame(wait.until(expected_conditions.presence_of_element_located((By.ID, 'document')))) | 	driver.switch_to.frame(wait.until(expected_conditions.presence_of_element_located((By.ID, 'document')))) | ||||||
| 	id1 = wait.until(expected_conditions.presence_of_element_located((By.TAG_NAME, 'li'))).text.split(' ')[-1] | 	id1 = wait.until(expected_conditions.presence_of_element_located((By.TAG_NAME, 'li'))).text.split(' ')[-1] | ||||||
|  |  | ||||||
|  | 	driver.get('http://localhost:8888/~core/admin/') | ||||||
|  | 	wait.until(expected_conditions.presence_of_element_located((By.ID, 'document'))) | ||||||
|  | 	driver.switch_to.frame(driver.find_element(By.ID, 'document')) | ||||||
|  | 	wait.until(expected_conditions.presence_of_element_located((By.ID, 'gs_room_name'))).send_keys('test room') | ||||||
|  | 	wait.until(expected_conditions.presence_of_element_located((By.XPATH, '//*[@id="gs_room_name"]/following-sibling::button'))).click() | ||||||
|  | 	driver.switch_to.alert.accept() | ||||||
|  |  | ||||||
| 	driver.get('http://localhost:8888') | 	driver.get('http://localhost:8888') | ||||||
| 	wait.until(expected_conditions.presence_of_element_located((By.ID, 'document'))) | 	wait.until(expected_conditions.presence_of_element_located((By.ID, 'document'))) | ||||||
| 	driver.switch_to.frame(driver.find_element(By.ID, 'document')) | 	driver.switch_to.frame(driver.find_element(By.ID, 'document')) | ||||||
| @@ -106,9 +113,15 @@ try: | |||||||
| 		except: | 		except: | ||||||
| 			pass | 			pass | ||||||
|  |  | ||||||
| 	tf_tab_news = wait.until(exists_in_shadow_root(tf_app, By.ID, 'tf-tab-news')).shadow_root | 	# WebDriverException (shadow root is detached) | ||||||
| 	tf_tab_news.find_element(By.ID, 'tf-compose').shadow_root.find_element(By.ID, 'edit').send_keys('Hello, world!') | 	while True: | ||||||
| 	tf_tab_news.find_element(By.ID, 'tf-compose').shadow_root.find_element(By.ID, 'submit').click() | 		try: | ||||||
|  | 			tf_tab_news = wait.until(exists_in_shadow_root(tf_app, By.ID, 'tf-tab-news')).shadow_root | ||||||
|  | 			tf_tab_news.find_element(By.ID, 'tf-compose').shadow_root.find_element(By.ID, 'edit').send_keys('Hello, world!') | ||||||
|  | 			tf_tab_news.find_element(By.ID, 'tf-compose').shadow_root.find_element(By.ID, 'submit').click() | ||||||
|  | 			break | ||||||
|  | 		except: | ||||||
|  | 			pass | ||||||
|  |  | ||||||
| 	driver.switch_to.default_content() | 	driver.switch_to.default_content() | ||||||
| 	driver.find_element(By.ID, 'allow').click() | 	driver.find_element(By.ID, 'allow').click() | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user