Public key pinning support added, svace issues fixed

Change-Id: I49f2f881d0fdfbc2539512d58525d708a46b289d
Signed-off-by: Manasij Sur Roy <manasij.r@samsung.com>

diff --git a/packaging/oauth2.spec b/packaging/oauth2.spec
index 7dd5f65..a5d343b 100644 (file)
--- a/packaging/oauth2.spec
+++ b/packaging/oauth2.spec
@@ -24,6 +24,7 @@ BuildRequires:  pkgconfig(ewebkit2)
 
 BuildRequires:  pkgconfig(json-glib-1.0)
 BuildRequires:  pkgconfig(elementary)
+BuildRequires:  pkgconfig(tpkp-curl)
 
 Requires(post): /sbin/ldconfig
 Requires(postun): /sbin/ldconfig

diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index c71f27b..70aa2b4 100644 (file)
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -24,9 +24,9 @@ endif()
 
 if(DEFINED USE_CHROMIUM_EFL)
        add_definitions(-DWITH_CHROMIUM)
-       pkg_check_modules(clientpkgs REQUIRED dlog glib-2.0 gio-2.0 gio-unix-2.0 capi-base-common libcurl efl-extension ecore evas chromium-efl json-glib-1.0 elementary)
+       pkg_check_modules(clientpkgs REQUIRED dlog glib-2.0 gio-2.0 gio-unix-2.0 capi-base-common libcurl efl-extension ecore evas chromium-efl json-glib-1.0 elementary  tpkp-curl)
 else()
-       pkg_check_modules(clientpkgs REQUIRED dlog glib-2.0 gio-2.0 gio-unix-2.0 capi-base-common libcurl efl-extension ecore evas ewebkit2 json-glib-1.0 elementary)
+       pkg_check_modules(clientpkgs REQUIRED dlog glib-2.0 gio-2.0 gio-unix-2.0 capi-base-common libcurl efl-extension ecore evas ewebkit2 json-glib-1.0 elementary  tpkp-curl)
 endif()
 
 FOREACH(flag ${clientpkgs_CFLAGS})

diff --git a/src/oauth2_manager.c b/src/oauth2_manager.c
index 47f8126..550d66c 100644 (file)
--- a/src/oauth2_manager.c
+++ b/src/oauth2_manager.c
@@ -16,6 +16,7 @@
  */
 
 #include <efl_extension.h>
+#include <tpkp_curl.h>
 
 #include "oauth2_manager.h"
 #include "oauth2_util.h"
@@ -483,6 +484,8 @@ __curl_post_request(oauth2_manager_s *mgr_handle, const char *url,
                OAUTH2_LOG_I("__curl_post_request post body=[%s]", post_body);
 
        curl_easy_setopt(mgr_handle->curl_handle, CURLOPT_URL, url);
+       curl_easy_setopt(mgr_handle->curl_handle, CURLOPT_SSL_VERIFYPEER, 1L);
+       curl_easy_setopt(mgr_handle->curl_handle, CURLOPT_SSL_CTX_FUNCTION, tpkp_curl_ssl_ctx_callback);
        curl_easy_setopt(mgr_handle->curl_handle, CURLOPT_POSTFIELDS,
                post_body);
        char *data = NULL;
@@ -496,6 +499,8 @@ __curl_post_request(oauth2_manager_s *mgr_handle, const char *url,
        OAUTH2_LOG_I("Response id curl code=[%d]", *curl_err);
        if (*curl_err != CURLE_OK) {
                curl_easy_cleanup(mgr_handle->curl_handle);
+               tpkp_curl_cleanup();
+
                return NULL;
        }
        *http_code = 0;
@@ -505,9 +510,14 @@ __curl_post_request(oauth2_manager_s *mgr_handle, const char *url,
        if (*http_code != 200) {
                OAUTH2_LOG_I("http_code=[%ld]", *http_code);
                curl_easy_cleanup(mgr_handle->curl_handle);
+               tpkp_curl_cleanup();
+
                return NULL;
        }
+
        curl_easy_cleanup(mgr_handle->curl_handle);
+       tpkp_curl_cleanup();
+
        mgr_handle->curl_handle = NULL;
 
        OAUTH2_LOG_I("__curl_post_request end");

diff --git a/src/oauth2_util.c b/src/oauth2_util.c
index 93fa481..b6898f8 100644 (file)
--- a/src/oauth2_util.c
+++ b/src/oauth2_util.c
@@ -102,6 +102,9 @@ oauth2_util_get_params(const char *url_part, bundle **params)
                        tmp_end++;
 
                char *eq_ptr = strchr(tmp_start, '=');
+               OAUTH2_RETURN_VAL(eq_ptr, {}, OAUTH2_ERROR_INVALID_PARAMETER,
+                       "Could not find = character");
+
                int key_size = (eq_ptr - tmp_start) + 1;
                char *key = (char *) malloc((key_size) * sizeof(char));
                OAUTH2_RETURN_VAL(key, {}, OAUTH2_ERROR_OUT_OF_MEMORY,
@@ -109,13 +112,15 @@ oauth2_util_get_params(const char *url_part, bundle **params)
                memset(key, '\0', ((eq_ptr - tmp_start) + 1) * sizeof(char));
                strncpy(key, tmp_start, (eq_ptr - tmp_start));
 
-               if (eq_ptr != NULL)
-                       eq_ptr++;
+               eq_ptr++;
 
                key_size = (tmp_end - eq_ptr) + 1;
                char *val = (char *) malloc((key_size) * sizeof(char));
-               OAUTH2_RETURN_VAL(val, {}, OAUTH2_ERROR_OUT_OF_MEMORY,
-                       "Out of memory");
+               if (val == NULL) {
+                       OAUTH2_FREE(key);
+                       return OAUTH2_ERROR_OUT_OF_MEMORY;
+               }
+
                memset(val, '\0', ((tmp_end - eq_ptr) + 1) * sizeof(char));
                strncpy(val, eq_ptr, (tmp_end - eq_ptr));