Commit graph

264 commits

Author SHA1 Message Date
e2806bc810 Add UserIdParse() and UserIdFree() functions.
The spec says that a username can be either just the localpart, or a
localpart and a server. This commit now ensures that the login endpoint
actually handles usernames properly by calling the proper parsing
functions.
2023-02-28 13:44:34 +00:00
6ce6cb4525 Implement flow handling in Uia API.
This commit should fix user interactive authentication for dummy flows,
but I still have to implement a few more flows, including passwords and
refresh token. I also have to fix the cleanup logic: when do we purge
UIA sessions?
2023-02-27 15:39:12 +00:00
7703405c70 Fix bugs in Json API. 2023-02-26 15:07:46 +00:00
adea499813 Add UiaFlowsFree() function, and clean up some memory issues. 2023-02-24 14:40:21 +00:00
d517b66316 Also delete refrsh token if present for device. 2023-02-24 01:06:02 +00:00
b60cac53e5 Make JsonValueString() call StrDuplicate(); refactor code to behave properly. 2023-02-24 00:17:56 +00:00
8c96fd8d7d Begin the great StrDuplicate() refactor. 2023-02-23 23:19:23 +00:00
b99e8bd1cd Apply modified #50 and fix some misc. bugs. 2023-02-23 15:13:39 +00:00
9e9b5c9cda Fix a write-out-of-bounds error in Json. 2023-02-23 03:46:05 +00:00
3bbff5379f [WIP] Replace UserInteractiveAuth with a new Uia API.
Uia is a lot less characters to type. Do note that this API is far from
complete and this commit breaks user interactive authentication entirely.
2023-02-19 14:58:56 +00:00
fa88fc3323 Format source code. 2023-02-17 03:23:25 +00:00
ff879e715f Finish implementing token refresh.
This implementation just keeps the refresh token and only updates the
access token. The spec says that this is allowed. There's really no
reason to do this, other than the fact that it's easier.
2023-02-17 03:20:49 +00:00
4b336de171 Build out the User API a bit more. 2023-02-17 03:18:24 +00:00
46fe667988 Add HashMapGetKey() so we can free bucket keys before deleting them. 2023-02-17 03:14:43 +00:00
feb11de6b0 Fix some compile warnings. I'll get back to this eventually. 2023-02-16 18:51:10 +00:00
72405a94f6 Add JsonGet(), JsonSet(), and JsonCreate() for convenience. 2023-02-16 18:49:19 +00:00
d255ce1a21 Begin working on refresh route. 2023-02-16 17:22:59 +00:00
c78dc3bd31 Fix a memory bug in StrRandom() with RandIntN().
We're storing integers in this buffer, so we have to allocate enough
memory for them. An integer is usually more than one byte.
2023-02-16 13:10:09 +00:00
38438c297e Looks like Matrix v1.6 is out. 2023-02-16 02:09:57 +00:00
85380efa3c [#48] Fix bug in MatrixGetAccessToken() 2023-02-16 01:33:46 +00:00
6a593ab8a0 [#48] Add Rand API and make StrRandom() use it. 2023-02-16 00:31:13 +00:00
f7d581538d Begin documenting Str. 2023-02-14 11:56:22 +00:00
5fef788053 Begin documenting User API 2023-02-12 02:31:14 +00:00
2443c91bba Fix bug in HashMap that would allow iterating over deleted values. 2023-02-11 00:15:49 +00:00
8b8873103d Handle standard library quirks of non-conforming systems and compilers. 2023-02-05 14:20:12 +00:00
dc972385ea Don't shadow variables. 2023-02-05 14:19:07 +00:00
5b77236e82 Fix -v option 2023-01-17 21:38:39 +00:00
e0f7c133d1 Add a non-JSON landing page. This is the basis for other HTML pages. 2023-01-17 20:29:16 +00:00
b0b2f11158 Refactor endpoint authentication flow.
Instead of one MatrixAuthenticate() function, we'll do
MatrixGetAccessToken(), and then UserAuthenticate(). This allows us to
give different error messages depending on what the user provided and what
the server state is.
2023-01-17 01:36:22 +00:00
1e02971a7e Implement login route. 2023-01-17 00:02:50 +00:00
cc95c10f44 Move client well-known generation to MatrixClientWellKnown() function.
We'll be using this for client login.
2023-01-16 22:02:08 +00:00
121682c006 Implement user login. 2023-01-16 21:17:44 +00:00
bd88c01c26 Don't read the timestamp after it's freed. 2023-01-16 03:57:01 +00:00
c0309c1ea8 Fix memory leak when log timestamp is not set in the config. 2023-01-16 03:21:59 +00:00
a4364dbb68 Fix use after free. 2023-01-10 00:38:47 +00:00
599fa1a740 Document MemoryHexDump() and DbExists() 2023-01-09 21:39:59 +00:00
b8ce4c9239 Lock database in DbExists() to prevent race conditions. 2023-01-09 19:25:49 +00:00
c5bce0b14f Apply #43 with modifications. 2023-01-09 19:22:09 +00:00
1421c478fd Fix bug where malformed requests cause Db locks that are never unlocked. 2023-01-09 19:16:12 +00:00
90a74c3b0a Don't accept connections if the connection queue is full. 2023-01-09 17:44:12 +00:00
1d9ed5dcbf Fix invalid read in HttpParamDecode(). 2023-01-09 15:48:56 +00:00
9358264add Fix some invalid write errors. 2023-01-09 15:18:59 +00:00
30c3690287 Renamed String.h to Str.h because Windows is dumb. 2023-01-08 04:38:06 +00:00
56105c8a61 Fix logic error 2023-01-07 18:24:16 +00:00
f365f94389 Define User struct. 2023-01-07 16:15:11 +00:00
08b36c071c Begin prototyping User.h 2023-01-07 15:51:56 +00:00
0f661f435f Whoops, forgot to update the header. 2023-01-07 04:40:12 +00:00
0a29aa7f5a Move string related functions to a new String API.
I think we have accumulated enough string functions that they should
have their own API. This shortens the function names a bit too.
2023-01-07 04:33:32 +00:00
2ce09f8632 Convert UtilStringConcat() into a varargs function.
This allows us to concatenate an arbitrary amount of strings without
having to maintain a bunch of pointers or leak memory when nesting calls.
2023-01-07 03:17:06 +00:00
8323eb38c9 Make UtilRandomString() more secure.
Two ways this is more secure:

1. The seed is only generated once, not every time the function is called.
2. All threads share the same seed, which means timing attacks aren't
   possible.

Because we are using a mutex, performance may suffer slightly.
2023-01-07 00:18:44 +00:00