diff options
author | Linus Nordberg <linus@nordu.net> | 2015-07-16 11:52:27 +0200 |
---|---|---|
committer | Linus Nordberg <linus@nordu.net> | 2015-11-13 17:02:23 +0100 |
commit | 35e92d56f1d6085c2fc413adaf8189d55c62cab5 (patch) | |
tree | 1b9ee9b3801011c260716c8c4a46d7b073aaf884 /src/v1.erl | |
parent | 1a9625f9fb0fb369246188e047a3919b8f69c845 (diff) |
Accept any kind of submitted data, not only X.509 certificate chains.
Have add_chain() take a blob instead of a cert leaf and a chain.
Rename ct/v1/add-chain -> add-blob.
Remove ct/v1/add-pre-chain.
Remove chain checking code.
Generate allowed_client config matching new HTTP API.
Diffstat (limited to 'src/v1.erl')
-rw-r--r-- | src/v1.erl | 42 |
1 files changed, 8 insertions, 34 deletions
@@ -30,13 +30,9 @@ check_valid_sth() -> end. %% Public functions, i.e. part of URL. -request(post, ?APPURL_CT_V1, "add-chain", Input) -> +request(post, ?APPURL_CT_V1, "add-blob", Input) -> check_valid_sth(), - add_chain(Input, normal); - -request(post, ?APPURL_CT_V1, "add-pre-chain", Input) -> - check_valid_sth(), - add_chain(Input, precert); + add_blob(Input); request(get, ?APPURL_CT_V1, "get-sth", _Query) -> check_valid_sth(), @@ -151,34 +147,12 @@ internalerror(Text) -> "~s~n" ++ "</body></html>~n", [Text])}. --spec add_chain(any(), normal|precert) -> any(). -add_chain(Input, Type) -> +-spec add_blob(any()) -> any(). +add_blob(Input) -> case (catch mochijson2:decode(Input)) of {error, E} -> - err400("add-chain: bad input:", E); - {struct, [{<<"chain">>, ChainB64List}]} -> - case decode_chain(ChainB64List) of - [LeafCert | CertChain] -> - case x509:normalise_chain(catlfish:known_roots(), - [LeafCert|CertChain]) of - {ok, [Leaf | Chain]} -> - lager:info("adding ~p cert ~p", - [Type, x509:cert_string(LeafCert)]), - success(catlfish:add_chain(Leaf, Chain, Type)); - {error, Reason} -> - lager:info("rejecting ~p: ~p", - [x509:cert_string(LeafCert), Reason]), - err400("add-chain: invalid chain", Reason) - end; - {invalid, ErrText} -> - err400(io:format("add-chain: ~p", [ErrText]), [ChainB64List]) - end; - _ -> err400("add-chain: missing input: chain", Input) - end. - --spec decode_chain(string()) -> {invalid, string()} | [binary()]. -decode_chain(B64List) -> - case (catch [base64:decode(X) || X <- B64List]) of - {'EXIT', _} -> {invalid, "invalid base64-encoded chain"}; - L -> L + err400("add-blob: bad input:", E); + {struct, [{<<"blob">>, Blob}]} -> + success(catlfish:add_chain(Blob, normal)); + _ -> err400("add-blob: missing input: blob", Input) end. |