Browse Source

Accept share=full parameter value.

Accept 'share=full' as a synonym for 'share=no', indicating that a given
"share" actually contains the whole secret. Reject any other value as
invalid.
master
Damien Goutte-Gattat 3 months ago
parent
commit
b216ff04b9
  1. 1
      src/gfsec-errors.h
  2. 2
      src/secret.h
  3. 6
      src/secretcfg.c

1
src/gfsec-errors.h

@ -29,3 +29,4 @@ GFSEC_ERROR(CONFIG_INVALID_URI, -10, _("Invalid share URI"))
GFSEC_ERROR(CONFIG_INVALID_HASH, -11, _("Invalid hash value"))
GFSEC_ERROR(CONFIG_UNKNOWN_SCHEME, -12, _("Unknown URI scheme"))
GFSEC_ERROR(CONFIG_INVALID_THRESHOLD, -13, _("Invalid threshold"))
GFSEC_ERROR(CONFIG_INVALID_SHARENR, -14, _("Invalid share parameter"))

2
src/secret.h

@ -56,7 +56,7 @@ typedef struct gfsec_share {
unsigned char *hash; /* A SHA-256 hash of the data. */
} gfsec_share_t;
#define gfsec_share_is_full(share) (share->number == 0)
#define gfsec_share_is_full(share) (share->number == GFSEC_SHARE_NUMBER_FULL)
/**
* Represents a split secret (or a secret to be split).

6
src/secretcfg.c

@ -192,7 +192,11 @@ parse_parameter(const char **uri, gfsec_share_t *share)
if ( strncmp(*uri, "share", eq - *uri) == 0 ) {
amp = strchrnul(++eq, '&');
if ( strncmp(eq, "no", amp - eq) == 0 )
share->number = 0;
share->number = GFSEC_SHARE_NUMBER_FULL;
else if ( strncmp(eq, "full", amp - eq) == 0 )
share->number = GFSEC_SHARE_NUMBER_FULL;
else
return GFSEC_ERR_CONFIG_INVALID_SHARENR;
*uri = amp;
}
else if ( strncmp(*uri, "sha256", eq - *uri) == 0 ) {

Loading…
Cancel
Save