X-Git-Url: https://gerrit.automotivelinux.org/gerrit/gitweb?a=blobdiff_plain;f=src%2Fsession.c;h=45005ab445a8862047dbfd557aa4ee8cd3cbc4ee;hb=1dc25c6396d8dbb6b1505751babaa499d4a68315;hp=a5a00406450706c99b043ae801ce83a4040cf9b1;hpb=d00571d3c5365f40e7ec2ec3ab0f636afa0db480;p=src%2Fapp-framework-binder.git

diff --git a/src/session.c b/src/session.c
index a5a00406..45005ab4 100644
--- a/src/session.c
+++ b/src/session.c
@@ -332,14 +332,14 @@ STATIC int ctxUuidCompCB (const void *k1, const void *k2) {
 
 // Free context [XXXX Should be protected again memory abort XXXX]
 STATIC void ctxUuidFreeCB (struct lh_entry *entry) {
-    AFB_clientCtx *ctx = (AFB_clientCtx*) entry->v;
+    AFB_clientCtx *client = (AFB_clientCtx*) entry->v;
 
     // If application add a handle let's free it now
-    if (ctx->handle != NULL) {
+    if (client->ctx != NULL) {
         
         // Free client handle with a standard Free function, with app callback or ignore it
-        if (ctx->freeHandleCB == NULL) free (ctx->handle); 
-        else if (ctx->freeHandleCB != (void*)-1) ctx->freeHandleCB(ctx->handle); 
+        if (client->plugin->freeCtxCB == NULL) free (client->ctx); 
+        else if (client->plugin->freeCtxCB != (void*)-1) client->plugin->freeCtxCB(client); 
     }
     free ((void*)entry->v);
 }
@@ -379,7 +379,7 @@ PUBLIC int ctxStoreGarbage (struct lh_table *lht, const int timeout) {
 }
 
 // This function will return exiting client context or newly created client context
-PUBLIC AFB_error ctxClientGet (AFB_request *request) {
+PUBLIC AFB_error ctxClientGet (AFB_request *request, AFB_plugin *plugin) {
   static int cid=0;
   AFB_clientCtx *clientCtx=NULL;
   const char *uuid;
@@ -420,7 +420,8 @@ PUBLIC AFB_error ctxClientGet (AFB_request *request) {
     if (clientCtx == NULL) clientCtx = calloc(1, sizeof(AFB_clientCtx)); // init NULL clientContext
     uuid_generate(newuuid);         // create a new UUID
     uuid_unparse_lower(newuuid, clientCtx->uuid);
-    clientCtx->cid=cid++;
+    clientCtx->cid=cid++;   // simple application uniqueID 
+    clientCtx->plugin = plugin;    // provide plugin callbacks a hook to plugin
         
     // if table is full at 50% let's clean it up
     if(clientCtxs->count > (clientCtxs->size*0.5)) ctxStoreGarbage(clientCtxs, request->config->cntxTimeout);
@@ -476,9 +477,23 @@ PUBLIC AFB_error ctxTokenCreate (AFB_request *request) {
     int oldTnkValid;
     const char *ornew;
     uuid_t newuuid;
+    const char *token;
 
     if (request->client == NULL) return AFB_EMPTY;
 
+    // if config->token!="" then verify that we have the right initial share secret   
+    if (request->config->token[0] != '\0') {
+        
+        // check for initial token secret and return if not presented
+        token = MHD_lookup_connection_value(request->connection, MHD_GET_ARGUMENT_KIND, "token");
+        if (token == NULL) return AFB_UNAUTH;
+        
+        // verify that presented initial tokens fit
+        if (strcmp(request->config->token, token)) return AFB_UNAUTH;
+        
+    }
+    
+
     // create a UUID as token value
     uuid_generate(newuuid); 
     uuid_unparse_lower(newuuid, request->client->token);