Adding example C client application for Veraison challenge response exchange. #2
Conversation
…xchange This application uses libcurl for making REST api calls to the veraison services. Fixes #1 Signed-off-by: Tushar Khandelwal <[email protected]>
Signed-off-by: Tushar Khandelwal <[email protected]>
examples/client.c
Outdated
| } | ||
| } | ||
|
|
||
| sprintf(uri,"http://%s:%s/challenge-response/v1/",address,port); |
There was a problem hiding this comment.
We need to use snprintf here otherwise, depending on how big address and port are, uri could overflow
examples/client.c
Outdated
|
|
||
| char *new_session="newSession?nonceSize=32"; | ||
| char url[100]; | ||
| sprintf(url,"%s%s",uri,new_session); |
There was a problem hiding this comment.
ditto here for snprintf
examples/client.c
Outdated
|
|
||
| /* Initialize the curl library */ | ||
| curl_handle = curl_easy_init(); | ||
| if(curl_handle) { |
There was a problem hiding this comment.
As the elders say: "flat is better than nested" :-)
Do an early return here:
if (!curl_handle) {
// error path
}
// happy path
examples/client.c
Outdated
| if(res != CURLE_OK) { | ||
| printf("\nerror: %s\n", curl_easy_strerror(res)); | ||
| return res; | ||
| } else { |
There was a problem hiding this comment.
It looks like this else is not really needed and can be removed.
examples/client.c
Outdated
| if(fp!=NULL) { | ||
| num = fread(token, 1 ,sizeof(token),fp); | ||
| } else { | ||
| printf("\ntoken file not found\n"); | ||
| return -1; | ||
| } |
There was a problem hiding this comment.
unneeded nesting, you can do:
if (fp == NULL) {
return -1
}
num = fread(...)
examples/client.c
Outdated
| headers = curl_slist_append(headers, "Content-Type: application/psa-attestation-token"); | ||
| curl_slist_append(headers, "Host: veraison.example"); | ||
| curl_slist_append(headers, "Accept: application/vnd.veraison.challenge-response-session+json"); | ||
| curl_easy_setopt(curl_handle, CURLOPT_HTTPHEADER, headers); |
There was a problem hiding this comment.
not sure whether it's required (or the subsequent perform will tell us that in any case) but I'd have thought that the return code from curl_easy_setopt should be checked?
examples/client.c
Outdated
| curl_easy_setopt(curl_handle, CURLOPT_HTTPHEADER, headers); | ||
| FILE *fp=fopen(filename,"rb"); | ||
| int num; | ||
| if(fp!=NULL) { |
There was a problem hiding this comment.
the dual fclose seems to be missing?
Signed-off-by: Tushar Khandelwal <[email protected]>
Signed-off-by: Tushar Khandelwal <[email protected]>
This application uses libcurl for making REST api calls to the veraison services.
Fixes #1
Signed-off-by: Tushar Khandelwal [email protected]