|
|
|
|
@@ -2561,7 +2561,9 @@ char* encrypt_admin_response_content(const cJSON* response_data, const char* rec
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Send admin response event using relay's standard event distribution system
|
|
|
|
|
int send_admin_response_event(const cJSON* response_data, const char* recipient_pubkey) {
|
|
|
|
|
int send_admin_response_event(const cJSON* response_data, const char* recipient_pubkey, struct lws* wsi) {
|
|
|
|
|
// Suppress unused parameter warning
|
|
|
|
|
(void)wsi;
|
|
|
|
|
if (!response_data || !recipient_pubkey) {
|
|
|
|
|
log_error("Invalid parameters for admin response event transmission");
|
|
|
|
|
return -1;
|
|
|
|
|
@@ -2645,6 +2647,8 @@ cJSON* build_query_response(const char* query_type, cJSON* results_array, int to
|
|
|
|
|
|
|
|
|
|
// Single unified handler for all Kind 23456 requests
|
|
|
|
|
int handle_kind_23456_unified(cJSON* event, char* error_message, size_t error_size, struct lws* wsi) {
|
|
|
|
|
// Suppress unused parameter warning
|
|
|
|
|
(void)wsi;
|
|
|
|
|
if (!event) {
|
|
|
|
|
log_error("DEBUG: Null event passed to handle_kind_23456_unified");
|
|
|
|
|
snprintf(error_message, error_size, "invalid: null event");
|
|
|
|
|
@@ -2854,7 +2858,7 @@ int handle_kind_23456_unified(cJSON* event, char* error_message, size_t error_si
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
printf(" Query type: %s\n", query_type);
|
|
|
|
|
return handle_auth_query_unified(event, query_type, error_message, error_size);
|
|
|
|
|
return handle_auth_query_unified(event, query_type, error_message, error_size, wsi);
|
|
|
|
|
}
|
|
|
|
|
else if (strcmp(action_type, "system_command") == 0) {
|
|
|
|
|
log_info("DEBUG: Routing to system_command handler");
|
|
|
|
|
@@ -2865,13 +2869,13 @@ int handle_kind_23456_unified(cJSON* event, char* error_message, size_t error_si
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
printf(" Command: %s\n", command);
|
|
|
|
|
return handle_system_command_unified(event, command, error_message, error_size);
|
|
|
|
|
return handle_system_command_unified(event, command, error_message, error_size, wsi);
|
|
|
|
|
}
|
|
|
|
|
else if (strcmp(action_type, "whitelist") == 0 || strcmp(action_type, "blacklist") == 0) {
|
|
|
|
|
log_info("DEBUG: Routing to auth rule modification handler");
|
|
|
|
|
printf(" Rule type: %s\n", action_type);
|
|
|
|
|
// Handle auth rule modifications (existing logic from process_admin_auth_event)
|
|
|
|
|
return handle_auth_rule_modification_unified(event, error_message, error_size);
|
|
|
|
|
return handle_auth_rule_modification_unified(event, error_message, error_size, wsi);
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
log_error("DEBUG: Unknown Kind 23456 action type");
|
|
|
|
|
@@ -2882,7 +2886,9 @@ int handle_kind_23456_unified(cJSON* event, char* error_message, size_t error_si
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Unified auth query handler
|
|
|
|
|
int handle_auth_query_unified(cJSON* event, const char* query_type, char* error_message, size_t error_size) {
|
|
|
|
|
int handle_auth_query_unified(cJSON* event, const char* query_type, char* error_message, size_t error_size, struct lws* wsi) {
|
|
|
|
|
// Suppress unused parameter warning
|
|
|
|
|
(void)wsi;
|
|
|
|
|
if (!g_db) {
|
|
|
|
|
snprintf(error_message, error_size, "database not available");
|
|
|
|
|
return -1;
|
|
|
|
|
@@ -2983,7 +2989,7 @@ int handle_auth_query_unified(cJSON* event, const char* query_type, char* error_
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Send response as signed kind 23457 event
|
|
|
|
|
if (send_admin_response_event(response, admin_pubkey) == 0) {
|
|
|
|
|
if (send_admin_response_event(response, admin_pubkey, wsi) == 0) {
|
|
|
|
|
printf("Total results: %d\n", rule_count);
|
|
|
|
|
log_success("Auth query completed successfully with signed response");
|
|
|
|
|
cJSON_Delete(response);
|
|
|
|
|
@@ -2999,7 +3005,9 @@ int handle_auth_query_unified(cJSON* event, const char* query_type, char* error_
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Unified system command handler
|
|
|
|
|
int handle_system_command_unified(cJSON* event, const char* command, char* error_message, size_t error_size) {
|
|
|
|
|
int handle_system_command_unified(cJSON* event, const char* command, char* error_message, size_t error_size, struct lws* wsi) {
|
|
|
|
|
// Suppress unused parameter warning
|
|
|
|
|
(void)wsi;
|
|
|
|
|
if (!g_db) {
|
|
|
|
|
snprintf(error_message, error_size, "database not available");
|
|
|
|
|
return -1;
|
|
|
|
|
@@ -3054,7 +3062,7 @@ int handle_system_command_unified(cJSON* event, const char* command, char* error
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Send response as signed kind 23457 event
|
|
|
|
|
if (send_admin_response_event(response, admin_pubkey) == 0) {
|
|
|
|
|
if (send_admin_response_event(response, admin_pubkey, wsi) == 0) {
|
|
|
|
|
log_success("Clear auth rules command completed successfully with signed response");
|
|
|
|
|
cJSON_Delete(response);
|
|
|
|
|
return 0;
|
|
|
|
|
@@ -3116,7 +3124,7 @@ int handle_system_command_unified(cJSON* event, const char* command, char* error
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Send response as signed kind 23457 event
|
|
|
|
|
if (send_admin_response_event(response, admin_pubkey) == 0) {
|
|
|
|
|
if (send_admin_response_event(response, admin_pubkey, wsi) == 0) {
|
|
|
|
|
log_success("System status query completed successfully with signed response");
|
|
|
|
|
cJSON_Delete(response);
|
|
|
|
|
return 0;
|
|
|
|
|
@@ -3133,7 +3141,9 @@ int handle_system_command_unified(cJSON* event, const char* command, char* error
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Handle auth rule modifications (extracted from process_admin_auth_event)
|
|
|
|
|
int handle_auth_rule_modification_unified(cJSON* event, char* error_message, size_t error_size) {
|
|
|
|
|
int handle_auth_rule_modification_unified(cJSON* event, char* error_message, size_t error_size, struct lws* wsi) {
|
|
|
|
|
// Suppress unused parameter warning
|
|
|
|
|
(void)wsi;
|
|
|
|
|
cJSON* tags_obj = cJSON_GetObjectItem(event, "tags");
|
|
|
|
|
if (!tags_obj || !cJSON_IsArray(tags_obj)) {
|
|
|
|
|
snprintf(error_message, error_size, "invalid: auth rule event must have tags");
|
|
|
|
|
@@ -3155,7 +3165,8 @@ int handle_auth_rule_modification_unified(cJSON* event, char* error_message, siz
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Process each tag as an auth rule specification
|
|
|
|
|
// For Kind 23456 events, only process synthetic tags created from decrypted content
|
|
|
|
|
// Skip original unencrypted tags (except p tag validation which is done elsewhere)
|
|
|
|
|
cJSON* auth_tag = NULL;
|
|
|
|
|
cJSON_ArrayForEach(auth_tag, tags_obj) {
|
|
|
|
|
if (!cJSON_IsArray(auth_tag) || cJSON_GetArraySize(auth_tag) < 3) {
|
|
|
|
|
@@ -3176,6 +3187,11 @@ int handle_auth_rule_modification_unified(cJSON* event, char* error_message, siz
|
|
|
|
|
const char* pattern_type = cJSON_GetStringValue(pattern_type_obj);
|
|
|
|
|
const char* pattern_value = cJSON_GetStringValue(pattern_value_obj);
|
|
|
|
|
|
|
|
|
|
// Skip p tags - they are for routing, not auth rules
|
|
|
|
|
if (strcmp(rule_type, "p") == 0) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Process auth rule: ["blacklist"|"whitelist", "pubkey"|"hash", "value"]
|
|
|
|
|
if (strcmp(rule_type, "blacklist") == 0 || strcmp(rule_type, "whitelist") == 0) {
|
|
|
|
|
if (add_auth_rule_from_config(rule_type, pattern_type, pattern_value, "allow") == 0) {
|
|
|
|
|
@@ -3221,7 +3237,7 @@ int handle_auth_rule_modification_unified(cJSON* event, char* error_message, siz
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Send response as signed kind 23457 event
|
|
|
|
|
if (send_admin_response_event(response, admin_pubkey) == 0) {
|
|
|
|
|
if (send_admin_response_event(response, admin_pubkey, wsi) == 0) {
|
|
|
|
|
log_success("Auth rule modification completed successfully with signed response");
|
|
|
|
|
cJSON_Delete(response);
|
|
|
|
|
return 0;
|
|
|
|
|
|
