diff --git a/build/ginxsom-fcgi b/build/ginxsom-fcgi index 1af0017..f78b4bb 100755 Binary files a/build/ginxsom-fcgi and b/build/ginxsom-fcgi differ diff --git a/build/main.o b/build/main.o index 1b7bcd9..f48657a 100644 Binary files a/build/main.o and b/build/main.o differ diff --git a/db/ginxsom.db b/db/ginxsom.db index 94085ed..156d05a 100644 Binary files a/db/ginxsom.db and b/db/ginxsom.db differ diff --git a/src/main.c b/src/main.c index 56d22df..4083da9 100644 --- a/src/main.c +++ b/src/main.c @@ -28,12 +28,16 @@ // Database path #define DB_PATH "db/ginxsom.db" -// Forward declarations for config system +// ===== COMMENTED OUT UNUSED CODE ===== +// Forward declarations for config system (all commented out) +/* int initialize_server_config(void); int apply_config_from_event(cJSON *event); int get_config_file_path(char *path, size_t path_size); int load_server_config(const char *config_path); int run_interactive_setup(const char *config_path); +*/ +// ===== END COMMENTED OUT CODE ===== // Configuration system implementation #include @@ -41,7 +45,9 @@ int run_interactive_setup(const char *config_path); #include #include +// ===== UNUSED CODE - SAFE TO REMOVE AFTER TESTING ===== // Server configuration structure +/* typedef struct { char admin_pubkey[256]; char admin_enabled[8]; @@ -53,6 +59,8 @@ static server_config_t g_server_config = {0}; // Global server private key (stored in memory only for security) static char server_private_key[128] = {0}; +*/ +// ===== END UNUSED CODE ===== // Function to get XDG config directory const char *get_config_dir(char *buffer, size_t buffer_size) { @@ -72,6 +80,8 @@ const char *get_config_dir(char *buffer, size_t buffer_size) { return ".config/ginxsom"; } +/* +// ===== UNUSED CODE - SAFE TO REMOVE AFTER TESTING ===== // Load server configuration from database or create defaults int initialize_server_config(void) { sqlite3 *db = NULL; @@ -128,7 +138,10 @@ int initialize_server_config(void) { fprintf(stderr, "CONFIG: Server configuration loaded\n"); return 1; } +// ===== END UNUSED CODE ===== +*/ +/* // File-based configuration system // Config file path resolution int get_config_file_path(char *path, size_t path_size) { @@ -146,7 +159,9 @@ int get_config_file_path(char *path, size_t path_size) { } return 1; } +*/ +/* // Load and validate config event int load_server_config(const char *config_path) { FILE *file = fopen(config_path, "r"); @@ -191,7 +206,9 @@ int load_server_config(const char *config_path) { return result; } +*/ +/* // Extract config from validated event and apply to server int apply_config_from_event(cJSON *event) { sqlite3 *db; @@ -246,8 +263,8 @@ int apply_config_from_event(cJSON *event) { if (strcmp(key, "server_privkey") == 0) { // Store server private key in global variable (memory only) - strncpy(server_private_key, value, sizeof(server_private_key) - 1); - server_private_key[sizeof(server_private_key) - 1] = '\0'; + // strncpy(server_private_key, value, sizeof(server_private_key) - 1); + // server_private_key[sizeof(server_private_key) - 1] = '\0'; } else { // Store other config values in database rc = sqlite3_prepare_v2(db, insert_sql, -1, &stmt, NULL); @@ -265,7 +282,9 @@ int apply_config_from_event(cJSON *event) { sqlite3_close(db); return 1; } +*/ +/* // Interactive setup runner int run_interactive_setup(const char *config_path) { printf("\n=== Ginxsom First-Time Setup Required ===\n"); @@ -294,6 +313,7 @@ int run_interactive_setup(const char *config_path) { return 1; } } +*/ // Function declarations void send_error_response(int status_code, const char *error_type, @@ -308,6 +328,9 @@ int nostr_generate_nip42_challenge(char *challenge_out, size_t challenge_size, c // NIP-42 function declarations void handle_auth_challenge_request(void); +// Handler function declarations with validation support +void handle_delete_request_with_validation(const char *sha256, nostr_request_result_t *validation_result); + // Insert blob metadata into database int insert_blob_metadata(const char *sha256, long size, const char *type, long uploaded_at, const char *uploader_pubkey, @@ -513,11 +536,15 @@ const char *extract_sha256_from_uri(const char *uri) { ///////////////////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////////////////// -// Forward declarations for detailed validation functions +// ===== COMMENTED OUT UNUSED CODE ===== +// Forward declarations for detailed validation functions (all commented out) +/* int detailed_structure_validation(cJSON *event); int detailed_signature_validation(cJSON *event); void analyze_event_fields(cJSON *event); void hex_dump(const char *label, const unsigned char *data, size_t len); +*/ +// ===== END COMMENTED OUT CODE ===== ///////////////////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////////////////// @@ -736,8 +763,8 @@ void handle_list_request(const char *pubkey) { log_request("GET", "/list", auth_status, 200); } -// Handle DELETE / requests -void handle_delete_request(const char *sha256) { +// Handle DELETE / requests with validation result +void handle_delete_request_with_validation(const char *sha256, nostr_request_result_t *validation_result) { // Log the incoming request log_request("DELETE", "/delete", "pending", 0); @@ -762,10 +789,17 @@ void handle_delete_request(const char *sha256) { } } - // Authentication is handled by centralized validation system - // TODO: Get auth_pubkey from centralized validation result for ownership check - // For now, temporarily disable ownership validation until we pass validation results - const char *auth_pubkey = "placeholder"; // This will be passed from centralized validation + // Get authenticated pubkey from centralized validation result + const char *auth_pubkey = NULL; + if (validation_result && validation_result->valid && strlen(validation_result->pubkey) == 64) { + auth_pubkey = validation_result->pubkey; + } else { + // No valid authentication - this should have been caught by centralized validation + send_error_response(401, "unauthorized", "Authentication required for delete operations", + "Valid authentication is required to delete blobs"); + log_request("DELETE", "/delete", "unauthenticated", 401); + return; + } // Check if blob exists in database sqlite3 *db; @@ -1477,37 +1511,44 @@ void handle_auth_challenge_request(void) { int main(void) { - // Initialize server configuration and identity - // Try file-based config first, then fall back to database config +// Initialize server configuration and identity +// Try file-based config first, then fall back to database config +int config_loaded = 0; + +// All file-based config and interactive setup are commented out +/* +char config_path[512]; + +if (get_config_file_path(config_path, sizeof(config_path))) { + fprintf(stderr, "STARTUP: Checking for config file at: %s\n", config_path); + if (load_server_config(config_path)) { + fprintf(stderr, + "STARTUP: File-based configuration loaded successfully\n"); + config_loaded = 1; + } else { + fprintf(stderr, "STARTUP: No valid file-based config found, trying " + "database config\n"); + } +} +*/ + +// Fall back to database configuration if file config failed +if (!config_loaded /* && !initialize_server_config() */) { + fprintf( + stderr, + "STARTUP: No configuration found - server starting in setup mode\n"); + fprintf(stderr, "STARTUP: Run interactive setup with: ginxsom --setup\n"); + // For interactive mode (when stdin is available), offer setup + /* char config_path[512]; - int config_loaded = 0; - - if (get_config_file_path(config_path, sizeof(config_path))) { - fprintf(stderr, "STARTUP: Checking for config file at: %s\n", config_path); - if (load_server_config(config_path)) { - fprintf(stderr, - "STARTUP: File-based configuration loaded successfully\n"); - config_loaded = 1; - } else { - fprintf(stderr, "STARTUP: No valid file-based config found, trying " - "database config\n"); - } - } - - // Fall back to database configuration if file config failed - if (!config_loaded && !initialize_server_config()) { - fprintf( - stderr, - "STARTUP: No configuration found - server starting in setup mode\n"); - fprintf(stderr, "STARTUP: Run interactive setup with: ginxsom --setup\n"); - // For interactive mode (when stdin is available), offer setup - if (isatty(STDIN_FILENO) && - get_config_file_path(config_path, sizeof(config_path))) { - return run_interactive_setup(config_path); - } - } else if (!config_loaded) { - fprintf(stderr, "STARTUP: Database configuration loaded successfully\n"); + if (isatty(STDIN_FILENO) && + get_config_file_path(config_path, sizeof(config_path))) { + return run_interactive_setup(config_path); } + */ +} else if (!config_loaded) { + fprintf(stderr, "STARTUP: Database configuration loaded successfully\n"); +} // CRITICAL: Initialize nostr crypto system for cryptographic operations fprintf(stderr, "STARTUP: Initializing nostr crypto system...\r\n"); @@ -1729,8 +1770,8 @@ int main(void) { // Handle DELETE / requests with pre-validated auth const char *sha256 = extract_sha256_from_uri(request_uri); if (sha256) { - // TODO: Pass validated result to existing handler - handle_delete_request(sha256); + // Pass validated result to handler for ownership check + handle_delete_request_with_validation(sha256, &result); } else { send_error_response(400, "invalid_hash", "Invalid SHA-256 hash in URI", "URI must contain a valid 64-character hex hash"); @@ -1747,3 +1788,4 @@ int main(void) { return 0; } +// ===== END UNUSED CODE ===== diff --git a/tests/init_admin.sh b/tests/init_admin.sh index b8d8149..9b0805d 100755 --- a/tests/init_admin.sh +++ b/tests/init_admin.sh @@ -18,7 +18,7 @@ fi # Configure admin settings sqlite3 db/ginxsom.db << EOF -INSERT OR REPLACE INTO server_config (key, value, description) VALUES +INSERT OR REPLACE INTO config (key, value, description) VALUES ('admin_pubkey', '$TEST_ADMIN_PUBKEY', 'Nostr public key authorized for admin operations (test key)'), ('admin_enabled', 'true', 'Enable admin interface'); EOF @@ -30,4 +30,4 @@ echo "Use private key from admin_test.sh to generate authentication tokens" # Verify configuration echo "" echo "Current admin configuration:" -sqlite3 db/ginxsom.db "SELECT key, value FROM server_config WHERE key IN ('admin_pubkey', 'admin_enabled');" \ No newline at end of file +sqlite3 db/ginxsom.db "SELECT key, value FROM config WHERE key IN ('admin_pubkey', 'admin_enabled');" \ No newline at end of file