* Fix potential memory leaks

* id-wsf/wsf_profile.c: add error code path in lasso_wsf_profile_build_soap_request_msg for unsupported security mechanisms.
author: Benjamin Dauvergne <bdauvergne@entrouvert.com> 2008-08-05 14:52:34 +0000
committer: Benjamin Dauvergne <bdauvergne@entrouvert.com> 2008-08-05 14:52:34 +0000
commit: 2d18a0d3f8a18e680f175df35391cfa444bf52e2 (patch)
tree: e969023f8097b3f2af791835649b967715624d2c
parent: 87146dc9ecc56873ec2057922724c3fe689bf785 (diff)
download: lasso-2d18a0d3f8a18e680f175df35391cfa444bf52e2.tar.gz
lasso-2d18a0d3f8a18e680f175df35391cfa444bf52e2.tar.xz
lasso-2d18a0d3f8a18e680f175df35391cfa444bf52e2.zip
2 files changed, 33 insertions, 38 deletions
diff --git a/lasso/id-wsf/wsf_profile.c b/lasso/id-wsf/wsf_profile.c
index e1b64c67..4fe18587 100644
--- a/lasso/id-wsf/wsf_profile.c
+++ b/lasso/id-wsf/wsf_profile.c
@@ -674,16 +674,13 @@ lasso_wsf_profile_build_soap_request_msg(LassoWsfProfile *profile)
 	/* Sign request if necessary */
 	sec_mech_id = profile->private_data->security_mech_id;
 	if (lasso_security_mech_id_is_saml_authentication(sec_mech_id)) {
-		/* Add a signature to soap:Header/wsse:Security on:
-		 * soap:Header/sb:Correlation
-		 * soap:Header/sb:Provider
-		 * éventuellement soap:Header/sb:UserInteraction
-		 * soap:Body
-		 */
 		rc = lasso_wsf_profile_add_saml_signature(profile, doc);
 		if (rc != 0) {
 			goto exit;
 		}
+	} else if (lasso_security_mech_is_null_authentication(sec_mech_id) == FALSE) {
+		rc = LASSO_WSF_PROFILE_ERROR_UNSUPPORTED_SECURITY_MECHANISM;
+		goto exit;
 	}
 	/* Dump soap request */
 	handler = xmlFindCharEncodingHandler("utf-8");
@@ -692,8 +689,9 @@ lasso_wsf_profile_build_soap_request_msg(LassoWsfProfile *profile)
 	xmlOutputBufferFlush(buf);
 	profile->msg_body = g_strdup(
 		(char*)(buf->conv ? buf->conv->content : buf->buffer->content));
-	xmlOutputBufferClose(buf);
 exit:
+	if (buf)
+		xmlOutputBufferClose(buf);
 	lasso_release_doc(doc);
 	return rc;
 }
diff --git a/lasso/xml/xml.c b/lasso/xml/xml.c
index 3a01f67c..84ab97b1 100644
--- a/lasso/xml/xml.c
+++ b/lasso/xml/xml.c
@@ -570,10 +570,11 @@ lasso_node_encrypt(LassoNode *lasso_node, xmlSecKey *encryption_public_key,
 	xmlNodePtr key_info_node2 = NULL;
 	xmlSecEncCtxPtr enc_ctx = NULL;
 	xmlSecTransformId xmlsec_encryption_sym_key_type;
+	LassoSaml2EncryptedElement *ret = NULL;
 
 	if (encryption_public_key == NULL || !xmlSecKeyIsValid(encryption_public_key)) {
 		message(G_LOG_LEVEL_WARNING, "Invalid encryption key");
-		return NULL;
+		goto exit;
 	}
 
 	/* Create a new EncryptedElement */
@@ -603,15 +604,15 @@ lasso_node_encrypt(LassoNode *lasso_node, xmlSecKey *encryption_public_key,
 
 	/* Create encryption template for a specific symetric key type */
 	encrypted_element->EncryptedData = xmlSecTmplEncDataCreate(doc,
-		xmlsec_encryption_sym_key_type,	NULL, xmlSecTypeEncElement, NULL, NULL);
+			xmlsec_encryption_sym_key_type,	NULL, xmlSecTypeEncElement, NULL, NULL);
 	if (encrypted_element->EncryptedData == NULL) {
 		message(G_LOG_LEVEL_WARNING, "Failed to create encryption template");
-		return NULL;
+		goto exit;
 	}
 
 	if (xmlSecTmplEncDataEnsureCipherValue(encrypted_element->EncryptedData) == NULL) {
 		message(G_LOG_LEVEL_WARNING, "Failed to add CipherValue node");
-		return NULL;
+		goto exit;
 	}
 
 	/* create and initialize keys manager, we use a simple list based
@@ -621,13 +622,13 @@ lasso_node_encrypt(LassoNode *lasso_node, xmlSecKey *encryption_public_key,
 	key_manager = xmlSecKeysMngrCreate();
 	if (key_manager == NULL) {
 		message(G_LOG_LEVEL_WARNING, "Failed to create keys manager");
-		return NULL;
+		goto exit;
 	}
 
 	if (xmlSecCryptoAppDefaultKeysMngrInit(key_manager) < 0) {
 		message(G_LOG_LEVEL_WARNING, "Failed to initialize keys manager");
 		xmlSecKeysMngrDestroy(key_manager);
-		return NULL;
+		goto exit;
 	}
 
 	/* add key to keys manager, from now on keys manager is responsible
@@ -635,89 +636,85 @@ lasso_node_encrypt(LassoNode *lasso_node, xmlSecKey *encryption_public_key,
 	 */
 	if (xmlSecCryptoAppDefaultKeysMngrAdoptKey(key_manager, encryption_public_key) < 0) {
 		xmlSecKeysMngrDestroy(key_manager);
-		return NULL;
+		goto exit;
 	}
 
 	/* add <dsig:KeyInfo/> */
 	key_info_node = xmlSecTmplEncDataEnsureKeyInfo(encrypted_element->EncryptedData, NULL);
 	if (key_info_node == NULL) {
 		message(G_LOG_LEVEL_WARNING, "Failed to add key info");
-		return NULL;
+		goto exit;
 	}
 
 	/* add <enc:EncryptedKey/> to store the encrypted session key */
 	encrypted_key_node = xmlSecTmplKeyInfoAddEncryptedKey(key_info_node,
-		xmlSecTransformRsaPkcs1Id, NULL, NULL, NULL);
+			xmlSecTransformRsaPkcs1Id, NULL, NULL, NULL);
 	if (encrypted_key_node == NULL) {
 		message(G_LOG_LEVEL_WARNING, "Failed to add encrypted key");
-		return NULL;
+		goto exit;
 	}
 
 	/* we want to put encrypted key in the <enc:CipherValue/> node */
 	if (xmlSecTmplEncDataEnsureCipherValue(encrypted_key_node) == NULL) {
 		message(G_LOG_LEVEL_WARNING, "Failed to add CipherValue node");
-		return NULL;
+		goto exit;
 	}
 
 	/* add <dsig:KeyInfo/> and <dsig:KeyName/> nodes to <enc:EncryptedKey/> */
 	key_info_node2 = xmlSecTmplEncDataEnsureKeyInfo(encrypted_key_node, NULL);
 	if (key_info_node2 == NULL) {
 		message(G_LOG_LEVEL_WARNING, "Failed to add key info");
-		return NULL;
+		goto exit;
 	}
 
-	/* set key name so we can lookup key when needed */
-/* 	if (xmlSecTmplKeyInfoAddKeyName(key_info_node2, "this is the key name") == NULL) { */
-/* 		message(G_LOG_LEVEL_WARNING, "Failed to add key name"); */
-/* 		return NULL; */
-/* 	} */
-
 	/* create encryption context */
 	enc_ctx = (xmlSecEncCtxPtr)xmlSecEncCtxCreate(key_manager);
 	if (enc_ctx == NULL) {
 		message(G_LOG_LEVEL_WARNING, "Failed to create encryption context");
-		return NULL;
+		goto exit;
 	}
 
 	/* generate a symetric key */
 	switch (encryption_sym_key_type) {
 		case LASSO_ENCRYPTION_SYM_KEY_TYPE_AES_256:
 			enc_ctx->encKey = xmlSecKeyGenerate(xmlSecKeyDataAesId, 256,
-				xmlSecKeyDataTypeSession);
+					xmlSecKeyDataTypeSession);
 			break;
 		case LASSO_ENCRYPTION_SYM_KEY_TYPE_3DES:
 			enc_ctx->encKey = xmlSecKeyGenerate(xmlSecKeyDataDesId, 192,
-				xmlSecKeyDataTypeSession);
+					xmlSecKeyDataTypeSession);
 			break;
 		case LASSO_ENCRYPTION_SYM_KEY_TYPE_AES_128:
 		default:
 			enc_ctx->encKey = xmlSecKeyGenerate(xmlSecKeyDataAesId, 128,
-				xmlSecKeyDataTypeSession);
+					xmlSecKeyDataTypeSession);
 			break;
 	}
 
 	if (enc_ctx->encKey == NULL) {
 		message(G_LOG_LEVEL_WARNING, "Failed to generate session des key");
-		return NULL;
+		goto exit;
 	}
 
 	/* encrypt the data */
 	if (xmlSecEncCtxXmlEncrypt(enc_ctx, encrypted_element->EncryptedData, orig_node) < 0) {
 		message(G_LOG_LEVEL_WARNING, "Encryption failed");
-		return NULL;
+		goto exit;
 	}
 
 	encrypted_element->EncryptedKey = g_list_append(encrypted_element->EncryptedKey,
 			xmlCopyNode(encrypted_key_node, 1));
-	
-	/* cleanup */
-	xmlSecEncCtxDestroy(enc_ctx);
 
-/* 	if (doc != NULL) { */
-/* 		xmlFreeDoc(doc); */
-/* 	} */
+	/* Transfer reference to return value*/
+	ret = encrypted_element;
+	encrypted_element = NULL;
 
-	return encrypted_element;
+exit: 
+	lasso_release_gobject(encrypted_element);
+	lasso_release_encrypt_context(enc_ctx);
+	lasso_release_doc(doc);
+
+	return ret;
 }
author	Benjamin Dauvergne <bdauvergne@entrouvert.com>	2008-08-05 14:52:34 +0000
committer	Benjamin Dauvergne <bdauvergne@entrouvert.com>	2008-08-05 14:52:34 +0000
commit	2d18a0d3f8a18e680f175df35391cfa444bf52e2 (patch)
tree	e969023f8097b3f2af791835649b967715624d2c
parent	87146dc9ecc56873ec2057922724c3fe689bf785 (diff)
download	lasso-2d18a0d3f8a18e680f175df35391cfa444bf52e2.tar.gz lasso-2d18a0d3f8a18e680f175df35391cfa444bf52e2.tar.xz lasso-2d18a0d3f8a18e680f175df35391cfa444bf52e2.zip