diff options
| author | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2011-12-16 12:18:52 +0100 |
|---|---|---|
| committer | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2011-12-16 12:18:52 +0100 |
| commit | ff3ae1ea77096ac48a42ad34850e5ad34f93f591 (patch) | |
| tree | 1ec105007798838f3275b6c693e551ff86e52805 | |
| parent | 5e5c38b451cfbefe67e836fb82a1719ce00894f3 (diff) | |
| parent | e2c6b92f3f7dec057700f07836c54f180bf1bada (diff) | |
| download | lasso-ff3ae1ea77096ac48a42ad34850e5ad34f93f591.tar.gz lasso-ff3ae1ea77096ac48a42ad34850e5ad34f93f591.tar.xz lasso-ff3ae1ea77096ac48a42ad34850e5ad34f93f591.zip | |
Merge branch 'rewrite-node-impl'
108 files changed, 1623 insertions, 980 deletions
diff --git a/bindings/bindings.py b/bindings/bindings.py index def735e7..0caf114a 100644 --- a/bindings/bindings.py +++ b/bindings/bindings.py @@ -483,6 +483,9 @@ def parse_header(header_file): pass else: # TODO: Add parsing of OFTYPE + # Transform struct to typedef + # example: "struct _LassoAssertion" -> "LassoAssertion" + line = re.sub('\s+struct _', ' ', line) member_match = re.match('\s+(\w+)\s+(\*?\w+)', line) if member_match: member_type, member_name = normalise_var(member_match.group(1), member_match.group(2)) diff --git a/bindings/python/tests/profiles_tests.py b/bindings/python/tests/profiles_tests.py index 45478f02..f5fd4637 100755 --- a/bindings/python/tests/profiles_tests.py +++ b/bindings/python/tests/profiles_tests.py @@ -452,8 +452,8 @@ class AttributeAuthorityTestCase(unittest.TestCase): class LogoutTestCase(unittest.TestCase): def test01(self): '''Test parsing of a logout request with more than one session index''' - content = '''<samlp:LogoutRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="xxxx" Version="2.0" IssueInstant="2010-06-14T22:00:00"> - <samlp:Issuer>me</samlp:Issuer> + content = '''<samlp:LogoutRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="xxxx" Version="2.0" IssueInstant="2010-06-14T22:00:00"> + <saml:Issuer>me</saml:Issuer> <samlp:SessionIndex>id1</samlp:SessionIndex> <samlp:SessionIndex>id2</samlp:SessionIndex> <samlp:SessionIndex>id3</samlp:SessionIndex> @@ -461,8 +461,8 @@ class LogoutTestCase(unittest.TestCase): node = lasso.Samlp2LogoutRequest.newFromXmlNode(content) assert isinstance(node, lasso.Samlp2LogoutRequest) - assert node.sessionIndex == 'id3' - assert node.sessionIndexes == ('id1', 'id2', 'id3') + assert node.sessionIndex == 'id1' + assert node.sessionIndexes == ('id2', 'id3', 'id1') serverSuite = unittest.makeSuite(ServerTestCase, 'test') loginSuite = unittest.makeSuite(LoginTestCase, 'test') diff --git a/configure.ac b/configure.ac index 6be518dc..7770127f 100644 --- a/configure.ac +++ b/configure.ac @@ -840,6 +840,7 @@ lasso/xml/saml-2.0/Makefile lasso/xml/soap-1.1/Makefile lasso/xml/id-wsf-2.0/Makefile lasso/xml/ws/Makefile +lasso/xml/dsig/Makefile tests/Makefile tests/data/Makefile lasso.pc diff --git a/lasso/Makefile.am b/lasso/Makefile.am index 93b90d37..61728475 100644 --- a/lasso/Makefile.am +++ b/lasso/Makefile.am @@ -57,6 +57,8 @@ if MINGW liblasso_la_LIBADD = \ $(top_builddir)/lasso/xml/liblasso-xml.la \ $(top_builddir)/lasso/xml/saml-2.0/liblasso-xml-saml2.la \ + $(top_builddir)/lasso/xml/soap-1.1/liblasso-xml-soap11.la \ + $(top_builddir)/lasso/xml/dsig/liblasso-xml-dsig.la \ $(top_builddir)/lasso/id-ff/liblasso-id-ff.la \ $(top_builddir)/lasso/saml-2.0/liblasso-saml-20.la \ $(WSF_LIB_FILE) \ @@ -73,6 +75,7 @@ liblasso_la_LIBADD = \ $(top_builddir)/lasso/xml/liblasso-xml.la \ $(top_builddir)/lasso/xml/saml-2.0/liblasso-xml-saml2.la \ $(top_builddir)/lasso/xml/soap-1.1/liblasso-xml-soap11.la \ + $(top_builddir)/lasso/xml/dsig/liblasso-xml-dsig.la \ $(top_builddir)/lasso/id-ff/liblasso-id-ff.la \ $(top_builddir)/lasso/saml-2.0/liblasso-saml-20.la \ $(WSF_LIB_FILE) \ diff --git a/lasso/id-ff/defederation.c b/lasso/id-ff/defederation.c index 062a5beb..4cf3aada 100644 --- a/lasso/id-ff/defederation.c +++ b/lasso/id-ff/defederation.c @@ -456,6 +456,15 @@ lasso_defederation_validate_notification(LassoDefederation *defederation) /* instance and class init functions */ /*****************************************************************************/ +static void +class_init(LassoDefederationClass *klass) +{ + LassoNodeClass *nclass = LASSO_NODE_CLASS(klass); + + nclass->node_data = NULL; +} + + GType lasso_defederation_get_type() { @@ -464,11 +473,11 @@ lasso_defederation_get_type() if (!this_type) { static const GTypeInfo this_info = { sizeof (LassoDefederationClass), - NULL, NULL, NULL, NULL, NULL, + NULL, NULL, (GClassInitFunc) class_init, NULL, NULL, sizeof(LassoDefederation), 0, NULL, - NULL + NULL, }; this_type = g_type_register_static(LASSO_TYPE_PROFILE, diff --git a/lasso/id-ff/federation.c b/lasso/id-ff/federation.c index 7c28e2be..4dbea978 100644 --- a/lasso/id-ff/federation.c +++ b/lasso/id-ff/federation.c @@ -167,6 +167,7 @@ static struct XmlSnippet schema_snippets[] = { G_STRUCT_OFFSET(LassoFederation, remote_nameIdentifier), NULL, NULL, NULL}, { "RemoteProviderID", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoFederation, remote_providerID), NULL, NULL, NULL}, + { "FederationDumpVersion", SNIPPET_ATTRIBUTE, 0, NULL, NULL, NULL }, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/id-ff/login.c b/lasso/id-ff/login.c index 31cb94bc..dd3cc5c7 100644 --- a/lasso/id-ff/login.c +++ b/lasso/id-ff/login.c @@ -274,6 +274,9 @@ #include "../id-wsf/id_ff_extensions_private.h" #endif +#define LASSO_LOGIN_GET_PRIVATE(o) \ + (G_TYPE_INSTANCE_GET_PRIVATE ((o), LASSO_TYPE_LOGIN, LassoLoginPrivate)) + static void lasso_login_build_assertion_artifact(LassoLogin *login); @@ -338,6 +341,7 @@ lasso_login_build_assertion(LassoLogin *login, LassoProvider *provider = NULL; LassoSaml2EncryptedElement *encrypted_element = NULL; LassoSamlSubjectStatementAbstract *ss; + lasso_error_t rc = 0; g_return_val_if_fail(LASSO_IS_LOGIN(login), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); @@ -400,14 +404,9 @@ lasso_login_build_assertion(LassoLogin *login, assertion->AuthenticationStatement = LASSO_SAML_AUTHENTICATION_STATEMENT(as); /* Save signing material in assertion private datas to be able to sign later */ - if (profile->server->certificate) { - assertion->sign_type = LASSO_SIGNATURE_TYPE_WITHX509; - } else { - assertion->sign_type = LASSO_SIGNATURE_TYPE_SIMPLE; - } - assertion->sign_method = profile->server->signature_method; - lasso_assign_string(assertion->private_key_file, profile->server->private_key); - lasso_assign_string(assertion->certificate_file, profile->server->certificate); + lasso_check_good_rc(lasso_server_set_signature_for_provider_by_name(login->parent.server, + profile->remote_providerID, (LassoNode*)assertion)); + if (login->protocolProfile == LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_POST || \ login->protocolProfile == LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_LECP) { @@ -424,7 +423,7 @@ lasso_login_build_assertion(LassoLogin *login, if (profile->session == NULL) { profile->session = lasso_session_new(); } - lasso_assign_new_gobject(login->assertion, LASSO_SAML_ASSERTION(assertion)); + lasso_assign_gobject(login->assertion, LASSO_SAML_ASSERTION(assertion)); lasso_session_add_assertion(profile->session, profile->remote_providerID, LASSO_NODE(assertion)); @@ -454,7 +453,9 @@ lasso_login_build_assertion(LassoLogin *login, } } - return 0; +cleanup: + lasso_release_gobject(assertion); + return rc; } /** @@ -1078,15 +1079,15 @@ lasso_login_build_artifact_msg(LassoLogin *login, LassoHttpMethod http_method) * </para></listitem> * </itemizedlist> **/ -gint +lasso_error_t lasso_login_build_authn_request_msg(LassoLogin *login) { LassoProvider *provider, *remote_provider; LassoProfile *profile; - char *md_authnRequestsSigned, *url, *query, *lareq, *protocolProfile; + char *md_authnRequestsSigned, *url, *query = NULL, *lareq, *protocolProfile; LassoProviderRole role, remote_role; gboolean must_sign; - gint ret = 0; + gint rc = 0; g_return_val_if_fail(LASSO_IS_LOGIN(login), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); profile = LASSO_PROFILE(login); @@ -1132,20 +1133,14 @@ lasso_login_build_authn_request_msg(LassoLogin *login) provider->role = role; remote_provider->role = remote_role; - if (!must_sign) - LASSO_SAMLP_REQUEST_ABSTRACT( - profile->request)->sign_type = LASSO_SIGNATURE_TYPE_NONE; - if (login->http_method == LASSO_HTTP_METHOD_REDIRECT) { /* REDIRECT -> query */ if (must_sign) { - query = lasso_node_export_to_query_with_password(LASSO_NODE(profile->request), - profile->server->signature_method, - profile->server->private_key, - profile->server->private_key_password); + lasso_check_good_rc(lasso_server_export_to_query_for_provider_by_name(profile->server, + profile->remote_providerID, + profile->request, &query)); } else { - query = lasso_node_export_to_query_with_password( - LASSO_NODE(profile->request), 0, NULL, NULL); + query = lasso_node_build_query(LASSO_NODE(profile->request)); } if (query == NULL) { return critical_error(LASSO_PROFILE_ERROR_BUILDING_QUERY_FAILED); @@ -1164,14 +1159,9 @@ lasso_login_build_authn_request_msg(LassoLogin *login) } if (login->http_method == LASSO_HTTP_METHOD_POST) { if (must_sign) { - /* XXX: private_key_file is not declared within request - * snippets so it is not freed on destroy, so it is - * normal to not strdup() it; nevertheless it would - * probably be more clean not to to it this way */ - LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->private_key_file = - profile->server->private_key; - LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->certificate_file = - profile->server->certificate; + lasso_server_set_signature_for_provider_by_name(profile->server, + profile->remote_providerID, + profile->request); } lareq = lasso_node_export_to_base64(profile->request); @@ -1184,7 +1174,8 @@ lasso_login_build_authn_request_msg(LassoLogin *login) lasso_assign_new_string(profile->msg_body, lareq); } - return ret; +cleanup: + return rc; } /** @@ -1244,8 +1235,9 @@ lasso_login_build_authn_request_msg(LassoLogin *login) gint lasso_login_build_authn_response_msg(LassoLogin *login) { - LassoProvider *remote_provider; - LassoProfile *profile; + LassoProvider *remote_provider = NULL; + LassoProfile *profile = NULL; + lasso_error_t rc = 0; g_return_val_if_fail(LASSO_IS_LOGIN(login), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); @@ -1274,22 +1266,14 @@ lasso_login_build_authn_response_msg(LassoLogin *login) /* Countermeasure: The issuer should sign <lib:AuthnResponse> messages. * (binding and profiles (1.2errata2, page 65) */ - if (profile->server->certificate) { - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->sign_type = - LASSO_SIGNATURE_TYPE_WITHX509; - } else { - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->sign_type = - LASSO_SIGNATURE_TYPE_SIMPLE; - } - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->sign_method = - LASSO_SIGNATURE_METHOD_RSA_SHA1; - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->private_key_file = - profile->server->private_key; - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->certificate_file = - profile->server->certificate; + lasso_check_good_rc(lasso_server_set_signature_for_provider_by_name( + profile->server, + profile->remote_providerID, + profile->response)); /* build an lib:AuthnResponse base64 encoded */ - lasso_assign_new_string(profile->msg_body, lasso_node_export_to_base64(LASSO_NODE(profile->response))); + lasso_assign_new_string(profile->msg_body, + lasso_node_export_to_base64(LASSO_NODE(profile->response))); remote_provider = lasso_server_get_provider(profile->server, profile->remote_providerID); if (LASSO_IS_PROVIDER(remote_provider) == FALSE) @@ -1299,8 +1283,8 @@ lasso_login_build_authn_response_msg(LassoLogin *login) if (profile->msg_url == NULL) { return LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL; } - - return 0; +cleanup: + return rc; } /** @@ -1327,6 +1311,7 @@ lasso_login_build_request_msg(LassoLogin *login) { LassoProvider *remote_provider; LassoProfile *profile; + lasso_error_t rc = 0; g_return_val_if_fail(LASSO_IS_LOGIN(login), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); @@ -1342,10 +1327,10 @@ lasso_login_build_request_msg(LassoLogin *login) return critical_error(LASSO_PROFILE_ERROR_MISSING_REMOTE_PROVIDERID); } - LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->private_key_file = - profile->server->private_key; - LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->certificate_file = - profile->server->certificate; + lasso_check_good_rc(lasso_server_set_signature_for_provider_by_name( + profile->server, + profile->remote_providerID, + profile->request)); lasso_assign_new_string(profile->msg_body, lasso_node_export_to_soap(profile->request)); remote_provider = lasso_server_get_provider(profile->server, profile->remote_providerID); @@ -1353,7 +1338,8 @@ lasso_login_build_request_msg(LassoLogin *login) return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND); } lasso_assign_new_string(profile->msg_url, lasso_provider_get_metadata_one(remote_provider, "SoapEndpoint")); - return 0; +cleanup: + return rc; } /** @@ -1379,7 +1365,7 @@ lasso_login_build_response_msg(LassoLogin *login, gchar *remote_providerID) { LassoProvider *remote_provider; LassoProfile *profile; - gint ret = 0; + lasso_error_t rc = 0; g_return_val_if_fail(LASSO_IS_LOGIN(login), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); profile = LASSO_PROFILE(login); @@ -1398,38 +1384,28 @@ lasso_login_build_response_msg(LassoLogin *login, gchar *remote_providerID) LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->MinorVersion = 0; } - if (profile->server->certificate) { - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->sign_type = - LASSO_SIGNATURE_TYPE_WITHX509; - } else { - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->sign_type = - LASSO_SIGNATURE_TYPE_SIMPLE; - } - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->sign_method = - LASSO_SIGNATURE_METHOD_RSA_SHA1; - if (remote_providerID != NULL) { lasso_assign_string(profile->remote_providerID, remote_providerID); remote_provider = lasso_server_get_provider(profile->server, profile->remote_providerID); - ret = lasso_provider_verify_signature(remote_provider, + rc = lasso_provider_verify_signature(remote_provider, login->private_data->soap_request_msg, "RequestID", LASSO_MESSAGE_FORMAT_SOAP); lasso_release_string(login->private_data->soap_request_msg); /* lasso_profile_set_session_from_dump has not been called */ if (profile->session == NULL) { - ret = LASSO_PROFILE_ERROR_SESSION_NOT_FOUND; + rc = LASSO_PROFILE_ERROR_SESSION_NOT_FOUND; } /* change status code into RequestDenied if signature is * invalid or not found or if an error occurs during * verification */ - if (ret != 0) { + if (rc != 0) { lasso_profile_set_response_status(profile, LASSO_SAML_STATUS_CODE_REQUEST_DENIED); } - if (ret == 0) { + if (rc == 0) { /* get assertion in session and add it in response */ LassoSamlAssertion *assertion; LassoSamlpStatus *status; @@ -1456,13 +1432,14 @@ lasso_login_build_response_msg(LassoLogin *login, gchar *remote_providerID) lasso_profile_set_response_status(profile, LASSO_SAML_STATUS_CODE_REQUEST_DENIED); } - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->private_key_file = - profile->server->private_key; - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->certificate_file = - profile->server->certificate; + lasso_check_good_rc(lasso_server_set_signature_for_provider_by_name( + profile->server, + profile->remote_providerID, + profile->response)); lasso_assign_new_string(profile->msg_body, lasso_node_export_to_soap(profile->response)); - return ret; +cleanup: + return rc; } /** @@ -1567,15 +1544,6 @@ lasso_login_init_authn_request(LassoLogin *login, const gchar *remote_providerID lasso_assign_string(LASSO_LIB_AUTHN_REQUEST(profile->request)->RelayState, profile->msg_relayState); - if (http_method == LASSO_HTTP_METHOD_POST) { - request->sign_method = LASSO_SIGNATURE_METHOD_RSA_SHA1; - if (profile->server->certificate) { - request->sign_type = LASSO_SIGNATURE_TYPE_WITHX509; - } else { - request->sign_type = LASSO_SIGNATURE_TYPE_SIMPLE; - } - } - return 0; } @@ -1709,15 +1677,7 @@ lasso_login_init_request(LassoLogin *login, gchar *response_msg, request->MajorVersion = LASSO_SAML_MAJOR_VERSION_N; request->MinorVersion = LASSO_SAML_MINOR_VERSION_N; lasso_assign_new_string(request->IssueInstant, lasso_get_current_time()); - LASSO_SAMLP_REQUEST(request)->AssertionArtifact = artifact_b64; - if (profile->server->certificate) { - request->sign_type = LASSO_SIGNATURE_TYPE_WITHX509; - } else { - request->sign_type = LASSO_SIGNATURE_TYPE_SIMPLE; - } - request->sign_method = LASSO_SIGNATURE_METHOD_RSA_SHA1; - lasso_assign_new_gobject(profile->request, LASSO_NODE(request)); return ret; @@ -2329,6 +2289,10 @@ static struct XmlSnippet schema_snippets[] = { { "AssertionArtifact", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLogin, assertionArtifact), NULL, NULL, NULL}, { "NameIDPolicy", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLogin, nameIDPolicy), NULL, NULL, NULL}, { "Assertion", SNIPPET_NODE_IN_CHILD, G_STRUCT_OFFSET(LassoLogin, assertion), NULL, NULL, NULL}, + { "RequestID", SNIPPET_CONTENT | SNIPPET_PRIVATE, + G_STRUCT_OFFSET(LassoLoginPrivate, request_id), NULL, NULL, NULL}, + { "LoginDumpVersion", SNIPPET_ATTRIBUTE, 0, NULL, NULL, NULL}, + { "ProtocolProfile", SNIPPET_CONTENT, 0, NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} }; @@ -2342,7 +2306,6 @@ get_xmlNode(LassoNode *node, gboolean lasso_dump) xmlnode = parent_class->get_xmlNode(node, lasso_dump); xmlSetProp(xmlnode, (xmlChar*)"LoginDumpVersion", (xmlChar*)"2"); - xmlSetProp(xmlnode, (xmlChar*)"RequestID", (xmlChar*)LASSO_LOGIN(node)->private_data->request_id); if (login->protocolProfile == LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_ART) xmlNewTextChild(xmlnode, NULL, (xmlChar*)"ProtocolProfile", (xmlChar*)"Artifact"); @@ -2364,9 +2327,6 @@ init_from_xml(LassoNode *node, xmlNode *xmlnode) rc = parent_class->init_from_xml(node, xmlnode); if (rc) return rc; - lasso_assign_new_string(LASSO_LOGIN(node)->private_data->request_id, (char*)xmlGetProp(xmlnode, - (xmlChar*)"RequestID")); - t = xmlnode->children; while (t) { if (t->type != XML_ELEMENT_NODE) { @@ -2410,14 +2370,6 @@ dispose(GObject *object) G_OBJECT_CLASS(parent_class)->dispose(object); } -static void -finalize(GObject *object) -{ - LassoLogin *login = LASSO_LOGIN(object); - lasso_release(login->private_data); - G_OBJECT_CLASS(parent_class)->finalize(object); -} - /*****************************************************************************/ /* instance and class init functions */ /*****************************************************************************/ @@ -2425,8 +2377,7 @@ finalize(GObject *object) static void instance_init(LassoLogin *login) { - login->private_data = g_new0(LassoLoginPrivate, 1); - + login->private_data = LASSO_LOGIN_GET_PRIVATE(login); login->protocolProfile = 0; login->assertionArtifact = NULL; login->nameIDPolicy = NULL; @@ -2445,9 +2396,9 @@ class_init(LassoLoginClass *klass) lasso_node_class_set_nodename(nclass, "Login"); lasso_node_class_set_ns(nclass, LASSO_LASSO_HREF, LASSO_LASSO_PREFIX); lasso_node_class_add_snippets(nclass, schema_snippets); + g_type_class_add_private(klass, sizeof(LassoLoginPrivate)); G_OBJECT_CLASS(klass)->dispose = dispose; - G_OBJECT_CLASS(klass)->finalize = finalize; } GType diff --git a/lasso/id-ff/logout.c b/lasso/id-ff/logout.c index 0c51c621..7567a47d 100644 --- a/lasso/id-ff/logout.c +++ b/lasso/id-ff/logout.c @@ -277,14 +277,16 @@ static void check_soap_support(gchar *key, LassoProvider *provider, LassoProfile * * Return value: 0 on success; or a negative value otherwise. **/ -gint +lasso_error_t lasso_logout_build_request_msg(LassoLogout *logout) { - LassoProfile *profile; - LassoProvider *remote_provider; - char *url, *query; + LassoProfile *profile = NULL; + LassoProvider *remote_provider = NULL; + char *url = NULL; + char *query = NULL; + lasso_error_t rc = 0; - g_return_val_if_fail(LASSO_IS_LOGOUT(logout), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); + lasso_bad_param(LOGOUT, logout); profile = LASSO_PROFILE(logout); lasso_profile_clean_msg_info(profile); @@ -294,14 +296,14 @@ lasso_logout_build_request_msg(LassoLogout *logout) } if (profile->remote_providerID == NULL) { - /* this means lasso_logout_init_request was not called before */ - return critical_error(LASSO_PROFILE_ERROR_MISSING_REMOTE_PROVIDERID); + /* it means lasso_logout_init_request was not called before */ + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_MISSING_REMOTE_PROVIDERID); } /* get remote provider */ remote_provider = lasso_server_get_provider(profile->server, profile->remote_providerID); if (LASSO_IS_PROVIDER(remote_provider) == FALSE) { - return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND); + goto_cleanup_with_rc(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND); } /* build the logout request message */ @@ -311,38 +313,30 @@ lasso_logout_build_request_msg(LassoLogout *logout) remote_provider, "SoapEndpoint")); /* FIXME: private key file is not owned by the request ? That is potentially a * problem if the server life does not exceed the request */ - lasso_assign_new_string(LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->private_key_file, - profile->server->private_key); - lasso_assign_new_string(LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->certificate_file, - profile->server->certificate); - lasso_assign_new_string(profile->msg_body, lasso_node_export_to_soap(profile->request)); - return 0; - } - - if (logout->initial_http_request_method == LASSO_HTTP_METHOD_REDIRECT) { + lasso_check_good_rc(lasso_server_set_signature_for_provider_by_name(logout->parent.server, + profile->remote_providerID, profile->request)); + lasso_assign_new_string(profile->msg_body, + lasso_node_export_to_soap(profile->request)); + } else if (logout->initial_http_request_method == LASSO_HTTP_METHOD_REDIRECT) { /* build and optionally sign the logout request QUERY message */ url = lasso_provider_get_metadata_one(remote_provider, "SingleLogoutServiceURL"); - if (url == NULL) { - return critical_error(LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL); - } - query = lasso_node_export_to_query_with_password(LASSO_NODE(profile->request), - profile->server->signature_method, - profile->server->private_key, - profile->server->private_key_password); - if (query == NULL) { - lasso_release(url); - return critical_error(LASSO_PROFILE_ERROR_BUILDING_QUERY_FAILED); - } + if (url == NULL) + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL); + lasso_check_good_rc(lasso_server_export_to_query_for_provider_by_name(profile->server, + profile->remote_providerID, profile->request, &query)); + if (query == NULL) + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_BUILDING_QUERY_FAILED); /* build the msg_url */ lasso_assign_new_string(profile->msg_url, lasso_concat_url_query(url, query)); - lasso_release(url); - lasso_release(query); lasso_release_string(profile->msg_body); - return 0; + } else { + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD); } - - return critical_error(LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD); +cleanup: + lasso_release(url); + lasso_release(query); + return rc; } @@ -372,16 +366,17 @@ lasso_logout_build_request_msg(LassoLogout *logout) * * Return value: 0 on success; or a negative value otherwise. **/ -gint +lasso_error_t lasso_logout_build_response_msg(LassoLogout *logout) { - LassoProfile *profile; - LassoProvider *provider; - gchar *url, *query; - - g_return_val_if_fail(LASSO_IS_LOGOUT(logout), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); - - profile = LASSO_PROFILE(logout); + LassoProfile *profile = NULL; + LassoProvider *provider = NULL; + gchar *url = NULL; + gchar *query = NULL; + lasso_error_t rc = 0; + + lasso_bad_param(LOGOUT, logout); + profile = &logout->parent; lasso_profile_clean_msg_info(profile); if (! profile->private_data || ! logout->private_data) { @@ -403,8 +398,7 @@ lasso_logout_build_response_msg(LassoLogout *logout) LASSO_SIGNATURE_TYPE_WITHX509 : LASSO_SIGNATURE_TYPE_SIMPLE, LASSO_SIGNATURE_METHOD_RSA_SHA1)); - } - if (profile->http_request_method == LASSO_HTTP_METHOD_REDIRECT) { + } else if (profile->http_request_method == LASSO_HTTP_METHOD_REDIRECT) { lasso_assign_new_gobject(profile->response, lasso_lib_logout_response_new_full( LASSO_PROVIDER(profile->server)->ProviderID, @@ -419,7 +413,7 @@ lasso_logout_build_response_msg(LassoLogout *logout) /* no remote provider id set or no response set, this means * this function got called before validate_request, probably * because there were no active session */ - return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND); + goto_cleanup_with_rc(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND); } /* Set the RelayState */ @@ -428,47 +422,33 @@ lasso_logout_build_response_msg(LassoLogout *logout) /* build logout response message */ if (profile->http_request_method == LASSO_HTTP_METHOD_SOAP) { - lasso_release(profile->msg_url); - lasso_assign_string( - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->private_key_file, - profile->server->private_key); - lasso_assign_string( - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->certificate_file, - profile->server->certificate); + lasso_release_string(profile->msg_url); + lasso_check_good_rc(lasso_server_set_signature_for_provider_by_name(logout->parent.server, + profile->remote_providerID, profile->response)); lasso_assign_new_string(profile->msg_body, lasso_node_export_to_soap(profile->response)); - return 0; - } - - if (profile->http_request_method == LASSO_HTTP_METHOD_REDIRECT) { - /* get the provider */ + } else if (profile->http_request_method == LASSO_HTTP_METHOD_REDIRECT) { + lasso_release_string(profile->msg_body); provider = lasso_server_get_provider(profile->server, profile->remote_providerID); - if (provider == NULL) { - return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND); - } + if (provider == NULL) + goto_cleanup_with_rc(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND); url = lasso_provider_get_metadata_one(provider, "SingleLogoutServiceReturnURL"); - if (url == NULL) { - /* XXX: but wouldn't it be nice to provide a fallback msgUrl, - * something like the document root of the other site ? */ - return critical_error(LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL); - } - query = lasso_node_export_to_query_with_password(profile->response, - profile->server->signature_method, - profile->server->private_key, - profile->server->private_key_password); - if (query == NULL) { - lasso_release(url); - return critical_error(LASSO_PROFILE_ERROR_BUILDING_QUERY_FAILED); - } + if (url == NULL) + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL); + lasso_check_good_rc(lasso_server_export_to_query_for_provider_by_name(profile->server, + profile->remote_providerID, profile->response, &query)); + if (query == NULL) + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_BUILDING_QUERY_FAILED); lasso_assign_new_string(profile->msg_url, lasso_concat_url_query(url, query)); - lasso_release(profile->msg_body); - lasso_release(url); - lasso_release(query); - return 0; + } else { + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD); } - return LASSO_PROFILE_ERROR_MISSING_REQUEST; +cleanup: + lasso_release_string(url); + lasso_release_string(query); + return rc; } /** @@ -804,21 +784,23 @@ lasso_logout_process_request_msg(LassoLogout *logout, char *request_msg) * * Return value: 0 on success; or a negative value otherwise. **/ -gint +lasso_error_t lasso_logout_process_response_msg(LassoLogout *logout, gchar *response_msg) { - LassoProfile *profile; - LassoProvider *remote_provider; - char *statusCodeValue; + LassoProfile *profile = NULL; + LassoProvider *remote_provider = NULL; + char *statusCodeValue = NULL; LassoHttpMethod response_method; LassoMessageFormat format; - LassoLibStatusResponse *response; - int rc = 0; + LassoLibStatusResponse *response = NULL; + lasso_error_t rc = 0; + gchar *url = NULL; + gchar *query = NULL; - g_return_val_if_fail(LASSO_IS_LOGOUT(logout), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); - g_return_val_if_fail(response_msg != NULL, LASSO_PARAM_ERROR_INVALID_VALUE); - profile = LASSO_PROFILE(logout); + lasso_bad_param(LOGOUT, logout); + lasso_null_param(response_msg); + profile = &logout->parent; IF_SAML2(profile) { return lasso_saml20_logout_process_response_msg(logout, response_msg); @@ -835,24 +817,20 @@ lasso_logout_process_response_msg(LassoLogout *logout, gchar *response_msg) response_method = LASSO_HTTP_METHOD_REDIRECT; break; default: - return critical_error(LASSO_PROFILE_ERROR_INVALID_MSG); + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_INVALID_MSG); } /* get the RelayState */ lasso_assign_string(profile->msg_relayState, LASSO_LIB_STATUS_RESPONSE(profile->response)->RelayState); - /* get provider */ lasso_assign_string(profile->remote_providerID, LASSO_LIB_STATUS_RESPONSE(profile->response)->ProviderID); - if (profile->remote_providerID == NULL) { - return critical_error(LASSO_PROFILE_ERROR_MISSING_REMOTE_PROVIDERID); - } - + if (profile->remote_providerID == NULL) + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_MISSING_REMOTE_PROVIDERID); remote_provider = lasso_server_get_provider(profile->server, profile->remote_providerID); - if (LASSO_IS_PROVIDER(remote_provider) == FALSE) { - return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND); - } + if (LASSO_IS_PROVIDER(remote_provider) == FALSE) + goto_cleanup_with_rc(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND); /* verify signature */ rc = lasso_provider_verify_signature(remote_provider, response_msg, "ResponseID", format); @@ -860,15 +838,17 @@ lasso_logout_process_response_msg(LassoLogout *logout, gchar *response_msg) /* This message SHOULD be signed. * -- draft-liberty-idff-protocols-schema-1.2-errata-v2.0.pdf - p38 */ - message(G_LOG_LEVEL_WARNING, "No signature on response"); + debug("No signature on logout response"); rc = 0; + } else { + goto cleanup; } response = LASSO_LIB_STATUS_RESPONSE(profile->response); if (response->Status == NULL || response->Status->StatusCode == NULL || response->Status->StatusCode->Value == NULL) { - return critical_error(LASSO_PROFILE_ERROR_MISSING_STATUS_CODE); + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_MISSING_STATUS_CODE); } statusCodeValue = response->Status->StatusCode->Value; @@ -880,70 +860,51 @@ lasso_logout_process_response_msg(LassoLogout *logout, gchar *response_msg) if (response->Status->StatusCode && response->Status->StatusCode->StatusCode) statusCodeValue = response->Status->StatusCode->StatusCode->Value; - if (strcmp(statusCodeValue, LASSO_LIB_STATUS_CODE_UNSUPPORTED_PROFILE) == 0 && + if (lasso_strisequal(statusCodeValue, LASSO_LIB_STATUS_CODE_UNSUPPORTED_PROFILE) && remote_provider->role == LASSO_PROVIDER_ROLE_IDP && logout->initial_http_request_method == LASSO_HTTP_METHOD_SOAP) { - gchar *url, *query; - /* Build and optionally sign the logout request QUERY message */ + lasso_release(profile->msg_body); url = lasso_provider_get_metadata_one(remote_provider, "SingleLogoutServiceURL"); - if (url == NULL) { - return critical_error(LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL); - } - query = lasso_node_export_to_query_with_password(LASSO_NODE(profile->request), - profile->server->signature_method, - profile->server->private_key, - profile->server->private_key_password); - if (query == NULL) { - lasso_release(url); - return critical_error(LASSO_PROFILE_ERROR_BUILDING_QUERY_FAILED); - } + if (url == NULL) + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL); + + lasso_check_good_rc(lasso_server_export_to_query_for_provider_by_name(profile->server, + profile->remote_providerID, profile->request, + &query)); + if (query == NULL) + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_BUILDING_QUERY_FAILED); lasso_assign_new_string(profile->msg_url, lasso_concat_url_query(url, query)); - lasso_release(url); - lasso_release(query); - lasso_release(profile->msg_body); /* send a HTTP Redirect / GET method, so first remove session */ lasso_session_remove_assertion( profile->session, profile->remote_providerID); - return LASSO_LOGOUT_ERROR_UNSUPPORTED_PROFILE; - } - if (strcmp(statusCodeValue, LASSO_SAML_STATUS_CODE_REQUEST_DENIED) == 0) { + goto_cleanup_with_rc(LASSO_LOGOUT_ERROR_UNSUPPORTED_PROFILE); + } else if (lasso_strisequal(statusCodeValue, LASSO_SAML_STATUS_CODE_REQUEST_DENIED)) { /* assertion no longer on idp so removing it locally too */ - message(G_LOG_LEVEL_WARNING, "SP answer is request denied"); lasso_session_remove_assertion( profile->session, profile->remote_providerID); - return LASSO_LOGOUT_ERROR_REQUEST_DENIED; - } - if (strcmp(statusCodeValue, - LASSO_LIB_STATUS_CODE_FEDERATION_DOES_NOT_EXIST) == 0) { + goto_cleanup_with_rc(LASSO_LOGOUT_ERROR_REQUEST_DENIED); + } else if (lasso_strisequal(statusCodeValue, + LASSO_LIB_STATUS_CODE_FEDERATION_DOES_NOT_EXIST)) { /* how could this happen ? probably error in SP */ /* let's remove the assertion nevertheless */ - message(G_LOG_LEVEL_WARNING, "SP answer is federation does not exist"); lasso_session_remove_assertion( profile->session, profile->remote_providerID); - return LASSO_LOGOUT_ERROR_FEDERATION_NOT_FOUND; + goto_cleanup_with_rc(LASSO_LOGOUT_ERROR_FEDERATION_NOT_FOUND); } - message(G_LOG_LEVEL_CRITICAL, "Status code is not success : %s", statusCodeValue); - return LASSO_PROFILE_ERROR_STATUS_NOT_SUCCESS; + error("Status code is not success : %s", statusCodeValue); + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_STATUS_NOT_SUCCESS); } - /* LogoutResponse status code value is ok */ - /* if SOAP method or, if IDP provider type and HTTP Redirect, then remove assertion */ if ( response_method == LASSO_HTTP_METHOD_SOAP || (remote_provider->role == LASSO_PROVIDER_ROLE_SP && response_method == LASSO_HTTP_METHOD_REDIRECT) ) { lasso_session_remove_assertion(profile->session, profile->remote_providerID); -#if 0 /* ? */ - if (remote_provider->role == LASSO_PROVIDER_ROLE_SP && - logout->providerID_index >= 0) { - logout->providerID_index--; - } -#endif } /* If at IDP and if there is no more assertion, IDP has logged out @@ -963,7 +924,9 @@ lasso_logout_process_response_msg(LassoLogout *logout, gchar *response_msg) lasso_transfer_gobject(profile->response, logout->initial_response); } } - +cleanup: + lasso_release_string(url); + lasso_release_string(query); return rc; } @@ -1199,6 +1162,7 @@ static struct XmlSnippet schema_snippets[] = { G_STRUCT_OFFSET(LassoLogout, initial_remote_providerID), NULL, NULL, NULL}, { "InitialHttpRequestMethod", SNIPPET_CONTENT | SNIPPET_INTEGER, G_STRUCT_OFFSET(LassoLogout, initial_http_request_method), NULL, NULL, NULL}, + { "LogoutDumpVersion", SNIPPET_ATTRIBUTE, 0, NULL, NULL, NULL }, /* "ProviderIdIndex" must not be dumped (since apps assume to get * it back to 0 after a restore from dump) (maybe this behaviour should * be fixed) diff --git a/lasso/id-ff/name_registration.c b/lasso/id-ff/name_registration.c index 0badf76d..7d554902 100644 --- a/lasso/id-ff/name_registration.c +++ b/lasso/id-ff/name_registration.c @@ -645,6 +645,7 @@ lasso_name_registration_validate_request(LassoNameRegistration *name_registratio static struct XmlSnippet schema_snippets[] = { { "OldNameIdentifier", SNIPPET_NODE_IN_CHILD, G_STRUCT_OFFSET(LassoNameRegistration, oldNameIdentifier), NULL, NULL, NULL}, + { "NameRegistrationDumpVersion", SNIPPET_ATTRIBUTE, 0, NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/id-ff/profile.c b/lasso/id-ff/profile.c index c1c86daa..749fb119 100644 --- a/lasso/id-ff/profile.c +++ b/lasso/id-ff/profile.c @@ -539,69 +539,15 @@ static struct XmlSnippet schema_snippets[] = { NULL, NULL}, { "HttpRequestMethod", SNIPPET_CONTENT | SNIPPET_INTEGER, G_STRUCT_OFFSET(LassoProfile, http_request_method), NULL, NULL, NULL}, + { "Artifact", SNIPPET_CONTENT | SNIPPET_PRIVATE, G_STRUCT_OFFSET(LassoProfilePrivate, + artifact), NULL, NULL, NULL }, + { "ArtifactMessage", SNIPPET_CONTENT | SNIPPET_PRIVATE, G_STRUCT_OFFSET(LassoProfilePrivate, + artifact_message), NULL, NULL, NULL }, {NULL, 0, 0, NULL, NULL, NULL} }; static LassoNodeClass *parent_class = NULL; -static xmlNode* -get_xmlNode(LassoNode *node, gboolean lasso_dump) -{ - xmlNode *xmlnode; - LassoProfile *profile = LASSO_PROFILE(node); - - xmlnode = parent_class->get_xmlNode(node, lasso_dump); - - if (profile->private_data->artifact) { - xmlNewTextChild(xmlnode, NULL, (xmlChar*)"Artifact", - (xmlChar*)profile->private_data->artifact); - } - - if (profile->private_data->artifact_message) { - xmlNewTextChild(xmlnode, NULL, (xmlChar*)"ArtifactMessage", - (xmlChar*)profile->private_data->artifact_message); - } - - return xmlnode; -} - - -static int -init_from_xml(LassoNode *node, xmlNode *xmlnode) -{ - LassoProfile *profile = LASSO_PROFILE(node); - xmlNode *t; - - parent_class->init_from_xml(node, xmlnode); - - if (xmlnode == NULL) - return LASSO_XML_ERROR_OBJECT_CONSTRUCTION_FAILED; - - t = xmlnode->children; - while (t) { - xmlChar *s; - - if (t->type != XML_ELEMENT_NODE) { - t = t->next; - continue; - } - - if (strcmp((char*)t->name, "Artifact") == 0) { - s = xmlNodeGetContent(t); - lasso_assign_string(profile->private_data->artifact, (char*)s); - xmlFree(s); - } else if (strcmp((char*)t->name, "ArtifactMessage") == 0) { - s = xmlNodeGetContent(t); - lasso_assign_string(profile->private_data->artifact_message, (char*)s); - xmlFree(s); - } - - t = t->next; - } - - return 0; -} - /** * lasso_profile_set_signature_hint: * @profile: a #LassoProfile object @@ -819,14 +765,6 @@ dispose(GObject *object) G_OBJECT_CLASS(parent_class)->dispose(G_OBJECT(profile)); } -static void -finalize(GObject *object) -{ - LassoProfile *profile = LASSO_PROFILE(object); - lasso_release(profile->private_data); - G_OBJECT_CLASS(parent_class)->finalize(object); -} - /*****************************************************************************/ /* instance and class init functions */ /*****************************************************************************/ @@ -834,7 +772,7 @@ finalize(GObject *object) static void instance_init(LassoProfile *profile) { - profile->private_data = g_new0(LassoProfilePrivate, 1); + profile->private_data = LASSO_PROFILE_GET_PRIVATE(profile); profile->private_data->dispose_has_run = FALSE; profile->private_data->artifact = NULL; profile->private_data->artifact_message = NULL; @@ -864,11 +802,9 @@ class_init(LassoProfileClass *klass) lasso_node_class_set_nodename(nclass, "Profile"); lasso_node_class_set_ns(nclass, LASSO_LASSO_HREF, LASSO_LASSO_PREFIX); lasso_node_class_add_snippets(nclass, schema_snippets); - nclass->get_xmlNode = get_xmlNode; - nclass->init_from_xml = init_from_xml; + g_type_class_add_private(klass, sizeof(LassoProfilePrivate)); G_OBJECT_CLASS(klass)->dispose = dispose; - G_OBJECT_CLASS(klass)->finalize = finalize; } GType diff --git a/lasso/id-ff/profileprivate.h b/lasso/id-ff/profileprivate.h index 3a9f563f..2aeefad0 100644 --- a/lasso/id-ff/profileprivate.h +++ b/lasso/id-ff/profileprivate.h @@ -44,6 +44,9 @@ struct _LassoProfilePrivate void lasso_profile_set_response_status(LassoProfile *profile, const gchar *statusCodeValue); void lasso_profile_clean_msg_info(LassoProfile *profile); +#define LASSO_PROFILE_GET_PRIVATE(o) \ + (G_TYPE_INSTANCE_GET_PRIVATE ((o), LASSO_TYPE_PROFILE, LassoProfilePrivate)) + #ifdef __cplusplus } #endif /* __cplusplus */ diff --git a/lasso/id-ff/provider.c b/lasso/id-ff/provider.c index 34e50c4b..3f9e6173 100644 --- a/lasso/id-ff/provider.c +++ b/lasso/id-ff/provider.c @@ -516,6 +516,9 @@ static struct XmlSnippet schema_snippets[] = { { "CaCertChainFilePath", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoProvider, ca_cert_chain), NULL, NULL, NULL}, { "MetadataFilePath", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoProvider, metadata_filename), NULL, NULL, NULL}, { "ProviderID", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoProvider, ProviderID), NULL, NULL, NULL}, + { "ProviderRole", SNIPPET_ATTRIBUTE, 0, NULL, NULL, NULL}, + { "EncryptionMode", SNIPPET_ATTRIBUTE, 0, NULL, NULL, NULL}, + { "ProviderDumpVersion", SNIPPET_ATTRIBUTE, 0, NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} }; @@ -1756,10 +1759,9 @@ cleanup: * @key: a #LassoKey object * @after:(default FALSE): add the key at the end of the list, not on front. * - * Add a new signature key for validating message received from @provider. - * If the key is used to improve verification time add it first with @after as true, it the key is - * ther for coninuitý of service (when doing a key rollover for example) at it last with @after as - * false. + * Add a new signature key for validating message received from @provider. If the key is used to + * improve verification time add it first with @after as true, it the key is ther for continuity of + * service (when doing a key rollover for example) at it last with @after as false. * * Return value: 0 if successful, an error code otherwise. */ diff --git a/lasso/id-ff/server.c b/lasso/id-ff/server.c index c95e2713..390a55b7 100644 --- a/lasso/id-ff/server.c +++ b/lasso/id-ff/server.c @@ -254,10 +254,20 @@ cleanup: /*****************************************************************************/ static struct XmlSnippet schema_snippets[] = { - { "PrivateKeyFilePath", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoServer, private_key), NULL, NULL, NULL}, + { "PrivateKeyFilePath", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoServer, private_key), NULL, + NULL, NULL}, { "PrivateKeyPassword", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoServer, private_key_password), NULL, NULL, NULL}, - { "CertificateFilePath", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoServer, certificate), NULL, NULL, NULL}, + { "CertificateFilePath", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoServer, certificate), NULL, + NULL, NULL}, + { "SignatureMethod", SNIPPET_ATTRIBUTE, 0, NULL, NULL, NULL }, + { "Providers", SNIPPET_LIST_NODES, 0, NULL, NULL, NULL }, + { "ServerDumpVersion", SNIPPET_ATTRIBUTE, 0, NULL, NULL, NULL }, +#ifdef LASSO_WSF_ENABLED + { "Services", SNIPPET_LIST_NODES, 0, NULL, NULL, NULL }, + { "SvcMDs", SNIPPET_LIST_NODES, 0, NULL, NULL, NULL }, +#endif + {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/key.h b/lasso/key.h index ae9c4c27..c459b20a 100644 --- a/lasso/key.h +++ b/lasso/key.h @@ -55,6 +55,7 @@ typedef enum _LassoKeyType { struct _LassoKey { LassoNode parent; + /*< private >*/ LassoKeyPrivate *private_data; }; diff --git a/lasso/logging.h b/lasso/logging.h index 6c659d1b..9a483c34 100644 --- a/lasso/logging.h +++ b/lasso/logging.h @@ -125,6 +125,23 @@ static inline void critical(const char *format, ...) } #endif +#if defined(__GNUC__) +# define error(format, args...) \ + message(G_LOG_LEVEL_DEBUG, format, ##args) +#elif defined(HAVE_VARIADIC_MACROS) +# define error(...) message(G_LOG_LEVEL_DEBUG, __VA_ARGS__) +#else +static inline void error(const char *format, ...) +{ + va_list ap; + char s[1024]; + va_start(ap, format); + g_vsnprintf(s, 1024, format, ap); + va_end(ap); + message(G_LOG_LEVEL_ERROR, "%s", s); +} +#endif + #define critical_error(rc) (critical("%s", lasso_strerror(rc)), rc) #endif /* __LASSO_LOGGING_H_ */ diff --git a/lasso/xml/Makefile.am b/lasso/xml/Makefile.am index d12e2391..515c3c5b 100644 --- a/lasso/xml/Makefile.am +++ b/lasso/xml/Makefile.am @@ -1,5 +1,5 @@ MAINTAINERCLEANFILES = Makefile.in -SUBDIRS = saml-2.0 soap-1.1 +SUBDIRS = saml-2.0 soap-1.1 dsig if WSF_ENABLED SUBDIRS += id-wsf-2.0 ws endif @@ -140,9 +140,6 @@ endif liblasso_xml_la_SOURCES = \ tools.c \ xml.c \ - ds_key_info.c \ - ds_key_value.c \ - ds_rsa_key_value.c \ lib_assertion.c \ lib_authentication_statement.c \ lib_authn_context.c \ @@ -194,9 +191,6 @@ liblasso_xml_la_SOURCES = \ liblassoinclude_HEADERS = \ strings.h \ xml.h \ - ds_key_info.h \ - ds_key_value.h \ - ds_rsa_key_value.h \ lib_assertion.h \ lib_authentication_statement.h \ lib_authn_context.h \ diff --git a/lasso/xml/disco_encrypted_resource_id.c b/lasso/xml/disco_encrypted_resource_id.c index 025a951c..e38e476d 100644 --- a/lasso/xml/disco_encrypted_resource_id.c +++ b/lasso/xml/disco_encrypted_resource_id.c @@ -50,9 +50,11 @@ static struct XmlSnippet schema_snippets[] = { { "EncryptedData", SNIPPET_XMLNODE, - G_STRUCT_OFFSET(LassoDiscoEncryptedResourceID, EncryptedData), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoDiscoEncryptedResourceID, EncryptedData), NULL, + LASSO_XMLENC_PREFIX, LASSO_XMLENC_HREF}, { "EncryptedKey", SNIPPET_LIST_XMLNODES, - G_STRUCT_OFFSET(LassoDiscoEncryptedResourceID, EncryptedKey), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoDiscoEncryptedResourceID, EncryptedKey), NULL, + LASSO_XMLENC_PREFIX, LASSO_XMLENC_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/dsig/Makefile.am b/lasso/xml/dsig/Makefile.am new file mode 100644 index 00000000..3afe8de0 --- /dev/null +++ b/lasso/xml/dsig/Makefile.am @@ -0,0 +1,23 @@ +EXTRA_DIST = xml_saml2.h +MAINTAINERCLEANFILES = Makefile.in +liblassoincludedir = $(includedir)/lasso/xml/dsig + +INCLUDES = \ + -I$(top_builddir) \ + -I$(top_srcdir) \ + $(LASSO_CORE_CFLAGS) \ + -DG_LOG_DOMAIN=\"lasso\" + +noinst_LTLIBRARIES = liblasso-xml-dsig.la + +liblasso_xml_dsig_la_SOURCES = \ + ds_key_info.c \ + ds_key_value.c \ + ds_rsa_key_value.c \ + ds_x509_data.c + +liblassoinclude_HEADERS = \ + ds_key_info.h \ + ds_key_value.h \ + ds_rsa_key_value.h \ + ds_x509_data.h diff --git a/lasso/xml/ds_key_info.c b/lasso/xml/dsig/ds_key_info.c index 6036c70d..b5009cb2 100644 --- a/lasso/xml/ds_key_info.c +++ b/lasso/xml/dsig/ds_key_info.c @@ -22,8 +22,8 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -#include "private.h" -#include "ds_key_info.h" +#include "../private.h" +#include "./ds_key_info.h" /** * SECTION:ds_key_info diff --git a/lasso/xml/ds_key_info.h b/lasso/xml/dsig/ds_key_info.h index 059e6ef5..2e7359c6 100644 --- a/lasso/xml/ds_key_info.h +++ b/lasso/xml/dsig/ds_key_info.h @@ -29,8 +29,8 @@ extern "C" { #endif /* __cplusplus */ -#include "xml.h" -#include "ds_key_value.h" +#include "../xml.h" +#include "./ds_key_value.h" #define LASSO_TYPE_DS_KEY_INFO (lasso_ds_key_info_get_type()) #define LASSO_DS_KEY_INFO(obj) \ diff --git a/lasso/xml/ds_key_value.c b/lasso/xml/dsig/ds_key_value.c index 1303b575..86b66141 100644 --- a/lasso/xml/ds_key_value.c +++ b/lasso/xml/dsig/ds_key_value.c @@ -22,8 +22,8 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -#include "private.h" -#include "ds_key_value.h" +#include "../private.h" +#include "./ds_key_value.h" /** * SECTION:ds_key_value @@ -31,12 +31,22 @@ * */ +struct _LassoDsKeyValuePrivate { + LassoDsX509Data *X509Data; +}; + +typedef struct _LassoDsKeyValuePrivate LassoDsKeyValuePrivate; + +#define LASSO_DS_KEY_VALUE_GET_PRIVATE(o) \ + (G_TYPE_INSTANCE_GET_PRIVATE ((o), LASSO_TYPE_DS_KEY_VALUE, LassoDsKeyValuePrivate)) + /*****************************************************************************/ /* private methods */ /*****************************************************************************/ static struct XmlSnippet schema_snippets[] = { { "RSAKeyValue", SNIPPET_NODE, G_STRUCT_OFFSET(LassoDsKeyValue, RSAKeyValue), NULL, NULL, NULL}, + { "X509Data", SNIPPET_NODE|SNIPPET_PRIVATE, G_STRUCT_OFFSET(LassoDsKeyValuePrivate, X509Data), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} }; @@ -54,6 +64,7 @@ class_init(LassoDsKeyValueClass *klass) lasso_node_class_set_nodename(nclass, "KeyValue"); lasso_node_class_set_ns(nclass, LASSO_DS_HREF, LASSO_DS_PREFIX); lasso_node_class_add_snippets(nclass, schema_snippets); + g_type_class_add_private(klass, sizeof(LassoDsKeyValuePrivate)); } GType @@ -93,3 +104,32 @@ lasso_ds_key_value_new() { return g_object_new(LASSO_TYPE_DS_KEY_VALUE, NULL); } + +/** + * lasso_ds_key_value_get_x509_data: + * + * Get the X509 Data node if there is one. + * + * Return value:(transfer none): the internal value of the X509Data field + */ +LassoDsX509Data* +lasso_ds_key_value_get_x509_data(LassoDsKeyValue *key_value) +{ + lasso_return_val_if_fail(LASSO_IS_DS_KEY_VALUE(key_value), NULL); + + return LASSO_DS_KEY_VALUE_GET_PRIVATE(key_value)->X509Data; +} + +/** + * lasso_ds_key_value_set_x509_data: + * + * Set the X509 Data node. + * + */ +void +lasso_ds_key_value_set_x509_data(LassoDsKeyValue *key_value, LassoDsX509Data *x509_data) +{ + lasso_return_if_fail(LASSO_IS_DS_KEY_VALUE(key_value)); + + lasso_assign_gobject(LASSO_DS_KEY_VALUE_GET_PRIVATE(key_value)->X509Data, x509_data); +} diff --git a/lasso/xml/ds_key_value.h b/lasso/xml/dsig/ds_key_value.h index 48a2e8fc..e72a2141 100644 --- a/lasso/xml/ds_key_value.h +++ b/lasso/xml/dsig/ds_key_value.h @@ -29,8 +29,9 @@ extern "C" { #endif /* __cplusplus */ -#include "xml.h" -#include "ds_rsa_key_value.h" +#include "../xml.h" +#include "./ds_rsa_key_value.h" +#include "./ds_x509_data.h" #define LASSO_TYPE_DS_KEY_VALUE (lasso_ds_key_value_get_type()) #define LASSO_DS_KEY_VALUE(obj) \ @@ -62,6 +63,9 @@ struct _LassoDsKeyValueClass { LASSO_EXPORT GType lasso_ds_key_value_get_type(void); LASSO_EXPORT LassoDsKeyValue* lasso_ds_key_value_new(void); +LASSO_EXPORT LassoDsX509Data *lasso_ds_key_value_get_x509_data(LassoDsKeyValue *key_value); +LASSO_EXPORT void lasso_ds_key_value_set_x509_data(LassoDsKeyValue *key_value, LassoDsX509Data + *x509_data); #ifdef __cplusplus } diff --git a/lasso/xml/ds_rsa_key_value.c b/lasso/xml/dsig/ds_rsa_key_value.c index 5e393966..790f5ce2 100644 --- a/lasso/xml/ds_rsa_key_value.c +++ b/lasso/xml/dsig/ds_rsa_key_value.c @@ -22,8 +22,8 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -#include "private.h" -#include "ds_rsa_key_value.h" +#include "../private.h" +#include "./ds_rsa_key_value.h" /* * SECTION:ds_rsa_key_value diff --git a/lasso/xml/ds_rsa_key_value.h b/lasso/xml/dsig/ds_rsa_key_value.h index 1add7310..51bf4f70 100644 --- a/lasso/xml/ds_rsa_key_value.h +++ b/lasso/xml/dsig/ds_rsa_key_value.h @@ -29,7 +29,7 @@ extern "C" { #endif /* __cplusplus */ -#include "xml.h" +#include "../xml.h" #define LASSO_TYPE_DS_RSA_KEY_VALUE (lasso_ds_rsa_key_value_get_type()) #define LASSO_DS_RSA_KEY_VALUE(obj) \ diff --git a/lasso/xml/dsig/ds_x509_data.c b/lasso/xml/dsig/ds_x509_data.c new file mode 100644 index 00000000..c45a1c1b --- /dev/null +++ b/lasso/xml/dsig/ds_x509_data.c @@ -0,0 +1,204 @@ +/* $Id$ + * + * Lasso - A free implementation of the Liberty Alliance specifications. + * + * Copyright (C) 2004-2007 Entr'ouvert + * http://lasso.entrouvert.org + * + * Authors: See AUTHORS file in top-level directory. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#include "../private.h" +#include "./ds_x509_data.h" + +/** + * SECTION:ds_x509_data + * @short_description: object mapping for an XML DSIG KeyValue element + * + */ + +struct _LassoDsX509DataPrivate { + char *X509Certificate; + char *X509SubjectName; + char *X509CRL; +}; +#define LASSO_DS_X509_DATA_GET_PRIVATE(o) \ + (G_TYPE_INSTANCE_GET_PRIVATE ((o), LASSO_TYPE_DS_X509_DATA, LassoDsX509DataPrivate)) + +/*****************************************************************************/ +/* private methods */ +/*****************************************************************************/ + +static struct XmlSnippet schema_snippets[] = { + { "X509Certificate", SNIPPET_CONTENT|SNIPPET_PRIVATE, + G_STRUCT_OFFSET(LassoDsX509DataPrivate, X509Certificate), NULL, NULL, NULL}, + { "X509SubjectName", SNIPPET_CONTENT|SNIPPET_PRIVATE, + G_STRUCT_OFFSET(LassoDsX509DataPrivate, X509SubjectName), NULL, NULL, NULL}, + { "X509CRL", SNIPPET_CONTENT|SNIPPET_PRIVATE, G_STRUCT_OFFSET(LassoDsX509DataPrivate, + X509CRL), NULL, NULL, NULL}, + {NULL, 0, 0, NULL, NULL, NULL} +}; + +static LassoNodeClass *parent_class = NULL; + +/*****************************************************************************/ +/* instance and class init functions */ +/*****************************************************************************/ + +static void +instance_init(LassoDsX509Data *x509_data) +{ + x509_data->private_data = LASSO_DS_X509_DATA_GET_PRIVATE(x509_data); +} + +static void +class_init(LassoDsX509DataClass *klass) +{ + LassoNodeClass *nclass = LASSO_NODE_CLASS(klass); + + parent_class = g_type_class_peek_parent(klass); + nclass->node_data = g_new0(LassoNodeClassData, 1); + lasso_node_class_set_nodename(nclass, "X509Data"); + lasso_node_class_set_ns(nclass, LASSO_DS_HREF, LASSO_DS_PREFIX); + lasso_node_class_add_snippets(nclass, schema_snippets); + g_type_class_add_private(klass, sizeof(LassoDsX509DataPrivate)); +} + +GType +lasso_ds_x509_data_get_type() +{ + static GType this_type = 0; + + if (!this_type) { + static const GTypeInfo this_info = { + sizeof (LassoDsX509DataClass), + NULL, + NULL, + (GClassInitFunc) class_init, + NULL, + NULL, + sizeof(LassoDsX509Data), + 0, + (GInstanceInitFunc)instance_init, + NULL + }; + + this_type = g_type_register_static(LASSO_TYPE_NODE, + "LassoDsX509Data", &this_info, 0); + } + return this_type; +} + +/** + * lasso_ds_x509_data_new: + * + * Creates a new #LassoDsX509Data object. + * + * Return value: a newly created #LassoDsX509Data object + **/ +LassoDsX509Data* +lasso_ds_x509_data_new() +{ + return g_object_new(LASSO_TYPE_DS_X509_DATA, NULL); +} + +/** + * lasso_ds_x509_data_get_certificate: + * @x509_data: a #LassoDsX509Data object + * + * Return the content of the X509Certificate sub-element, it should be a base64 encoded string. + * + * Return value:(transfer none): the string currently set in the X509Certificate private field of + * the #LassoDsX509Data structure. + */ +const char* +lasso_ds_x509_data_get_certificate(LassoDsX509Data *x509_data) { + lasso_return_val_if_fail(LASSO_IS_DS_X509_DATA(x509_data), NULL); + return x509_data->private_data->X509Certificate; +} + +/** + * lasso_ds_x509_data_set_certificate: + * @x509_data: a #LassoDsX509Data object + * @certificate: a base64 encoded string of the DER representation of the X509 certificate + * + * Set the content of the X509Certificate sub-element, it should be a base64 encoded string. + * + */ +void +lasso_ds_x509_data_set_certificate(LassoDsX509Data *x509_data, const char *certificate) { + lasso_return_if_fail(LASSO_IS_DS_X509_DATA(x509_data)); + lasso_assign_string(x509_data->private_data->X509Certificate, certificate); +} + +/** + * lasso_ds_x509_data_get_subject_name: + * @x509_data: a #LassoDsX509Data object + * + * Return the content of the X509SubjectName sub-element, it should be a base64 encoded string. + * + * Return value:(transfer none): the string currently set in the X509SubjectName private field of + * the #LassoDsX509Data structure. + */ +const char* +lasso_ds_x509_data_get_subject_name(LassoDsX509Data *x509_data) { + lasso_return_val_if_fail(LASSO_IS_DS_X509_DATA(x509_data), NULL); + return x509_data->private_data->X509SubjectName; +} + +/** + * lasso_ds_x509_data_set_subject_name: + * @x509_data: a #LassoDsX509Data object + * @subject_name: a base64 encoded string of the DER representation of the X509 subject_name + * + * Set the content of the X509SubjectName sub-element, it should be a base64 encoded string. + * + */ +void +lasso_ds_x509_data_set_subject_name(LassoDsX509Data *x509_data, const char *subject_name) { + lasso_return_if_fail(LASSO_IS_DS_X509_DATA(x509_data)); + lasso_assign_string(x509_data->private_data->X509SubjectName, subject_name); +} + +/** + * lasso_ds_x509_data_get_crl: + * @x509_data: a #LassoDsX509Data object + * + * Return the content of the X509CRL sub-element, it should be a base64 encoded string. + * + * Return value:(transfer none): the string currently set in the X509CRL private field of + * the #LassoDsX509Data structure. + */ +const char* +lasso_ds_x509_data_get_crl(LassoDsX509Data *x509_data) { + lasso_return_val_if_fail(LASSO_IS_DS_X509_DATA(x509_data), NULL); + return x509_data->private_data->X509CRL; +} + +/** + * lasso_ds_x509_data_set_crl: + * @x509_data: a #LassoDsX509Data object + * @crl: a base64 encoded string of the DER representation of the X509 CRL + * + * Set the content of the X509CRL sub-element, it should be a base64 encoded string. + * + */ +void +lasso_ds_x509_data_set_crl(LassoDsX509Data *x509_data, const char *crl) { + lasso_return_if_fail(LASSO_IS_DS_X509_DATA(x509_data)); + lasso_assign_string(x509_data->private_data->X509CRL, crl); +} diff --git a/lasso/xml/dsig/ds_x509_data.h b/lasso/xml/dsig/ds_x509_data.h new file mode 100644 index 00000000..a6d2e451 --- /dev/null +++ b/lasso/xml/dsig/ds_x509_data.h @@ -0,0 +1,76 @@ +/* $Id + * + * Lasso - A free implementation of the Liberty Alliance specifications. + * + * Copyright (C) 2004-2007 Entr'ouvert + * http://lasso.entrouvert.org + * + * Authors: See AUTHORS file in top-level directory. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#ifndef __LASSO_DS_X509_DATA_H__ +#define __LASSO_DS_X509_DATA_H__ + +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ + +#include "../xml.h" + +#define LASSO_TYPE_DS_X509_DATA (lasso_ds_x509_data_get_type()) +#define LASSO_DS_X509_DATA(obj) \ + (G_TYPE_CHECK_INSTANCE_CAST((obj), LASSO_TYPE_DS_X509_DATA, \ + LassoDsX509Data)) +#define LASSO_DS_X509_DATA_CLASS(klass) \ + (G_TYPE_CHECK_CLASS_CAST((klass), LASSO_TYPE_DS_X509_DATA, \ + LassoDsX509DataClass)) +#define LASSO_IS_DS_X509_DATA(obj) \ + (G_TYPE_CHECK_INSTANCE_TYPE((obj), LASSO_TYPE_DS_X509_DATA)) +#define LASSO_IS_DS_X509_DATA_CLASS(klass) \ + (G_TYPE_CHECK_CLASS_TYPE ((klass), LASSO_TYPE_DS_X509_DATA)) +#define LASSO_DS_X509_DATA_GET_CLASS(o) \ + (G_TYPE_INSTANCE_GET_CLASS ((o), LASSO_TYPE_DS_X509_DATA, \ + LassoDsX509DataClass)) + +typedef struct _LassoDsX509Data LassoDsX509Data; +typedef struct _LassoDsX509DataClass LassoDsX509DataClass; +typedef struct _LassoDsX509DataPrivate LassoDsX509DataPrivate; + +struct _LassoDsX509Data { + LassoNode parent; + /*< private >*/ + LassoDsX509DataPrivate *private_data; +}; + +struct _LassoDsX509DataClass { + LassoNodeClass parent; +}; + +LASSO_EXPORT GType lasso_ds_x509_data_get_type(void); +LASSO_EXPORT LassoDsX509Data* lasso_ds_x509_data_new(void); +LASSO_EXPORT const char *lasso_ds_x509_data_get_certificate(LassoDsX509Data *x509_data); +LASSO_EXPORT void lasso_ds_x509_data_set_certificate(LassoDsX509Data *x509_data, const char *certificate); +LASSO_EXPORT const char *lasso_ds_x509_data_get_subject_name(LassoDsX509Data *x509_data); +LASSO_EXPORT void lasso_ds_x509_data_set_subject_name(LassoDsX509Data *x509_data, const char *subject_name); +LASSO_EXPORT const char *lasso_ds_x509_data_get_crl(LassoDsX509Data *x509_data); +LASSO_EXPORT void lasso_ds_x509_data_set_crl(LassoDsX509Data *x509_data, const char *crl); + +#ifdef __cplusplus +} +#endif /* __cplusplus */ + +#endif /* __LASSO_DS_X509_DATA_H__ */ diff --git a/lasso/xml/dsig/strings.h b/lasso/xml/dsig/strings.h new file mode 100644 index 00000000..a4c534a8 --- /dev/null +++ b/lasso/xml/dsig/strings.h @@ -0,0 +1,61 @@ +/* $Id$ + * + * Lasso - A free implementation of the Liberty Alliance specifications. + * + * Copyright (C) 2004-2007 Entr'ouvert + * http://lasso.entrouvert.org + * + * Authors: See AUTHORS file in top-level directory. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +/* + * This header file copy part of the SOAP 1.1 specification you can found there: + * http://www.w3.org/TR/soap12-part1/ + * whom copyright is: + * Copyright © 2007 W3C® (MIT, ERCIM, Keio), All Rights Reserved. W3C liability, trademark and + * document use rules apply. + */ + + +/** + * SECTION:dsig_strings + * @short_description: General strings constants for XMLDsig + * @include: lasso/xml/dsig/strings.h + * + **/ + +#ifndef __LASSO_DSIG_STRINGS_H__ +#define __LASSO_DSIG_STRINGS_H__ + +/* xmldsig prefix & href */ +/** + * LASSO_DS_HREF: + * + * Namespace for FIXME + * + */ +#define LASSO_DS_HREF "http://www.w3.org/2000/09/xmldsig#" +/** + * LASSO_DS_PREFIX: + * + * Preferred prefix for namespace of FIXME + * + */ +#define LASSO_DS_PREFIX "ds" + +#endif /* __LASSO_DSIG_STRINGS_H__ */ diff --git a/lasso/xml/id-wsf-2.0/disco_endpoint_context.c b/lasso/xml/id-wsf-2.0/disco_endpoint_context.c index ed6aa27c..09f40337 100644 --- a/lasso/xml/id-wsf-2.0/disco_endpoint_context.c +++ b/lasso/xml/id-wsf-2.0/disco_endpoint_context.c @@ -56,7 +56,8 @@ static struct XmlSnippet schema_snippets[] = { { "Address", SNIPPET_LIST_CONTENT, G_STRUCT_OFFSET(LassoIdWsf2DiscoEndpointContext, Address), NULL, NULL, NULL}, { "Framework", SNIPPET_LIST_NODES, - G_STRUCT_OFFSET(LassoIdWsf2DiscoEndpointContext, Framework), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2DiscoEndpointContext, Framework), NULL, + LASSO_IDWSF2_SBF_PREFIX, LASSO_IDWSF2_SBF_HREF}, { "SecurityMechID", SNIPPET_LIST_CONTENT, G_STRUCT_OFFSET(LassoIdWsf2DiscoEndpointContext, SecurityMechID), NULL, NULL, NULL}, { "Action", SNIPPET_LIST_CONTENT, diff --git a/lasso/xml/id-wsf-2.0/disco_keys.c b/lasso/xml/id-wsf-2.0/disco_keys.c index 2f809a06..ba69fc60 100644 --- a/lasso/xml/id-wsf-2.0/disco_keys.c +++ b/lasso/xml/id-wsf-2.0/disco_keys.c @@ -51,7 +51,8 @@ static struct XmlSnippet schema_snippets[] = { { "KeyDescriptor", SNIPPET_LIST_NODES, - G_STRUCT_OFFSET(LassoIdWsf2DiscoKeys, KeyDescriptor), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2DiscoKeys, KeyDescriptor), NULL, LASSO_METADATA_PREFIX, + LASSO_METADATA_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/id-wsf-2.0/disco_query_response.c b/lasso/xml/id-wsf-2.0/disco_query_response.c index 7c6d50ae..0faad04f 100644 --- a/lasso/xml/id-wsf-2.0/disco_query_response.c +++ b/lasso/xml/id-wsf-2.0/disco_query_response.c @@ -55,10 +55,10 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2DiscoQueryResponse, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_DISCOVERY_HREF}, { "EndpointReference", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2DiscoQueryResponse, EndpointReference), - "LassoWsAddrEndpointReference", NULL, NULL }, + "LassoWsAddrEndpointReference", LASSO_WSA_PREFIX, LASSO_WSA_HREF}, { "attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY, G_STRUCT_OFFSET(LassoIdWsf2DiscoQueryResponse, attributes), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/id-wsf-2.0/disco_security_context.c b/lasso/xml/id-wsf-2.0/disco_security_context.c index 1a7f3829..66690cb4 100644 --- a/lasso/xml/id-wsf-2.0/disco_security_context.c +++ b/lasso/xml/id-wsf-2.0/disco_security_context.c @@ -59,7 +59,8 @@ static struct XmlSnippet schema_snippets[] = { { "SecurityMechID", SNIPPET_LIST_CONTENT, G_STRUCT_OFFSET(LassoIdWsf2DiscoSecurityContext, SecurityMechID), NULL, NULL, NULL}, { "Token", SNIPPET_LIST_NODES, - G_STRUCT_OFFSET(LassoIdWsf2DiscoSecurityContext, Token), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2DiscoSecurityContext, Token), NULL, + LASSO_IDWSF2_SEC_PREFIX, LASSO_IDWSF2_SEC_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/id-wsf-2.0/disco_svc_md_association_add_response.c b/lasso/xml/id-wsf-2.0/disco_svc_md_association_add_response.c index 41407a56..bdf9a298 100644 --- a/lasso/xml/id-wsf-2.0/disco_svc_md_association_add_response.c +++ b/lasso/xml/id-wsf-2.0/disco_svc_md_association_add_response.c @@ -51,7 +51,7 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDAssociationAddResponse, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDAssociationAddResponse, attributes), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/id-wsf-2.0/disco_svc_md_association_delete_response.c b/lasso/xml/id-wsf-2.0/disco_svc_md_association_delete_response.c index c82ba12b..0e976c8d 100644 --- a/lasso/xml/id-wsf-2.0/disco_svc_md_association_delete_response.c +++ b/lasso/xml/id-wsf-2.0/disco_svc_md_association_delete_response.c @@ -51,7 +51,7 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDAssociationDeleteResponse, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDAssociationDeleteResponse, attributes), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/id-wsf-2.0/disco_svc_md_association_query_response.c b/lasso/xml/id-wsf-2.0/disco_svc_md_association_query_response.c index c38f9cf2..8230ce7a 100644 --- a/lasso/xml/id-wsf-2.0/disco_svc_md_association_query_response.c +++ b/lasso/xml/id-wsf-2.0/disco_svc_md_association_query_response.c @@ -52,7 +52,7 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDAssociationQueryResponse, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "SvcMDID", SNIPPET_LIST_CONTENT, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDAssociationQueryResponse, SvcMDID), NULL, NULL, NULL}, { "attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY, diff --git a/lasso/xml/id-wsf-2.0/disco_svc_md_delete_response.c b/lasso/xml/id-wsf-2.0/disco_svc_md_delete_response.c index 9e9e52ec..e1bd2469 100644 --- a/lasso/xml/id-wsf-2.0/disco_svc_md_delete_response.c +++ b/lasso/xml/id-wsf-2.0/disco_svc_md_delete_response.c @@ -51,7 +51,7 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDDeleteResponse, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDDeleteResponse, attributes), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/id-wsf-2.0/disco_svc_md_query_response.c b/lasso/xml/id-wsf-2.0/disco_svc_md_query_response.c index e09d9dd9..9757f7e5 100644 --- a/lasso/xml/id-wsf-2.0/disco_svc_md_query_response.c +++ b/lasso/xml/id-wsf-2.0/disco_svc_md_query_response.c @@ -52,7 +52,7 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDQueryResponse, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "SvcMD", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDQueryResponse, SvcMD), "LassoIdWsf2DiscoSvcMetadata", NULL, NULL }, diff --git a/lasso/xml/id-wsf-2.0/disco_svc_md_register_response.c b/lasso/xml/id-wsf-2.0/disco_svc_md_register_response.c index 3f4b8a7e..5bde5287 100644 --- a/lasso/xml/id-wsf-2.0/disco_svc_md_register_response.c +++ b/lasso/xml/id-wsf-2.0/disco_svc_md_register_response.c @@ -55,7 +55,7 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDRegisterResponse, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_PREFIX}, { "SvcMDID", SNIPPET_LIST_CONTENT, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDRegisterResponse, SvcMDID), NULL, NULL, NULL}, { "Keys", SNIPPET_LIST_NODES, diff --git a/lasso/xml/id-wsf-2.0/disco_svc_md_replace_response.c b/lasso/xml/id-wsf-2.0/disco_svc_md_replace_response.c index 24aa97dc..d1a8acf0 100644 --- a/lasso/xml/id-wsf-2.0/disco_svc_md_replace_response.c +++ b/lasso/xml/id-wsf-2.0/disco_svc_md_replace_response.c @@ -51,7 +51,7 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDReplaceResponse, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDReplaceResponse, attributes), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/id-wsf-2.0/dst_request.c b/lasso/xml/id-wsf-2.0/dst_request.c index 6980dd0b..2419c471 100644 --- a/lasso/xml/id-wsf-2.0/dst_request.c +++ b/lasso/xml/id-wsf-2.0/dst_request.c @@ -52,7 +52,7 @@ static struct XmlSnippet schema_snippets[] = { { "Extension", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2DstRequest, Extension), - "LassoIdWsf2Utilextension", NULL, NULL }, + "LassoIdWsf2Utilextension", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "itemID", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, G_STRUCT_OFFSET(LassoIdWsf2DstRequest, itemID), NULL, NULL, NULL}, { "attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY, diff --git a/lasso/xml/id-wsf-2.0/dstref_query_response.c b/lasso/xml/id-wsf-2.0/dstref_query_response.c index 26eb0e75..81bfc378 100644 --- a/lasso/xml/id-wsf-2.0/dstref_query_response.c +++ b/lasso/xml/id-wsf-2.0/dstref_query_response.c @@ -54,7 +54,8 @@ static struct XmlSnippet schema_snippets[] = { { "TestResult", SNIPPET_LIST_NODES, - G_STRUCT_OFFSET(LassoIdWsf2DstRefQueryResponse, TestResult), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2DstRefQueryResponse, TestResult), NULL, + LASSO_IDWSF2_DST_PREFIX, LASSO_IDWSF2_DST_HREF}, { "Data", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2DstRefQueryResponse, Data), "LassoIdWsf2DstRefData", NULL, NULL }, diff --git a/lasso/xml/id-wsf-2.0/ims_identity_mapping_response.c b/lasso/xml/id-wsf-2.0/ims_identity_mapping_response.c index 5393ff2c..1033498f 100644 --- a/lasso/xml/id-wsf-2.0/ims_identity_mapping_response.c +++ b/lasso/xml/id-wsf-2.0/ims_identity_mapping_response.c @@ -52,7 +52,7 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2ImsIdentityMappingResponse, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "MappingOutput", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2ImsIdentityMappingResponse, MappingOutput), NULL, NULL, NULL}, { "attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY, diff --git a/lasso/xml/id-wsf-2.0/ims_mapping_input.c b/lasso/xml/id-wsf-2.0/ims_mapping_input.c index d32b9ea6..3cd46d93 100644 --- a/lasso/xml/id-wsf-2.0/ims_mapping_input.c +++ b/lasso/xml/id-wsf-2.0/ims_mapping_input.c @@ -51,9 +51,11 @@ static struct XmlSnippet schema_snippets[] = { { "TokenPolicy", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoIdWsf2ImsMappingInput, TokenPolicy), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2ImsMappingInput, TokenPolicy), NULL, + LASSO_IDWSF2_SEC_PREFIX, LASSO_IDWSF2_SEC_HREF}, { "Token", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoIdWsf2ImsMappingInput, Token), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2ImsMappingInput, Token), NULL, LASSO_IDWSF2_SEC_PREFIX, + LASSO_IDWSF2_SEC_HREF}, { "reqID", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, G_STRUCT_OFFSET(LassoIdWsf2ImsMappingInput, reqID), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/id-wsf-2.0/ims_mapping_output.c b/lasso/xml/id-wsf-2.0/ims_mapping_output.c index 22c533e9..a2b2b71f 100644 --- a/lasso/xml/id-wsf-2.0/ims_mapping_output.c +++ b/lasso/xml/id-wsf-2.0/ims_mapping_output.c @@ -50,7 +50,7 @@ static struct XmlSnippet schema_snippets[] = { { "Token", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoIdWsf2ImsMappingOutput, Token), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2ImsMappingOutput, Token), NULL, LASSO_IDWSF2_SEC_PREFIX, LASSO_IDWSF2_SEC_HREF}, { "reqRef", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, G_STRUCT_OFFSET(LassoIdWsf2ImsMappingOutput, reqRef), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/id-wsf-2.0/is_interaction_request.c b/lasso/xml/id-wsf-2.0/is_interaction_request.c index 26236aef..e79abb48 100644 --- a/lasso/xml/id-wsf-2.0/is_interaction_request.c +++ b/lasso/xml/id-wsf-2.0/is_interaction_request.c @@ -56,7 +56,7 @@ static struct XmlSnippet schema_snippets[] = { { "Inquiry", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2IsInteractionRequest, Inquiry), NULL, NULL, NULL}, { "KeyInfo", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoIdWsf2IsInteractionRequest, KeyInfo), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2IsInteractionRequest, KeyInfo), NULL, LASSO_DS_PREFIX, LASSO_DS_HREF}, { "id", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, G_STRUCT_OFFSET(LassoIdWsf2IsInteractionRequest, id), NULL, NULL, NULL}, { "language", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, diff --git a/lasso/xml/id-wsf-2.0/is_interaction_response.c b/lasso/xml/id-wsf-2.0/is_interaction_response.c index 2158fdd6..20f561b9 100644 --- a/lasso/xml/id-wsf-2.0/is_interaction_response.c +++ b/lasso/xml/id-wsf-2.0/is_interaction_response.c @@ -55,7 +55,7 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2IsInteractionResponse, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "InteractionStatement", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2IsInteractionResponse, InteractionStatement), NULL, NULL, NULL}, { "Parameter", SNIPPET_LIST_NODES, diff --git a/lasso/xml/id-wsf-2.0/is_interaction_statement.c b/lasso/xml/id-wsf-2.0/is_interaction_statement.c index 3142b882..2fdd2da3 100644 --- a/lasso/xml/id-wsf-2.0/is_interaction_statement.c +++ b/lasso/xml/id-wsf-2.0/is_interaction_statement.c @@ -55,7 +55,7 @@ static struct XmlSnippet schema_snippets[] = { { "Inquiry", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2IsInteractionStatement, Inquiry), NULL, NULL, NULL}, - { "Signature", SNIPPET_SIGNATURE, 0, NULL, NULL, NULL }, + { "Signature", SNIPPET_SIGNATURE, 0, NULL, LASSO_DS_PREFIX, LASSO_DS_HREF }, /* hidden fields; used in lasso dumps */ { "SignType", SNIPPET_ATTRIBUTE | SNIPPET_INTEGER | SNIPPET_LASSO_DUMP, diff --git a/lasso/xml/id-wsf-2.0/ps_add_entity_request.c b/lasso/xml/id-wsf-2.0/ps_add_entity_request.c index a6d4f5ee..3fe7aae4 100644 --- a/lasso/xml/id-wsf-2.0/ps_add_entity_request.c +++ b/lasso/xml/id-wsf-2.0/ps_add_entity_request.c @@ -65,7 +65,8 @@ static struct XmlSnippet schema_snippets[] = { { "Subscription", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2PsAddEntityRequest, Subscription), NULL, NULL, NULL}, { "TokenPolicy", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoIdWsf2PsAddEntityRequest, TokenPolicy), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2PsAddEntityRequest, TokenPolicy), NULL, + LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/id-wsf-2.0/ps_add_known_entity_request.c b/lasso/xml/id-wsf-2.0/ps_add_known_entity_request.c index 3b651508..12cff94a 100644 --- a/lasso/xml/id-wsf-2.0/ps_add_known_entity_request.c +++ b/lasso/xml/id-wsf-2.0/ps_add_known_entity_request.c @@ -59,13 +59,15 @@ static struct XmlSnippet schema_snippets[] = { { "Object", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2PsAddKnownEntityRequest, Object), NULL, NULL, NULL}, { "Token", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoIdWsf2PsAddKnownEntityRequest, Token), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2PsAddKnownEntityRequest, Token), NULL, + LASSO_IDWSF2_SEC_PREFIX, LASSO_IDWSF2_SEC_HREF}, { "CreatePSObject", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoIdWsf2PsAddKnownEntityRequest, CreatePSObject), NULL, NULL, NULL}, { "Subscription", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2PsAddKnownEntityRequest, Subscription), NULL, NULL, NULL}, { "TokenPolicy", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoIdWsf2PsAddKnownEntityRequest, TokenPolicy), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2PsAddKnownEntityRequest, TokenPolicy), NULL, + LASSO_IDWSF2_SEC_PREFIX, LASSO_IDWSF2_SEC_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/id-wsf-2.0/ps_response_abstract.c b/lasso/xml/id-wsf-2.0/ps_response_abstract.c index 6baa41f9..da617268 100644 --- a/lasso/xml/id-wsf-2.0/ps_response_abstract.c +++ b/lasso/xml/id-wsf-2.0/ps_response_abstract.c @@ -51,7 +51,7 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2PsResponseAbstract, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY, G_STRUCT_OFFSET(LassoIdWsf2PsResponseAbstract, attributes), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/id-wsf-2.0/ps_test_membership_request.c b/lasso/xml/id-wsf-2.0/ps_test_membership_request.c index d458b50d..10d6ef67 100644 --- a/lasso/xml/id-wsf-2.0/ps_test_membership_request.c +++ b/lasso/xml/id-wsf-2.0/ps_test_membership_request.c @@ -57,7 +57,8 @@ static struct XmlSnippet schema_snippets[] = { { "TargetObjectID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2PsTestMembershipRequest, TargetObjectID), NULL, NULL, NULL}, { "Token", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoIdWsf2PsTestMembershipRequest, Token), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2PsTestMembershipRequest, Token), NULL, + LASSO_IDWSF2_SEC_PREFIX, LASSO_IDWSF2_SEC_TOKEN}, { "Subscription", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2PsTestMembershipRequest, Subscription), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/id-wsf-2.0/sb2_credentials_context.c b/lasso/xml/id-wsf-2.0/sb2_credentials_context.c index 907cf1f2..6100295c 100644 --- a/lasso/xml/id-wsf-2.0/sb2_credentials_context.c +++ b/lasso/xml/id-wsf-2.0/sb2_credentials_context.c @@ -52,7 +52,7 @@ static struct XmlSnippet schema_snippets[] = { { "RequestedAuthnContext", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2Sb2CredentialsContext, RequestedAuthnContext), - "LassoSamlp2RequestedAuthnContext", NULL, NULL }, + "LassoSamlp2RequestedAuthnContext", LASSO_SAML_PROTOCOL_PREFIX, LASSO_SAML_PROTOCOL_HREF}, { "SecurityMechID", SNIPPET_LIST_CONTENT, G_STRUCT_OFFSET(LassoIdWsf2Sb2CredentialsContext, SecurityMechID), NULL, NULL, NULL}, { "attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY, diff --git a/lasso/xml/id-wsf-2.0/sec_transited_provider_path.c b/lasso/xml/id-wsf-2.0/sec_transited_provider_path.c index 0c689d46..a51763d8 100644 --- a/lasso/xml/id-wsf-2.0/sec_transited_provider_path.c +++ b/lasso/xml/id-wsf-2.0/sec_transited_provider_path.c @@ -50,7 +50,8 @@ static struct XmlSnippet schema_snippets[] = { { "TransitedProvider", SNIPPET_LIST_NODES, - G_STRUCT_OFFSET(LassoIdWsf2SecTransitedProviderPath, TransitedProvider), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2SecTransitedProviderPath, TransitedProvider), NULL, + LASSO_IDWSF2_SEC_PREFIX, LASSO_IDWSF2_SEC_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/id-wsf-2.0/subs_notification.c b/lasso/xml/id-wsf-2.0/subs_notification.c index 60b14d25..459856ca 100644 --- a/lasso/xml/id-wsf-2.0/subs_notification.c +++ b/lasso/xml/id-wsf-2.0/subs_notification.c @@ -54,7 +54,7 @@ static struct XmlSnippet schema_snippets[] = { { "TestResult", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2SubsNotification, TestResult), - "LassoIdWsf2UtilTestResult", NULL, NULL }, + "LassoIdWsf2UtilTestResult", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "id", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, G_STRUCT_OFFSET(LassoIdWsf2SubsNotification, id), NULL, NULL, NULL}, { "subscriptionID", SNIPPET_ATTRIBUTE, diff --git a/lasso/xml/id-wsf-2.0/subs_subscription.c b/lasso/xml/id-wsf-2.0/subs_subscription.c index 89f0a79a..bdb87de8 100644 --- a/lasso/xml/id-wsf-2.0/subs_subscription.c +++ b/lasso/xml/id-wsf-2.0/subs_subscription.c @@ -68,7 +68,7 @@ static struct XmlSnippet schema_snippets[] = { G_STRUCT_OFFSET(LassoIdWsf2SubsSubscription, RefItem), NULL, NULL, NULL}, { "Extension", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2SubsSubscription, Extension), - "LassoIdWsf2Utilextension", NULL, NULL }, + "LassoIdWsf2Utilextension", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "subscriptionID", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoIdWsf2SubsSubscription, subscriptionID), NULL, NULL, NULL}, { "notifyToRef", SNIPPET_ATTRIBUTE, diff --git a/lasso/xml/id-wsf-2.0/subsref_query_response.c b/lasso/xml/id-wsf-2.0/subsref_query_response.c index 9c25c176..741a946e 100644 --- a/lasso/xml/id-wsf-2.0/subsref_query_response.c +++ b/lasso/xml/id-wsf-2.0/subsref_query_response.c @@ -55,7 +55,7 @@ static struct XmlSnippet schema_snippets[] = { { "TestResult", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2SubsRefQueryResponse, TestResult), - "LassoIdWsf2UtilTestResult", NULL, NULL }, + "LassoIdWsf2UtilTestResult", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "Data", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2SubsRefQueryResponse, Data), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/is_interaction_request.c b/lasso/xml/is_interaction_request.c index 55cd40f7..ab1774c7 100644 --- a/lasso/xml/is_interaction_request.c +++ b/lasso/xml/is_interaction_request.c @@ -55,19 +55,23 @@ static struct XmlSnippet schema_snippets[] = { { "ResourceID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoIsInteractionRequest, ResourceID), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIsInteractionRequest, ResourceID), NULL, + LASSO_DISCO_PREFIX, LASSO_DISCO_HREF}, { "EncryptedResourceID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoIsInteractionRequest, EncryptedResourceID), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIsInteractionRequest, EncryptedResourceID), NULL, + LASSO_DISCO_PREFIX, LASSO_DISCO_HREF}, { "Inquiry", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIsInteractionRequest, Inquiry), NULL, NULL, NULL}, - /* TODO : KeyInfo */ - { "id", SNIPPET_ATTRIBUTE, + { "KeyInfo", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIsInteractionRequest, KeyInfo), NULL, + LASSO_DS_PREFIX, LASSO_DS_HREF}, + { "id", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, G_STRUCT_OFFSET(LassoIsInteractionRequest, id), NULL, NULL, NULL}, - { "language", SNIPPET_ATTRIBUTE, + { "language", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, G_STRUCT_OFFSET(LassoIsInteractionRequest, language), NULL, NULL, NULL}, { "maxInteractTime", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, G_STRUCT_OFFSET(LassoIsInteractionRequest, maxInteractTime), NULL, NULL, NULL}, - /* TODO : signed */ + { "signed", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, + G_STRUCT_OFFSET(LassoIsInteractionRequest, signed_attribute), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/is_interaction_request.h b/lasso/xml/is_interaction_request.h index 0cd06a23..6f58c8a8 100644 --- a/lasso/xml/is_interaction_request.h +++ b/lasso/xml/is_interaction_request.h @@ -60,11 +60,12 @@ struct _LassoIsInteractionRequest { LassoDiscoEncryptedResourceID *EncryptedResourceID; GList *Inquiry; /* of LassoNode */ /* TODO : ds:KeyInfo */ + LassoDsKeyInfo *KeyInfo; char *id; char *language; int maxInteractTime; - /* TODO : signed */ + char *signed_attribute; }; struct _LassoIsInteractionRequestClass { diff --git a/lasso/xml/is_interaction_statement.c b/lasso/xml/is_interaction_statement.c index 1defe3db..a89f7736 100644 --- a/lasso/xml/is_interaction_statement.c +++ b/lasso/xml/is_interaction_statement.c @@ -49,8 +49,9 @@ /*****************************************************************************/ static struct XmlSnippet schema_snippets[] = { - { "Inquiry", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIsInteractionStatement, Inquiry), NULL, NULL, NULL}, - /* TODO : Signature */ + { "Inquiry", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIsInteractionStatement, Inquiry), NULL, + NULL, NULL}, + { "Signature", SNIPPET_SIGNATURE, 0, NULL, LASSO_DS_PREFIX, LASSO_DS_HREF }, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/lib_assertion.c b/lasso/xml/lib_assertion.c index b79b569e..17f71c14 100644 --- a/lasso/xml/lib_assertion.c +++ b/lasso/xml/lib_assertion.c @@ -79,7 +79,8 @@ class_init(LassoLibAssertionClass *klass) LassoNodeClass *nclass = LASSO_NODE_CLASS(klass); nclass->node_data = g_new0(LassoNodeClassData, 1); - lasso_node_class_set_nodename(nclass, "Assertion"); + nclass->node_data->xsi_sub_type = TRUE; + lasso_node_class_set_nodename(nclass, "AssertionType"); lasso_node_class_set_ns(nclass, LASSO_LIB_HREF, LASSO_LIB_PREFIX); lasso_node_class_add_snippets(nclass, schema_snippets); } diff --git a/lasso/xml/lib_authentication_statement.c b/lasso/xml/lib_authentication_statement.c index fb36d203..dff4be3a 100644 --- a/lasso/xml/lib_authentication_statement.c +++ b/lasso/xml/lib_authentication_statement.c @@ -74,7 +74,8 @@ class_init(LassoLibAuthenticationStatementClass *klass) LassoNodeClass *nclass = LASSO_NODE_CLASS(klass); nclass->node_data = g_new0(LassoNodeClassData, 1); - lasso_node_class_set_nodename(nclass, "AuthenticationStatement"); + nclass->node_data->xsi_sub_type = TRUE; + lasso_node_class_set_nodename(nclass, "AuthenticationStatementType"); lasso_node_class_set_ns(nclass, LASSO_LIB_HREF, LASSO_LIB_PREFIX); lasso_node_class_add_snippets(nclass, schema_snippets); } diff --git a/lasso/xml/lib_federation_termination_notification.c b/lasso/xml/lib_federation_termination_notification.c index 4758921a..8a8fcb4e 100644 --- a/lasso/xml/lib_federation_termination_notification.c +++ b/lasso/xml/lib_federation_termination_notification.c @@ -58,13 +58,17 @@ static struct XmlSnippet schema_snippets[] = { { "Extension", SNIPPET_EXTENSION, - G_STRUCT_OFFSET(LassoLibFederationTerminationNotification, Extension), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoLibFederationTerminationNotification, Extension), NULL, NULL, + NULL}, { "ProviderID", SNIPPET_CONTENT, - G_STRUCT_OFFSET(LassoLibFederationTerminationNotification, ProviderID), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoLibFederationTerminationNotification, ProviderID), NULL, NULL, + NULL}, { "NameIdentifier", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoLibFederationTerminationNotification, NameIdentifier), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoLibFederationTerminationNotification, NameIdentifier), NULL, + LASSO_SAML_ASSERTION_PREFIX, LASSO_SAML_ASSERTION_HREF}, { "consent", SNIPPET_ATTRIBUTE, - G_STRUCT_OFFSET(LassoLibFederationTerminationNotification, consent), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoLibFederationTerminationNotification, consent), NULL, NULL, + NULL}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/lib_logout_request.c b/lasso/xml/lib_logout_request.c index 69d8405b..13124c2e 100644 --- a/lasso/xml/lib_logout_request.c +++ b/lasso/xml/lib_logout_request.c @@ -63,7 +63,8 @@ static struct XmlSnippet schema_snippets[] = { { "Extension", SNIPPET_EXTENSION, G_STRUCT_OFFSET(LassoLibLogoutRequest, Extension), NULL, NULL, NULL}, { "ProviderID", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLibLogoutRequest, ProviderID), NULL, NULL, NULL}, - { "NameIdentifier", SNIPPET_NODE, G_STRUCT_OFFSET(LassoLibLogoutRequest, NameIdentifier), NULL, NULL, NULL}, + { "NameIdentifier", SNIPPET_NODE, G_STRUCT_OFFSET(LassoLibLogoutRequest, NameIdentifier), + NULL, LASSO_SAML_ASSERTION_PREFIX, LASSO_SAML_ASSERTION_HREF}, { "SessionIndex", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLibLogoutRequest, SessionIndex), NULL, NULL, NULL}, { "RelayState", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLibLogoutRequest, RelayState), NULL, NULL, NULL}, { "consent", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoLibLogoutRequest, consent), NULL, NULL, NULL}, diff --git a/lasso/xml/lib_name_identifier_mapping_request.c b/lasso/xml/lib_name_identifier_mapping_request.c index 142fe5dd..374a5380 100644 --- a/lasso/xml/lib_name_identifier_mapping_request.c +++ b/lasso/xml/lib_name_identifier_mapping_request.c @@ -61,7 +61,8 @@ static struct XmlSnippet schema_snippets[] = { { "ProviderID", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLibNameIdentifierMappingRequest, ProviderID), NULL, NULL, NULL}, { "NameIdentifier", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoLibNameIdentifierMappingRequest, NameIdentifier), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoLibNameIdentifierMappingRequest, NameIdentifier), NULL, + LASSO_SAML_ASSERTION_PREFIX, LASSO_SAML_ASSERTION_HREF}, { "TargetNamespace", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLibNameIdentifierMappingRequest, TargetNamespace), NULL, NULL, NULL}, { "consent", SNIPPET_ATTRIBUTE, diff --git a/lasso/xml/lib_name_identifier_mapping_response.c b/lasso/xml/lib_name_identifier_mapping_response.c index 22fc5853..1a758529 100644 --- a/lasso/xml/lib_name_identifier_mapping_response.c +++ b/lasso/xml/lib_name_identifier_mapping_response.c @@ -58,9 +58,11 @@ static struct XmlSnippet schema_snippets[] = { { "ProviderID", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLibNameIdentifierMappingResponse, ProviderID), NULL, NULL, NULL}, { "Status", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoLibNameIdentifierMappingResponse, Status), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoLibNameIdentifierMappingResponse, Status), NULL, + LASSO_SAML_PROTOCOL_PREFIX, LASSO_SAML_PROTOCOL_HREF}, { "NameIdentifier", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoLibNameIdentifierMappingResponse, NameIdentifier), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoLibNameIdentifierMappingResponse, NameIdentifier), NULL, + LASSO_SAML_ASSERTION_PREFIX, LASSO_SAML_ASSERTION_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/lib_register_name_identifier_request.c b/lasso/xml/lib_register_name_identifier_request.c index 0a883c3e..c3eece2a 100644 --- a/lasso/xml/lib_register_name_identifier_request.c +++ b/lasso/xml/lib_register_name_identifier_request.c @@ -66,12 +66,15 @@ static struct XmlSnippet schema_snippets[] = { G_STRUCT_OFFSET(LassoLibRegisterNameIdentifierRequest, Extension), NULL, NULL, NULL}, { "ProviderID", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLibRegisterNameIdentifierRequest, ProviderID), NULL, NULL, NULL}, - { "IDPProvidedNameIdentifier", SNIPPET_NAME_IDENTIFIER, - G_STRUCT_OFFSET(LassoLibRegisterNameIdentifierRequest, IDPProvidedNameIdentifier), NULL, NULL, NULL}, - { "SPProvidedNameIdentifier", SNIPPET_NAME_IDENTIFIER, - G_STRUCT_OFFSET(LassoLibRegisterNameIdentifierRequest, SPProvidedNameIdentifier), NULL, NULL, NULL}, - { "OldProvidedNameIdentifier", SNIPPET_NAME_IDENTIFIER, - G_STRUCT_OFFSET(LassoLibRegisterNameIdentifierRequest, OldProvidedNameIdentifier), NULL, NULL, NULL}, + { "IDPProvidedNameIdentifier", SNIPPET_NODE, + G_STRUCT_OFFSET(LassoLibRegisterNameIdentifierRequest, IDPProvidedNameIdentifier), + "LassoSamlNameIdentifier", LASSO_LIB_PREFIX, LASSO_LIB_HREF}, + { "SPProvidedNameIdentifier", SNIPPET_NODE, + G_STRUCT_OFFSET(LassoLibRegisterNameIdentifierRequest, SPProvidedNameIdentifier), + "LassoSamlNameIdentifier", LASSO_LIB_PREFIX, LASSO_LIB_HREF}, + { "OldProvidedNameIdentifier", SNIPPET_NODE, + G_STRUCT_OFFSET(LassoLibRegisterNameIdentifierRequest, OldProvidedNameIdentifier), + "LassoSamlNameIdentifier", LASSO_LIB_PREFIX, LASSO_LIB_HREF}, { "RelayState", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLibRegisterNameIdentifierRequest, RelayState), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/lib_status_response.c b/lasso/xml/lib_status_response.c index efce3ed2..20a73658 100644 --- a/lasso/xml/lib_status_response.c +++ b/lasso/xml/lib_status_response.c @@ -60,7 +60,8 @@ static struct XmlSnippet schema_snippets[] = { { "Extension", SNIPPET_EXTENSION, G_STRUCT_OFFSET(LassoLibStatusResponse, Extension), NULL, NULL, NULL}, { "ProviderID", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLibStatusResponse, ProviderID), NULL, NULL, NULL}, - { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoLibStatusResponse, Status), NULL, NULL, NULL}, + { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoLibStatusResponse, Status), NULL, + LASSO_SAML_PROTOCOL_PREFIX, LASSO_SAML_PROTOCOL_HREF}, { "RelayState", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLibStatusResponse, RelayState), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/lib_subject.c b/lasso/xml/lib_subject.c index 442f8882..b44c9956 100644 --- a/lasso/xml/lib_subject.c +++ b/lasso/xml/lib_subject.c @@ -50,8 +50,9 @@ /*****************************************************************************/ static struct XmlSnippet schema_snippets[] = { - { "IDPProvidedNameIdentifier", SNIPPET_NAME_IDENTIFIER, - G_STRUCT_OFFSET(LassoLibSubject, IDPProvidedNameIdentifier), NULL, NULL, NULL}, + { "IDPProvidedNameIdentifier", SNIPPET_NODE, + G_STRUCT_OFFSET(LassoLibSubject, IDPProvidedNameIdentifier), + "LassoSamlNameIdentifier", LASSO_LIB_PREFIX, LASSO_LIB_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; @@ -66,7 +67,8 @@ class_init(LassoLibSubjectClass *klass) LassoNodeClass *nclass = LASSO_NODE_CLASS(klass); nclass->node_data = g_new0(LassoNodeClassData, 1); - lasso_node_class_set_nodename(nclass, "Subject"); + nclass->node_data->xsi_sub_type = TRUE; + lasso_node_class_set_nodename(nclass, "SubjectType"); lasso_node_class_set_ns(nclass, LASSO_LIB_HREF, LASSO_LIB_PREFIX); lasso_node_class_add_snippets(nclass, schema_snippets); } diff --git a/lasso/xml/misc_text_node.c b/lasso/xml/misc_text_node.c index 1cbaa675..0d88ad5e 100644 --- a/lasso/xml/misc_text_node.c +++ b/lasso/xml/misc_text_node.c @@ -33,6 +33,7 @@ typedef struct { xmlNode *xml_content; + GHashTable *any_attributes; } LassoMiscTextNodePrivate; #define LASSO_MISC_TEXT_NODE_GET_PRIVATE(o) \ @@ -41,30 +42,19 @@ typedef struct { static struct XmlSnippet schema_snippets[] = { { "content", SNIPPET_TEXT_CHILD, G_STRUCT_OFFSET(LassoMiscTextNode, content), NULL, NULL, NULL}, + { "any_attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY | SNIPPET_PRIVATE, + G_STRUCT_OFFSET(LassoMiscTextNodePrivate, any_attributes), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} }; static LassoNodeClass *parent_class = NULL; - -static void -insure_namespace(xmlNode *xmlnode, xmlNs *ns) -{ - xmlNode *t = xmlnode->children; - - xmlSetNs(xmlnode, ns); - while (t) { - if (t->type == XML_ELEMENT_NODE && t->ns == NULL) - insure_namespace(t, ns); - t = t->next; - } -} - static xmlNode* get_xmlNode(LassoNode *node, gboolean lasso_dump) { xmlNode *xmlnode; xmlNs *ns; + LassoMiscTextNode *mtnode = (LassoMiscTextNode*)node; LassoMiscTextNodePrivate *private; private = LASSO_MISC_TEXT_NODE_GET_PRIVATE(node); @@ -77,10 +67,12 @@ get_xmlNode(LassoNode *node, gboolean lasso_dump) } xmlnode = parent_class->get_xmlNode(node, lasso_dump); - xmlNodeSetName(xmlnode, (xmlChar*)LASSO_MISC_TEXT_NODE(node)->name); - ns = xmlNewNs(xmlnode, (xmlChar*)LASSO_MISC_TEXT_NODE(node)->ns_href, - (xmlChar*)LASSO_MISC_TEXT_NODE(node)->ns_prefix); - insure_namespace(xmlnode, ns); + xmlNodeSetName(xmlnode, BAD_CAST mtnode->name); + if (! lasso_strisempty(mtnode->ns_href) && ! lasso_strisempty(mtnode->ns_href)) { + ns = xmlNewNs(xmlnode, BAD_CAST mtnode->ns_href, + BAD_CAST mtnode->ns_prefix); + xmlSetNs(xmlnode, ns); + } return xmlnode; } diff --git a/lasso/xml/private.h b/lasso/xml/private.h index 0a301112..009596d8 100644 --- a/lasso/xml/private.h +++ b/lasso/xml/private.h @@ -40,7 +40,7 @@ typedef enum { SNIPPET_NODE, SNIPPET_CONTENT, SNIPPET_TEXT_CHILD, - SNIPPET_NAME_IDENTIFIER, + SNIPPET_UNUSED1, SNIPPET_ATTRIBUTE, SNIPPET_NODE_IN_CHILD, SNIPPET_LIST_NODES, @@ -72,11 +72,15 @@ typedef enum { } SignatureVerificationOption; struct XmlSnippet { - char *name; - SnippetType type; - guint offset; - char *class_name; - char *ns_name; + char *name; /* name of the node or attribute to match */ + SnippetType type; /* type of node to deserialize */ + guint offset; /* offset of the storage field relative to the public or private object (if + using SNIPPET_PRIVATE). If 0, means that no storage must be done, it will + be handled by the init_from_xml virtual method. */ + char *class_name; /* Force a certain LassoNode class for deserializing a node, usually + useless. */ + char *ns_name; /* if the namespace is different from the one of the parent node, specify it + there */ char *ns_uri; }; @@ -156,6 +160,7 @@ struct _LassoNodeClassData int private_key_file_offset; int certificate_file_offset; gboolean keep_xmlnode; + gboolean xsi_sub_type; }; void lasso_node_class_set_nodename(LassoNodeClass *klass, char *name); @@ -278,6 +283,22 @@ LassoSignatureContext lasso_make_signature_context_from_path_or_string(char *fil const char *password, LassoSignatureMethod signature_method, const char *certificate); +xmlNs * get_or_define_ns(xmlNode *xmlnode, const xmlChar *ns_uri, const xmlChar + *advised_prefix); + +void set_qname_attribute(xmlNode *node, + const xmlChar *attribute_ns_prefix, + const xmlChar *attribute_ns_href, + const xmlChar *attribute_name, + const xmlChar *prefix, + const xmlChar *href, + const xmlChar *name); + + +void set_xsi_type(xmlNode *node, + const xmlChar *type_ns_prefix, + const xmlChar *type_ns_href, + const xmlChar *type_name); #ifdef __cplusplus } #endif /* __cplusplus */ diff --git a/lasso/xml/sa_sasl_request.c b/lasso/xml/sa_sasl_request.c index 467e1f8b..dc9ceee3 100644 --- a/lasso/xml/sa_sasl_request.c +++ b/lasso/xml/sa_sasl_request.c @@ -63,7 +63,8 @@ static struct XmlSnippet schema_snippets[] = { { "Data", SNIPPET_LIST_CONTENT, G_STRUCT_OFFSET(LassoSaSASLRequest, Data), NULL, NULL, NULL}, { "RequestAuthnContext", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSaSASLRequest, RequestAuthnContext), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSaSASLRequest, RequestAuthnContext), NULL, LASSO_LIB_PREFIX, + LASSO_LIB_HREF}, { "mechanism", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoSaSASLRequest, mechanism), NULL, NULL, NULL}, { "authzID", SNIPPET_ATTRIBUTE, diff --git a/lasso/xml/sa_sasl_response.c b/lasso/xml/sa_sasl_response.c index 4dfcf3a0..f57ae5b3 100644 --- a/lasso/xml/sa_sasl_response.c +++ b/lasso/xml/sa_sasl_response.c @@ -74,7 +74,8 @@ static struct XmlSnippet schema_snippets[] = { { "Data", SNIPPET_LIST_CONTENT, G_STRUCT_OFFSET(LassoSaSASLResponse, Data), NULL, NULL, NULL}, { "ResourceOffering", SNIPPET_LIST_NODES, - G_STRUCT_OFFSET(LassoSaSASLResponse, ResourceOffering), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSaSASLResponse, ResourceOffering), NULL, LASSO_DISCO_PREFIX, + LASSO_DISCO_HREF}, { "Credentials", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoSaSASLResponse, Credentials), NULL, NULL, NULL}, { "serverMechanism", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoSaSASLResponse, serverMechanism), NULL, NULL, NULL}, diff --git a/lasso/xml/saml-2.0/saml2_assertion.c b/lasso/xml/saml-2.0/saml2_assertion.c index aa0dfbb3..adf3caba 100644 --- a/lasso/xml/saml-2.0/saml2_assertion.c +++ b/lasso/xml/saml-2.0/saml2_assertion.c @@ -70,7 +70,7 @@ static struct XmlSnippet schema_snippets[] = { G_STRUCT_OFFSET(LassoSaml2Assertion, Issuer), "LassoSaml2NameID", NULL, NULL}, { "Signature", SNIPPET_SIGNATURE, - G_STRUCT_OFFSET(LassoSaml2Assertion, ID), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSaml2Assertion, ID), NULL, LASSO_DS_PREFIX, LASSO_DS_HREF}, { "Subject", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSaml2Assertion, Subject), NULL, NULL, NULL}, { "Conditions", SNIPPET_NODE, diff --git a/lasso/xml/saml-2.0/saml2_attribute_value.c b/lasso/xml/saml-2.0/saml2_attribute_value.c index 894ea3a1..7c4bbf7d 100644 --- a/lasso/xml/saml-2.0/saml2_attribute_value.c +++ b/lasso/xml/saml-2.0/saml2_attribute_value.c @@ -47,9 +47,16 @@ /* private methods */ /*****************************************************************************/ +struct _LassoSaml2AttributeValuePrivate { + GHashTable *any_attributes; +}; + static struct XmlSnippet schema_snippets[] = { - { "", SNIPPET_LIST_NODES | SNIPPET_ANY, + { "any", SNIPPET_LIST_NODES | SNIPPET_ANY | SNIPPET_ALLOW_TEXT, G_STRUCT_OFFSET(LassoSaml2AttributeValue, any), NULL, NULL, NULL}, + { "any_attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY | SNIPPET_PRIVATE, + G_STRUCT_OFFSET(struct _LassoSaml2AttributeValuePrivate, any_attributes), NULL, + NULL, NULL }, {NULL, 0, 0, NULL, NULL, NULL} }; @@ -85,6 +92,7 @@ class_init(LassoSaml2AttributeValueClass *klass) lasso_node_class_set_nodename(nclass, "AttributeValue"); lasso_node_class_set_ns(nclass, LASSO_SAML2_ASSERTION_HREF, LASSO_SAML2_ASSERTION_PREFIX); lasso_node_class_add_snippets(nclass, schema_snippets); + g_type_class_add_private(klass, sizeof(struct _LassoSaml2AttributeValuePrivate)); } GType diff --git a/lasso/xml/saml-2.0/saml2_encrypted_element.c b/lasso/xml/saml-2.0/saml2_encrypted_element.c index 45da903a..13d5bdc7 100644 --- a/lasso/xml/saml-2.0/saml2_encrypted_element.c +++ b/lasso/xml/saml-2.0/saml2_encrypted_element.c @@ -57,9 +57,11 @@ static struct XmlSnippet schema_snippets[] = { { "EncryptedData", SNIPPET_XMLNODE, - G_STRUCT_OFFSET(LassoSaml2EncryptedElement, EncryptedData), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSaml2EncryptedElement, EncryptedData), NULL, "xmlenc", + (char*) xmlSecEncNs}, { "EncryptedKey", SNIPPET_LIST_XMLNODES, - G_STRUCT_OFFSET(LassoSaml2EncryptedElement, EncryptedKey), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSaml2EncryptedElement, EncryptedKey), NULL, "xmlenc", + (char*) xmlSecEncNs}, { "NameID", SNIPPET_NODE | SNIPPET_LASSO_DUMP, G_STRUCT_OFFSET(LassoSaml2EncryptedElement, original_data), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.c b/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.c index ecccc654..901b709b 100644 --- a/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.c +++ b/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.c @@ -25,7 +25,7 @@ #include "../private.h" #include "saml2_key_info_confirmation_data_type.h" #include "../../registry.h" -#include "../ds_key_info.h" +#include "../dsig/ds_key_info.h" #include "../../utils.h" /** @@ -58,68 +58,33 @@ /* private methods */ /*****************************************************************************/ +struct _LassoSaml2KeyInfoConfirmationDataTypePrivate { + GList *KeyInfo; +}; static struct XmlSnippet schema_snippets[] = { - { "KeyInfo", SNIPPET_LIST_NODES, - G_STRUCT_OFFSET(LassoSaml2KeyInfoConfirmationDataType, KeyInfo), NULL, NULL, NULL}, + { "KeyInfo", SNIPPET_LIST_NODES|SNIPPET_PRIVATE, + G_STRUCT_OFFSET(LassoSaml2KeyInfoConfirmationDataTypePrivate, KeyInfo), "LassoDsKeyInfo", NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} }; static LassoNodeClass *parent_class = NULL; +#define LASSO_SAML2_KEY_INFO_CONFIRMATION_DATA_TYPE_GET_PRIVATE(o) \ + (G_TYPE_INSTANCE_GET_PRIVATE ((o), LASSO_TYPE_SAML2_KEY_INFO_CONFIRMATION_DATA_TYPE, LassoSaml2KeyInfoConfirmationDataTypePrivate)) /*****************************************************************************/ /* instance and class init functions */ /*****************************************************************************/ -static xmlNs * -ensure_namespace(xmlNode *node, const xmlChar *href, const xmlChar *prefix) -{ - xmlNs *ns; - - ns = xmlSearchNsByHref(node->doc, node, href); - if (! ns) { - ns = xmlNewNs(node, href, prefix); - xmlSetNs(node, ns); - } - return ns; -} - static void -set_qname_attribue(xmlNode *node, xmlChar *attribute_name, const xmlChar *name, const - xmlChar *href, const xmlChar *prefix) { - xmlNs *type_ns; - xmlNs *xsi_ns; - xmlChar *value; - - xsi_ns = ensure_namespace(node, BAD_CAST LASSO_XSI_HREF, BAD_CAST LASSO_XSI_PREFIX); - type_ns = ensure_namespace(node, href, prefix); - value = BAD_CAST g_strdup_printf("%s:%s", type_ns->prefix, name); - xmlSetNsProp(node, xsi_ns, attribute_name, value); - lasso_release_string(value); -} - -static void -set_xsi_type(xmlNode *node, const xmlChar *type, const xmlChar *href, const xmlChar *prefix) { - set_qname_attribue(node, BAD_CAST "type", type, href, prefix); -} - -static xmlNode* -get_xmlNode(LassoNode *node, gboolean lasso_dump) +instance_init(LassoSaml2KeyInfoConfirmationDataType *saml2_key_info_confirmation_data_type) { - xmlNode *xmlnode = NULL; - - /* add xsi:type="KeyInfoConfirmationDataType" */ - xmlnode = parent_class->get_xmlNode(node, lasso_dump); - set_xsi_type(xmlnode, - BAD_CAST "KeyInfoConfirmationDataType", - BAD_CAST LASSO_SAML2_ASSERTION_HREF, - BAD_CAST LASSO_SAML2_ASSERTION_PREFIX); - - return xmlnode; + saml2_key_info_confirmation_data_type->private_data = + LASSO_SAML2_KEY_INFO_CONFIRMATION_DATA_TYPE_GET_PRIVATE( + saml2_key_info_confirmation_data_type); } - static void class_init(LassoSaml2KeyInfoConfirmationDataTypeClass *klass) { @@ -127,8 +92,11 @@ class_init(LassoSaml2KeyInfoConfirmationDataTypeClass *klass) parent_class = g_type_class_peek_parent(klass); nclass->node_data = g_new0(LassoNodeClassData, 1); - nclass->get_xmlNode = get_xmlNode; + nclass->node_data->xsi_sub_type = TRUE; + lasso_node_class_set_nodename(nclass, "KeyInfoConfirmationDataType"); + lasso_node_class_set_ns(nclass, LASSO_SAML2_ASSERTION_HREF, LASSO_SAML2_ASSERTION_PREFIX); lasso_node_class_add_snippets(nclass, schema_snippets); + g_type_class_add_private(klass, sizeof(LassoSaml2KeyInfoConfirmationDataTypePrivate)); } GType @@ -146,7 +114,7 @@ lasso_saml2_key_info_confirmation_data_type_get_type() NULL, sizeof(LassoSaml2KeyInfoConfirmationDataType), 0, - NULL, + (GInstanceInitFunc)instance_init, NULL }; @@ -171,3 +139,41 @@ lasso_saml2_key_info_confirmation_data_type_new() { return g_object_new(LASSO_TYPE_SAML2_KEY_INFO_CONFIRMATION_DATA_TYPE, NULL); } + +/** + * lasso_saml2_key_info_confirmation_data_type_get_key_info: + * @kicdt: a #LassoSaml2KeyInfoConfirmationDataType object. + * + * Return the list of KeyInfo node contained in the saml2:SubjectConfirmationData of type + * saml2:KeyInfoConfirmationDataType. + * + * Return value:(element-type LassoDsKeyInfo)(transfer none): a list of #LassoDsKeyInfo objects. + */ +GList* +lasso_saml2_key_info_confirmation_data_type_get_key_info( + LassoSaml2KeyInfoConfirmationDataType *kicdt) +{ + lasso_return_val_if_fail(LASSO_IS_SAML2_KEY_INFO_CONFIRMATION_DATA_TYPE(kicdt), NULL); + + return kicdt->private_data->KeyInfo; +} + +/** + * lasso_saml2_key_info_confirmation_data_type_set_key_info: + * @kicdt: a #LassoSaml2KeyInfoConfirmationDataType object. + * @key_infos:(tranfer none)(element-type LassoDsKeyInfo): a list of #LassoDsKeyInfo object. + * + * Set the list of ds:KeyInfo nodes for the saml2:SubjectConfirmationData of type + * saml2:KeyInfoConfirmationDataType. + */ +void +lasso_saml2_key_info_confirmation_data_type_set_key_info( + LassoSaml2KeyInfoConfirmationDataType *kicdt, + GList *key_infos) +{ + lasso_return_if_fail(LASSO_IS_SAML2_KEY_INFO_CONFIRMATION_DATA_TYPE(kicdt)); + + lasso_assign_list_of_gobjects( + kicdt->private_data->KeyInfo, + key_infos); +} diff --git a/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.h b/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.h index a30610c8..f66235ab 100644 --- a/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.h +++ b/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.h @@ -30,7 +30,7 @@ extern "C" { #endif /* __cplusplus */ #include "../xml.h" -#include "../ds_key_info.h" +#include "../dsig/ds_key_info.h" #include "./saml2_subject_confirmation_data.h" #define LASSO_TYPE_SAML2_KEY_INFO_CONFIRMATION_DATA_TYPE \ @@ -51,14 +51,13 @@ extern "C" { typedef struct _LassoSaml2KeyInfoConfirmationDataType LassoSaml2KeyInfoConfirmationDataType; typedef struct _LassoSaml2KeyInfoConfirmationDataTypeClass LassoSaml2KeyInfoConfirmationDataTypeClass; - +typedef struct _LassoSaml2KeyInfoConfirmationDataTypePrivate LassoSaml2KeyInfoConfirmationDataTypePrivate; struct _LassoSaml2KeyInfoConfirmationDataType { LassoSaml2SubjectConfirmationData parent; - /*< public >*/ - /* attributes */ - GList *KeyInfo; /* of LassoDsKeyInfo */ + /*< private >*/ + LassoSaml2KeyInfoConfirmationDataTypePrivate *private_data; }; @@ -68,8 +67,11 @@ struct _LassoSaml2KeyInfoConfirmationDataTypeClass { LASSO_EXPORT GType lasso_saml2_key_info_confirmation_data_type_get_type(void); LASSO_EXPORT LassoNode* lasso_saml2_key_info_confirmation_data_type_new(void); - - +LASSO_EXPORT GList *lasso_saml2_key_info_confirmation_data_type_get_key_info( + LassoSaml2KeyInfoConfirmationDataType *kicdt); +LASSO_EXPORT void lasso_saml2_key_info_confirmation_data_type_set_key_info( + LassoSaml2KeyInfoConfirmationDataType *kicdt, + GList *key_infos); #ifdef __cplusplus } diff --git a/lasso/xml/saml-2.0/saml2_subject_confirmation_data.c b/lasso/xml/saml-2.0/saml2_subject_confirmation_data.c index 3bc05cec..69114b62 100644 --- a/lasso/xml/saml-2.0/saml2_subject_confirmation_data.c +++ b/lasso/xml/saml-2.0/saml2_subject_confirmation_data.c @@ -52,7 +52,7 @@ */ struct _LassoSaml2SubjectConfirmationDataPrivate { - GList *any; /* of LassoMiscTextNode */ + GList *any; GHashTable *attributes; }; diff --git a/lasso/xml/saml-2.0/samlp2_assertion_id_request.c b/lasso/xml/saml-2.0/samlp2_assertion_id_request.c index 6bc12498..21fbc980 100644 --- a/lasso/xml/saml-2.0/samlp2_assertion_id_request.c +++ b/lasso/xml/saml-2.0/samlp2_assertion_id_request.c @@ -51,7 +51,8 @@ static struct XmlSnippet schema_snippets[] = { { "AssertionIDRef", SNIPPET_CONTENT, - G_STRUCT_OFFSET(LassoSamlp2AssertionIDRequest, AssertionIDRef), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSamlp2AssertionIDRequest, AssertionIDRef), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/saml-2.0/samlp2_attribute_query.c b/lasso/xml/saml-2.0/samlp2_attribute_query.c index 1d941d5c..f6314b59 100644 --- a/lasso/xml/saml-2.0/samlp2_attribute_query.c +++ b/lasso/xml/saml-2.0/samlp2_attribute_query.c @@ -52,7 +52,8 @@ static struct XmlSnippet schema_snippets[] = { { "Attribute", SNIPPET_LIST_NODES , - G_STRUCT_OFFSET(LassoSamlp2AttributeQuery, Attribute), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSamlp2AttributeQuery, Attribute), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/saml-2.0/samlp2_authn_request.c b/lasso/xml/saml-2.0/samlp2_authn_request.c index f4f0d4cd..22574a62 100644 --- a/lasso/xml/saml-2.0/samlp2_authn_request.c +++ b/lasso/xml/saml-2.0/samlp2_authn_request.c @@ -63,11 +63,13 @@ static struct XmlSnippet schema_snippets[] = { { "Subject", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2AuthnRequest, Subject), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSamlp2AuthnRequest, Subject), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, { "NameIDPolicy", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2AuthnRequest, NameIDPolicy), NULL, NULL, NULL}, { "Conditions", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2AuthnRequest, Conditions), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSamlp2AuthnRequest, Conditions), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, { "RequestedAuthnContext", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2AuthnRequest, RequestedAuthnContext), NULL, NULL, NULL}, { "Scoping", SNIPPET_NODE, diff --git a/lasso/xml/saml-2.0/samlp2_authz_decision_query.c b/lasso/xml/saml-2.0/samlp2_authz_decision_query.c index 060fee03..51dc39d3 100644 --- a/lasso/xml/saml-2.0/samlp2_authz_decision_query.c +++ b/lasso/xml/saml-2.0/samlp2_authz_decision_query.c @@ -53,10 +53,10 @@ static struct XmlSnippet schema_snippets[] = { - { "Action", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2AuthzDecisionQuery, Action), NULL, NULL, NULL}, - { "Evidence", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2AuthzDecisionQuery, Evidence), NULL, NULL, NULL}, + { "Action", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2AuthzDecisionQuery, Action), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, + { "Evidence", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2AuthzDecisionQuery, Evidence), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, { "Resource", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoSamlp2AuthzDecisionQuery, Resource), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/saml-2.0/samlp2_logout_request.c b/lasso/xml/saml-2.0/samlp2_logout_request.c index a4576685..947e0cd6 100644 --- a/lasso/xml/saml-2.0/samlp2_logout_request.c +++ b/lasso/xml/saml-2.0/samlp2_logout_request.c @@ -67,15 +67,16 @@ struct _LassoSamlp2LogoutRequestPrivate { static struct XmlSnippet schema_snippets[] = { - { "BaseID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2LogoutRequest, BaseID), NULL, NULL, NULL}, - { "NameID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2LogoutRequest, NameID), NULL, NULL, NULL}, - { "EncryptedID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2LogoutRequest, EncryptedID), - "LassoSaml2EncryptedElement", NULL, NULL }, + { "BaseID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2LogoutRequest, BaseID), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, + { "NameID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2LogoutRequest, NameID), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, + { "EncryptedID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2LogoutRequest, EncryptedID), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, { "SessionIndex", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoSamlp2LogoutRequest, SessionIndex), NULL, NULL, NULL}, + { "SessionIndex", SNIPPET_LIST_NODES, + 0, NULL, NULL, NULL}, { "Reason", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoSamlp2LogoutRequest, Reason), NULL, NULL, NULL}, { "NotOnOrAfter", SNIPPET_ATTRIBUTE, @@ -141,7 +142,6 @@ init_from_xml(LassoNode *node, xmlNode *xmlnode) rc = parent_class->init_from_xml(node, xmlnode); if (rc == 0) { - GList *last; pv = GET_PRIVATE(node); child = xmlSecFindChild(xmlnode, BAD_CAST SESSION_INDEX, @@ -153,11 +153,10 @@ init_from_xml(LassoNode *node, xmlNode *xmlnode) lasso_release_xml_string(content); child = xmlSecGetNextElementNode(child->next); } - /* remove the last one, since it is also stored in node->SessionIndex */ - last = g_list_last(pv->SessionIndex); - if (last) { - lasso_release_string(last->data); - pv->SessionIndex = g_list_delete_link(pv->SessionIndex, last); + /* remove the first one, since it is also stored in node->SessionIndex */ + if (pv->SessionIndex) { + lasso_release_string(pv->SessionIndex->data); + pv->SessionIndex = g_list_delete_link(pv->SessionIndex, pv->SessionIndex); } } diff --git a/lasso/xml/saml-2.0/samlp2_manage_name_id_request.c b/lasso/xml/saml-2.0/samlp2_manage_name_id_request.c index dcdfc05b..207f1444 100644 --- a/lasso/xml/saml-2.0/samlp2_manage_name_id_request.c +++ b/lasso/xml/saml-2.0/samlp2_manage_name_id_request.c @@ -59,11 +59,11 @@ static struct XmlSnippet schema_snippets[] = { - { "NameID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2ManageNameIDRequest, NameID), NULL, NULL, NULL}, - { "EncryptedID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2ManageNameIDRequest, EncryptedID), - "LassoSaml2EncryptedElement", NULL, NULL}, + { "NameID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2ManageNameIDRequest, NameID), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, + { "EncryptedID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2ManageNameIDRequest, EncryptedID), + "LassoSaml2EncryptedElement", LASSO_SAML2_ASSERTION_PREFIX, + LASSO_SAML2_ASSERTION_HREF}, { "NewID", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoSamlp2ManageNameIDRequest, NewID), NULL, NULL, NULL}, { "NewEncryptedID", SNIPPET_NODE, diff --git a/lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c b/lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c index a3900c4e..559ef8c1 100644 --- a/lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c +++ b/lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c @@ -56,13 +56,13 @@ static struct XmlSnippet schema_snippets[] = { - { "BaseID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2NameIDMappingRequest, BaseID), NULL, NULL, NULL}, - { "NameID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2NameIDMappingRequest, NameID), NULL, NULL, NULL}, - { "EncryptedID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2NameIDMappingRequest, EncryptedID), - "LassoSaml2EncryptedElement", NULL, NULL }, + { "BaseID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2NameIDMappingRequest, BaseID), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, + { "NameID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2NameIDMappingRequest, NameID), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, + { "EncryptedID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2NameIDMappingRequest, + EncryptedID), NULL, LASSO_SAML2_ASSERTION_PREFIX, + LASSO_SAML2_ASSERTION_HREF}, { "NameIDPolicy", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2NameIDMappingRequest, NameIDPolicy), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c b/lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c index ee2ecb3e..1dffb0a9 100644 --- a/lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c +++ b/lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c @@ -52,11 +52,11 @@ static struct XmlSnippet schema_snippets[] = { - { "NameID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2NameIDMappingResponse, NameID), NULL, NULL, NULL}, - { "EncryptedID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2NameIDMappingResponse, EncryptedID), - "LassoSaml2EncryptedElement", NULL, NULL }, + { "NameID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2NameIDMappingResponse, NameID), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, + { "EncryptedID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2NameIDMappingResponse, + EncryptedID), NULL, LASSO_SAML2_ASSERTION_PREFIX, + LASSO_SAML2_ASSERTION_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/saml-2.0/samlp2_request_abstract.c b/lasso/xml/saml-2.0/samlp2_request_abstract.c index ba43b63e..3d3e6c9c 100644 --- a/lasso/xml/saml-2.0/samlp2_request_abstract.c +++ b/lasso/xml/saml-2.0/samlp2_request_abstract.c @@ -59,11 +59,10 @@ static struct XmlSnippet schema_snippets[] = { - { "Issuer", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2RequestAbstract, Issuer), - "LassoSaml2NameID", NULL, NULL }, + { "Issuer", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2RequestAbstract, Issuer), + "LassoSaml2NameID", LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, { "Signature", SNIPPET_SIGNATURE, - G_STRUCT_OFFSET(LassoSamlp2RequestAbstract, ID), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSamlp2RequestAbstract, ID), NULL, LASSO_DS_PREFIX, LASSO_DS_HREF}, { "Extensions", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2RequestAbstract, Extensions), NULL, NULL, NULL}, { "ID", SNIPPET_ATTRIBUTE, diff --git a/lasso/xml/saml-2.0/samlp2_response.c b/lasso/xml/saml-2.0/samlp2_response.c index 056ea948..bc8ab5b1 100644 --- a/lasso/xml/saml-2.0/samlp2_response.c +++ b/lasso/xml/saml-2.0/samlp2_response.c @@ -56,10 +56,11 @@ extern LassoNode* lasso_assertion_encrypt(LassoSaml2Assertion *assertion, char * /*****************************************************************************/ static struct XmlSnippet schema_snippets[] = { - { "Assertion", SNIPPET_LIST_NODES, - G_STRUCT_OFFSET(LassoSamlp2Response, Assertion), NULL, NULL, NULL}, - { "EncryptedAssertion", SNIPPET_LIST_NODES, - G_STRUCT_OFFSET(LassoSamlp2Response, EncryptedAssertion), NULL, NULL, NULL}, + { "Assertion", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoSamlp2Response, Assertion), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, + { "EncryptedAssertion", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoSamlp2Response, + EncryptedAssertion), NULL, LASSO_SAML2_ASSERTION_PREFIX, + LASSO_SAML2_ASSERTION_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/saml-2.0/samlp2_status_response.c b/lasso/xml/saml-2.0/samlp2_status_response.c index e8c9b74e..216bb701 100644 --- a/lasso/xml/saml-2.0/samlp2_status_response.c +++ b/lasso/xml/saml-2.0/samlp2_status_response.c @@ -26,6 +26,7 @@ #include "../private.h" #include "../../utils.h" #include "./samlp2_status_response.h" +#include "./saml2_strings.h" #include <xmlsec/xmldsig.h> #include <xmlsec/templates.h> @@ -62,9 +63,9 @@ static struct XmlSnippet schema_snippets[] = { { "Issuer", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2StatusResponse, Issuer), - "LassoSaml2NameID", NULL, NULL}, + "LassoSaml2NameID", LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, { "Signature", SNIPPET_SIGNATURE, - G_STRUCT_OFFSET(LassoSamlp2StatusResponse, ID), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSamlp2StatusResponse, ID), NULL, LASSO_DS_PREFIX, LASSO_DS_HREF}, { "Extensions", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2StatusResponse, Extensions), NULL, NULL, NULL}, { "Status", SNIPPET_NODE, diff --git a/lasso/xml/saml-2.0/samlp2_subject_query_abstract.c b/lasso/xml/saml-2.0/samlp2_subject_query_abstract.c index f9c299b5..3db8016e 100644 --- a/lasso/xml/saml-2.0/samlp2_subject_query_abstract.c +++ b/lasso/xml/saml-2.0/samlp2_subject_query_abstract.c @@ -51,8 +51,8 @@ static struct XmlSnippet schema_snippets[] = { - { "Subject", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2SubjectQueryAbstract, Subject), NULL, NULL, NULL}, + { "Subject", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2SubjectQueryAbstract, Subject), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF }, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/saml_advice.h b/lasso/xml/saml_advice.h index 82b0ecc2..8216e9de 100644 --- a/lasso/xml/saml_advice.h +++ b/lasso/xml/saml_advice.h @@ -52,8 +52,7 @@ struct _LassoSamlAdvice { /* <element ref="saml:AssertionIDReference"/> */ GList *AssertionIDReference; /* of LassoNode */ /* <element ref="saml:Assertion"/> */ - LassoNode *Assertion; /* actually LassoSamlAssertion* but it recurses */ - + struct _LassoSamlAssertion *Assertion; }; struct _LassoSamlAdviceClass { diff --git a/lasso/xml/saml_assertion.c b/lasso/xml/saml_assertion.c index 82f7db53..bc8d5d9e 100644 --- a/lasso/xml/saml_assertion.c +++ b/lasso/xml/saml_assertion.c @@ -80,7 +80,7 @@ static struct XmlSnippet schema_snippets[] = { { "AttributeStatement", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlAssertion, AttributeStatement), NULL, NULL, NULL}, { "Signature", SNIPPET_SIGNATURE, - G_STRUCT_OFFSET(LassoSamlAssertion, AssertionID), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSamlAssertion, AssertionID), NULL, LASSO_DS_PREFIX, LASSO_DS_HREF}, { "MajorVersion", SNIPPET_ATTRIBUTE | SNIPPET_INTEGER, G_STRUCT_OFFSET(LassoSamlAssertion, MajorVersion), NULL, NULL, NULL}, { "MinorVersion", SNIPPET_ATTRIBUTE | SNIPPET_INTEGER, diff --git a/lasso/xml/saml_subject_confirmation.c b/lasso/xml/saml_subject_confirmation.c index 1030536a..d8ed56e8 100644 --- a/lasso/xml/saml_subject_confirmation.c +++ b/lasso/xml/saml_subject_confirmation.c @@ -57,7 +57,8 @@ static struct XmlSnippet schema_snippets[] = { { "SubjectConfirmationData", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoSamlSubjectConfirmation, SubjectConfirmationData), NULL, NULL, NULL}, { "KeyInfo", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlSubjectConfirmation, KeyInfo), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSamlSubjectConfirmation, KeyInfo), NULL, LASSO_DS_PREFIX, + LASSO_DS_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/saml_subject_confirmation.h b/lasso/xml/saml_subject_confirmation.h index ca08882f..648b961c 100644 --- a/lasso/xml/saml_subject_confirmation.h +++ b/lasso/xml/saml_subject_confirmation.h @@ -30,7 +30,7 @@ extern "C" { #endif /* __cplusplus */ #include "xml.h" -#include "ds_key_info.h" +#include "./dsig/ds_key_info.h" #define LASSO_TYPE_SAML_SUBJECT_CONFIRMATION (lasso_saml_subject_confirmation_get_type()) #define LASSO_SAML_SUBJECT_CONFIRMATION(obj) \ diff --git a/lasso/xml/samlp_request_abstract.c b/lasso/xml/samlp_request_abstract.c index 05e7499d..1e183f2e 100644 --- a/lasso/xml/samlp_request_abstract.c +++ b/lasso/xml/samlp_request_abstract.c @@ -65,7 +65,7 @@ static struct XmlSnippet schema_snippets[] = { { "RespondWith", SNIPPET_LIST_CONTENT, G_STRUCT_OFFSET(LassoSamlpRequestAbstract, RespondWith), NULL, NULL, NULL}, { "Signature", SNIPPET_SIGNATURE, - G_STRUCT_OFFSET(LassoSamlpRequestAbstract, RequestID), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSamlpRequestAbstract, RequestID), NULL, LASSO_DS_PREFIX, LASSO_DS_HREF}, { "RequestID", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoSamlpRequestAbstract, RequestID), NULL, NULL, NULL}, { "MajorVersion", SNIPPET_ATTRIBUTE | SNIPPET_INTEGER, G_STRUCT_OFFSET(LassoSamlpRequestAbstract, MajorVersion), NULL, NULL, NULL}, diff --git a/lasso/xml/samlp_response.c b/lasso/xml/samlp_response.c index a7fccdee..06413fca 100644 --- a/lasso/xml/samlp_response.c +++ b/lasso/xml/samlp_response.c @@ -54,7 +54,8 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlpResponse, Status), NULL, NULL, NULL}, - { "Assertion", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoSamlpResponse, Assertion), NULL, NULL, NULL}, + { "Assertion", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoSamlpResponse, Assertion), NULL, + LASSO_SAML_ASSERTION_PREFIX, LASSO_SAML_ASSERTION_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/samlp_response_abstract.c b/lasso/xml/samlp_response_abstract.c index c671b93e..513396af 100644 --- a/lasso/xml/samlp_response_abstract.c +++ b/lasso/xml/samlp_response_abstract.c @@ -65,7 +65,8 @@ static struct XmlSnippet schema_snippets[] = { { "Signature", SNIPPET_SIGNATURE, - G_STRUCT_OFFSET(LassoSamlpResponseAbstract, ResponseID), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSamlpResponseAbstract, ResponseID), NULL, LASSO_DS_PREFIX, + LASSO_DS_HREF}, { "ResponseID", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoSamlpResponseAbstract, ResponseID), NULL, NULL, NULL}, { "MajorVersion", SNIPPET_ATTRIBUTE | SNIPPET_INTEGER, diff --git a/lasso/xml/soap-1.1/soap_body.c b/lasso/xml/soap-1.1/soap_body.c index 22f089f7..4a1768d2 100644 --- a/lasso/xml/soap-1.1/soap_body.c +++ b/lasso/xml/soap-1.1/soap_body.c @@ -54,7 +54,10 @@ /*****************************************************************************/ static struct XmlSnippet schema_snippets[] = { - { "", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoSoapBody, any), NULL, NULL, NULL}, + { "any", SNIPPET_LIST_NODES | SNIPPET_ANY, G_STRUCT_OFFSET(LassoSoapBody, any), NULL, NULL, + NULL}, + { "Id", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoSoapBody, Id), NULL, LASSO_WSUTIL1_PREFIX, + LASSO_WSUTIL1_HREF }, {NULL, 0, 0, NULL, NULL, NULL} }; @@ -62,9 +65,6 @@ static struct XmlSnippet schema_snippets[] = { /* instance and class init functions */ /*****************************************************************************/ -static xmlNode* get_xmlNode(LassoNode *node, gboolean lasso_dump); - - static LassoNodeClass *parent_class = NULL; static void @@ -74,28 +74,11 @@ class_init(LassoSoapBodyClass *klass) parent_class = g_type_class_peek_parent(nclass); nclass->node_data = g_new0(LassoNodeClassData, 1); - nclass->get_xmlNode = get_xmlNode; lasso_node_class_set_nodename(nclass, "Body"); lasso_node_class_set_ns(nclass, LASSO_SOAP_ENV_HREF, LASSO_SOAP_ENV_PREFIX); lasso_node_class_add_snippets(nclass, schema_snippets); } -static xmlNode* -get_xmlNode(LassoNode *node, gboolean lasso_dump) { - xmlNodePtr ret; - - /* Fix namespace of Id */ - ret = parent_class->get_xmlNode(node, lasso_dump); - - { - xmlNsPtr ns; - ns = xmlNewNs(ret, (xmlChar*)LASSO_WSUTIL1_HREF, (xmlChar*)LASSO_WSUTIL1_PREFIX); - xmlNewNsProp(ret, ns, (xmlChar*)"Id", (xmlChar*)LASSO_SOAP_BODY(node)->Id); - } - - return ret; -} - GType lasso_soap_body_get_type() { diff --git a/lasso/xml/soap_binding_ext_credentials_context.c b/lasso/xml/soap_binding_ext_credentials_context.c index f5aaf00a..7c704239 100644 --- a/lasso/xml/soap_binding_ext_credentials_context.c +++ b/lasso/xml/soap_binding_ext_credentials_context.c @@ -54,7 +54,8 @@ static struct XmlSnippet schema_snippets[] = { { "RequestAuthnContext", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSoapBindingExtCredentialsContext, RequestAuthnContext), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSoapBindingExtCredentialsContext, RequestAuthnContext), NULL, + LASSO_LIB_PREFIX, LASSO_LIB_HREF}, { "SecurityMechID", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoSoapBindingExtCredentialsContext, SecurityMechID), NULL, NULL, NULL}, { "id", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoSoapBindingExtCredentialsContext, id), NULL, NULL, NULL}, diff --git a/lasso/xml/strings.h b/lasso/xml/strings.h index 86800325..9263db43 100644 --- a/lasso/xml/strings.h +++ b/lasso/xml/strings.h @@ -43,6 +43,7 @@ #define __LASSO_STRINGS_H__ #include "./saml-2.0/saml2_strings.h" +#include "./dsig/strings.h" /*****************************************************************************/ /* SOAP 1.1 */ @@ -133,6 +134,20 @@ */ #define LASSO_WSUTIL1_PREFIX "wsutil" +/** + * LASSO_XMLENC_HREF + * + * Namespace for xmlenc-core + */ +#define LASSO_XMLENC_HREF "http://www.w3.org/2001/04/xmlenc#" + +/** + * LASSO_XMLENC_PREFIX + * + * Preferred prefix for namespace of xmlenc-core + */ +#define LASSO_XMLENC_PREFIX "xmlenc" + /*****************************************************************************/ /* Lasso */ /*****************************************************************************/ @@ -955,22 +970,6 @@ /* Others */ /*****************************************************************************/ -/* xmldsig prefix & href */ -/** - * LASSO_DS_HREF: - * - * Namespace for FIXME - * - */ -#define LASSO_DS_HREF "http://www.w3.org/2000/09/xmldsig#" -/** - * LASSO_DS_PREFIX: - * - * Preferred prefix for namespace of FIXME - * - */ -#define LASSO_DS_PREFIX "ds" - /* xsi prefix & href */ /** * LASSO_XSI_HREF: diff --git a/lasso/xml/tools.c b/lasso/xml/tools.c index 156de4b6..00425043 100644 --- a/lasso/xml/tools.c +++ b/lasso/xml/tools.c @@ -1767,7 +1767,7 @@ lasso_xml_parse_file(const char *filepath) { char *file_content; size_t file_length; - GError *error; + GError *error = NULL; if (g_file_get_contents(filepath, &file_content, &file_length, &error)) { xmlDocPtr ret; @@ -2405,3 +2405,62 @@ lasso_make_signature_context_from_path_or_string(char *filename_or_buffer, const } return context; } + +xmlNs * +get_or_define_ns(xmlNode *xmlnode, const xmlChar *ns_uri, const xmlChar *advised_prefix) { + xmlNs *ns; + char prefix[20]; + int i = 1; + + ns = xmlSearchNsByHref(NULL, xmlnode, ns_uri); + if (ns) + return ns; + /* Try with the advised prefix */ + if (advised_prefix) { + ns = xmlSearchNs(NULL, xmlnode, BAD_CAST prefix); + if (! ns) { /* If not taken, use it */ + return xmlNewNs(xmlnode, ns_uri, BAD_CAST advised_prefix); + } + } + /* Create a prefix from scratch */ + do { + sprintf(prefix, "ns%u", i); + i++; + ns = xmlSearchNs(NULL, xmlnode, BAD_CAST prefix); + } while (ns); + return xmlNewNs(xmlnode, ns_uri, BAD_CAST prefix); +} + + +void +set_qname_attribute(xmlNode *node, + const xmlChar *attribute_ns_prefix, + const xmlChar *attribute_ns_href, + const xmlChar *attribute_name, + const xmlChar *prefix, + const xmlChar *href, + const xmlChar *name) { + xmlNs *type_ns; + xmlNs *xsi_ns; + xmlChar *value; + + xsi_ns = get_or_define_ns(node, attribute_ns_href, attribute_ns_prefix); + type_ns = get_or_define_ns(node, href, prefix); + value = BAD_CAST g_strdup_printf("%s:%s", type_ns->prefix, name); + xmlSetNsProp(node, xsi_ns, attribute_name, value); + lasso_release_string(value); +} + +void +set_xsi_type(xmlNode *node, + const xmlChar *type_ns_prefix, + const xmlChar *type_ns_href, + const xmlChar *type_name) { + set_qname_attribute(node, + BAD_CAST LASSO_XSI_PREFIX, + BAD_CAST LASSO_XSI_HREF, + BAD_CAST "type", + type_ns_prefix, + type_ns_href, + type_name); +} diff --git a/lasso/xml/xml.c b/lasso/xml/xml.c index ed6aa5ce..bc8111b9 100644 --- a/lasso/xml/xml.c +++ b/lasso/xml/xml.c @@ -52,6 +52,7 @@ #include "../debug.h" #include "./soap-1.1/soap_envelope.h" #include "./soap-1.1/soap_body.h" +#include "./misc_text_node.h" #include "../lasso_config.h" #ifdef LASSO_WSF_ENABLED #include "./idwsf_strings.h" @@ -72,7 +73,6 @@ static void lasso_node_traversal(LassoNode *node, void (*do_to_node)(LassoNode * static LassoNode* lasso_node_new_from_xmlNode_with_type(xmlNode *xmlnode, char *typename); static void lasso_node_remove_original_xmlnode(LassoNode *node, SnippetType type); -static xmlNs * get_or_define_ns(xmlNode *xmlnode, xmlChar *ns_uri); GHashTable *dst_services_by_href = NULL; /* ID-WSF 1 extra DST services, indexed on href */ GHashTable *dst_services_by_prefix = NULL; /* ID-WSF 1 extra DST services, indexed on prefix */ @@ -1191,7 +1191,6 @@ lasso_node_traversal(LassoNode *node, void (*do_to_node)(LassoNode *node, Snippe type = snippet->type & 0xff; switch (type) { case SNIPPET_NODE: - case SNIPPET_NAME_IDENTIFIER: case SNIPPET_NODE_IN_CHILD: lasso_node_traversal(*value, do_to_node, snippet->type); break; @@ -1206,6 +1205,8 @@ lasso_node_traversal(LassoNode *node, void (*do_to_node)(LassoNode *node, Snippe } } break; + case SNIPPET_UNUSED1: + g_assert_not_reached(); default: break; } @@ -1273,6 +1274,105 @@ cleanup: return rc; } +static inline gboolean +lasso_equal_namespace(xmlNs *t1, xmlNs *t2) { + return t1 && t2 && (t1 == t2 || + lasso_strisequal((char*)t1->href, (char*)t2->href)); +} + +static void +snippet_set_value(LassoNode *node, LassoNodeClass *class, struct XmlSnippet *snippet, xmlChar *content) { + void *value; + GType g_type = G_TYPE_FROM_CLASS(class); + + /* If not offset, it means it is handled by an adhoc init_from_xml */ + if (! snippet->offset && ! (snippet->type & SNIPPET_PRIVATE)) { + return; + } + value = SNIPPET_STRUCT_MEMBER_P(node, g_type, snippet); + if (snippet->type & SNIPPET_INTEGER) { + int val = strtol((char*)content, NULL, 10); + if (((val == LONG_MIN || val == LONG_MAX) && errno == ERANGE) + || errno == EINVAL || val < 0) { + if (snippet->type & SNIPPET_OPTIONAL_NEG) { + val = -1; + } else { + val = 0; + } + } + (*(int*)value) = val; + } else if (snippet->type & SNIPPET_BOOLEAN) { + int val = 0; + if (strcmp((char*)content, "true") == 0) { + val = 1; + } else if (strcmp((char*)content, "1") == 0) { + val = 1; + } + (*(int*)value) = val; + } else { + lasso_assign_string((*(char**)value), (char*)content); + if (lasso_flag_memory_debug == TRUE) { + fprintf(stderr, " setting prop %s/%s to value %p: %s\n", + G_OBJECT_TYPE_NAME(node), snippet->name, *(void**)value, (char*)content); + } + } +} + +gboolean +next_node_snippet(GSList **class_iter_p, struct XmlSnippet **snippet_p) +{ + while (*class_iter_p) { + if (*snippet_p) { + if ((*snippet_p)->name) { + SnippetType type = (*snippet_p)->type; + /* special case for ArtifactResponse */ + if (type & SNIPPET_ANY && (type & 0xff) == SNIPPET_NODE) + return TRUE; + if (! (type & SNIPPET_ANY) && (*snippet_p)->name[0] != '\0') { + switch (type & 0xff) { + case SNIPPET_NODE: + case SNIPPET_NODE_IN_CHILD: + case SNIPPET_LIST_XMLNODES: + case SNIPPET_LIST_CONTENT: + case SNIPPET_LIST_NODES: + case SNIPPET_EXTENSION: + case SNIPPET_XMLNODE: + case SNIPPET_CONTENT: + case SNIPPET_SIGNATURE: + return TRUE; + default: + break; + } + } + ++*snippet_p; + } else { + *class_iter_p = g_slist_next(*class_iter_p); + *snippet_p = NULL; + } + } else { + *snippet_p = ((LassoNodeClass*)(*class_iter_p)->data) + ->node_data->snippets; + } + } + return FALSE; +} + +static inline gboolean +is_snippet_type(struct XmlSnippet *snippet, SnippetType simple_type) { + return (snippet->type & 0xff) == simple_type; +} + +static inline gboolean +node_match_snippet(xmlNode *parent, xmlNode *node, struct XmlSnippet *snippet) +{ + /* special case of ArtifactResponse */ + if (snippet->type & SNIPPET_ANY) + return TRUE; + return (lasso_strisequal(snippet->name, (char*)node->name) + && ((!snippet->ns_uri && lasso_equal_namespace(parent->ns, node->ns)) || + (node->ns && lasso_strisequal((char*)node->ns->href, snippet->ns_uri)))); +} + /** FIXME: return a real error code */ static int lasso_node_impl_init_from_xml(LassoNode *node, xmlNode *xmlnode) @@ -1287,269 +1387,301 @@ lasso_node_impl_init_from_xml(LassoNode *node, xmlNode *xmlnode) GType g_type_collect_namespaces, g_type_any, g_type_any_attribute; struct XmlSnippet *snippet_collect_namespaces = NULL; struct XmlSnippet *snippet_signature = NULL; - GSList *unknown_nodes = NULL; - GSList *known_attributes = NULL; gboolean keep_xmlnode = FALSE; + GSList *class_list = NULL; + GSList *class_iter = NULL; + xmlAttr *attr = NULL; + GType g_type = 0; + LassoNodeClass *node_class; - class = LASSO_NODE_GET_CLASS(node); - - /* What do you want me to initialize ? */ if (! xmlnode) return 1; + node_class = class = LASSO_NODE_GET_CLASS(node); /* No node_data no initialization possible */ if (! class->node_data) { - message(G_LOG_LEVEL_WARNING, "Class %s has no node_data so no initialization is possible", G_OBJECT_CLASS_NAME(class)); + message(G_LOG_LEVEL_WARNING, "Class %s has no node_data so no initialization " + "is possible", G_OBJECT_CLASS_NAME(class)); return 0; } - if (lasso_flag_memory_debug == TRUE) { - fprintf(stderr, "Initializing %s (at %p)\n", G_OBJECT_TYPE_NAME(node), node); - } - - while (class && LASSO_IS_NODE_CLASS(class) && class->node_data) { - GType g_type = G_TYPE_FROM_CLASS(class); + /* Collect special snippets like SNIPPET_COLLECT_NAMESPACES, SNIPPET_ANY, SNIPPET_ATTRIBUTE + * or SNIPPET_SIGNATURE, and initialize class_list in reverse. */ + while (class && LASSO_IS_NODE_CLASS(class)) { + if (class->node_data) { + GType g_type = G_TYPE_FROM_CLASS(class); + keep_xmlnode |= class->node_data->keep_xmlnode; + if (class->node_data->snippets) + class_list = g_slist_prepend(class_list, class); + for (snippet = class->node_data->snippets; snippet && snippet->name; snippet++) { + type = snippet->type & 0xff; - lasso_trace(" initializing %s\n", G_OBJECT_CLASS_NAME(class)); - - /* reduce keep_xmlnode flags */ - keep_xmlnode |= class->node_data->keep_xmlnode; - - for (t = xmlnode->children; t; t = t->next) { - if (t->type == XML_TEXT_NODE) { - for (snippet = class->node_data->snippets; - snippet && snippet->name; snippet++) { - GList **location = NULL; - - type = snippet->type & 0xff; - value = SNIPPET_STRUCT_MEMBER_P(node, g_type, snippet); - - if (type == SNIPPET_LIST_XMLNODES) { - location = value; - *location = g_list_append( - *location, xmlCopyNode(t, 1)); - trace_snippet(" adding xmlNode %p", g_list_last(*location)->data); - } else if (type == SNIPPET_LIST_NODES && - snippet->type & SNIPPET_ALLOW_TEXT) { - LassoNode *text_node; - text_node = lasso_node_new_from_xmlNode_with_type(t, - "LassoMiscTextNode"); - location = value; - *location = g_list_append(*location, text_node); - trace_snippet(" adding LassoMiscTextNode %p", text_node); + if (snippet->name && snippet->name[0] == '\0' && type == + SNIPPET_COLLECT_NAMESPACES) { + snippet_collect_namespaces = snippet; + g_type_collect_namespaces = g_type; + } else if (type == SNIPPET_SIGNATURE) { + snippet_signature = snippet; + } else if (type == SNIPPET_ATTRIBUTE && snippet->type & SNIPPET_ANY) { + g_type_any_attribute = g_type; + snippet_any_attribute = snippet; + } else if (type == SNIPPET_TEXT_CHILD) { + xmlChar *tmp = xmlNodeGetContent(xmlnode); + snippet_set_value(node, class, snippet, tmp); + lasso_release_xml_string(tmp); + } else if (type != SNIPPET_ATTRIBUTE && type != SNIPPET_NODE && snippet->type & SNIPPET_ANY) { + if (! snippet_any) { + g_type_any = g_type; + snippet_any = snippet; + } else { + critical("Two any node snippet for class %s", + g_type_name(G_TYPE_FROM_INSTANCE(node))); } - continue; } - continue; } + } + class = g_type_class_peek_parent(class); + } - if (t->type != XML_ELEMENT_NODE) + /* If any class asked for keeping the xmlNode, keep it around */ + if (keep_xmlnode) { + lasso_node_set_original_xmlnode(node, xmlnode); + } + + /** Collect attributes */ + for (attr = xmlnode->properties; attr; attr = attr->next) { + xmlChar *content; + content = xmlNodeGetContent((xmlNode*)attr); + int ok = 0; + + /* Skip xsi:type if it was used to find the node class */ + if (attr->ns && lasso_strisequal((char*)attr->name, "type") && + lasso_strisequal((char*)attr->ns->href, LASSO_XSI_HREF)) { + char *colon = strchr((char*)content, ':'); + xmlNs *ns; + *colon = '\0'; + ns = xmlSearchNs(NULL, xmlnode, content); + *colon = ':'; + if (ns && lasso_strisequal((char*)ns->href, (char*)node_class->node_data->ns->href) + && lasso_strisequal(&colon[1], node_class->node_data->node_name)) { + lasso_release_xml_string(content); continue; + } + } + for (class_iter = class_list; class_iter; class_iter = class_iter->next) { + class = class_iter->data; for (snippet = class->node_data->snippets; snippet && snippet->name; snippet++) { - void *tmp = NULL; type = snippet->type & 0xff; - value = SNIPPET_STRUCT_MEMBER_P(node, g_type, snippet); - - if ((snippet->type & SNIPPET_ANY) && type != SNIPPET_ATTRIBUTE) { - g_type_any = g_type; - snippet_any = snippet; - } - - if (strcmp((char*)t->name, snippet->name) != 0 && snippet->name[0]) + /* assign attribute content if attribute has the same name as the + * snippet and: + * - the snippet and the attribute have no namespace + * - the snippet has no namespace but the attribute has the same + * namespace as the node + * - the snippet and the node have a namespace, which are equal. + */ + if (type != SNIPPET_ATTRIBUTE) continue; - - if (type == SNIPPET_NODE) { - tmp = lasso_node_new_from_xmlNode_with_type(t, - snippet->class_name); - } else if (type == SNIPPET_NODE_IN_CHILD) { - xmlNode *t2 = t->children; - while (t2 && t2->type != XML_ELEMENT_NODE) - t2 = t2->next; - if (t2) { - tmp = lasso_node_new_from_xmlNode_with_type(t2, - snippet->class_name); - } - } else if (type == SNIPPET_CONTENT) { - tmp = xmlNodeGetContent(t); - } else if (type == SNIPPET_NAME_IDENTIFIER) { - tmp = lasso_saml_name_identifier_new_from_xmlNode(t); - } else if (type == SNIPPET_LIST_NODES) { - GList **location = value; - LassoNode *n; - n = lasso_node_new_from_xmlNode_with_type(t, - snippet->class_name); - if (n == NULL && snippet_any == snippet) { - /* unknown, can be text or node -> make a - * LassoMiscTextNode */ - n = lasso_node_new_from_xmlNode_with_type(t, - "LassoMiscTextNode"); - } - if (n && snippet->type & SNIPPET_KEEP_XMLNODE && - ! LASSO_NODE_GET_CLASS(n)->node_data->keep_xmlnode) { - lasso_node_set_original_xmlnode(n, t); - } - - if (n) { - *location = g_list_append(*location, n); - trace_snippet(" adding %p of type %s(%s) to ", - n, G_OBJECT_TYPE_NAME(n), - snippet->class_name); - } else { - /* failed to do sth with */ - message(G_LOG_LEVEL_WARNING, - "Failed to do sth with %s", - t->name); - } - } else if (type == SNIPPET_LIST_CONTENT) { - GList **location = value; - xmlChar *s = xmlNodeGetContent(t); - lasso_list_add_string(*location, (char*)s); - trace_snippet(" adding text %s as content to ", s); - lasso_release_xml_string(s); - } else if (type == SNIPPET_EXTENSION || - type == SNIPPET_LIST_XMLNODES) { - GList **location = value; - *location = g_list_append(*location, xmlCopyNode(t, 1)); - trace_snippet(" adding xmlNode %p to ", g_list_last(*location)->data); - } else if (type == SNIPPET_XMLNODE) { - tmp = xmlCopyNode(t, 1); - } else if (type == SNIPPET_COLLECT_NAMESPACES) { - /* Collect namespaces on the children t */ - _lasso_node_collect_namespaces(value, t); + if (! lasso_strisequal((char*)attr->name, (char*)snippet->name)) + continue; + if (attr->ns) { + gboolean same_namespace, given_namespace; + + same_namespace = lasso_equal_namespace(attr->ns, + xmlnode->ns) && ! snippet->ns_uri; + given_namespace = snippet->ns_uri && + lasso_strisequal((char*)attr->ns->href, + snippet->ns_uri); + if (! same_namespace && ! given_namespace) + break; } + snippet_set_value(node, class, snippet, content); + ok = 1; + break; + } + } + if (! ok && attr->ns && snippet_any_attribute) { + GHashTable **any_attribute; + gchar *key; - if (tmp == NULL) - break; + any_attribute = SNIPPET_STRUCT_MEMBER_P(node, g_type_any_attribute, + snippet_any_attribute); + if (*any_attribute == NULL) { + *any_attribute = g_hash_table_new_full(g_str_hash, g_str_equal, + g_free, g_free); + } + if (lasso_equal_namespace(attr->ns, xmlnode->ns)) { + key = g_strdup((char*)attr->name); + } else { + key = g_strdup_printf("{%s}%s", attr->ns->href, attr->name); + } + g_hash_table_insert(*any_attribute, key, g_strdup((char*)content)); + lasso_release_xml_string(content); + } else if (! ok) { + warning("lasso_node_impl_init_from_xml: Unexpected attribute: {%s}%s = %s", + attr->ns ? attr->ns->href : NULL, attr->name, content); + } + lasso_release_xml_string(content); + } + + /* Collect children nodes in reverse order of class parents (older parent first), skip non + * node and ANY snippets) */ + class_iter = class_list; + snippet = ((LassoNodeClass*)class_iter->data)->node_data->snippets; + next_node_snippet(&class_iter, &snippet); + for (t = xmlnode->children; t && class_iter && snippet; t = t->next) { + /* Only collect text node if: + * - there is a LIST_XMLNODES any snippet + * - there is a LIST_NODES any snippet with the ALLOW_TEXT modifier + */ + if (t->type == XML_TEXT_NODE && snippet_any && + (is_snippet_type(snippet_any, SNIPPET_LIST_XMLNODES) + || (is_snippet_type(snippet_any, SNIPPET_LIST_NODES) && + (snippet_any->type & SNIPPET_ALLOW_TEXT)))) { + GList **location = SNIPPET_STRUCT_MEMBER_P(node, g_type_any, snippet_any); + if (is_snippet_type(snippet_any, SNIPPET_LIST_XMLNODES)) { + lasso_list_add_xml_node(*location, t); + } else { + lasso_list_add_new_gobject(*location, + lasso_node_new_from_xmlNode_with_type(t, + "LassoMiscTextNode")); + } + } else if (t->type == XML_COMMENT_NODE || t->type == XML_PI_NODE || t->type == XML_TEXT_NODE) { + /* ignore comments */ + continue; + } else if (t->type == XML_ELEMENT_NODE) { + LassoNode *subnode = NULL; + xmlNode *first_child = NULL; + GList **list = NULL; + xmlChar *content = NULL; + + /* Find a matching snippet */ + while (class_iter && ! node_match_snippet(xmlnode, t, snippet)) { + snippet++; + next_node_snippet(&class_iter, &snippet); + } + if (! class_iter) { + /* If we cannot find one, terminate here. */ + break; + } + class = class_iter->data; + g_type = G_TYPE_FROM_CLASS(class); + value = SNIPPET_STRUCT_MEMBER_P(node, g_type, snippet); + list = value; - if (type == SNIPPET_XMLNODE || type == SNIPPET_NODE || type == SNIPPET_NODE_IN_CHILD || type == - SNIPPET_NAME_IDENTIFIER) { - if (snippet->type & SNIPPET_KEEP_XMLNODE && ! - LASSO_NODE_GET_CLASS(tmp)->node_data->keep_xmlnode) - { - lasso_trace(" setting original xmlNode of %p (%s) to %p", tmp, G_OBJECT_TYPE_NAME(tmp), t) - lasso_node_set_original_xmlnode(tmp, t); - } - if (type == SNIPPET_XMLNODE) { - trace_snippet(" setting xmlNode %p as ", tmp); - } else { - trace_snippet(" setting %p of type %s (wanted %s) as ", tmp, - G_OBJECT_TYPE_NAME(tmp), + if (snippet->offset || (snippet->type & SNIPPET_PRIVATE)) { + switch (snippet->type & 0xff) { + case SNIPPET_LIST_NODES: + case SNIPPET_NODE: + subnode = lasso_node_new_from_xmlNode_with_type(t, snippet->class_name); - } - *(void**)value = tmp; - tmp = NULL; - } else if (snippet->type & SNIPPET_INTEGER) { - int val = strtol(tmp, NULL, 10); - if (((val == LONG_MIN || val == LONG_MAX) && errno == ERANGE) - || errno == EINVAL || val < 0) { - if (snippet->type & SNIPPET_OPTIONAL_NEG) { - val = -1; + if (is_snippet_type(snippet, SNIPPET_NODE)) { + lasso_assign_new_gobject(*(LassoNode**)value, subnode); } else { - val = 0; + lasso_list_add_new_gobject(*list, subnode); } - } - (*(int*)value) = val; - trace_snippet(" setting integer %i for ", val); - xmlFree(tmp); - tmp = NULL; - } else if (snippet->type & SNIPPET_BOOLEAN) { - int val = 0; - if (strcmp((char*)tmp, "true") == 0) { - val = 1; - } else if (strcmp((char*)tmp, "1") == 0) { - val = 1; - } - trace_snippet(" setting bool %s for ", val ? "TRUE" : "FALSE"); - (*(int*)value) = val; - xmlFree(tmp); - tmp = NULL; - } else { - lasso_release_string(*(char**)value); - *(char**)value = g_strdup(tmp); - trace_snippet(" setting text %s as value for ", (char*)tmp); - if (lasso_flag_memory_debug == TRUE) { - fprintf(stderr, " setting field %s/%s to value %p: %s\n", G_OBJECT_TYPE_NAME(node), snippet->name, *(void**)value, (char*)tmp); - } - lasso_release_xml_string((*(xmlChar**)&tmp)); - tmp = NULL; - } + break; + case SNIPPET_NODE_IN_CHILD: + first_child = xmlSecGetNextElementNode(t->children); + if (first_child) { + subnode = lasso_node_new_from_xmlNode_with_type(first_child, + snippet->class_name); + lasso_assign_new_gobject(*(LassoNode**)value, subnode); + } + break; + case SNIPPET_XMLNODE: + lasso_assign_xml_node(*(xmlNode**)value, t); + break; + case SNIPPET_LIST_XMLNODES: + case SNIPPET_EXTENSION: + lasso_list_add_xml_node(*list, t); + break; + case SNIPPET_CONTENT: + case SNIPPET_LIST_CONTENT: + content = xmlNodeGetContent(t); + if (is_snippet_type(snippet, SNIPPET_CONTENT)) { + snippet_set_value(node, class, snippet, content); + } else { /* only list of string-like xsd:type supported */ + lasso_list_add_string(*list, (char*)content); + } + lasso_release_xml_string(content); + break; + case SNIPPET_SIGNATURE: + /* We ignore it */ + break; + default: + g_assert_not_reached(); - break; + } } - if ((snippet == NULL || snippet->name == NULL) && snippet_any) { - if (g_slist_find(unknown_nodes, t) == NULL) - unknown_nodes = g_slist_append(unknown_nodes, t); - } else { - unknown_nodes = g_slist_remove(unknown_nodes, t); + /* When creating a new LassoNode and option KEEP_XMLNODE is present, + * we attached the xmlNode to the LassoNode */ + if (subnode && (snippet->type & SNIPPET_KEEP_XMLNODE)) { + lasso_node_set_original_xmlnode(subnode, t); } - } - - for (snippet = class->node_data->snippets; snippet && snippet->name; snippet++) { - void *tmp = NULL; - type = snippet->type & 0xff; - - value = SNIPPET_STRUCT_MEMBER_P(node, g_type, snippet); - if (snippet->name && snippet->name[0] == '\0' && type == - SNIPPET_COLLECT_NAMESPACES) { - snippet_collect_namespaces = snippet; - g_type_collect_namespaces = g_type; - } - - if (type == SNIPPET_SIGNATURE) { - snippet_signature = snippet; + switch (snippet->type & 0xff) { + case SNIPPET_NODE: + case SNIPPET_NODE_IN_CHILD: + case SNIPPET_XMLNODE: + case SNIPPET_CONTENT: + case SNIPPET_SIGNATURE: + /* Only one node to read, advance ! */ + ++snippet; + next_node_snippet(&class_iter, &snippet); + break; + default: + break; } - - if (type == SNIPPET_ATTRIBUTE) { - if (snippet->type & SNIPPET_ANY) { - g_type_any_attribute = g_type; - snippet_any_attribute = snippet; - continue; - } - tmp = xmlGetProp(xmlnode, (xmlChar*)snippet->name); - known_attributes = g_slist_append(known_attributes, snippet->name); + } else { + g_assert_not_reached(); + } + } + if (t) { /* t is an ELEMENT that dont match any snippet, when taken in order */ + if (snippet_any && is_snippet_type(snippet_any, SNIPPET_LIST_XMLNODES)) { + value = SNIPPET_STRUCT_MEMBER_P(node, g_type_any, snippet_any); + GList **list = value; + for (; t; t = t->next) { + lasso_list_add_xml_node(*list, t); } - if (type == SNIPPET_TEXT_CHILD) - tmp = xmlNodeGetContent(xmlnode); - if (tmp == NULL) - continue; - - if (snippet->type & SNIPPET_INTEGER) { - int val = strtol(tmp, NULL, 10); - if (((val == LONG_MIN || val == LONG_MAX) && errno == ERANGE) - || errno == EINVAL || val < 0) { - if (snippet->type & SNIPPET_OPTIONAL_NEG) { - val = -1; - } else { - val = 0; + } else if (snippet_any && is_snippet_type(snippet_any, SNIPPET_LIST_NODES)) { + value = SNIPPET_STRUCT_MEMBER_P(node, g_type_any, snippet_any); + GList **list = value; + for (; t; t = t->next) { + LassoNode *subnode = NULL; + + if (t->type == XML_TEXT_NODE && (snippet_any->type & + SNIPPET_ALLOW_TEXT)) { + lasso_list_add_new_gobject(*list, + lasso_node_new_from_xmlNode_with_type(t, + "LassoMiscTextNode")); + } else if (t->type == XML_ELEMENT_NODE) { + subnode = lasso_node_new_from_xmlNode_with_type(t, + snippet_any->class_name); + if (subnode && (snippet_any->type & SNIPPET_KEEP_XMLNODE)) { + lasso_node_set_original_xmlnode(subnode, t); } + if (! subnode) { + subnode = (LassoNode*) + lasso_misc_text_node_new_with_xml_node(t); + } + lasso_list_add_new_gobject(*list, subnode); } - (*(int*)value) = val; - } else if (snippet->type & SNIPPET_BOOLEAN) { - int val = 0; - if (strcmp((char*)tmp, "true") == 0) { - val = 1; - } else if (strcmp((char*)tmp, "1") == 0) { - val = 1; - } - (*(int*)value) = val; - } else { - lasso_assign_string((*(char**)value), tmp); - if (lasso_flag_memory_debug == TRUE) { - fprintf(stderr, " setting prop %s/%s to value %p: %s\n", - G_OBJECT_TYPE_NAME(node), snippet->name, *(void**)value, (char*)tmp); + } + } else if (snippet_any) { + g_assert_not_reached(); + } else { + for (; t; t = t->next) { + if (t->type == XML_ELEMENT_NODE) { + critical("lasso_node_impl_init_from_xml: Cannot match " + "element {%s}%s with a snippet of " + "class %s", + t->ns ? t->ns->href : NULL, t->name, + g_type_name(G_TYPE_FROM_INSTANCE(node))); + return 1; } } - xmlFree(tmp); } - - class = g_type_class_peek_parent(class); - } - - /* If any parent asked for keeping the current xmlnode, keep it around */ - if (keep_xmlnode) { - lasso_node_set_original_xmlnode(node, xmlnode); } /* Collect namespaces on the current node */ @@ -1594,62 +1726,13 @@ lasso_node_impl_init_from_xml(LassoNode *node, xmlNode *xmlnode) signature_context.signature_key = lasso_xmlsec_load_private_key((char*) private_key, (char*) private_key_password, method, (char*) certificate); lasso_node_set_signature(node, signature_context); + break; } lasso_release_xml_string(private_key); lasso_release_xml_string(private_key_password); lasso_release_xml_string(certificate); } - /* Collect other children */ - if (unknown_nodes && snippet_any) { - xmlNode *t = unknown_nodes->data; - void *tmp; - value = SNIPPET_STRUCT_MEMBER_P(node, g_type_any, snippet_any); - tmp = lasso_node_new_from_xmlNode_with_type(t, snippet_any->class_name); - (*(char**)value) = tmp; - } - - /* Collect other attributes */ - if (snippet_any_attribute) { - GHashTable **any_attribute; - GSList *tmp_attr; - xmlAttr *node_attr; - - - any_attribute = SNIPPET_STRUCT_MEMBER_P(node, g_type_any_attribute, snippet_any_attribute); - if (*any_attribute == NULL) { - *any_attribute = g_hash_table_new_full( - g_str_hash, g_str_equal, g_free, g_free); - } - - for (node_attr = xmlnode->properties; node_attr; node_attr = node_attr->next) { - xmlChar *attr_name = (xmlChar*)node_attr->name; - gboolean known_attr = FALSE; - for (tmp_attr = known_attributes; tmp_attr; - tmp_attr = g_slist_next(tmp_attr)) { - if (strcmp(tmp_attr->data, (char*)attr_name) == 0) { - known_attr = TRUE; - break; - } - } - if (known_attr == FALSE) { - xmlChar *tmp = xmlGetProp(xmlnode, attr_name); - g_hash_table_insert(*any_attribute, - g_strdup((char*)attr_name), g_strdup((char*)tmp)); - xmlFree(tmp); - } - } - - } - - if (unknown_nodes) { - g_slist_free(unknown_nodes); - } - - if (known_attributes) { - g_slist_free(known_attributes); - } - return 0; } #undef trace_snippet @@ -1711,40 +1794,45 @@ lasso_node_impl_get_xmlNode(LassoNode *node, gboolean lasso_dump) LassoNodeClass *class = LASSO_NODE_GET_CLASS(node); LassoNodeClass *version_class = NULL; xmlNode *xmlnode; - xmlNs *ns; - GList *list_ns = NULL, *list_classes = NULL, *t; + xmlNs *ns = NULL; + GSList *list_classes = NULL, *iter_classes = NULL; LassoNode *value_node; struct XmlSnippet *version_snippet; struct _CustomElement *custom_element; - LassoNodeClass *node_data_class = class; + LassoNodeClass *xsi_sub_type_data_class = NULL; + LassoNodeClass *node_name_class = class; - while (node_data_class && node_data_class->node_data != NULL && node_data_class->node_data->node_name == NULL) { - node_data_class = g_type_class_peek_parent(node_data_class); + while (node_name_class->node_data->xsi_sub_type) { + node_name_class= g_type_class_peek_parent(node_name_class); } - if (! node_data_class || node_data_class->node_data == NULL || - node_data_class->node_data->node_name == NULL) - return NULL; + if (node_name_class != class) { + xsi_sub_type_data_class = class; + } + g_assert(node_name_class && node_name_class->node_data && + node_name_class->node_data->node_name); - xmlnode = xmlNewNode(NULL, (xmlChar*)node_data_class->node_data->node_name); - custom_element = _lasso_node_get_custom_element(node); - /* collect namespaces in the order of ancestor classes, nearer first */ - while (class && LASSO_IS_NODE_CLASS(class) && class->node_data) { - if (class->node_data->ns && (! custom_element || ! custom_element->href || class != LASSO_NODE_GET_CLASS(node))) - list_ns = g_list_append(list_ns, class->node_data->ns); - list_classes = g_list_append(list_classes, class); - class = g_type_class_peek_parent(class); + /* Create node in its namespace */ + xmlnode = xmlNewNode(NULL, (xmlChar*)node_name_class->node_data->node_name); + if (node_name_class->node_data->ns) { + ns = get_or_define_ns(xmlnode, node_name_class->node_data->ns->href, + node_name_class->node_data->ns->prefix); + xmlSetNs(xmlnode, ns); + } + /* If subtype, set an xsi:type attribute */ + if (xsi_sub_type_data_class) { + set_xsi_type(xmlnode, + xsi_sub_type_data_class->node_data->ns->prefix, + xsi_sub_type_data_class->node_data->ns->href, + BAD_CAST xsi_sub_type_data_class->node_data->node_name); } + custom_element = _lasso_node_get_custom_element(node); - /* create the namespaces */ - t = g_list_first(list_ns); - while (t) { - ns = t->data; - xmlNewNs(xmlnode, ns->href, ns->prefix); - t = g_list_next(t); + /* collect all classes in reverse order */ + while (class && LASSO_IS_NODE_CLASS(class)) { + if (class->node_data && class->node_data->snippets) + list_classes = g_slist_prepend(list_classes, class); + class = g_type_class_peek_parent(class); } - lasso_release_list(list_ns); - /* first NS defined is the namespace of the element */ - xmlSetNs(xmlnode, xmlnode->nsDef); /* set a custom namespace if one is found */ if (custom_element != NULL) { @@ -1785,14 +1873,13 @@ lasso_node_impl_get_xmlNode(LassoNode *node, gboolean lasso_dump) } - t = g_list_last(list_classes); - while (t) { - class = t->data; - lasso_node_build_xmlNode_from_snippets(node, (LassoNodeClass*)class, xmlnode, - class->node_data->snippets, lasso_dump); - t = g_list_previous(t); + for (iter_classes = list_classes; iter_classes; iter_classes = g_slist_next(iter_classes)) { + class = iter_classes->data; + lasso_node_build_xmlNode_from_snippets(node, + (LassoNodeClass*)class, xmlnode, + class->node_data->snippets, + lasso_dump); } - lasso_release_list(list_classes); xmlCleanNs(xmlnode); @@ -1819,6 +1906,7 @@ lasso_node_impl_get_xmlNode(LassoNode *node, gboolean lasso_dump) } } + g_slist_free(list_classes); return xmlnode; } @@ -1846,6 +1934,8 @@ lasso_node_dispose(GObject *object) void **value = SNIPPET_STRUCT_MEMBER_P(object, G_TYPE_FROM_CLASS(class), snippet); type = snippet->type & 0xff; + if (! snippet->offset && ! (snippet->type & SNIPPET_PRIVATE)) + continue; if (snippet->type & SNIPPET_BOOLEAN) continue; if (snippet->type & SNIPPET_INTEGER) @@ -1860,7 +1950,6 @@ lasso_node_dispose(GObject *object) } switch (type) { case SNIPPET_NODE: - case SNIPPET_NAME_IDENTIFIER: case SNIPPET_NODE_IN_CHILD: lasso_release_gobject(*value); break; @@ -2094,6 +2183,8 @@ prefix_from_href_and_nodename(const xmlChar *href, G_GNUC_UNUSED const xmlChar * prefix = "Samlp2"; else if (strcmp((char*)href, LASSO_SOAP_ENV_HREF) == 0) prefix = "Soap"; + else if (strcmp((char*)href, LASSO_DS_HREF) == 0) + prefix = "Ds"; #ifdef LASSO_WSF_ENABLED else if (strcmp((char*)href, LASSO_SOAP_BINDING_HREF) == 0) prefix = "SoapBinding"; @@ -2101,8 +2192,6 @@ prefix_from_href_and_nodename(const xmlChar *href, G_GNUC_UNUSED const xmlChar * prefix = "SoapBindingExt"; else if (strcmp((char*)href, LASSO_DISCO_HREF) == 0) prefix = "Disco"; - else if (strcmp((char*)href, LASSO_DS_HREF) == 0) - prefix = "Ds"; else if (strcmp((char*)href, LASSO_IS_HREF) == 0) prefix = "Is"; else if (strcmp((char*)href, LASSO_SA_HREF) == 0) @@ -2530,23 +2619,6 @@ lasso_node_class_set_ns(LassoNodeClass *klass, char *href, char *prefix) klass->node_data->ns = xmlNewNs(NULL, (xmlChar*)href, (xmlChar*)prefix); } -static xmlNs * -get_or_define_ns(xmlNode *xmlnode, xmlChar *ns_uri) { - xmlNs *ns; - char prefix[10]; - int i = 1; - - ns = xmlSearchNsByHref(NULL, xmlnode, ns_uri); - if (ns) - return ns; - do { - sprintf(prefix, "ns%u", i); - i++; - ns = xmlSearchNs(NULL, xmlnode, BAD_CAST prefix); - } while (ns); - return xmlNewNs(xmlnode, ns_uri, BAD_CAST prefix); -} - static void snippet_dump_any(gchar *key, gchar *value, xmlNode *xmlnode) { @@ -2564,14 +2636,33 @@ snippet_dump_any(gchar *key, gchar *value, xmlNode *xmlnode) return; } ns_uri = g_strndup(key+1, end-(key+1)); - ns = get_or_define_ns(xmlnode, BAD_CAST ns_uri); - xmlSetNsProp(xmlnode, ns, BAD_CAST key, BAD_CAST value); + ns = get_or_define_ns(xmlnode, BAD_CAST ns_uri, NULL); + xmlSetNsProp(xmlnode, ns, BAD_CAST &end[1], BAD_CAST value); } else { xmlSetProp(xmlnode, BAD_CAST key, BAD_CAST value); } } static void +apply_snippet_ns(struct XmlSnippet *snippet, xmlNode *xmlnode) +{ + xmlNs *ns; + + if (! xmlnode) + return; + if (snippet->ns_uri) { + if (! xmlnode->ns || !lasso_strisequal((char*)xmlnode->ns->href, (char*)snippet->ns_uri)) { + ns = get_or_define_ns(xmlnode, BAD_CAST snippet->ns_uri, BAD_CAST snippet->ns_name); + xmlSetNs(xmlnode, ns); + } + /* If not a any snippet, apply given Name, what about xsi:type ? */ + } + if (! (snippet->type & SNIPPET_ANY) && ! lasso_strisempty(snippet->name) && + lasso_strisnotequal((char*)xmlnode->name, (char*)snippet->name)) + xmlNodeSetName(xmlnode, BAD_CAST snippet->name); +} + +static void lasso_node_build_xmlNode_from_snippets(LassoNode *node, LassoNodeClass *class, xmlNode *xmlnode, struct XmlSnippet *snippets, gboolean lasso_dump) { @@ -2579,17 +2670,21 @@ lasso_node_build_xmlNode_from_snippets(LassoNode *node, LassoNodeClass *class, x SnippetType type; GType g_type; xmlNode *t; - xmlNs *xmlns; GList *elem; struct XmlSnippet *snippet_any_attribute = NULL; g_type = G_TYPE_FROM_CLASS(class); for (snippet = snippets; snippet && snippet->name; snippet++) { - void *value = SNIPPET_STRUCT_MEMBER(void *, node, g_type, snippet); - char *str = value; - type = snippet->type & 0xff; + void *value; + char *str; + if (! snippet->offset && ! (snippet->type & SNIPPET_PRIVATE)) { + continue; + } + type = snippet->type & 0xff; + value = SNIPPET_STRUCT_MEMBER(void *, node, g_type, snippet); + str = value; if (lasso_dump == FALSE && snippet->type & SNIPPET_LASSO_DUMP) continue; @@ -2629,23 +2724,13 @@ lasso_node_build_xmlNode_from_snippets(LassoNode *node, LassoNodeClass *class, x { xmlNode *t2; t2 = lasso_node_get_xmlNode(LASSO_NODE(value), lasso_dump); - if (snippet->name && ! (snippet->type & SNIPPET_ANY)) { - xmlNodeSetName(t2, (xmlChar*)snippet->name); - } + apply_snippet_ns(snippet, t2); xmlAddChild(xmlnode, t2); } break; case SNIPPET_CONTENT: xmlNewTextChild(xmlnode, NULL, (xmlChar*)snippet->name, (xmlChar*)str); break; - case SNIPPET_NAME_IDENTIFIER: - xmlns = xmlNewNs(NULL, (xmlChar*)LASSO_LIB_HREF, - (xmlChar*)LASSO_LIB_PREFIX); - t = xmlAddChild(xmlnode, lasso_node_get_xmlNode( - LASSO_NODE(value), lasso_dump)); - xmlNodeSetName(t, (xmlChar*)snippet->name); - xmlSetNs(t, xmlns); - break; case SNIPPET_NODE_IN_CHILD: t = xmlNewTextChild(xmlnode, NULL, (xmlChar*)snippet->name, NULL); xmlAddChild(t, lasso_node_get_xmlNode( @@ -2657,10 +2742,7 @@ lasso_node_build_xmlNode_from_snippets(LassoNode *node, LassoNodeClass *class, x xmlNode *subnode = lasso_node_get_xmlNode( LASSO_NODE(elem->data), lasso_dump); if (subnode) { - if (snippet->name && snippet->name[0]) { - xmlNodeSetName(subnode, - (xmlChar*)snippet->name); - } + apply_snippet_ns(snippet, subnode); xmlAddChild(xmlnode, subnode); } elem = g_list_next(elem); @@ -2671,15 +2753,11 @@ lasso_node_build_xmlNode_from_snippets(LassoNode *node, LassoNodeClass *class, x * no attrs, just content) */ elem = (GList *)value; while (elem) { - xmlNs *content_ns = NULL; - if (snippet->ns_name) { - content_ns = xmlNewNs(xmlnode, - (const xmlChar*)snippet->ns_uri, - (const xmlChar*)snippet->ns_name); - } - xmlNewTextChild(xmlnode, content_ns, + xmlNode *subnode; + subnode = xmlNewTextChild(xmlnode, NULL, (xmlChar*)snippet->name, (xmlChar*)(elem->data)); + apply_snippet_ns(snippet, subnode); elem = g_list_next(elem); } break; @@ -2708,6 +2786,7 @@ lasso_node_build_xmlNode_from_snippets(LassoNode *node, LassoNodeClass *class, x case SNIPPET_ANY: case SNIPPET_KEEP_XMLNODE: case SNIPPET_PRIVATE: + case SNIPPET_UNUSED1: g_assert_not_reached(); } if (snippet->type & SNIPPET_INTEGER) @@ -2769,11 +2848,17 @@ lasso_node_add_signature_template(LassoNode *node, xmlNode *xmlnode, transform_id, NULL); xmlAddChild(xmlnode, signature); - id = SNIPPET_STRUCT_MEMBER(char *, node, G_TYPE_FROM_CLASS(klass), snippet_signature); - uri = g_strdup_printf("#%s", id); - reference = xmlSecTmplSignatureAddReference(signature, - xmlSecTransformSha1Id, NULL, (xmlChar*)uri, NULL); - lasso_release(uri); + /* Normally the signature is son of the signed node, which holds an Id attribute, but in + * other cases, set snippet->offset to 0 and use xmlSecTmpSignatureAddReference from another + * node get_xmlNode virtual method to add the needed reference. + */ + if (snippet_signature->offset) { + id = SNIPPET_STRUCT_MEMBER(char *, node, G_TYPE_FROM_CLASS(klass), snippet_signature); + uri = g_strdup_printf("#%s", id); + reference = xmlSecTmplSignatureAddReference(signature, + xmlSecTransformSha1Id, NULL, (xmlChar*)uri, NULL); + lasso_release(uri); + } /* add enveloped transform */ xmlSecTmplReferenceAddTransform(reference, xmlSecTransformEnvelopedId); diff --git a/lasso/xml/xml_idff.h b/lasso/xml/xml_idff.h index 5fc0f0bc..6ae04e29 100644 --- a/lasso/xml/xml_idff.h +++ b/lasso/xml/xml_idff.h @@ -26,9 +26,10 @@ #define __LASSO_XML_IDFF_H__ #include "./xml.h" -#include "./ds_key_info.h" -#include "./ds_key_value.h" -#include "./ds_rsa_key_value.h" +#include "./dsig/ds_key_info.h" +#include "./dsig/ds_key_value.h" +#include "./dsig/ds_rsa_key_value.h" +#include "./dsig/ds_x509_data.h" #include "./lib_assertion.h" #include "./lib_authentication_statement.h" #include "./lib_authn_context.h" diff --git a/tests/basic_tests.c b/tests/basic_tests.c index f2d3e51c..a73cc882 100644 --- a/tests/basic_tests.c +++ b/tests/basic_tests.c @@ -51,7 +51,9 @@ END_TEST START_TEST(test02_server_load_dump_random_string) { LassoServer *serverContext; + begin_check_do_log(G_LOG_LEVEL_CRITICAL, "libxml2: Start tag expected, '<' not found\\n", FALSE); serverContext = lasso_server_new_from_dump("foo"); + end_check_do_log(); fail_unless(serverContext == NULL, "serverContext was created from a fake dump"); } @@ -60,7 +62,9 @@ END_TEST START_TEST(test03_server_load_dump_random_xml) { LassoServer *serverContext; + begin_check_do_log(G_LOG_LEVEL_CRITICAL, " Unable to build a LassoNode from a xmlNode", TRUE); serverContext = lasso_server_new_from_dump("<?xml version=\"1.0\"?><foo/>"); + end_check_do_log(); fail_unless(serverContext == NULL, "serverContext was created from fake (but valid XML) dump"); } @@ -156,7 +160,9 @@ START_TEST(test08_test_new_from_xmlNode) "LassoTest", &this_info, 0); r = lasso_registry_default_add_direct_mapping("http://example.com", "Test1", LASSO_LASSO_HREF, "LassoTest"); fail_unless(r == 0, "no mapping for http://example.com:Test1 should exist"); + begin_check_do_log(G_LOG_LEVEL_WARNING, " Class LassoTest has no node_data so no initialization is possible", TRUE); node = lasso_node_new_from_dump("<Test1 xmlns=\"http://example.com\"></Test1>"); + end_check_do_log(); fail_unless(node != NULL, "parsing <Test1/> should return an object"); fail_unless(strcmp(G_OBJECT_TYPE_NAME(node), "LassoTest") == 0, "node classname should be LassoTest"); g_object_unref(node); @@ -1850,21 +1856,21 @@ START_TEST(test10_test_alldumps) #endif /* test deserialization of saml2:EncryptedAssertion" */ const char *encrypted_element_xml[] = { - "<EncryptedAssertion xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\">\n\ - <EncryptedData/>\ - <EncryptedKey/>\ + "<EncryptedAssertion xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\" xmlns:xmlenc=\"http://www.w3.org/2001/04/xmlenc#\">\n\ + <xmlenc:EncryptedData/>\ + <xmlenc:EncryptedKey/>\ </EncryptedAssertion>", - "<EncryptedID xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\">\n\ - <EncryptedData/>\ - <EncryptedKey/>\ + "<EncryptedID xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\" xmlns:xmlenc=\"http://www.w3.org/2001/04/xmlenc#\">\n\ + <xmlenc:EncryptedData/>\ + <xmlenc:EncryptedKey/>\ </EncryptedID>", - "<EncryptedAttribute xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\">\n\ - <EncryptedData/>\ - <EncryptedKey/>\ + "<EncryptedAttribute xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\" xmlns:xmlenc=\"http://www.w3.org/2001/04/xmlenc#\">\n\ + <xmlenc:EncryptedData/>\ + <xmlenc:EncryptedKey/>\ </EncryptedAttribute>", - "<NewEncryptedID xmlns=\"urn:oasis:names:tc:SAML:2.0:protocol\">\n\ - <EncryptedData/>\ - <EncryptedKey/>\ + "<NewEncryptedID xmlns=\"urn:oasis:names:tc:SAML:2.0:protocol\" xmlns:xmlenc=\"http://www.w3.org/2001/04/xmlenc#\">\n\ + <xmlenc:EncryptedData/>\ + <xmlenc:EncryptedKey/>\ </NewEncryptedID>", NULL }; const char **iter = encrypted_element_xml; while (*iter) { @@ -1960,11 +1966,13 @@ START_TEST(test13_test_lasso_server_load_metadata) TESTSDATADIR "/idp5-saml2/private-key.pem", NULL, /* Secret key to unlock private key */ NULL)); + block_lasso_logs; check_good_rc(lasso_server_load_metadata(server, LASSO_PROVIDER_ROLE_IDP, TESTSDATADIR "/metadata/renater-metadata.xml", TESTSDATADIR "/metadata/metadata-federation-renater.crt", &blacklisted_1, &loaded_entity_ids, LASSO_SERVER_LOAD_METADATA_FLAG_DEFAULT)); + unblock_lasso_logs; check_equals(g_hash_table_size(server->providers), 110); check_equals(g_list_length(loaded_entity_ids), 110); @@ -2012,6 +2020,54 @@ START_TEST(test14_lasso_key) } END_TEST +/* test load federation */ +START_TEST(test15_ds_key_info) +{ + LassoDsKeyInfo *ds_key_info = lasso_ds_key_info_new(); + LassoDsKeyValue *ds_key_value = lasso_ds_key_value_new(); + LassoDsX509Data *x509_data = lasso_ds_x509_data_new(); + char *dump; + GList list; + LassoNode *node; + + lasso_ds_x509_data_set_certificate(x509_data, "coucou"); + lasso_ds_key_value_set_x509_data(ds_key_value, x509_data); + ds_key_info->KeyValue = g_object_ref(ds_key_value); + dump = lasso_node_debug((LassoNode*)ds_key_info, 10); + lasso_release_gobject(ds_key_info); + lasso_release_gobject(ds_key_value); + lasso_release_gobject(x509_data); + ds_key_info = (LassoDsKeyInfo*)lasso_node_new_from_dump(dump); + lasso_release_string(dump); + check_not_null(ds_key_info); + check_true(LASSO_IS_DS_KEY_INFO(ds_key_info)); + check_not_null(ds_key_info->KeyValue); + check_true(LASSO_IS_DS_KEY_VALUE(ds_key_info->KeyValue)); + x509_data = lasso_ds_key_value_get_x509_data(ds_key_info->KeyValue); + check_not_null(x509_data); + check_true(LASSO_IS_DS_X509_DATA(x509_data)); + check_str_equals(lasso_ds_x509_data_get_certificate(x509_data), "coucou"); + /* LassoSaml2SubjectConfirmation */ + LassoSaml2SubjectConfirmation *sc = (LassoSaml2SubjectConfirmation*) \ + lasso_saml2_subject_confirmation_new(); + LassoSaml2KeyInfoConfirmationDataType *kicdt = (LassoSaml2KeyInfoConfirmationDataType*) \ + lasso_saml2_key_info_confirmation_data_type_new(); + lasso_assign_string(sc->Method, LASSO_SAML2_CONFIRMATION_METHOD_HOLDER_OF_KEY); + lasso_assign_new_gobject(sc->SubjectConfirmationData, &kicdt->parent); + list = (GList){ .data = ds_key_info, .next = NULL, .prev = NULL }; + lasso_saml2_key_info_confirmation_data_type_set_key_info(kicdt, &list); + dump = lasso_node_debug((LassoNode*)sc, 10); + printf("1 %s\n", dump); + lasso_release_gobject(sc); + lasso_release_gobject(ds_key_info); + node = lasso_node_new_from_dump(dump); + lasso_release_string(dump); + dump = lasso_node_debug(node, 10); + printf("2 %s\n", dump); + lasso_release_string(dump); +} +END_TEST + Suite* basic_suite() { @@ -2028,6 +2084,7 @@ basic_suite() TCase *tc_custom_namespace = tcase_create("Test custom namespace handling"); TCase *tc_load_metadata = tcase_create("Test loading a federation metadata file"); TCase *tc_key = tcase_create("Test loading and manipulating LassoKey objects"); + TCase *tc_key_info = tcase_create("Test creating and dumping ds:KeyInfo nodes"); suite_add_tcase(s, tc_server_load_dump_empty_string); suite_add_tcase(s, tc_server_load_dump_random_string); @@ -2041,6 +2098,7 @@ basic_suite() suite_add_tcase(s, tc_custom_namespace); suite_add_tcase(s, tc_load_metadata); suite_add_tcase(s, tc_key); + suite_add_tcase(s, tc_key_info); tcase_add_test(tc_server_load_dump_empty_string, test01_server_load_dump_empty_string); tcase_add_test(tc_server_load_dump_random_string, test02_server_load_dump_random_string); @@ -2056,6 +2114,7 @@ basic_suite() tcase_add_test(tc_custom_namespace, test12_custom_namespace); tcase_add_test(tc_load_metadata, test13_test_lasso_server_load_metadata); tcase_add_test(tc_key, test14_lasso_key); + tcase_add_test(tc_key_info, test15_ds_key_info); tcase_set_timeout(tc_load_metadata, 10); return s; } diff --git a/tests/login_tests.c b/tests/login_tests.c index 850aa4a4..90573afc 100644 --- a/tests/login_tests.c +++ b/tests/login_tests.c @@ -285,7 +285,10 @@ START_TEST(test02_serviceProviderLogin) fail_unless(found != NULL, "We must find an InResponseTo attribute"); found[sizeof("InResponseTo=\"")] = '?'; lasso_set_flag("no-verify-signature"); + begin_check_do_log(G_LOG_LEVEL_DEBUG, " If inResponseTo attribute is present, a matching " + "request must be present too in the LassoLogin object", TRUE); check_not_equals(lasso_login_process_response_msg(spLoginContext, soapResponseMsg), 0); + end_check_do_log(); lasso_set_flag("verify-signature"); check_good_rc(lasso_login_accept_sso(spLoginContext)); fail_unless(rc == 0, "lasso_login_accept_sso must fail"); @@ -517,7 +520,7 @@ END_TEST Suite* login_suite() { - Suite *s = suite_create("Login"); + Suite *s = suite_create("Login using ID-FF 1.2"); TCase *tc_generate = tcase_create("Generate Server Contexts"); TCase *tc_spLogin = tcase_create("Login initiated by service provider"); TCase *tc_spLoginMemory = tcase_create("Login initiated by service provider without key loading"); diff --git a/tests/login_tests_saml2.c b/tests/login_tests_saml2.c index 5576ee1c..1052c61a 100644 --- a/tests/login_tests_saml2.c +++ b/tests/login_tests_saml2.c @@ -785,8 +785,10 @@ START_TEST(test05_sso_idp_with_key_rollover) check_good_rc(lasso_login_accept_sso(spLoginContext)); /* Process response 2 */ + block_lasso_logs; check_good_rc(lasso_login_process_authn_response_msg(spLoginContext, idpLoginContext2->parent.msg_body)); + unblock_lasso_logs; check_good_rc(lasso_login_accept_sso(spLoginContext)); /* Cleanup */ @@ -838,7 +840,9 @@ sso_sp_with_key_rollover(LassoServer *idp_context, LassoServer *sp_context) LASSO_SAML2_NAME_IDENTIFIER_FORMAT_PERSISTENT); LASSO_SAMLP2_AUTHN_REQUEST(idp_login_context->parent.request)->NameIDPolicy->AllowCreate = 1; + block_lasso_logs; check_good_rc(lasso_login_process_authn_request_msg(idp_login_context, NULL)); + unblock_lasso_logs; check_good_rc(lasso_login_validate_request_msg(idp_login_context, 1, /* authentication_result */ 0 /* is_consent_obtained */ @@ -855,8 +859,10 @@ sso_sp_with_key_rollover(LassoServer *idp_context, LassoServer *sp_context) check_not_null(idp_login_context->parent.msg_url); /* Process response */ + block_lasso_logs; check_good_rc(lasso_login_process_authn_response_msg(sp_login_context, idp_login_context->parent.msg_body)); + unblock_lasso_logs; check_good_rc(lasso_login_accept_sso(sp_login_context)); /* Cleanup */ @@ -940,7 +946,6 @@ sso_initiated_by_sp(LassoServer *idp_context, LassoServer *sp_context) LASSO_SAMLP2_AUTHN_REQUEST(sp_login_context->parent.request)->NameIDPolicy->AllowCreate = 1; check_good_rc(lasso_login_build_authn_request_msg(sp_login_context)); check_not_null(sp_login_context->parent.msg_url); - printf("authn_request: %s", sp_login_context->parent.msg_url); authn_request_query = strchr(sp_login_context->parent.msg_url, '?'); check_not_null(authn_request_query); authn_request_query += 1; @@ -960,7 +965,6 @@ sso_initiated_by_sp(LassoServer *idp_context, LassoServer *sp_context) check_good_rc(lasso_login_build_authn_response_msg(idp_login_context)); check_not_null(idp_login_context->parent.msg_body); check_not_null(idp_login_context->parent.msg_url); - printf("Xml Response: %s\n", lasso_node_export_to_xml(idp_login_context->parent.response)); /* Process response */ check_good_rc(lasso_login_process_authn_response_msg(sp_login_context, @@ -988,7 +992,9 @@ START_TEST(test07_sso_sp_with_hmac_sha1_signatures) test07_make_context(idp_context, "idp6-saml2", LASSO_PROVIDER_ROLE_SP, "sp6-saml2", key) test07_make_context(sp_context, "sp6-saml2", LASSO_PROVIDER_ROLE_IDP, "idp6-saml2", key) + block_lasso_logs; sso_initiated_by_sp(idp_context, sp_context); + unblock_lasso_logs; /* Cleanup */ lasso_release_gobject(idp_context); @@ -1000,7 +1006,7 @@ END_TEST Suite* login_saml2_suite() { - Suite *s = suite_create("Login"); + Suite *s = suite_create("Login using SAML 2.0"); TCase *tc_generate = tcase_create("Generate Server Contexts"); TCase *tc_spLogin = tcase_create("Login initiated by service provider"); TCase *tc_spLoginMemory = tcase_create("Login initiated by service provider without key loading"); diff --git a/tests/non_regression_tests.c b/tests/non_regression_tests.c index 03c11a35..64886e94 100644 --- a/tests/non_regression_tests.c +++ b/tests/non_regression_tests.c @@ -165,26 +165,17 @@ START_TEST(indexed_endpoints_20101008) } END_TEST -void error_log_func(G_GNUC_UNUSED const gchar *log_domain, G_GNUC_UNUSED GLogLevelFlags log_level, - const gchar *message, G_GNUC_UNUSED gpointer user_data) -{ - fail_unless(FALSE, "error_func called... %s", message); -} - START_TEST(remove_warning_when_parssing_unknown_SNIPPET_LIST_NODES_20111007) { LassoNode *node; xmlDoc *xmldoc; const char content[] = "<saml:Attribute Name=\"urn:oid:1.3.6.1.4.1.5923.1.1.1.10\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"eduPersonTargetedID\" xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\"><saml:AttributeValue><NameID Format=\"urn:oasis:names:tc:SAML:2.0:nameid-format:persistent\" NameQualifier=\"https://services-federation.renater.fr/test/idp\" SPNameQualifier=\"https://univnautes.entrouvert.lan/authsaml2/metadata\">C8NQsm1Y3Gas9m0AMDhxU7UxCSI=</NameID></saml:AttributeValue></saml:Attribute>"; - guint log_handler; xmldoc = xmlReadMemory(content, sizeof(content)-1, NULL, NULL, 0); check_not_null(xmldoc); - log_handler = g_log_set_handler("Lasso", G_LOG_LEVEL_MASK, error_log_func, NULL); node = lasso_node_new_from_xmlNode(xmlDocGetRootElement(xmldoc)); check_not_null(node); check_true(LASSO_IS_SAML2_ATTRIBUTE(node)); - g_log_remove_handler("Lasso", log_handler); check_true(LASSO_IS_NODE(node)); xmlFreeDoc(xmldoc); lasso_release_gobject(node); diff --git a/tests/tests.c b/tests/tests.c index a32d32e9..8ec4a40f 100644 --- a/tests/tests.c +++ b/tests/tests.c @@ -26,8 +26,9 @@ #include <config.h> #include <check.h> +#include <glib.h> #include "../lasso/lasso.h" -#include "lasso_config.h" +#include "../lasso/lasso_config.h" extern Suite* basic_suite(); extern Suite* login_suite(); @@ -55,6 +56,12 @@ SuiteFunction suites[] = { #endif NULL }; +void error_logger(const gchar *log_domain, GLogLevelFlags log_level, + const gchar *message, G_GNUC_UNUSED gpointer user_data) +{ + fail("No logging output expected: message «%s» was emitted for domain «%s» at the level" + " «%d»", message, log_domain, log_level); +} int main(int argc, char *argv[]) @@ -71,6 +78,7 @@ main(int argc, char *argv[]) } lasso_init(); + g_log_set_default_handler(error_logger, NULL); sr = srunner_create(suites[0]()); diff --git a/tests/tests.h b/tests/tests.h index ce89ac98..62f01719 100644 --- a/tests/tests.h +++ b/tests/tests.h @@ -23,6 +23,8 @@ #ifndef __TESTS_H__ #define __TESTS_H__ +#include "../lasso/lasso_config.h" + #define check_not_null(what) \ fail_unless((what) != NULL, "%s:%i: " #what " returned NULL", __func__, __LINE__); @@ -72,4 +74,72 @@ fail_unless(g_strcmp0(__tmp, to) != 0, "%s:%i: " #what " is equal to %s", __func__, __LINE__, to); \ } +static inline void mute_logger(G_GNUC_UNUSED const gchar *domain, + G_GNUC_UNUSED GLogLevelFlags log_level, G_GNUC_UNUSED const gchar *message, + G_GNUC_UNUSED gpointer user_data) { +} +G_GNUC_UNUSED static guint mute_log_handler = 0; + +#define block_lasso_logs mute_log_handler = g_log_set_handler(LASSO_LOG_DOMAIN, G_LOG_LEVEL_DEBUG, \ + mute_logger, NULL) + +#define unblock_lasso_logs g_log_remove_handler(LASSO_LOG_DOMAIN, mute_log_handler) + +struct CheckingLogHandlerUserData { + GLogLevelFlags log_level; + const char *message; + gboolean endswith; + GLogLevelFlags log_level_found; + const char *message_found; +}; +G_GNUC_UNUSED static guint checking_log_handler = 0; +G_GNUC_UNUSED static guint checking_log_handler_flag = 0; +G_GNUC_UNUSED static struct CheckingLogHandlerUserData checking_logger_user_data; + +static inline gboolean check_message(const char *a, const char *b, gboolean endswith) { + if (endswith) { + return strlen(a) >= strlen(b) && + strcmp(a+(strlen(a)-strlen(b)), b) == 0; + } else { + return strcmp(a, b) == 0; + } +} + +static inline void checking_logger(G_GNUC_UNUSED const gchar *domain, + G_GNUC_UNUSED GLogLevelFlags log_level, G_GNUC_UNUSED const gchar *message, + G_GNUC_UNUSED gpointer user_data) { + struct CheckingLogHandlerUserData *ck_user_data = user_data; + if (log_level == ck_user_data->log_level && check_message(message, ck_user_data->message, + ck_user_data->endswith)) { + } else { + g_log_default_handler(domain, log_level, message, user_data); + checking_log_handler_flag = 0; + } + ck_user_data->log_level_found = log_level; + ck_user_data->message_found = g_strdup(message); +} +/* begin_check_do_log(level, message, endswith)/end_check_do_log() with check that the only + * message emitted between the two macros is one equals to message at the level level, + * or ending with message if endswith is True. + */ +static inline void begin_check_do_log(GLogLevelFlags level, const char *message, gboolean endswith) { + memset(&checking_logger_user_data, 0, sizeof(struct CheckingLogHandlerUserData)); + checking_logger_user_data.log_level = level; + checking_logger_user_data.message = message; + checking_logger_user_data.endswith = endswith; + checking_log_handler = g_log_set_handler(LASSO_LOG_DOMAIN, level, checking_logger, &checking_logger_user_data); + checking_log_handler_flag = 1; +} + +static inline void end_check_do_log() { + g_log_remove_handler(LASSO_LOG_DOMAIN, checking_log_handler); + checking_log_handler = 0; + fail_unless(checking_log_handler_flag, "Logging failure: expected log level %d and message «%s», got %d and «%s»", + checking_logger_user_data.log_level, + checking_logger_user_data.message, + checking_logger_user_data.log_level_found, + checking_logger_user_data.message_found); + checking_log_handler_flag = 0; +} + #endif /*__TESTS_H__ */ |