diff options
| author | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2008-09-23 09:13:09 +0000 |
|---|---|---|
| committer | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2008-09-23 09:13:09 +0000 |
| commit | 152ec6d42e639266000c9a4ea2da1cc920f7df78 (patch) | |
| tree | 1766587f15ddab73b9ea2ae2f56cf854c4ed4a0e /lasso | |
| parent | db5d229004d3ccab34c23c0c9b2d29e64f717865 (diff) | |
| download | lasso-152ec6d42e639266000c9a4ea2da1cc920f7df78.tar.gz lasso-152ec6d42e639266000c9a4ea2da1cc920f7df78.tar.xz lasso-152ec6d42e639266000c9a4ea2da1cc920f7df78.zip | |
Many fix to compile with --enable-wsf and --enable-debugging and also to
remove valgrind errors through python tests.
1. Rename lasso_wsf_profile_new_full for java bindings (cannot subclass
in overrides of static methods).
2. Add const modifiers to many functon signatures in
bindings/python/wrapper_top.c.
3. add initialisation of private_data->encryption_sym_key_type (to
please valgrind) in instance_init of LassoProvider.
4. Add new macro to assign xmlNode, we consider xmlNode to be an
immutable value, and always use xmlCopyNode for assignment. The
macros is called named lasso_assign_node.
5. Fix segfault, when using xmlSec to encrypt the newly created
encrypted node replace the original node inside the xmlDoc structure,
and the original node is freed automatically. So you cannot borrow
the encrypted if you do not remove it from xmlDoc first.
Diffstat (limited to 'lasso')
| -rw-r--r-- | lasso/id-ff/provider.c | 1 | ||||
| -rw-r--r-- | lasso/utils.h | 7 | ||||
| -rw-r--r-- | lasso/xml/xml.c | 33 |
3 files changed, 23 insertions, 18 deletions
diff --git a/lasso/id-ff/provider.c b/lasso/id-ff/provider.c index 49301f0b..c67d9ccd 100644 --- a/lasso/id-ff/provider.c +++ b/lasso/id-ff/provider.c @@ -622,6 +622,7 @@ instance_init(LassoProvider *provider) provider->private_data->encryption_public_key_str = NULL; provider->private_data->encryption_public_key = NULL; provider->private_data->encryption_mode = LASSO_ENCRYPTION_MODE_NONE; + provider->private_data->encryption_sym_key_type = LASSO_ENCRYPTION_SYM_KEY_TYPE_AES_128; /* no value_destroy_func since it shouldn't destroy the GList on insert */ provider->private_data->IDPDescriptor = g_hash_table_new_full( diff --git a/lasso/utils.h b/lasso/utils.h index 49eea267..213cd5c5 100644 --- a/lasso/utils.h +++ b/lasso/utils.h @@ -55,6 +55,13 @@ dest = (void*)(src); \ } +#define lasso_assign_node(dest,src) \ + { \ + if (dest) \ + xmlFreeNodeList(dest); \ + dest = xmlCopyNode(src, 1); \ + } + #define lasso_list_add_gobject(dest, src) \ { \ dest = g_list_append(dest, g_object_ref(src)); \ diff --git a/lasso/xml/xml.c b/lasso/xml/xml.c index 19339e39..06c8bccd 100644 --- a/lasso/xml/xml.c +++ b/lasso/xml/xml.c @@ -570,22 +570,16 @@ lasso_node_encrypt(LassoNode *lasso_node, xmlSecKey *encryption_public_key, xmlSecKeysMngrPtr key_manager = NULL; xmlNodePtr key_info_node = NULL; xmlNodePtr encrypted_key_node = NULL; + xmlNodePtr encrypted_data = NULL; xmlNodePtr key_info_node2 = NULL; xmlSecEncCtxPtr enc_ctx = NULL; xmlSecTransformId xmlsec_encryption_sym_key_type; - LassoSaml2EncryptedElement *ret = NULL; if (encryption_public_key == NULL || !xmlSecKeyIsValid(encryption_public_key)) { message(G_LOG_LEVEL_WARNING, "Invalid encryption key"); goto exit; } - /* Create a new EncryptedElement */ - encrypted_element = LASSO_SAML2_ENCRYPTED_ELEMENT(lasso_saml2_encrypted_element_new()); - - /* Save the original data for dumps */ - encrypted_element->original_data = g_object_ref(lasso_node); - /* Create a document to contain the node to encrypt */ doc = xmlNewDoc((xmlChar*)"1.0"); orig_node = lasso_node_get_xmlNode(lasso_node, FALSE); @@ -606,14 +600,15 @@ lasso_node_encrypt(LassoNode *lasso_node, xmlSecKey *encryption_public_key, } /* Create encryption template for a specific symetric key type */ - encrypted_element->EncryptedData = xmlSecTmplEncDataCreate(doc, + encrypted_data = xmlSecTmplEncDataCreate(doc, xmlsec_encryption_sym_key_type, NULL, xmlSecTypeEncElement, NULL, NULL); - if (encrypted_element->EncryptedData == NULL) { + + if (encrypted_data == NULL) { message(G_LOG_LEVEL_WARNING, "Failed to create encryption template"); goto exit; } - if (xmlSecTmplEncDataEnsureCipherValue(encrypted_element->EncryptedData) == NULL) { + if (xmlSecTmplEncDataEnsureCipherValue(encrypted_data) == NULL) { message(G_LOG_LEVEL_WARNING, "Failed to add CipherValue node"); goto exit; } @@ -643,7 +638,7 @@ lasso_node_encrypt(LassoNode *lasso_node, xmlSecKey *encryption_public_key, } /* add <dsig:KeyInfo/> */ - key_info_node = xmlSecTmplEncDataEnsureKeyInfo(encrypted_element->EncryptedData, NULL); + key_info_node = xmlSecTmplEncDataEnsureKeyInfo(encrypted_data, NULL); if (key_info_node == NULL) { message(G_LOG_LEVEL_WARNING, "Failed to add key info"); goto exit; @@ -700,24 +695,26 @@ lasso_node_encrypt(LassoNode *lasso_node, xmlSecKey *encryption_public_key, } /* encrypt the data */ - if (xmlSecEncCtxXmlEncrypt(enc_ctx, encrypted_element->EncryptedData, orig_node) < 0) { + if (xmlSecEncCtxXmlEncrypt(enc_ctx, encrypted_data, orig_node) < 0) { message(G_LOG_LEVEL_WARNING, "Encryption failed"); goto exit; } - encrypted_element->EncryptedKey = g_list_append(encrypted_element->EncryptedKey, - xmlCopyNode(encrypted_key_node, 1)); - /* Transfer reference to return value*/ - ret = encrypted_element; - encrypted_element = NULL; + /* Create a new EncryptedElement */ + encrypted_element = LASSO_SAML2_ENCRYPTED_ELEMENT(lasso_saml2_encrypted_element_new()); + lasso_assign_gobject(encrypted_element->original_data, lasso_node); + lasso_list_add(encrypted_element->EncryptedKey, xmlCopyNode(encrypted_key_node, 1)); + lasso_assign_node(encrypted_element->EncryptedData, encrypted_element->EncryptedData); exit: + /* If encryption worked, encrypted node should have replaced orig_node inside the xmlDoc, + * enc_ctx->resultReplaced signal such replacement */ lasso_release_gobject(encrypted_element); lasso_release_encrypt_context(enc_ctx); lasso_release_doc(doc); - return ret; + return encrypted_element; } |