7 files changed, 132 insertions, 12 deletions
diff --git a/lasso/debug.h b/lasso/debug.h
new file mode 100644
index 00000000..00955873
--- /dev/null
+++ b/lasso/debug.h
@@ -0,0 +1,41 @@
+/* $Id$
+ *
+ * Lasso - A free implementation of the Liberty Alliance specifications.
+ *
+ * Copyright (C) 2004-2007 Entr'ouvert
+ * http://lasso.entrouvert.org
+ *
+ * Authors: See AUTHORS file in top-level directory.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#ifndef __LASSO_DEBUG_H__
+#define __LASSO__DEBUGH__
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
+#include <glib.h>
+
+LASSO_EXPORT extern gboolean lasso_flag_verify_signature;
+LASSO_EXPORT extern gboolean lasso_flag_memory_debug;
+
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
+
+#endif /* __LASSO_DEBUG_H__ */
diff --git a/lasso/extract_symbols.py b/lasso/extract_symbols.py
index cef1c1ec..95e3f06d 100644
--- a/lasso/extract_symbols.py
+++ b/lasso/extract_symbols.py
@@ -14,7 +14,7 @@ if len(sys.argv) == 2+enable_wsf:
 else:
     srcdir = '.'
 
-regex = re.compile('LASSO_EXPORT.*(lasso_[a-zA-Z0-9_]+).*\(')
+regex = re.compile('LASSO_EXPORT.*(lasso_[a-zA-Z0-9_]+)[ \t]*[\(;]')
 
 symbols = []
 for header_file in glob.glob('%s/*/*.h' % srcdir) + glob.glob('%s/*.h' % srcdir) + \
diff --git a/lasso/id-ff/provider.c b/lasso/id-ff/provider.c
index c67d9ccd..c00e6c89 100644
--- a/lasso/id-ff/provider.c
+++ b/lasso/id-ff/provider.c
@@ -43,6 +43,7 @@
 
 #include <lasso/saml-2.0/providerprivate.h>
 #include "../utils.h"
+#include "../debug.h"
 
 static char *protocol_uris[] = {
 	"http://projectliberty.org/profiles/fedterm",
@@ -1071,6 +1072,9 @@ lasso_provider_verify_signature(LassoProvider *provider,
 
 	g_return_val_if_fail(LASSO_IS_PROVIDER(provider), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
 
+	if (lasso_flag_verify_signature == FALSE)
+		return 0;
+
 	msg = (char*)message;
 	if (message == NULL)
 		return LASSO_PROFILE_ERROR_INVALID_MSG;
diff --git a/lasso/lasso.c b/lasso/lasso.c
index 61a6f385..aa6241df 100644
--- a/lasso/lasso.c
+++ b/lasso/lasso.c
@@ -28,11 +28,24 @@
  *
  **/
 
+#include <stdlib.h> /* getenv */
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/crypto.h>
 #include <libxslt/xslt.h>
 #include <config.h>
 #include "lasso.h"
+#include "debug.h"
+
+/* Set to true, it forces lasso_provider_verify_signature and lasso_query_verify_signature to always
+ * return TRUE. */
+gboolean lasso_flag_verify_signature = TRUE;
+/* Set to true, it activates debugging code for LassoNode freeing */
+gboolean lasso_flag_memory_debug = FALSE;
+static void lasso_flag_parse_environment_variable();
+
+#ifndef LASSO_FLAG_ENV_VAR
+#define LASSO_FLAG_ENV_VAR "LASSO_FLAG"
+#endif
 
 #if defined _MSC_VER
 HINSTANCE g_hModule = NULL;
@@ -116,6 +129,7 @@ int lasso_init()
 		message(G_LOG_LEVEL_CRITICAL, "xmlsec-crypto initialization failed.");
 		return LASSO_ERROR_UNDEFINED;
 	}
+	lasso_flag_parse_environment_variable();
 	return 0;
 }
 
@@ -143,10 +157,10 @@ int lasso_shutdown()
 #endif /* XMLSEC_NO_XSLT */
 	/* Cleanup function for the XML library */
 	xmlCleanupParser();
-#ifdef LASSO_DEBUG
+	if (lasso_flag_memory_debug == TRUE) {
 	/* this is to debug memory for regression tests */
-	xmlMemoryDump();
-#endif
+		xmlMemoryDump();
+	}
 	return 0;
 }
 
@@ -206,3 +220,53 @@ lasso_check_version(int major, int minor, int subminor, LassoCheckVersionMode mo
 
 	return 1;
 }
+
+/**
+ * lasso_set_flag:
+ * @flag: a string representing a flag name, prefix with 'no-' to disable it.
+ *
+ * Set a debugging flag. You can also use the environment variable named by the #LASSO_FLAG_ENV_VAR
+ * macro to get the same effect. LASSO_DEBUG must contain flag name separated by spaces, commas,
+ * tabulations or colons.
+ */
+void lasso_set_flag(char *flag) {
+	gboolean value = TRUE;
+
+	g_return_if_fail(flag);
+
+	/* Handle negative flags */
+	if (flag && strncmp(flag, "no-", 3) == 0) {
+		value = FALSE;
+		flag += 3;
+	}
+
+	do {
+		if (g_strcmp0(flag, "verify-signature") == 0) {
+			lasso_flag_verify_signature = value;
+			continue;
+		}
+		if (g_strcmp0(flag,"memory-debug") == 0) {
+			lasso_flag_memory_debug = value;
+			continue;
+		}
+	} while (FALSE);
+}
+
+static void lasso_flag_parse_environment_variable() {
+	char *lasso_flag = getenv(LASSO_FLAG_ENV_VAR);
+	char *save_ptr;
+	char *token;
+	const char delim[] = ", \t:";
+
+	if (lasso_flag) {
+		token = strtok_r(lasso_flag, delim, &save_ptr);
+		do {
+			lasso_set_flag(token);
+		} while ((token = strtok_r(NULL, delim, &save_ptr)) != NULL);
+	}
+}
+
+
+
+
+
diff --git a/lasso/lasso.h b/lasso/lasso.h
index 21085df0..9b8ac81a 100644
--- a/lasso/lasso.h
+++ b/lasso/lasso.h
@@ -68,6 +68,8 @@ typedef enum {
 LASSO_EXPORT int lasso_check_version(
 		int major, int minor, int subminor, LassoCheckVersionMode mode);
 
+LASSO_EXPORT void lasso_set_flag(char *flag);
+
 #ifdef __cplusplus
 }
 #endif /* __cplusplus */
diff --git a/lasso/xml/tools.c b/lasso/xml/tools.c
index 6f19a38a..a61b7783 100644
--- a/lasso/xml/tools.c
+++ b/lasso/xml/tools.c
@@ -45,6 +45,7 @@
 #include <lasso/xml/xml.h>
 #include <lasso/xml/xml_enc.h>
 #include <lasso/xml/saml-2.0/saml2_assertion.h>
+#include "../debug.h"
 
 LassoNode* lasso_assertion_encrypt(LassoSaml2Assertion *assertion);
 static xmlSecKeyPtr lasso_get_public_key_from_private_key_file(const char *private_key_file);
@@ -536,6 +537,11 @@ lasso_query_verify_signature(const char *query, const xmlSecKey *sender_public_k
 	char *sig_alg, *usig_alg = NULL;
 
 	g_return_val_if_fail(query != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
+
+	if (lasso_flag_verify_signature == FALSE) {
+		return 0;
+	}
+
 	g_return_val_if_fail(sender_public_key != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
 	g_return_val_if_fail(sender_public_key->value != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
 
diff --git a/lasso/xml/xml.c b/lasso/xml/xml.c
index 06c8bccd..a33d04d4 100644
--- a/lasso/xml/xml.c
+++ b/lasso/xml/xml.c
@@ -50,6 +50,7 @@
 #include <lasso/xml/saml_name_identifier.h>
 #include "../utils.h"
 #include "../registry.h"
+#include "../debug.h"
 
 
 static char* lasso_node_build_query(LassoNode *node);
@@ -1278,9 +1279,9 @@ lasso_node_dispose(GObject *object)
 	SnippetType type;
 	GList *elem;
 
-#ifdef LASSO_DEBUG
-	fprintf(stderr, "dispose of %s (at %p)\n", G_OBJECT_TYPE_NAME(object), object);
-#endif
+	if (lasso_flag_memory_debug == TRUE) {
+		fprintf(stderr, "dispose of %s (at %p)\n", G_OBJECT_TYPE_NAME(object), object);
+	}
 
 	class = LASSO_NODE_GET_CLASS(object);
 	while (class && LASSO_IS_NODE_CLASS(class) && class->node_data) {
@@ -1296,10 +1297,10 @@ lasso_node_dispose(GObject *object)
 			if (*value == NULL)
 				continue;
 
-#ifdef LASSO_DEBUG
-			fprintf(stderr, "  freeing %s/%s (at %p)\n",
-					G_OBJECT_TYPE_NAME(object), snippet->name, *value);
-#endif
+			if (lasso_flag_memory_debug == TRUE) {
+				fprintf(stderr, "  freeing %s/%s (at %p)\n",
+						G_OBJECT_TYPE_NAME(object), snippet->name, *value);
+			}
 			switch (type) {
 				case SNIPPET_NODE:
 				case SNIPPET_NAME_IDENTIFIER:
@@ -1331,7 +1332,9 @@ lasso_node_dispose(GObject *object)
 				case SNIPPET_TEXT_CHILD:
 				case SNIPPET_ATTRIBUTE: {
 								if (snippet->type & SNIPPET_ANY) {
-									g_hash_table_destroy(*value);
+									if (*value) {
+										g_hash_table_destroy(*value);
+									}
 								} else {
 									g_free(*value);
 								}