From 53f2a89851331f08b3e3605b2bc3e48b202bb00d Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Wed, 17 Feb 2010 10:15:33 +0000 Subject: SAML 2.0: if assertion possess a signed original_xmlnode return it instead of using get_xmlNode * lasso/xml/saml-2.0/saml2_assertion.c: assertion in lasso when read are not usable anymore because the signature is lost, this commit allows to keep assertion unaltered after reading them if they contained a top level signature (a signature contained in the Assertion node). This is useful for reusing assertion kept in a LassoSession object and for using assertion as security token for ID-WSF. --- lasso/xml/saml-2.0/saml2_assertion.c | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/lasso/xml/saml-2.0/saml2_assertion.c b/lasso/xml/saml-2.0/saml2_assertion.c index 35c8e472..5bf46b6f 100644 --- a/lasso/xml/saml-2.0/saml2_assertion.c +++ b/lasso/xml/saml-2.0/saml2_assertion.c @@ -27,6 +27,7 @@ #include "../private.h" #include #include +#include #include "saml2_assertion.h" @@ -118,9 +119,25 @@ static xmlNode* get_xmlNode(LassoNode *node, gboolean lasso_dump) { LassoSaml2Assertion *assertion = LASSO_SAML2_ASSERTION(node); - xmlNode *xmlnode; + xmlNode *xmlnode, *original_xmlnode; int rc = 0; + /* If assertion has been deserialized and contain a signature, dump it from the + * original xmlnode. */ + original_xmlnode = lasso_node_get_original_xmlnode(node); + while (original_xmlnode) { + xmlNode *signature, *signature_value; + + signature = xmlSecFindChild(original_xmlnode, xmlSecNodeSignature, xmlSecDSigNs); + if (! signature) + break; + signature_value = xmlSecFindNode(signature, xmlSecNodeSignatureValue, xmlSecDSigNs); + if (signature_value && signature_value->children) { + return xmlCopyNode(original_xmlnode, 1); + } + break; + } + xmlnode = parent_class->get_xmlNode(node, lasso_dump); if (lasso_dump == FALSE && assertion->sign_type) { -- cgit