diff --git a/bindings/lang_java_wrapper_top.c b/bindings/lang_java_wrapper_top.c index 3ddb07a3..03736866 100644 --- a/bindings/lang_java_wrapper_top.c +++ b/bindings/lang_java_wrapper_top.c @@ -1,5 +1,5 @@ #include -#include +#include #include #include "com_entrouvert_lasso_LassoJNI.h" #include diff --git a/bindings/lang_python_wrapper_top.c b/bindings/lang_python_wrapper_top.c index dcfa3d52..95fb5bc0 100644 --- a/bindings/lang_python_wrapper_top.c +++ b/bindings/lang_python_wrapper_top.c @@ -1,7 +1,7 @@ #include #include #include -#include +#include #include "../ghashtable.h" GQuark lasso_wrapper_key; diff --git a/bindings/overrides.xml b/bindings/overrides.xml index c5963efb..1abf0158 100644 --- a/bindings/overrides.xml +++ b/bindings/overrides.xml @@ -129,6 +129,8 @@ + + @@ -153,6 +155,7 @@ + diff --git a/configure.ac b/configure.ac index 406dc338..932c7761 100644 --- a/configure.ac +++ b/configure.ac @@ -29,7 +29,7 @@ AC_REVISION($Revision$) dnl Run many macros mostly needed by configure.ac. AM_INIT_AUTOMAKE(lasso, 2.2.1) dnl Create rules to automaticaly regenerate the config header. -AM_CONFIG_HEADER(lasso/lasso_config.h) +AM_CONFIG_HEADER([config.h lasso/lasso_config.h]) dnl Add --enable-maintainer-mode option to configure. AM_MAINTAINER_MODE diff --git a/lasso/Makefile.am b/lasso/Makefile.am index c7527915..54902934 100644 --- a/lasso/Makefile.am +++ b/lasso/Makefile.am @@ -13,13 +13,12 @@ LTRCCOMPILE = $(LIBTOOL) --tag=RC --mode=compile $(RC) \ lasso.rc.lo: $(top_srcdir)/win32/lasso.rc $(LTRCCOMPILE) -i $< -o $@ - lib_LTLIBRARIES = liblasso.la -liblassoinclude_HEADERS = export.h lasso.h lasso_config.h errors.h soap_binding.h +liblassoinclude_HEADERS = export.h lasso.h lasso_config.h errors.h BUILT_SOURCES = types.c errors.c symbols.sym -liblasso_la_SOURCES = lasso.c errors.c soap_binding.c +liblasso_la_SOURCES = lasso.c errors.c if WSF_ENABLED SYMBOLS_ARGS = -wsf @@ -80,7 +79,7 @@ liblasso_la_LDFLAGS = -no-undefined -version-info @LASSO_VERSION_INFO@ \ endif errors.c: errors.h - python build_strerror.py >$(srcdir)/.errors.c.new + python $(srcdir)/build_strerror.py $(srcdir) >$(srcdir)/.errors.c.new if ! cmp -s $(srcdir)/errors.c $(srcdir)/.errors.c.new; then \ mv -f $(srcdir)/.errors.c.new $(srcdir)/errors.c; else \ rm $(srcdir)/.errors.c.new; fi diff --git a/lasso/build_strerror.py b/lasso/build_strerror.py index 92bca87e..7461d3b4 100644 --- a/lasso/build_strerror.py +++ b/lasso/build_strerror.py @@ -6,7 +6,9 @@ import re import sys import os -hlines = file('errors.h','r').readlines() +srcdir = sys.argv[1] + +hlines = file('%s/errors.h' % srcdir,'r').readlines() messages = dict() for line in hlines: @@ -18,7 +20,7 @@ for line in hlines: if m: messages[m.group(1)] = m.group(1) -clines = file('errors.c.in','r').readlines() +clines = file('%s/errors.c.in' % srcdir,'r').readlines() for line in clines: if '@ERROR_CASES@' in line: for k in messages: diff --git a/lasso/id-ff/identity.c b/lasso/id-ff/identity.c index 5de618e5..c987baa7 100644 --- a/lasso/id-ff/identity.c +++ b/lasso/id-ff/identity.c @@ -28,7 +28,7 @@ * **/ -#include +#include #include #ifdef LASSO_WSF_ENABLED diff --git a/lasso/id-ff/login.c b/lasso/id-ff/login.c index acae8af5..d34b6ad4 100644 --- a/lasso/id-ff/login.c +++ b/lasso/id-ff/login.c @@ -145,7 +145,7 @@ #include -#include +#include #include #include #include diff --git a/lasso/id-ff/loginprivate.h b/lasso/id-ff/loginprivate.h index d5ccca72..58f01ceb 100644 --- a/lasso/id-ff/loginprivate.h +++ b/lasso/id-ff/loginprivate.h @@ -30,7 +30,7 @@ extern "C" { #endif /* __cplusplus */ -#include +#include #include #ifdef LASSO_WSF_ENABLED diff --git a/lasso/id-ff/server.c b/lasso/id-ff/server.c index de583719..a6568a7f 100644 --- a/lasso/id-ff/server.c +++ b/lasso/id-ff/server.c @@ -32,7 +32,7 @@ #include -#include +#include #include #include diff --git a/lasso/id-ff/session.c b/lasso/id-ff/session.c index 53b2ea85..7729222b 100644 --- a/lasso/id-ff/session.c +++ b/lasso/id-ff/session.c @@ -59,7 +59,7 @@ * Return value: 0 on success; or a negative value otherwise. **/ gint -lasso_session_add_assertion(LassoSession *session, char *providerID, LassoNode *assertion) +lasso_session_add_assertion(LassoSession *session, const char *providerID, LassoNode *assertion) { gint ret = 0; gchar *id = NULL; @@ -68,8 +68,7 @@ lasso_session_add_assertion(LassoSession *session, char *providerID, LassoNode * g_return_val_if_fail(providerID != NULL, LASSO_PARAM_ERROR_INVALID_VALUE); g_return_val_if_fail(assertion != NULL, LASSO_PARAM_ERROR_INVALID_VALUE); - g_hash_table_insert(session->assertions, g_strdup(providerID), - g_object_ref(assertion)); + g_hash_table_insert(session->assertions, g_strdup(providerID), g_object_ref(assertion)); if (LASSO_IS_SAML_ASSERTION(assertion)) { id = LASSO_SAML_ASSERTION(assertion)->AssertionID; @@ -96,11 +95,13 @@ lasso_session_add_assertion(LassoSession *session, char *providerID, LassoNode * * Returns: 0 if the assertion was added to the dictionnary. */ gint -lasso_session_add_assertion_with_id(LassoSession *session, char *assertionID, LassoNode *assertion) +lasso_session_add_assertion_with_id(LassoSession *session, const char *assertionID, + LassoNode *assertion) { g_return_val_if_fail(LASSO_IS_SESSION(session), LASSO_PARAM_ERROR_INVALID_VALUE); g_return_val_if_fail(assertionID != NULL, LASSO_PARAM_ERROR_INVALID_VALUE); g_return_val_if_fail(assertion != NULL, LASSO_PARAM_ERROR_INVALID_VALUE); + g_hash_table_insert(session->private_data->assertions_by_id, g_strdup(assertionID), g_object_ref(assertion)); @@ -121,7 +122,7 @@ lasso_session_add_assertion_with_id(LassoSession *session, char *assertionID, La * Return value: 0 on success; or a negative value otherwise. **/ gint -lasso_session_add_status(LassoSession *session, char *providerID, LassoNode *status) +lasso_session_add_status(LassoSession *session, const char *providerID, LassoNode *status) { g_return_val_if_fail(LASSO_IS_SESSION(session), LASSO_PARAM_ERROR_INVALID_VALUE); g_return_val_if_fail(providerID != NULL, LASSO_PARAM_ERROR_INVALID_VALUE); @@ -147,7 +148,7 @@ lasso_session_add_status(LassoSession *session, char *providerID, LassoNode *sta * the caller. **/ LassoNode* -lasso_session_get_assertion(LassoSession *session, gchar *providerID) +lasso_session_get_assertion(LassoSession *session, const gchar *providerID) { g_return_val_if_fail(LASSO_IS_SESSION(session), NULL); @@ -166,7 +167,7 @@ lasso_session_get_assertion(LassoSession *session, gchar *providerID) * the caller. */ LassoNode* -lasso_session_get_assertion_by_id(LassoSession *session, gchar *assertionID) +lasso_session_get_assertion_by_id(LassoSession *session, const gchar *assertionID) { g_return_val_if_fail(LASSO_IS_SESSION(session), NULL); @@ -221,7 +222,7 @@ lasso_session_get_assertions(LassoSession *session, const char *provider_id) * is internally allocated and must not be freed by the caller. **/ LassoNode* -lasso_session_get_status(LassoSession *session, gchar *providerID) +lasso_session_get_status(LassoSession *session, const gchar *providerID) { if (session == NULL) { return NULL; @@ -330,7 +331,7 @@ lasso_session_is_empty(LassoSession *session) * Return value: 0 on success; or a negative value otherwise. **/ gint -lasso_session_remove_assertion(LassoSession *session, gchar *providerID) +lasso_session_remove_assertion(LassoSession *session, const gchar *providerID) { g_return_val_if_fail(LASSO_IS_SESSION(session), LASSO_PARAM_ERROR_INVALID_VALUE); g_return_val_if_fail(providerID != NULL, LASSO_PARAM_ERROR_INVALID_VALUE); @@ -353,7 +354,7 @@ lasso_session_remove_assertion(LassoSession *session, gchar *providerID) * Return value: 0 on success; or a negative value otherwise. **/ gint -lasso_session_remove_status(LassoSession *session, gchar *providerID) +lasso_session_remove_status(LassoSession *session, const gchar *providerID) { g_return_val_if_fail(session != NULL, LASSO_PARAM_ERROR_INVALID_VALUE); g_return_val_if_fail(providerID != NULL, LASSO_PARAM_ERROR_INVALID_VALUE); diff --git a/lasso/id-ff/sessionprivate.h b/lasso/id-ff/sessionprivate.h index 2b84c1fd..20204264 100644 --- a/lasso/id-ff/sessionprivate.h +++ b/lasso/id-ff/sessionprivate.h @@ -46,21 +46,21 @@ struct _LassoSessionPrivate }; gint lasso_session_add_assertion(LassoSession *session, - char *providerID, LassoNode *assertion); + const char *providerID, LassoNode *assertion); gint lasso_session_add_status(LassoSession *session, - char *providerID, LassoNode *status); + const char *providerID, LassoNode *status); gint lasso_session_add_assertion_with_id(LassoSession *session, - char *assertionID, LassoNode *assertion); + const char *assertionID, LassoNode *assertion); LassoNode* lasso_session_get_assertion( - LassoSession *session, gchar *providerID); + LassoSession *session, const gchar *providerID); LassoNode* lasso_session_get_assertion_by_id( - LassoSession *session, gchar *assertionID); + LassoSession *session, const gchar *assertionID); LassoNode* lasso_session_get_status( - LassoSession *session, gchar *providerID); + LassoSession *session, const gchar *providerID); -gint lasso_session_remove_status(LassoSession *session, gchar *providerID); -gint lasso_session_remove_assertion(LassoSession *session, gchar *providerID); +gint lasso_session_remove_status(LassoSession *session, const gchar *providerID); +gint lasso_session_remove_assertion(LassoSession *session, const gchar *providerID); void lasso_session_init_provider_ids(LassoSession *session); diff --git a/lasso/id-wsf/Makefile.am b/lasso/id-wsf/Makefile.am index bbced2ec..82c33d7b 100644 --- a/lasso/id-wsf/Makefile.am +++ b/lasso/id-wsf/Makefile.am @@ -9,7 +9,8 @@ INCLUDES = \ lasso_private_h_sources = \ data_service_private.h \ - wsf_profile_private.h + wsf_profile_private.h \ + soap_binding.h if WSF_ENABLED noinst_LTLIBRARIES = liblasso-id-wsf.la @@ -20,7 +21,8 @@ WSF_C_FILES = \ personal_profile_service.c \ data_service.c \ wsf_profile.c \ - utils.c + utils.c \ + soap_binding.c WSF_H_FILES = \ authentication.h \ diff --git a/lasso/id-wsf/authentication.c b/lasso/id-wsf/authentication.c index 123ac871..2fe0d6b4 100644 --- a/lasso/id-wsf/authentication.c +++ b/lasso/id-wsf/authentication.c @@ -83,6 +83,42 @@ struct _LassoAuthenticationPrivate gboolean dispose_has_run; }; +static LassoSoapEnvelope* +lasso_authentication_build_soap_envelope_internal(const char *refToMessageId, const char *providerId) +{ + LassoSoapEnvelope *envelope; + LassoSoapHeader *header; + LassoSoapBody *body; + LassoSoapBindingCorrelation *correlation; + gchar *messageId, *timestamp; + + /* Body */ + body = lasso_soap_body_new(); + body->id = lasso_build_unique_id(32); + envelope = lasso_soap_envelope_new(body); + + /* Header */ + header = lasso_soap_header_new(); + envelope->Header = header; + + /* Correlation */ + messageId = lasso_build_unique_id(32); + timestamp = lasso_get_current_time(); + correlation = lasso_soap_binding_correlation_new(messageId, timestamp); + correlation->id = lasso_build_unique_id(32); + if (refToMessageId != NULL) + correlation->refToMessageID = g_strdup(refToMessageId); + header->Other = g_list_append(header->Other, correlation); + + /* Provider */ + if (providerId) { + LassoSoapBindingProvider *provider = lasso_soap_binding_provider_new(providerId); + provider->id = lasso_build_unique_id(32); + header->Other = g_list_append(header->Other, provider); + } + + return envelope; +} gint lasso_authentication_client_start(LassoAuthentication *authentication) { @@ -226,7 +262,7 @@ lasso_authentication_init_request(LassoAuthentication *authentication, request = lasso_sa_sasl_request_new(mechanisms); LASSO_WSF_PROFILE(authentication)->request = LASSO_NODE(request); - envelope = lasso_wsf_profile_build_soap_envelope(NULL, NULL); + envelope = lasso_authentication_build_soap_envelope_internal(NULL, NULL); LASSO_WSF_PROFILE(authentication)->soap_envelope_request = envelope; if (envelope == NULL || envelope->Body == NULL || envelope->Body->any == NULL) { return critical_error(LASSO_PROFILE_ERROR_MISSING_REQUEST); @@ -327,7 +363,7 @@ lasso_authentication_process_request_msg(LassoAuthentication *authentication, correlation = envelope->Header->Other->data; messageId = correlation->messageID; - envelope = lasso_wsf_profile_build_soap_envelope(messageId, NULL); + envelope = lasso_authentication_build_soap_envelope_internal(messageId, NULL); LASSO_WSF_PROFILE(authentication)->soap_envelope_response = envelope; status = lasso_utility_status_new(LASSO_SA_STATUS_CODE_OK); @@ -403,7 +439,7 @@ lasso_authentication_process_response_msg(LassoAuthentication *authentication, correlation = envelope->Header->Other->data; messageId = correlation->messageID; - envelope = lasso_wsf_profile_build_soap_envelope(messageId, NULL); + envelope = lasso_authentication_build_soap_envelope_internal(messageId, NULL); LASSO_WSF_PROFILE(authentication)->soap_envelope_request = envelope; request = lasso_sa_sasl_request_new(g_strdup(response->serverMechanism)); diff --git a/lasso/id-wsf/data_service.c b/lasso/id-wsf/data_service.c index 42377426..8e63c372 100644 --- a/lasso/id-wsf/data_service.c +++ b/lasso/id-wsf/data_service.c @@ -921,8 +921,6 @@ lasso_register_idwsf_xpath_namespaces(xmlXPathContext *xpathCtx) } - - /*****************************************************************************/ /* overrided parent class methods */ /*****************************************************************************/ diff --git a/lasso/id-wsf/discovery.c b/lasso/id-wsf/discovery.c index d1a98b3c..071015d7 100644 --- a/lasso/id-wsf/discovery.c +++ b/lasso/id-wsf/discovery.c @@ -72,16 +72,19 @@ #include #include #include +#include #include #include #include +#include #include #include #include #include #include +#include struct _LassoDiscoveryPrivate { @@ -340,7 +343,6 @@ lasso_discovery_init_modify(LassoDiscovery *discovery, LassoDiscoDescription *description) { LassoWsfProfile *profile = NULL; - LassoSoapEnvelope *envelope = NULL; LassoDiscoModify *modify = NULL; gint res = 0; @@ -941,6 +943,14 @@ lasso_discovery_build_response_msg(LassoDiscovery *discovery) return res; } +const char* +get_assertion_id(LassoNode *node) { + if (LASSO_IS_SAML_ASSERTION(node)) { + return LASSO_SAML_ASSERTION(node)->AssertionID; + } + return NULL; +} + /** * lasso_discovery_process_query_response_msg: * @discovery: a #LassoDiscovery @@ -957,10 +967,7 @@ lasso_discovery_process_query_response_msg(LassoDiscovery *discovery, const gcha { LassoWsfProfile *profile = NULL; LassoDiscoQueryResponse *response; - xmlXPathContext *xpathCtx = NULL; - xmlXPathObject *xpathObj; - LassoDiscoCredentials *credentials; - int rc = 0, i; + int rc = 0; g_return_val_if_fail(LASSO_IS_DISCOVERY(discovery), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); @@ -972,7 +979,8 @@ lasso_discovery_process_query_response_msg(LassoDiscovery *discovery, const gcha if (rc) goto exit; response = LASSO_DISCO_QUERY_RESPONSE(profile->response); - if (strcmp(response->Status->code, LASSO_DISCO_STATUS_CODE_OK) != 0) { + if (strcmp(response->Status->code, LASSO_DISCO_STATUS_CODE_OK) != 0 && + strcmp(response->Status->code, LASSO_DISCO_STATUS_CODE_DISCO_OK) != 0) { return LASSO_PROFILE_ERROR_STATUS_NOT_SUCCESS; } /** Process the credentials, add them to the session */ @@ -983,7 +991,8 @@ lasso_discovery_process_query_response_msg(LassoDiscovery *discovery, const gcha continue; } if (profile->session) { - lasso_session_add_assertion(profile->session, + lasso_session_add_assertion_with_id(profile->session, + get_assertion_id(assertions->data), assertions->data); } else { rc = LASSO_PROFILE_ERROR_SESSION_NOT_FOUND; @@ -1047,8 +1056,7 @@ lasso_discovery_get_service(LassoDiscovery *discovery, const char *service_type) return NULL; /* resource not found */ } } - service = lasso_discovery_build_wsf_profile(discovery, - offering); + service = lasso_discovery_build_wsf_profile(discovery, offering); return service; } @@ -1090,8 +1098,7 @@ lasso_discovery_get_services(LassoDiscovery *discovery) if (offering->ServiceInstance == NULL) { continue; } - service = lasso_discovery_build_wsf_profile(discovery, - offering); + service = lasso_discovery_build_wsf_profile(discovery, offering); services = g_list_append(services, service); } @@ -1107,7 +1114,7 @@ lasso_discovery_get_services(LassoDiscovery *discovery) * constructor for the service type they supports. */ void -lasso_discovery_get_register_constructor_for_service_type(gchar *service_type, +lasso_discovery_register_constructor_for_service_type(const gchar *service_type, LassoWsfProfileConstructor constructor) { LassoWsfProfileConstructor old_constructor; @@ -1156,7 +1163,7 @@ lasso_discovery_unregister_constructor_for_service_type( * service provider. Fills the Modulus and Exponent composant of the RsaKeyValue. * It does not handle DSAKeyValue. * - * Returns: a new #LassoDsKeyIfno or NULL if no provider or no public key were found. + * Return value: a new #LassoDsKeyIfno or NULL if no provider or no public key were found. */ static LassoDsKeyInfo* lasso_discovery_build_key_info_node(LassoDiscovery *discovery, const gchar *providerID) @@ -1241,9 +1248,8 @@ static GHashTable *registry = NULL; static GHashTable * get_constructors_registry() { - if (registry==NULL) { - registry = g_hash_table_new_full(g_str_hash, g_direct_equal, - g_free, NULL); + if (registry == NULL) { + registry = g_hash_table_new_full(g_str_hash, g_str_equal, g_free, NULL); } return registry; } @@ -1273,6 +1279,20 @@ set_registry(gchar const *service_type, LassoWsfProfileConstructor constructor) g_strdup(service_type), constructor); } +static void +move_ass(gchar *key, LassoSamlAssertion *ass, GHashTable *dest) +{ + g_hash_table_insert(dest, g_strdup(key), g_object_ref(ass)); +} + +void +lasso_wsf_profile_move_assertions(LassoWsfProfile *src, LassoWsfProfile *dest) +{ + dest->session = lasso_session_new(); + g_hash_table_foreach(src->session->private_data->assertions_by_id, (GHFunc)move_ass, + dest->session->private_data->assertions_by_id); +} + static LassoWsfProfile * lasso_discovery_build_wsf_profile(LassoDiscovery *discovery, LassoDiscoResourceOffering *offering) { @@ -1287,14 +1307,18 @@ lasso_discovery_build_wsf_profile(LassoDiscovery *discovery, LassoDiscoResourceO service_type = offering->ServiceInstance->ServiceType; a_constructor = lookup_registry(service_type); - server = discovery->parent.server; + server = LASSO_WSF_PROFILE(discovery)->server; + if (a_constructor) { - a_wsf_profile = a_constructor(server, - offering); + a_wsf_profile = a_constructor(server, offering); } else { message(G_LOG_LEVEL_WARNING, "No constructor registered for service type: %s", service_type); a_wsf_profile = LASSO_WSF_PROFILE(lasso_data_service_new_full(server, offering)); } + + lasso_wsf_profile_move_assertions(LASSO_WSF_PROFILE(discovery), a_wsf_profile); + + //a_wsf_profile = LASSO_WSF_PROFILE(lasso_dgme_msped_service_new_full(server, offering)); return a_wsf_profile; } diff --git a/lasso/id-wsf/discovery.h b/lasso/id-wsf/discovery.h index 21ac94fe..632cbfa2 100644 --- a/lasso/id-wsf/discovery.h +++ b/lasso/id-wsf/discovery.h @@ -128,6 +128,7 @@ LASSO_EXPORT void lasso_discovery_register_constructor_for_service_type(gchar co LassoWsfProfileConstructor constructor); LASSO_EXPORT void lasso_discovery_unregister_constructor_for_service_type(gchar const *service_type, LassoWsfProfileConstructor constructor); + #ifdef __cplusplus } #endif /* __cplusplus */ diff --git a/lasso/id-wsf/soap_binding.c b/lasso/id-wsf/soap_binding.c index 6e110171..c36ef7b8 100644 --- a/lasso/id-wsf/soap_binding.c +++ b/lasso/id-wsf/soap_binding.c @@ -22,7 +22,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -#include +#include #define find_node_type_in_list(iter, check) \ { while (iter && ! check(iter->data)) \ diff --git a/lasso/id-wsf/soap_binding.h b/lasso/id-wsf/soap_binding.h index 529edc50..03d2bb0e 100644 --- a/lasso/id-wsf/soap_binding.h +++ b/lasso/id-wsf/soap_binding.h @@ -33,9 +33,9 @@ extern "C" { #endif /* __cplusplus */ -LASSO_EXPORT LassoSoapBindingProvider* lasso_soap_binding_get_provider(LassoSoapEnvelope *envelope); +LassoSoapBindingProvider* lasso_soap_binding_get_provider(LassoSoapEnvelope *envelope); -LASSO_EXPORT LassoSoapBindingCorrelation* lasso_soap_binding_get_correlation(LassoSoapEnvelope *evelope); +LassoSoapBindingCorrelation* lasso_soap_binding_get_correlation(LassoSoapEnvelope *evelope); #ifdef __cplusplus } diff --git a/lasso/id-wsf/utils.c b/lasso/id-wsf/utils.c index b22ecff0..5bfe9c28 100644 --- a/lasso/id-wsf/utils.c +++ b/lasso/id-wsf/utils.c @@ -26,11 +26,16 @@ * lasso_security_mech_is_saml_authentication: * @security_mech_id: the URI of an authentication mechanism * - * Returns: %TRUE if @security_mech_id is one of + * Return value: %TRUE if @security_mech_id is one of * urn:liberty:security:2003-08:NULL:SAML, * urn:liberty:security:2003-08:TLS:SAML or * urn:liberty:security:2003-08:ClientTLS:SAML, FALSE otherwise. */ + +#include +#include +#include + gboolean lasso_security_mech_id_is_saml_authentication(const gchar *security_mech_id) { @@ -49,7 +54,7 @@ lasso_security_mech_id_is_saml_authentication(const gchar *security_mech_id) * lasso_security_mech_is_x509_authentication: * @security_mech_id: the URI of an authentication mechanism * - * Returns: %TRUE if @security_mech_id is one of + * Return value: %TRUE if @security_mech_id is one of * urn:liberty:security:2003-08:NULL:X509, * urn:liberty:security:2003-08:TLS:X509 or * urn:liberty:security:2003-08:ClientTLS:X509, FALSE otherwise. @@ -72,7 +77,7 @@ lasso_security_mech_id_is_x509_authentication(const char *security_mech_id) * lasso_security_mech_is_null_authentication: * @security_mech_id: the URI of an authentication mechanism * - * Returns: %TRUE if @security_mech_id is one of + * Return value: %TRUE if @security_mech_id is one of * urn:liberty:security:2003-08:NULL:NULL, * urn:liberty:security:2003-08:TLS:NULL or * urn:liberty:security:2003-08:ClientTLS:NULL, FALSE otherwise. @@ -81,9 +86,9 @@ gboolean lasso_security_mech_id_is_null_authentication(const char *security_mech_id) { if (strcmp(security_mech_id, - LASSO_SECURITY_MECH_CLIENT_TLS_NULL) == 0 || + LASSO_SECURITY_MECH_CLIENT_TLS) == 0 || strcmp(security_mech_id, - LASSO_SECURITY_MECH_TLS_NULL) == 0 || + LASSO_SECURITY_MECH_TLS) == 0 || strcmp(security_mech_id, LASSO_SECURITY_MECH_NULL) == 0) { return TRUE; diff --git a/lasso/id-wsf/wsf_profile.c b/lasso/id-wsf/wsf_profile.c index cdc83d8f..d78548c3 100644 --- a/lasso/id-wsf/wsf_profile.c +++ b/lasso/id-wsf/wsf_profile.c @@ -35,6 +35,7 @@ #include #include #include +#include #include #include #include @@ -51,6 +52,7 @@ #include #include +#include /*****************************************************************************/ /* private methods */ @@ -85,7 +87,7 @@ lasso_wsf_profile_get_fault(LassoWsfProfile *profile) * lasso_wsf_profile_comply_with_saml_authentication: * @profile: a #LassoWsfProfile * - * Returns: 0 if an assertion was found and a signature corresponding to the + * Return value: 0 if an assertion was found and a signature corresponding to the * key given as a subject confirmation in the assertion is generated, an error * code otherwise. */ @@ -128,7 +130,7 @@ lasso_wsf_profile_comply_with_saml_authentication(LassoWsfProfile *profile) * * UNCOMPLETE. * - * Returns: 0 if complyiing with the current security mechanism was + * Return value: 0 if complyiing with the current security mechanism was * successfull. */ static gint @@ -198,7 +200,7 @@ lasso_wsf_profile_build_soap_envelope_internal(const char *refToMessageId, const * * OBSOLETE: Do nothin. * - * Returns: 0. + * Return value: 0. */ gint lasso_wsf_profile_move_credentials(LassoWsfProfile *src, LassoWsfProfile *dest) @@ -213,7 +215,7 @@ lasso_wsf_profile_move_credentials(LassoWsfProfile *src, LassoWsfProfile *dest) * * OBSOLETE: Do nothing. * - * Returns: 0. + * Return value: 0. */ gint lasso_wsf_profile_add_credential(LassoWsfProfile *profile, xmlNode *credential) @@ -229,7 +231,7 @@ lasso_wsf_profile_add_credential(LassoWsfProfile *profile, xmlNode *credential) * Traverse the service instance descriptions and find one which supports the * given security mechanism. * - * Returns: a #LassoDiscoDescription that supports security_mech_id, NULL + * Return value: a #LassoDiscoDescription that supports security_mech_id, NULL * otherwise. */ LassoDiscoDescription* @@ -264,7 +266,7 @@ lasso_wsf_profile_get_description_auto(LassoDiscoServiceInstance *si, const gcha * * Setup the LassoWsfProfile for a given security mechanism. * - * Returns: 0 if a corresponding description was found, + * Return value: 0 if a corresponding description was found, * LASSO_PROFILE_ERROR_MISSING_SERVICE_DESCRIPTION if no description with the * given security mechanism was found. */ @@ -298,7 +300,7 @@ lasso_wsf_profile_set_description_from_offering( } /** - * lasso_wsf_profile_set_security_mechanism: + * lasso_wsf_profile_set_security_mech_id: * @profile: the #LassoWsfProfile object * @securit_mech_id: a char* string representing the chosen security mech id. * @@ -314,30 +316,37 @@ lasso_wsf_profile_set_description_from_offering( * LASSO_SECURITY_MECH_CLIENT_TLS or "urn:liberty:security:2003-08:ClientTLS:null" * LASSO_SECURITY_MECH_CLIENT_TLS_SAML or "urn:liberty:security:2003-08:ClientTLS:SAML" * - * Returns: 0 if the security mechanism is supported by this #LassoWsfProfile + * Return value: 0 if the security mechanism is supported by this #LassoWsfProfile * object, an error code otherwise. */ gint -lasso_wsf_profile_set_security_mechanism(LassoWsfProfile *profile, - char *security_mech_id) +lasso_wsf_profile_set_security_mech_id(LassoWsfProfile *profile, + const char *security_mech_id) { g_return_val_if_invalid_param(WSF_PROFILE, profile, LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); - if (lasso_security_is_saml_authentication(security_mech_id) - || lasso_security_is_null_authentication(security_mech_id)) { + if (lasso_security_mech_id_is_saml_authentication(security_mech_id) + || lasso_security_mech_id_is_null_authentication(security_mech_id)) { g_assign_string(profile->private_data->security_mech_id, security_mech_id); + if (profile->private_data->offering) { + lasso_wsf_profile_set_description_from_offering( + profile, + profile->private_data->offering, + security_mech_id); + } + return 0; } return LASSO_WSF_PROFILE_ERROR_UNSUPPORTED_SECURITY_MECHANISM; } /** - * lasso_wsf_profile_get_security_mechanism: + * lasso_wsf_profile_get_security_mech_id: * @profile: the #LassoWsfProfile object * - * Returns: the current security mechanism id for this object. + * Return value: the current security mechanism id for this object. */ const char * -lasso_wsf_profile_get_security_mechanism(LassoWsfProfile *profile) +lasso_wsf_profile_get_security_mech_id(LassoWsfProfile *profile) { g_return_val_if_invalid_param(WSF_PROFILE, profile, NULL); @@ -367,7 +376,7 @@ lasso_wsf_profile_set_description(LassoWsfProfile *profile, LassoDiscoDescriptio * locate the endpoint and the security mechanism to use for the next ID-WSF * request. * - * Returns: a #LassoDiscoDescriptio or NULL if none is present. + * Return value: a #LassoDiscoDescriptio or NULL if none is present. */ LassoDiscoDescription * lasso_wsf_profile_get_description(LassoWsfProfile *profile) @@ -375,6 +384,21 @@ lasso_wsf_profile_get_description(LassoWsfProfile *profile) return profile->private_data->description; } +/** + * lasso_wsf_profile_get_resource_offering: + * @profile: the #LassoWsfProfile object + * + * Returns the ResourceOffering setupt with this profile object. + * + * Return value: a #LassoDiscoResourceOffering if one was setup during + * construction, NULL otherwise. + */ +LassoDiscoResourceOffering * +lasso_wsf_profile_get_resource_offering(LassoWsfProfile *profile) +{ + return profile->private_data->offering; +} + /** * lasso_wsf_profile_build_soap_envelope: * @refToMessageId: a char* string and the eventual MessageId of a SOAP request @@ -385,7 +409,7 @@ lasso_wsf_profile_get_description(LassoWsfProfile *profile) * Build the a #LassoSoapEnvelope as a template for a future SOAP message * containing the headers recommended by the ID-WSF 1.0 specification. * - * Returns: a new #LassoSoapEnvelope if construction was successfull. + * Return value: a new #LassoSoapEnvelope if construction was successfull. */ LassoSoapEnvelope* lasso_wsf_profile_build_soap_envelope(const char *refToMessageId, const char *providerId) @@ -400,7 +424,7 @@ lasso_wsf_profile_build_soap_envelope(const char *refToMessageId, const char *pr * * OBSOLETE: do nothing. * - * Returns: FALSE. + * Return value: FALSE. **/ gboolean lasso_wsf_profile_principal_is_online(LassoWsfProfile *profile) @@ -568,7 +592,7 @@ lasso_wsf_profile_set_session_from_dump(LassoWsfProfile *profile, const gchar * * the body of the request to request. The reference to request is not stolen i.e * the ref count of request is increased by one after this call. * - * Retun: 0 if initialization was successfull. + * Return value: 0 if initialization was successfull. */ gint lasso_wsf_profile_init_soap_request(LassoWsfProfile *profile, LassoNode *request) @@ -582,7 +606,7 @@ lasso_wsf_profile_init_soap_request(LassoWsfProfile *profile, LassoNode *request if (profile->server) { providerID = profile->server->parent.ProviderID; } - envelope = lasso_wsf_profile_build_soap_envelope_internal(NULL,providerID); + envelope = lasso_wsf_profile_build_soap_envelope_internal(NULL, providerID); profile->soap_envelope_request = envelope; envelope->Body->any = g_list_append(envelope->Body->any, request); profile->request = request; @@ -597,24 +621,16 @@ lasso_wsf_profile_init_soap_request(LassoWsfProfile *profile, LassoNode *request * and eventually sign with the local public depending on the security * mechanism requested. * - * Returns: 0 if construction is successfull. + * Return value: 0 if construction is successfull. */ gint lasso_wsf_profile_build_soap_request_msg(LassoWsfProfile *profile) { LassoSoapEnvelope *envelope; - LassoSoapHeader *header; - LassoWsseSecurity *security = NULL; - int ret; - GList *iter = NULL; - xmlNode *security_xmlNode, *credential; xmlOutputBuffer *buf; xmlCharEncodingHandler *handler; xmlDoc *doc = NULL; xmlNode *envelope_node = NULL; - xmlXPathContext *xpathCtx = NULL; - xmlXPathObject *xpathObj = NULL; - g_return_val_if_fail(LASSO_IS_WSF_PROFILE(profile), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); g_return_val_if_fail(LASSO_IS_SOAP_ENVELOPE(profile->soap_envelope_request), @@ -646,14 +662,12 @@ lasso_wsf_profile_build_soap_request_msg(LassoWsfProfile *profile) * Create the char* string containing XML document for the SOAP ID-WSF * response. * - * Returns: 0 if construction is successfull. + * Return value: 0 if construction is successfull. */ int lasso_wsf_profile_build_soap_response_msg(LassoWsfProfile *profile) { LassoSoapEnvelope *envelope; - LassoSoapHeader *header; - LassoWsseSecurity *security; xmlNode *soap_envelope; xmlDoc *doc; xmlOutputBuffer *buf; @@ -684,10 +698,8 @@ gint lasso_wsf_profile_process_soap_request_msg(LassoWsfProfile *profile, const gchar *message, const gchar *service_type, const gchar *security_mech_id) { - LassoDiscoServiceInstance *si = NULL; LassoSoapBindingCorrelation *correlation = NULL; LassoSoapEnvelope *envelope = NULL; - LassoSoapFault *fault = NULL; gchar *messageId; int res = 0; xmlDoc *doc; @@ -745,12 +757,11 @@ exit: * Parse a SOAP response from an ID-WSF 1.0 service, * eventually signal a SOAP fault. * - * Returns: 0 if the processing of this message was successful. + * Return value: 0 if the processing of this message was successful. */ gint lasso_wsf_profile_process_soap_response_msg(LassoWsfProfile *profile, const gchar *message) { - LassoSoapEnvelope *envelope; xmlDoc *doc; xmlNode *root; LassoNode *node; @@ -776,9 +787,9 @@ lasso_wsf_profile_process_soap_response_msg(LassoWsfProfile *profile, const gcha ret = critical_error(LASSO_PROFILE_ERROR_INVALID_SOAP_MSG); goto exit; } - profile->response = LASSO_NODE(envelope->Body->any->data); + profile->response = LASSO_NODE(profile->soap_envelope_response->Body->any->data); /* Signal soap fault specifically */ - if (LASSO_IS_SOAP_FAULT(envelope->Body->any->data)) { + if (LASSO_IS_SOAP_FAULT(profile->response)) { return LASSO_WSF_PROFILE_ERROR_SOAP_FAULT; } exit: @@ -796,7 +807,7 @@ exit: * * OBSOLETE: do nothing. * - * Returns: NULL + * Return value: NULL */ LassoSoapBindingProvider *lasso_wsf_profile_set_provider_soap_request(LassoWsfProfile *profile, const char *providerId) @@ -910,7 +921,7 @@ lasso_wsf_profile_init(LassoWsfProfile *profile, /* FIXME: is a NULL server authorized ? */ g_assign_gobject(profile->server, server); /* FIXME: is a NULL oferring authorized ? */ - g_assign_gobject(offering, profile->private_data->offering); + g_assign_gobject(profile->private_data->offering, offering); return 0; } diff --git a/lasso/id-wsf/wsf_profile.h b/lasso/id-wsf/wsf_profile.h index 429ca6ac..f4f65e02 100644 --- a/lasso/id-wsf/wsf_profile.h +++ b/lasso/id-wsf/wsf_profile.h @@ -72,7 +72,7 @@ struct _LassoWsfProfile { /*< private >*/ LassoIdentity *identity; LassoSession *session; - + LassoWsfProfilePrivate *private_data; }; @@ -130,9 +130,11 @@ LASSO_EXPORT void lasso_wsf_profile_set_description(LassoWsfProfile *profile, LASSO_EXPORT LassoDiscoDescription *lasso_wsf_profile_get_description(LassoWsfProfile *profile); -LASSO_EXPORT gint lasso_wsf_profile_set_security_mechanism(LassoWsfProfile *profile, char *security_mech_id); +LASSO_EXPORT LassoDiscoResourceOffering *lasso_wsf_profile_get_resource_offering(LassoWsfProfile *profile); -LASSO_EXPORT const char *lasso_wsf_profile_get_security_mechanism(LassoWsfProfile *profile); +LASSO_EXPORT gint lasso_wsf_profile_set_security_mech_id(LassoWsfProfile *profile, const char *security_mech_id); + +LASSO_EXPORT const char *lasso_wsf_profile_get_security_mech_id(LassoWsfProfile *profile); G_GNUC_DEPRECATED LASSO_EXPORT void lasso_wsf_profile_set_principal_status(LassoWsfProfile *profile, const char *status); @@ -141,6 +143,9 @@ G_GNUC_DEPRECATED LASSO_EXPORT void lasso_wsf_profile_set_principal_online(Lasso G_GNUC_DEPRECATED LASSO_EXPORT void lasso_wsf_profile_set_principal_offline(LassoWsfProfile *profile); +LASSO_EXPORT gint lasso_wsf_profile_init(LassoWsfProfile *profile, LassoServer *server, + LassoDiscoResourceOffering *offering); + #ifdef __cplusplus } #endif /* __cplusplus */ diff --git a/lasso/lasso.c b/lasso/lasso.c index ff0c47b1..e71ca982 100644 --- a/lasso/lasso.c +++ b/lasso/lasso.c @@ -31,8 +31,7 @@ #include #include #include - -#include "lasso_config.h" +#include #include "lasso.h" #if defined _MSC_VER diff --git a/lasso/saml-2.0/assertion_query.c b/lasso/saml-2.0/assertion_query.c index 390ce5f0..e5c5d93f 100644 --- a/lasso/saml-2.0/assertion_query.c +++ b/lasso/saml-2.0/assertion_query.c @@ -523,7 +523,7 @@ dispose(GObject *object) static void finalize(GObject *object) { - LassoAssertionQuery *profile = LASSO_ASSERTION_QUERY(profile); + LassoAssertionQuery *profile = LASSO_ASSERTION_QUERY(object); g_free(profile->private_data); profile->private_data = NULL; G_OBJECT_CLASS(parent_class)->finalize(object); diff --git a/lasso/saml-2.0/ecpprivate.h b/lasso/saml-2.0/ecpprivate.h index affdd76e..736f9c9e 100644 --- a/lasso/saml-2.0/ecpprivate.h +++ b/lasso/saml-2.0/ecpprivate.h @@ -29,7 +29,7 @@ extern "C" { #endif /* __cplusplus */ -#include +#include struct _LassoEcpPrivate { diff --git a/lasso/xml/disco_description.c b/lasso/xml/disco_description.c index 7849bf3e..8712626a 100644 --- a/lasso/xml/disco_description.c +++ b/lasso/xml/disco_description.c @@ -23,6 +23,7 @@ */ #include +#include #include /** @@ -279,9 +280,8 @@ lasso_disco_description_has_x509_authentication(LassoDiscoDescription *descripti iter = description->SecurityMechID; while (iter) { security_mech_id = iter->data; - if (strcmp(security_mech_id, LASSO_SECURITY_MECH_CLIENT_TLS_X509) == 0 || - strcmp(security_mech_id, LASSO_SECURITY_MECH_TLS_X509) == 0 || - strcmp(security_mech_id, LASSO_SECURITY_MECH_X509) == 0) { + if (lasso_security_mech_id_is_x509_authentication( + security_mech_id)) { return TRUE; } iter = g_list_next(iter); diff --git a/lasso/xml/strings.h b/lasso/xml/strings.h index f9fc118a..c90e2279 100644 --- a/lasso/xml/strings.h +++ b/lasso/xml/strings.h @@ -267,6 +267,7 @@ /* status code */ #define LASSO_DISCO_STATUS_CODE_OK "OK" +#define LASSO_DISCO_STATUS_CODE_DISCO_OK "disco:OK" #define LASSO_DISCO_STATUS_CODE_FAILED "Failed" #define LASSO_DISCO_STATUS_CODE_REMOVE_ENTRY "RemoveEntry" #define LASSO_DISCO_STATUS_CODE_FORBIDDEN "Forbidden" diff --git a/lasso/xml/tools.c b/lasso/xml/tools.c index 627d3536..0a8c773c 100644 --- a/lasso/xml/tools.c +++ b/lasso/xml/tools.c @@ -47,6 +47,7 @@ #include LassoNode* lasso_assertion_encrypt(LassoSaml2Assertion *assertion); +static xmlSecKeyPtr lasso_get_public_key_from_private_key_file(const char *private_key_file); /** * lasso_build_random_sequence: @@ -203,7 +204,7 @@ xmlSecKeyPtr lasso_get_public_key_from_pem_file(const char *file) { xmlSecKeyDataFormatPem, NULL, NULL, NULL); break; case LASSO_PEM_FILE_TYPE_PRIVATE_KEY: - pub_key = lasso_load_private_key_file(file); + pub_key = lasso_get_public_key_from_private_key_file(file); break; /* with a warning ? */ } @@ -265,7 +266,7 @@ lasso_get_public_key_from_pem_cert_file(const char *pem_cert_file) * * Returns: a new $xmlSecKey containing the private key */ -xmlSecKeyPtr +static xmlSecKeyPtr lasso_get_public_key_from_private_key_file(const char *private_key_file) { return xmlSecCryptoAppKeyLoad(private_key_file, diff --git a/lasso/xml/xml.c b/lasso/xml/xml.c index 732c0582..ba4e5d27 100644 --- a/lasso/xml/xml.c +++ b/lasso/xml/xml.c @@ -1573,6 +1573,9 @@ lasso_node_new_from_xmlNode(xmlNode *xmlnode) prefix = "IdWsf2Sec"; else if (strcmp((char*)xmlnode->ns->href, LASSO_WSA_HREF) == 0) prefix = "WsAddr"; + else if (strcmp((char*)xmlnode->ns->href, "urn:dgme:msp:ed:2007-01") == 0) + /* FIXME: new namespaces should be possible to add from another library than lasso */ + prefix = "MspEd"; else { /* ID-WSF 2 Profile */ tmp = lasso_get_prefix_for_idwsf2_dst_service_href((char*)xmlnode->ns->href); diff --git a/swig/Lasso-wsf-disco.i b/swig/Lasso-wsf-disco.i index a4719a23..a6b5bf6e 100644 --- a/swig/Lasso-wsf-disco.i +++ b/swig/Lasso-wsf-disco.i @@ -31,6 +31,7 @@ #include #include #include +#include %} /* WSF prefix & href */ diff --git a/tests/tests.c b/tests/tests.c index 799b98a3..872b886c 100644 --- a/tests/tests.c +++ b/tests/tests.c @@ -23,7 +23,7 @@ #include #include -#include +#include #include #include