Fix leaks, change signature of lasso_provider_get_sp_name_qualifier, make it return a const char*

lasso/id-ff/federation.c

@@ -278,7 +278,7 @@ lasso_federation_get_type()
  * Return value: a newly created #LassoFederation
  **/
 LassoFederation*
-lasso_federation_new(gchar *remote_providerID)
+lasso_federation_new(const gchar *remote_providerID)
 {
 	LassoFederation *federation;
 

lasso/id-ff/federation.h

@@ -65,7 +65,7 @@ struct _LassoFederationClass {
 
 LASSO_EXPORT GType lasso_federation_get_type(void);
 
-LASSO_EXPORT LassoFederation* lasso_federation_new(gchar *remote_providerID);
+LASSO_EXPORT LassoFederation* lasso_federation_new(const gchar *remote_providerID);
 
 LASSO_EXPORT void lasso_federation_build_local_name_identifier(LassoFederation *federation,
 		const gchar *nameQualifier, const gchar *format, const gchar *content);

lasso/id-ff/profile.c

@@ -100,7 +100,7 @@ lasso_profile_get_nameIdentifier(LassoProfile *profile)
 {
 	LassoProvider *remote_provider;
 	LassoFederation *federation;
-	char *name_id_sp_name_qualifier;
+	const char *name_id_sp_name_qualifier;
 
 	if (!LASSO_IS_PROFILE(profile)) {
 		return NULL;

lasso/id-ff/provider.c

@@ -1363,10 +1363,10 @@ lasso_provider_get_default_name_id_format(const LassoProvider *provider)
  * Return value:(transfer none): a private string or NULL. Do not keep a reference on this string or
  * free it.
  */
-char*
+const char*
 lasso_provider_get_sp_name_qualifier(LassoProvider *provider)
 {
-	char *sp_name_qualifier;
+	const char *sp_name_qualifier;
 
 	g_return_val_if_fail(LASSO_IS_PROVIDER(provider), NULL);
 	/* should not happen ! */
@@ -1379,7 +1379,7 @@ lasso_provider_get_sp_name_qualifier(LassoProvider *provider)
 	}
 
 	if (sp_name_qualifier) {
-		return g_strdup(sp_name_qualifier);
+		return sp_name_qualifier;
 	} else {
 		return NULL;
 	}

lasso/id-ff/provider.h

@@ -210,7 +210,7 @@ LASSO_EXPORT void lasso_provider_set_encryption_sym_key_type(LassoProvider *prov
 
 LASSO_EXPORT gchar* lasso_provider_get_default_name_id_format(const LassoProvider *provider);
 
-LASSO_EXPORT char* lasso_provider_get_sp_name_qualifier(LassoProvider *provider);
+LASSO_EXPORT const char* lasso_provider_get_sp_name_qualifier(LassoProvider *provider);
 
 LASSO_EXPORT int lasso_provider_verify_single_node_signature (LassoProvider *provider,
 		LassoNode *node, const char *id_attr_name);

lasso/saml-2.0/login.c

@@ -101,6 +101,7 @@ lasso_saml20_login_init_authn_request(LassoLogin *login, LassoHttpMethod http_me
 		request->Issuer->content);
 
 cleanup:
+	lasso_release_gobject(request);
 	return rc;
 }
 
@@ -268,6 +269,7 @@ lasso_saml20_login_process_authn_request_msg(LassoLogin *login, const char *auth
 	lasso_assign_string(response->InResponseTo, LASSO_SAMLP2_REQUEST_ABSTRACT(profile->request)->ID);
 
 cleanup:
+	lasso_release_gobject(response);
 	return rc;
 }
 
@@ -382,7 +384,7 @@ lasso_saml20_login_must_ask_for_consent_private(LassoLogin *login)
 	LassoSamlp2NameIDPolicy *name_id_policy;
 	char *consent;
 	LassoFederation *federation;
-	char *name_id_sp_name_qualifier = NULL;
+	const char *name_id_sp_name_qualifier = NULL;
 	LassoProvider *remote_provider;
 	gboolean rc = TRUE;
 
@@ -436,7 +438,6 @@ lasso_saml20_login_must_ask_for_consent_private(LassoLogin *login)
 		goto_cleanup_with_rc (TRUE)
 
 cleanup:
-	lasso_release_string (name_id_sp_name_qualifier);
 	return rc;
 }
 
@@ -505,7 +506,7 @@ lasso_saml20_login_process_federation(LassoLogin *login, gboolean is_consent_obt
 	LassoSamlp2NameIDPolicy *name_id_policy;
 	char *name_id_policy_format = NULL;
 	LassoFederation *federation;
-	char *name_id_sp_name_qualifier = NULL;
+	const char *name_id_sp_name_qualifier = NULL;
 	LassoProvider *remote_provider;
 	int rc = 0;
 
@@ -583,20 +584,18 @@ lasso_saml20_login_process_federation(LassoLogin *login, gboolean is_consent_obt
 	lasso_assign_gobject(profile->nameIdentifier, federation->local_nameIdentifier);
 
 cleanup:
-	lasso_release_string (name_id_sp_name_qualifier);
 	return rc;
 }
 
 static LassoFederation*
 _lasso_login_saml20_get_federation(LassoLogin *login) {
 	LassoFederation *federation = NULL;
-	char *name_id_sp_name_qualifier;
+	const char *name_id_sp_name_qualifier = NULL;
 
 
 	name_id_sp_name_qualifier = lasso_provider_get_sp_name_qualifier(
 			lasso_server_get_provider(login->parent.server, login->parent.remote_providerID));
 	federation = lasso_identity_get_federation(login->parent.identity, name_id_sp_name_qualifier);
-	lasso_release_string(name_id_sp_name_qualifier);
 	return federation;
 }
 

lasso/xml/xml.c

@@ -497,6 +497,7 @@ lasso_node_encrypt(LassoNode *lasso_node, xmlSecKey *encryption_public_key,
 	xmlNodePtr key_info_node2 = NULL;
 	xmlSecEncCtxPtr enc_ctx = NULL;
 	xmlSecTransformId xmlsec_encryption_sym_key_type;
+	xmlSecKey *duplicate = NULL;
 
 	if (encryption_public_key == NULL || !xmlSecKeyIsValid(encryption_public_key)) {
 		message(G_LOG_LEVEL_WARNING, "Invalid encryption key");
@@ -557,7 +558,9 @@ lasso_node_encrypt(LassoNode *lasso_node, xmlSecKey *encryption_public_key,
 	/* add key to keys manager, from now on keys manager is responsible
 	 * for destroying key
 	 */
-	if (xmlSecCryptoAppDefaultKeysMngrAdoptKey(key_manager, encryption_public_key) < 0) {
+	duplicate = xmlSecKeyDuplicate(encryption_public_key);
+	if (xmlSecCryptoAppDefaultKeysMngrAdoptKey(key_manager, duplicate) < 0) {
+		lasso_release_sec_key(duplicate);
 		goto cleanup;
 	}