From 641702b346456e47a5eb8a4adcf62ee841d1e47f Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Fri, 2 Dec 2011 19:30:31 +0100 Subject: [PATCH 01/17] [id-ff] move LassoLogin to use LassoSignatureContext --- lasso/id-ff/login.c | 141 +++++++++++++++----------------------------- 1 file changed, 49 insertions(+), 92 deletions(-) diff --git a/lasso/id-ff/login.c b/lasso/id-ff/login.c index 31cb94bc..15e4735e 100644 --- a/lasso/id-ff/login.c +++ b/lasso/id-ff/login.c @@ -338,6 +338,7 @@ lasso_login_build_assertion(LassoLogin *login, LassoProvider *provider = NULL; LassoSaml2EncryptedElement *encrypted_element = NULL; LassoSamlSubjectStatementAbstract *ss; + lasso_error_t rc = 0; g_return_val_if_fail(LASSO_IS_LOGIN(login), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); @@ -400,14 +401,9 @@ lasso_login_build_assertion(LassoLogin *login, assertion->AuthenticationStatement = LASSO_SAML_AUTHENTICATION_STATEMENT(as); /* Save signing material in assertion private datas to be able to sign later */ - if (profile->server->certificate) { - assertion->sign_type = LASSO_SIGNATURE_TYPE_WITHX509; - } else { - assertion->sign_type = LASSO_SIGNATURE_TYPE_SIMPLE; - } - assertion->sign_method = profile->server->signature_method; - lasso_assign_string(assertion->private_key_file, profile->server->private_key); - lasso_assign_string(assertion->certificate_file, profile->server->certificate); + lasso_check_good_rc(lasso_server_set_signature_for_provider_by_name(login->parent.server, + profile->remote_providerID, (LassoNode*)assertion)); + if (login->protocolProfile == LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_POST || \ login->protocolProfile == LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_LECP) { @@ -424,7 +420,7 @@ lasso_login_build_assertion(LassoLogin *login, if (profile->session == NULL) { profile->session = lasso_session_new(); } - lasso_assign_new_gobject(login->assertion, LASSO_SAML_ASSERTION(assertion)); + lasso_assign_gobject(login->assertion, LASSO_SAML_ASSERTION(assertion)); lasso_session_add_assertion(profile->session, profile->remote_providerID, LASSO_NODE(assertion)); @@ -454,7 +450,9 @@ lasso_login_build_assertion(LassoLogin *login, } } - return 0; +cleanup: + lasso_release_gobject(assertion); + return rc; } /** @@ -1078,15 +1076,15 @@ lasso_login_build_artifact_msg(LassoLogin *login, LassoHttpMethod http_method) * * **/ -gint +lasso_error_t lasso_login_build_authn_request_msg(LassoLogin *login) { LassoProvider *provider, *remote_provider; LassoProfile *profile; - char *md_authnRequestsSigned, *url, *query, *lareq, *protocolProfile; + char *md_authnRequestsSigned, *url, *query = NULL, *lareq, *protocolProfile; LassoProviderRole role, remote_role; gboolean must_sign; - gint ret = 0; + gint rc = 0; g_return_val_if_fail(LASSO_IS_LOGIN(login), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); profile = LASSO_PROFILE(login); @@ -1132,20 +1130,14 @@ lasso_login_build_authn_request_msg(LassoLogin *login) provider->role = role; remote_provider->role = remote_role; - if (!must_sign) - LASSO_SAMLP_REQUEST_ABSTRACT( - profile->request)->sign_type = LASSO_SIGNATURE_TYPE_NONE; - if (login->http_method == LASSO_HTTP_METHOD_REDIRECT) { /* REDIRECT -> query */ if (must_sign) { - query = lasso_node_export_to_query_with_password(LASSO_NODE(profile->request), - profile->server->signature_method, - profile->server->private_key, - profile->server->private_key_password); + lasso_check_good_rc(lasso_server_export_to_query_for_provider_by_name(profile->server, + profile->remote_providerID, + profile->request, &query)); } else { - query = lasso_node_export_to_query_with_password( - LASSO_NODE(profile->request), 0, NULL, NULL); + query = lasso_node_build_query(LASSO_NODE(profile->request)); } if (query == NULL) { return critical_error(LASSO_PROFILE_ERROR_BUILDING_QUERY_FAILED); @@ -1164,14 +1156,9 @@ lasso_login_build_authn_request_msg(LassoLogin *login) } if (login->http_method == LASSO_HTTP_METHOD_POST) { if (must_sign) { - /* XXX: private_key_file is not declared within request - * snippets so it is not freed on destroy, so it is - * normal to not strdup() it; nevertheless it would - * probably be more clean not to to it this way */ - LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->private_key_file = - profile->server->private_key; - LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->certificate_file = - profile->server->certificate; + lasso_server_set_signature_for_provider_by_name(profile->server, + profile->remote_providerID, + profile->request); } lareq = lasso_node_export_to_base64(profile->request); @@ -1184,7 +1171,8 @@ lasso_login_build_authn_request_msg(LassoLogin *login) lasso_assign_new_string(profile->msg_body, lareq); } - return ret; +cleanup: + return rc; } /** @@ -1244,8 +1232,9 @@ lasso_login_build_authn_request_msg(LassoLogin *login) gint lasso_login_build_authn_response_msg(LassoLogin *login) { - LassoProvider *remote_provider; - LassoProfile *profile; + LassoProvider *remote_provider = NULL; + LassoProfile *profile = NULL; + lasso_error_t rc = 0; g_return_val_if_fail(LASSO_IS_LOGIN(login), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); @@ -1274,22 +1263,14 @@ lasso_login_build_authn_response_msg(LassoLogin *login) /* Countermeasure: The issuer should sign messages. * (binding and profiles (1.2errata2, page 65) */ - if (profile->server->certificate) { - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->sign_type = - LASSO_SIGNATURE_TYPE_WITHX509; - } else { - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->sign_type = - LASSO_SIGNATURE_TYPE_SIMPLE; - } - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->sign_method = - LASSO_SIGNATURE_METHOD_RSA_SHA1; - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->private_key_file = - profile->server->private_key; - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->certificate_file = - profile->server->certificate; + lasso_check_good_rc(lasso_server_set_signature_for_provider_by_name( + profile->server, + profile->remote_providerID, + profile->response)); /* build an lib:AuthnResponse base64 encoded */ - lasso_assign_new_string(profile->msg_body, lasso_node_export_to_base64(LASSO_NODE(profile->response))); + lasso_assign_new_string(profile->msg_body, + lasso_node_export_to_base64(LASSO_NODE(profile->response))); remote_provider = lasso_server_get_provider(profile->server, profile->remote_providerID); if (LASSO_IS_PROVIDER(remote_provider) == FALSE) @@ -1299,8 +1280,8 @@ lasso_login_build_authn_response_msg(LassoLogin *login) if (profile->msg_url == NULL) { return LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL; } - - return 0; +cleanup: + return rc; } /** @@ -1327,6 +1308,7 @@ lasso_login_build_request_msg(LassoLogin *login) { LassoProvider *remote_provider; LassoProfile *profile; + lasso_error_t rc = 0; g_return_val_if_fail(LASSO_IS_LOGIN(login), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); @@ -1342,10 +1324,10 @@ lasso_login_build_request_msg(LassoLogin *login) return critical_error(LASSO_PROFILE_ERROR_MISSING_REMOTE_PROVIDERID); } - LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->private_key_file = - profile->server->private_key; - LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->certificate_file = - profile->server->certificate; + lasso_check_good_rc(lasso_server_set_signature_for_provider_by_name( + profile->server, + profile->remote_providerID, + profile->request)); lasso_assign_new_string(profile->msg_body, lasso_node_export_to_soap(profile->request)); remote_provider = lasso_server_get_provider(profile->server, profile->remote_providerID); @@ -1353,7 +1335,8 @@ lasso_login_build_request_msg(LassoLogin *login) return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND); } lasso_assign_new_string(profile->msg_url, lasso_provider_get_metadata_one(remote_provider, "SoapEndpoint")); - return 0; +cleanup: + return rc; } /** @@ -1379,7 +1362,7 @@ lasso_login_build_response_msg(LassoLogin *login, gchar *remote_providerID) { LassoProvider *remote_provider; LassoProfile *profile; - gint ret = 0; + lasso_error_t rc = 0; g_return_val_if_fail(LASSO_IS_LOGIN(login), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); profile = LASSO_PROFILE(login); @@ -1398,38 +1381,28 @@ lasso_login_build_response_msg(LassoLogin *login, gchar *remote_providerID) LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->MinorVersion = 0; } - if (profile->server->certificate) { - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->sign_type = - LASSO_SIGNATURE_TYPE_WITHX509; - } else { - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->sign_type = - LASSO_SIGNATURE_TYPE_SIMPLE; - } - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->sign_method = - LASSO_SIGNATURE_METHOD_RSA_SHA1; - if (remote_providerID != NULL) { lasso_assign_string(profile->remote_providerID, remote_providerID); remote_provider = lasso_server_get_provider(profile->server, profile->remote_providerID); - ret = lasso_provider_verify_signature(remote_provider, + rc = lasso_provider_verify_signature(remote_provider, login->private_data->soap_request_msg, "RequestID", LASSO_MESSAGE_FORMAT_SOAP); lasso_release_string(login->private_data->soap_request_msg); /* lasso_profile_set_session_from_dump has not been called */ if (profile->session == NULL) { - ret = LASSO_PROFILE_ERROR_SESSION_NOT_FOUND; + rc = LASSO_PROFILE_ERROR_SESSION_NOT_FOUND; } /* change status code into RequestDenied if signature is * invalid or not found or if an error occurs during * verification */ - if (ret != 0) { + if (rc != 0) { lasso_profile_set_response_status(profile, LASSO_SAML_STATUS_CODE_REQUEST_DENIED); } - if (ret == 0) { + if (rc == 0) { /* get assertion in session and add it in response */ LassoSamlAssertion *assertion; LassoSamlpStatus *status; @@ -1456,13 +1429,14 @@ lasso_login_build_response_msg(LassoLogin *login, gchar *remote_providerID) lasso_profile_set_response_status(profile, LASSO_SAML_STATUS_CODE_REQUEST_DENIED); } - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->private_key_file = - profile->server->private_key; - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->certificate_file = - profile->server->certificate; + lasso_check_good_rc(lasso_server_set_signature_for_provider_by_name( + profile->server, + profile->remote_providerID, + profile->response)); lasso_assign_new_string(profile->msg_body, lasso_node_export_to_soap(profile->response)); - return ret; +cleanup: + return rc; } /** @@ -1567,15 +1541,6 @@ lasso_login_init_authn_request(LassoLogin *login, const gchar *remote_providerID lasso_assign_string(LASSO_LIB_AUTHN_REQUEST(profile->request)->RelayState, profile->msg_relayState); - if (http_method == LASSO_HTTP_METHOD_POST) { - request->sign_method = LASSO_SIGNATURE_METHOD_RSA_SHA1; - if (profile->server->certificate) { - request->sign_type = LASSO_SIGNATURE_TYPE_WITHX509; - } else { - request->sign_type = LASSO_SIGNATURE_TYPE_SIMPLE; - } - } - return 0; } @@ -1709,15 +1674,7 @@ lasso_login_init_request(LassoLogin *login, gchar *response_msg, request->MajorVersion = LASSO_SAML_MAJOR_VERSION_N; request->MinorVersion = LASSO_SAML_MINOR_VERSION_N; lasso_assign_new_string(request->IssueInstant, lasso_get_current_time()); - LASSO_SAMLP_REQUEST(request)->AssertionArtifact = artifact_b64; - if (profile->server->certificate) { - request->sign_type = LASSO_SIGNATURE_TYPE_WITHX509; - } else { - request->sign_type = LASSO_SIGNATURE_TYPE_SIMPLE; - } - request->sign_method = LASSO_SIGNATURE_METHOD_RSA_SHA1; - lasso_assign_new_gobject(profile->request, LASSO_NODE(request)); return ret; From ba5746c39fc451c81ea19f5eabced24670f459b9 Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Thu, 8 Dec 2011 10:47:37 +0100 Subject: [PATCH 02/17] [logging] add an error() macro --- lasso/logging.h | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/lasso/logging.h b/lasso/logging.h index 6c659d1b..9a483c34 100644 --- a/lasso/logging.h +++ b/lasso/logging.h @@ -125,6 +125,23 @@ static inline void critical(const char *format, ...) } #endif +#if defined(__GNUC__) +# define error(format, args...) \ + message(G_LOG_LEVEL_DEBUG, format, ##args) +#elif defined(HAVE_VARIADIC_MACROS) +# define error(...) message(G_LOG_LEVEL_DEBUG, __VA_ARGS__) +#else +static inline void error(const char *format, ...) +{ + va_list ap; + char s[1024]; + va_start(ap, format); + g_vsnprintf(s, 1024, format, ap); + va_end(ap); + message(G_LOG_LEVEL_ERROR, "%s", s); +} +#endif + #define critical_error(rc) (critical("%s", lasso_strerror(rc)), rc) #endif /* __LASSO_LOGGING_H_ */ From 4eb0ae483ee1017e380bfc62daf02d5af9089f80 Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Thu, 8 Dec 2011 10:47:52 +0100 Subject: [PATCH 03/17] [id-ff] move LassoLogout to use LassoSignatureContext --- lasso/id-ff/logout.c | 231 ++++++++++++++++++------------------------- 1 file changed, 97 insertions(+), 134 deletions(-) diff --git a/lasso/id-ff/logout.c b/lasso/id-ff/logout.c index 0c51c621..e8886933 100644 --- a/lasso/id-ff/logout.c +++ b/lasso/id-ff/logout.c @@ -277,14 +277,16 @@ static void check_soap_support(gchar *key, LassoProvider *provider, LassoProfile * * Return value: 0 on success; or a negative value otherwise. **/ -gint +lasso_error_t lasso_logout_build_request_msg(LassoLogout *logout) { - LassoProfile *profile; - LassoProvider *remote_provider; - char *url, *query; + LassoProfile *profile = NULL; + LassoProvider *remote_provider = NULL; + char *url = NULL; + char *query = NULL; + lasso_error_t rc = 0; - g_return_val_if_fail(LASSO_IS_LOGOUT(logout), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); + lasso_bad_param(LOGOUT, logout); profile = LASSO_PROFILE(logout); lasso_profile_clean_msg_info(profile); @@ -294,14 +296,14 @@ lasso_logout_build_request_msg(LassoLogout *logout) } if (profile->remote_providerID == NULL) { - /* this means lasso_logout_init_request was not called before */ - return critical_error(LASSO_PROFILE_ERROR_MISSING_REMOTE_PROVIDERID); + /* it means lasso_logout_init_request was not called before */ + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_MISSING_REMOTE_PROVIDERID); } /* get remote provider */ remote_provider = lasso_server_get_provider(profile->server, profile->remote_providerID); if (LASSO_IS_PROVIDER(remote_provider) == FALSE) { - return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND); + goto_cleanup_with_rc(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND); } /* build the logout request message */ @@ -311,38 +313,30 @@ lasso_logout_build_request_msg(LassoLogout *logout) remote_provider, "SoapEndpoint")); /* FIXME: private key file is not owned by the request ? That is potentially a * problem if the server life does not exceed the request */ - lasso_assign_new_string(LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->private_key_file, - profile->server->private_key); - lasso_assign_new_string(LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->certificate_file, - profile->server->certificate); - lasso_assign_new_string(profile->msg_body, lasso_node_export_to_soap(profile->request)); - return 0; - } - - if (logout->initial_http_request_method == LASSO_HTTP_METHOD_REDIRECT) { + lasso_check_good_rc(lasso_server_set_signature_for_provider_by_name(logout->parent.server, + profile->remote_providerID, profile->request)); + lasso_assign_new_string(profile->msg_body, + lasso_node_export_to_soap(profile->request)); + } else if (logout->initial_http_request_method == LASSO_HTTP_METHOD_REDIRECT) { /* build and optionally sign the logout request QUERY message */ url = lasso_provider_get_metadata_one(remote_provider, "SingleLogoutServiceURL"); - if (url == NULL) { - return critical_error(LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL); - } - query = lasso_node_export_to_query_with_password(LASSO_NODE(profile->request), - profile->server->signature_method, - profile->server->private_key, - profile->server->private_key_password); - if (query == NULL) { - lasso_release(url); - return critical_error(LASSO_PROFILE_ERROR_BUILDING_QUERY_FAILED); - } + if (url == NULL) + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL); + lasso_check_good_rc(lasso_server_export_to_query_for_provider_by_name(profile->server, + profile->remote_providerID, profile->request, &query)); + if (query == NULL) + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_BUILDING_QUERY_FAILED); /* build the msg_url */ lasso_assign_new_string(profile->msg_url, lasso_concat_url_query(url, query)); - lasso_release(url); - lasso_release(query); lasso_release_string(profile->msg_body); - return 0; + } else { + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD); } - - return critical_error(LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD); +cleanup: + lasso_release(url); + lasso_release(query); + return rc; } @@ -372,16 +366,17 @@ lasso_logout_build_request_msg(LassoLogout *logout) * * Return value: 0 on success; or a negative value otherwise. **/ -gint +lasso_error_t lasso_logout_build_response_msg(LassoLogout *logout) { - LassoProfile *profile; - LassoProvider *provider; - gchar *url, *query; + LassoProfile *profile = NULL; + LassoProvider *provider = NULL; + gchar *url = NULL; + gchar *query = NULL; + lasso_error_t rc = 0; - g_return_val_if_fail(LASSO_IS_LOGOUT(logout), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); - - profile = LASSO_PROFILE(logout); + lasso_bad_param(LOGOUT, logout); + profile = &logout->parent; lasso_profile_clean_msg_info(profile); if (! profile->private_data || ! logout->private_data) { @@ -403,8 +398,7 @@ lasso_logout_build_response_msg(LassoLogout *logout) LASSO_SIGNATURE_TYPE_WITHX509 : LASSO_SIGNATURE_TYPE_SIMPLE, LASSO_SIGNATURE_METHOD_RSA_SHA1)); - } - if (profile->http_request_method == LASSO_HTTP_METHOD_REDIRECT) { + } else if (profile->http_request_method == LASSO_HTTP_METHOD_REDIRECT) { lasso_assign_new_gobject(profile->response, lasso_lib_logout_response_new_full( LASSO_PROVIDER(profile->server)->ProviderID, @@ -419,7 +413,7 @@ lasso_logout_build_response_msg(LassoLogout *logout) /* no remote provider id set or no response set, this means * this function got called before validate_request, probably * because there were no active session */ - return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND); + goto_cleanup_with_rc(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND); } /* Set the RelayState */ @@ -428,47 +422,33 @@ lasso_logout_build_response_msg(LassoLogout *logout) /* build logout response message */ if (profile->http_request_method == LASSO_HTTP_METHOD_SOAP) { - lasso_release(profile->msg_url); - lasso_assign_string( - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->private_key_file, - profile->server->private_key); - lasso_assign_string( - LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->certificate_file, - profile->server->certificate); + lasso_release_string(profile->msg_url); + lasso_check_good_rc(lasso_server_set_signature_for_provider_by_name(logout->parent.server, + profile->remote_providerID, profile->response)); lasso_assign_new_string(profile->msg_body, lasso_node_export_to_soap(profile->response)); - return 0; - } - - if (profile->http_request_method == LASSO_HTTP_METHOD_REDIRECT) { - /* get the provider */ + } else if (profile->http_request_method == LASSO_HTTP_METHOD_REDIRECT) { + lasso_release_string(profile->msg_body); provider = lasso_server_get_provider(profile->server, profile->remote_providerID); - if (provider == NULL) { - return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND); - } + if (provider == NULL) + goto_cleanup_with_rc(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND); url = lasso_provider_get_metadata_one(provider, "SingleLogoutServiceReturnURL"); - if (url == NULL) { - /* XXX: but wouldn't it be nice to provide a fallback msgUrl, - * something like the document root of the other site ? */ - return critical_error(LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL); - } - query = lasso_node_export_to_query_with_password(profile->response, - profile->server->signature_method, - profile->server->private_key, - profile->server->private_key_password); - if (query == NULL) { - lasso_release(url); - return critical_error(LASSO_PROFILE_ERROR_BUILDING_QUERY_FAILED); - } + if (url == NULL) + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL); + lasso_check_good_rc(lasso_server_export_to_query_for_provider_by_name(profile->server, + profile->remote_providerID, profile->response, &query)); + if (query == NULL) + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_BUILDING_QUERY_FAILED); lasso_assign_new_string(profile->msg_url, lasso_concat_url_query(url, query)); - lasso_release(profile->msg_body); - lasso_release(url); - lasso_release(query); - return 0; + } else { + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD); } - return LASSO_PROFILE_ERROR_MISSING_REQUEST; +cleanup: + lasso_release_string(url); + lasso_release_string(query); + return rc; } /** @@ -804,21 +784,23 @@ lasso_logout_process_request_msg(LassoLogout *logout, char *request_msg) * * Return value: 0 on success; or a negative value otherwise. **/ -gint +lasso_error_t lasso_logout_process_response_msg(LassoLogout *logout, gchar *response_msg) { - LassoProfile *profile; - LassoProvider *remote_provider; - char *statusCodeValue; + LassoProfile *profile = NULL; + LassoProvider *remote_provider = NULL; + char *statusCodeValue = NULL; LassoHttpMethod response_method; LassoMessageFormat format; - LassoLibStatusResponse *response; - int rc = 0; + LassoLibStatusResponse *response = NULL; + lasso_error_t rc = 0; + gchar *url = NULL; + gchar *query = NULL; - g_return_val_if_fail(LASSO_IS_LOGOUT(logout), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); - g_return_val_if_fail(response_msg != NULL, LASSO_PARAM_ERROR_INVALID_VALUE); - profile = LASSO_PROFILE(logout); + lasso_bad_param(LOGOUT, logout); + lasso_null_param(response_msg); + profile = &logout->parent; IF_SAML2(profile) { return lasso_saml20_logout_process_response_msg(logout, response_msg); @@ -835,24 +817,20 @@ lasso_logout_process_response_msg(LassoLogout *logout, gchar *response_msg) response_method = LASSO_HTTP_METHOD_REDIRECT; break; default: - return critical_error(LASSO_PROFILE_ERROR_INVALID_MSG); + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_INVALID_MSG); } /* get the RelayState */ lasso_assign_string(profile->msg_relayState, LASSO_LIB_STATUS_RESPONSE(profile->response)->RelayState); - /* get provider */ lasso_assign_string(profile->remote_providerID, LASSO_LIB_STATUS_RESPONSE(profile->response)->ProviderID); - if (profile->remote_providerID == NULL) { - return critical_error(LASSO_PROFILE_ERROR_MISSING_REMOTE_PROVIDERID); - } - + if (profile->remote_providerID == NULL) + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_MISSING_REMOTE_PROVIDERID); remote_provider = lasso_server_get_provider(profile->server, profile->remote_providerID); - if (LASSO_IS_PROVIDER(remote_provider) == FALSE) { - return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND); - } + if (LASSO_IS_PROVIDER(remote_provider) == FALSE) + goto_cleanup_with_rc(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND); /* verify signature */ rc = lasso_provider_verify_signature(remote_provider, response_msg, "ResponseID", format); @@ -860,15 +838,17 @@ lasso_logout_process_response_msg(LassoLogout *logout, gchar *response_msg) /* This message SHOULD be signed. * -- draft-liberty-idff-protocols-schema-1.2-errata-v2.0.pdf - p38 */ - message(G_LOG_LEVEL_WARNING, "No signature on response"); + debug("No signature on logout response"); rc = 0; + } else { + goto cleanup; } response = LASSO_LIB_STATUS_RESPONSE(profile->response); if (response->Status == NULL || response->Status->StatusCode == NULL || response->Status->StatusCode->Value == NULL) { - return critical_error(LASSO_PROFILE_ERROR_MISSING_STATUS_CODE); + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_MISSING_STATUS_CODE); } statusCodeValue = response->Status->StatusCode->Value; @@ -880,70 +860,51 @@ lasso_logout_process_response_msg(LassoLogout *logout, gchar *response_msg) if (response->Status->StatusCode && response->Status->StatusCode->StatusCode) statusCodeValue = response->Status->StatusCode->StatusCode->Value; - if (strcmp(statusCodeValue, LASSO_LIB_STATUS_CODE_UNSUPPORTED_PROFILE) == 0 && + if (lasso_strisequal(statusCodeValue, LASSO_LIB_STATUS_CODE_UNSUPPORTED_PROFILE) && remote_provider->role == LASSO_PROVIDER_ROLE_IDP && logout->initial_http_request_method == LASSO_HTTP_METHOD_SOAP) { - gchar *url, *query; - /* Build and optionally sign the logout request QUERY message */ + lasso_release(profile->msg_body); url = lasso_provider_get_metadata_one(remote_provider, "SingleLogoutServiceURL"); - if (url == NULL) { - return critical_error(LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL); - } - query = lasso_node_export_to_query_with_password(LASSO_NODE(profile->request), - profile->server->signature_method, - profile->server->private_key, - profile->server->private_key_password); - if (query == NULL) { - lasso_release(url); - return critical_error(LASSO_PROFILE_ERROR_BUILDING_QUERY_FAILED); - } + if (url == NULL) + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL); + + lasso_check_good_rc(lasso_server_export_to_query_for_provider_by_name(profile->server, + profile->remote_providerID, profile->request, + &query)); + if (query == NULL) + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_BUILDING_QUERY_FAILED); lasso_assign_new_string(profile->msg_url, lasso_concat_url_query(url, query)); - lasso_release(url); - lasso_release(query); - lasso_release(profile->msg_body); /* send a HTTP Redirect / GET method, so first remove session */ lasso_session_remove_assertion( profile->session, profile->remote_providerID); - return LASSO_LOGOUT_ERROR_UNSUPPORTED_PROFILE; - } - if (strcmp(statusCodeValue, LASSO_SAML_STATUS_CODE_REQUEST_DENIED) == 0) { + goto_cleanup_with_rc(LASSO_LOGOUT_ERROR_UNSUPPORTED_PROFILE); + } else if (lasso_strisequal(statusCodeValue, LASSO_SAML_STATUS_CODE_REQUEST_DENIED)) { /* assertion no longer on idp so removing it locally too */ - message(G_LOG_LEVEL_WARNING, "SP answer is request denied"); lasso_session_remove_assertion( profile->session, profile->remote_providerID); - return LASSO_LOGOUT_ERROR_REQUEST_DENIED; - } - if (strcmp(statusCodeValue, - LASSO_LIB_STATUS_CODE_FEDERATION_DOES_NOT_EXIST) == 0) { + goto_cleanup_with_rc(LASSO_LOGOUT_ERROR_REQUEST_DENIED); + } else if (lasso_strisequal(statusCodeValue, + LASSO_LIB_STATUS_CODE_FEDERATION_DOES_NOT_EXIST)) { /* how could this happen ? probably error in SP */ /* let's remove the assertion nevertheless */ - message(G_LOG_LEVEL_WARNING, "SP answer is federation does not exist"); lasso_session_remove_assertion( profile->session, profile->remote_providerID); - return LASSO_LOGOUT_ERROR_FEDERATION_NOT_FOUND; + goto_cleanup_with_rc(LASSO_LOGOUT_ERROR_FEDERATION_NOT_FOUND); } - message(G_LOG_LEVEL_CRITICAL, "Status code is not success : %s", statusCodeValue); - return LASSO_PROFILE_ERROR_STATUS_NOT_SUCCESS; + error("Status code is not success : %s", statusCodeValue); + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_STATUS_NOT_SUCCESS); } - /* LogoutResponse status code value is ok */ - /* if SOAP method or, if IDP provider type and HTTP Redirect, then remove assertion */ if ( response_method == LASSO_HTTP_METHOD_SOAP || (remote_provider->role == LASSO_PROVIDER_ROLE_SP && response_method == LASSO_HTTP_METHOD_REDIRECT) ) { lasso_session_remove_assertion(profile->session, profile->remote_providerID); -#if 0 /* ? */ - if (remote_provider->role == LASSO_PROVIDER_ROLE_SP && - logout->providerID_index >= 0) { - logout->providerID_index--; - } -#endif } /* If at IDP and if there is no more assertion, IDP has logged out @@ -963,7 +924,9 @@ lasso_logout_process_response_msg(LassoLogout *logout, gchar *response_msg) lasso_transfer_gobject(profile->response, logout->initial_response); } } - +cleanup: + lasso_release_string(url); + lasso_release_string(query); return rc; } From 18a10593fc48ae3efe861d4ca664492d853e2ca7 Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Thu, 8 Dec 2011 18:11:46 +0100 Subject: [PATCH 04/17] [provider] fix doc comment --- lasso/id-ff/provider.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/lasso/id-ff/provider.c b/lasso/id-ff/provider.c index 34e50c4b..494d1351 100644 --- a/lasso/id-ff/provider.c +++ b/lasso/id-ff/provider.c @@ -1756,10 +1756,9 @@ cleanup: * @key: a #LassoKey object * @after:(default FALSE): add the key at the end of the list, not on front. * - * Add a new signature key for validating message received from @provider. - * If the key is used to improve verification time add it first with @after as true, it the key is - * ther for coninuitý of service (when doing a key rollover for example) at it last with @after as - * false. + * Add a new signature key for validating message received from @provider. If the key is used to + * improve verification time add it first with @after as true, it the key is ther for continuity of + * service (when doing a key rollover for example) at it last with @after as false. * * Return value: 0 if successful, an error code otherwise. */ From c0d1dbbd95c8077bdd042f6fb3540fcc80ea0348 Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Fri, 9 Dec 2011 22:04:23 +0100 Subject: [PATCH 05/17] remove debugging printf statement --- tests/login_tests_saml2.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/tests/login_tests_saml2.c b/tests/login_tests_saml2.c index 5576ee1c..055e6298 100644 --- a/tests/login_tests_saml2.c +++ b/tests/login_tests_saml2.c @@ -940,7 +940,6 @@ sso_initiated_by_sp(LassoServer *idp_context, LassoServer *sp_context) LASSO_SAMLP2_AUTHN_REQUEST(sp_login_context->parent.request)->NameIDPolicy->AllowCreate = 1; check_good_rc(lasso_login_build_authn_request_msg(sp_login_context)); check_not_null(sp_login_context->parent.msg_url); - printf("authn_request: %s", sp_login_context->parent.msg_url); authn_request_query = strchr(sp_login_context->parent.msg_url, '?'); check_not_null(authn_request_query); authn_request_query += 1; @@ -960,7 +959,6 @@ sso_initiated_by_sp(LassoServer *idp_context, LassoServer *sp_context) check_good_rc(lasso_login_build_authn_response_msg(idp_login_context)); check_not_null(idp_login_context->parent.msg_body); check_not_null(idp_login_context->parent.msg_url); - printf("Xml Response: %s\n", lasso_node_export_to_xml(idp_login_context->parent.response)); /* Process response */ check_good_rc(lasso_login_process_authn_response_msg(sp_login_context, From f4fc26bb39d2549b31c5dca77206198332a4c308 Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Sat, 10 Dec 2011 12:04:06 +0100 Subject: [PATCH 06/17] [core] move XMLDsig related nodes in their own sub-library, add X509Data node implementation The goal is to use the KeyInfo structure as a transport format for our cryptographic keys --- configure.ac | 1 + lasso/Makefile.am | 2 + lasso/xml/Makefile.am | 8 +- lasso/xml/dsig/Makefile.am | 23 ++ lasso/xml/{ => dsig}/ds_key_info.c | 4 +- lasso/xml/{ => dsig}/ds_key_info.h | 4 +- lasso/xml/{ => dsig}/ds_key_value.c | 44 +++- lasso/xml/{ => dsig}/ds_key_value.h | 8 +- lasso/xml/{ => dsig}/ds_rsa_key_value.c | 4 +- lasso/xml/{ => dsig}/ds_rsa_key_value.h | 2 +- lasso/xml/dsig/ds_x509_data.c | 204 ++++++++++++++++++ lasso/xml/dsig/ds_x509_data.h | 76 +++++++ lasso/xml/dsig/strings.h | 61 ++++++ .../saml2_key_info_confirmation_data_type.c | 2 +- .../saml2_key_info_confirmation_data_type.h | 2 +- lasso/xml/saml_subject_confirmation.h | 2 +- lasso/xml/strings.h | 17 +- lasso/xml/xml.c | 4 +- lasso/xml/xml_idff.h | 7 +- tests/basic_tests.c | 31 +++ 20 files changed, 464 insertions(+), 42 deletions(-) create mode 100644 lasso/xml/dsig/Makefile.am rename lasso/xml/{ => dsig}/ds_key_info.c (98%) rename lasso/xml/{ => dsig}/ds_key_info.h (97%) rename lasso/xml/{ => dsig}/ds_key_value.c (69%) rename lasso/xml/{ => dsig}/ds_key_value.h (88%) rename lasso/xml/{ => dsig}/ds_rsa_key_value.c (98%) rename lasso/xml/{ => dsig}/ds_rsa_key_value.h (99%) create mode 100644 lasso/xml/dsig/ds_x509_data.c create mode 100644 lasso/xml/dsig/ds_x509_data.h create mode 100644 lasso/xml/dsig/strings.h diff --git a/configure.ac b/configure.ac index 6be518dc..7770127f 100644 --- a/configure.ac +++ b/configure.ac @@ -840,6 +840,7 @@ lasso/xml/saml-2.0/Makefile lasso/xml/soap-1.1/Makefile lasso/xml/id-wsf-2.0/Makefile lasso/xml/ws/Makefile +lasso/xml/dsig/Makefile tests/Makefile tests/data/Makefile lasso.pc diff --git a/lasso/Makefile.am b/lasso/Makefile.am index 93b90d37..042419da 100644 --- a/lasso/Makefile.am +++ b/lasso/Makefile.am @@ -57,6 +57,7 @@ if MINGW liblasso_la_LIBADD = \ $(top_builddir)/lasso/xml/liblasso-xml.la \ $(top_builddir)/lasso/xml/saml-2.0/liblasso-xml-saml2.la \ + $(top_builddir)/lasso/xml/dsig/liblasso-xml-dsig.la \ $(top_builddir)/lasso/id-ff/liblasso-id-ff.la \ $(top_builddir)/lasso/saml-2.0/liblasso-saml-20.la \ $(WSF_LIB_FILE) \ @@ -73,6 +74,7 @@ liblasso_la_LIBADD = \ $(top_builddir)/lasso/xml/liblasso-xml.la \ $(top_builddir)/lasso/xml/saml-2.0/liblasso-xml-saml2.la \ $(top_builddir)/lasso/xml/soap-1.1/liblasso-xml-soap11.la \ + $(top_builddir)/lasso/xml/dsig/liblasso-xml-dsig.la \ $(top_builddir)/lasso/id-ff/liblasso-id-ff.la \ $(top_builddir)/lasso/saml-2.0/liblasso-saml-20.la \ $(WSF_LIB_FILE) \ diff --git a/lasso/xml/Makefile.am b/lasso/xml/Makefile.am index d12e2391..515c3c5b 100644 --- a/lasso/xml/Makefile.am +++ b/lasso/xml/Makefile.am @@ -1,5 +1,5 @@ MAINTAINERCLEANFILES = Makefile.in -SUBDIRS = saml-2.0 soap-1.1 +SUBDIRS = saml-2.0 soap-1.1 dsig if WSF_ENABLED SUBDIRS += id-wsf-2.0 ws endif @@ -140,9 +140,6 @@ endif liblasso_xml_la_SOURCES = \ tools.c \ xml.c \ - ds_key_info.c \ - ds_key_value.c \ - ds_rsa_key_value.c \ lib_assertion.c \ lib_authentication_statement.c \ lib_authn_context.c \ @@ -194,9 +191,6 @@ liblasso_xml_la_SOURCES = \ liblassoinclude_HEADERS = \ strings.h \ xml.h \ - ds_key_info.h \ - ds_key_value.h \ - ds_rsa_key_value.h \ lib_assertion.h \ lib_authentication_statement.h \ lib_authn_context.h \ diff --git a/lasso/xml/dsig/Makefile.am b/lasso/xml/dsig/Makefile.am new file mode 100644 index 00000000..3afe8de0 --- /dev/null +++ b/lasso/xml/dsig/Makefile.am @@ -0,0 +1,23 @@ +EXTRA_DIST = xml_saml2.h +MAINTAINERCLEANFILES = Makefile.in +liblassoincludedir = $(includedir)/lasso/xml/dsig + +INCLUDES = \ + -I$(top_builddir) \ + -I$(top_srcdir) \ + $(LASSO_CORE_CFLAGS) \ + -DG_LOG_DOMAIN=\"lasso\" + +noinst_LTLIBRARIES = liblasso-xml-dsig.la + +liblasso_xml_dsig_la_SOURCES = \ + ds_key_info.c \ + ds_key_value.c \ + ds_rsa_key_value.c \ + ds_x509_data.c + +liblassoinclude_HEADERS = \ + ds_key_info.h \ + ds_key_value.h \ + ds_rsa_key_value.h \ + ds_x509_data.h diff --git a/lasso/xml/ds_key_info.c b/lasso/xml/dsig/ds_key_info.c similarity index 98% rename from lasso/xml/ds_key_info.c rename to lasso/xml/dsig/ds_key_info.c index 6036c70d..b5009cb2 100644 --- a/lasso/xml/ds_key_info.c +++ b/lasso/xml/dsig/ds_key_info.c @@ -22,8 +22,8 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -#include "private.h" -#include "ds_key_info.h" +#include "../private.h" +#include "./ds_key_info.h" /** * SECTION:ds_key_info diff --git a/lasso/xml/ds_key_info.h b/lasso/xml/dsig/ds_key_info.h similarity index 97% rename from lasso/xml/ds_key_info.h rename to lasso/xml/dsig/ds_key_info.h index 059e6ef5..2e7359c6 100644 --- a/lasso/xml/ds_key_info.h +++ b/lasso/xml/dsig/ds_key_info.h @@ -29,8 +29,8 @@ extern "C" { #endif /* __cplusplus */ -#include "xml.h" -#include "ds_key_value.h" +#include "../xml.h" +#include "./ds_key_value.h" #define LASSO_TYPE_DS_KEY_INFO (lasso_ds_key_info_get_type()) #define LASSO_DS_KEY_INFO(obj) \ diff --git a/lasso/xml/ds_key_value.c b/lasso/xml/dsig/ds_key_value.c similarity index 69% rename from lasso/xml/ds_key_value.c rename to lasso/xml/dsig/ds_key_value.c index 1303b575..86b66141 100644 --- a/lasso/xml/ds_key_value.c +++ b/lasso/xml/dsig/ds_key_value.c @@ -22,8 +22,8 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -#include "private.h" -#include "ds_key_value.h" +#include "../private.h" +#include "./ds_key_value.h" /** * SECTION:ds_key_value @@ -31,12 +31,22 @@ * */ +struct _LassoDsKeyValuePrivate { + LassoDsX509Data *X509Data; +}; + +typedef struct _LassoDsKeyValuePrivate LassoDsKeyValuePrivate; + +#define LASSO_DS_KEY_VALUE_GET_PRIVATE(o) \ + (G_TYPE_INSTANCE_GET_PRIVATE ((o), LASSO_TYPE_DS_KEY_VALUE, LassoDsKeyValuePrivate)) + /*****************************************************************************/ /* private methods */ /*****************************************************************************/ static struct XmlSnippet schema_snippets[] = { { "RSAKeyValue", SNIPPET_NODE, G_STRUCT_OFFSET(LassoDsKeyValue, RSAKeyValue), NULL, NULL, NULL}, + { "X509Data", SNIPPET_NODE|SNIPPET_PRIVATE, G_STRUCT_OFFSET(LassoDsKeyValuePrivate, X509Data), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} }; @@ -54,6 +64,7 @@ class_init(LassoDsKeyValueClass *klass) lasso_node_class_set_nodename(nclass, "KeyValue"); lasso_node_class_set_ns(nclass, LASSO_DS_HREF, LASSO_DS_PREFIX); lasso_node_class_add_snippets(nclass, schema_snippets); + g_type_class_add_private(klass, sizeof(LassoDsKeyValuePrivate)); } GType @@ -93,3 +104,32 @@ lasso_ds_key_value_new() { return g_object_new(LASSO_TYPE_DS_KEY_VALUE, NULL); } + +/** + * lasso_ds_key_value_get_x509_data: + * + * Get the X509 Data node if there is one. + * + * Return value:(transfer none): the internal value of the X509Data field + */ +LassoDsX509Data* +lasso_ds_key_value_get_x509_data(LassoDsKeyValue *key_value) +{ + lasso_return_val_if_fail(LASSO_IS_DS_KEY_VALUE(key_value), NULL); + + return LASSO_DS_KEY_VALUE_GET_PRIVATE(key_value)->X509Data; +} + +/** + * lasso_ds_key_value_set_x509_data: + * + * Set the X509 Data node. + * + */ +void +lasso_ds_key_value_set_x509_data(LassoDsKeyValue *key_value, LassoDsX509Data *x509_data) +{ + lasso_return_if_fail(LASSO_IS_DS_KEY_VALUE(key_value)); + + lasso_assign_gobject(LASSO_DS_KEY_VALUE_GET_PRIVATE(key_value)->X509Data, x509_data); +} diff --git a/lasso/xml/ds_key_value.h b/lasso/xml/dsig/ds_key_value.h similarity index 88% rename from lasso/xml/ds_key_value.h rename to lasso/xml/dsig/ds_key_value.h index 48a2e8fc..e72a2141 100644 --- a/lasso/xml/ds_key_value.h +++ b/lasso/xml/dsig/ds_key_value.h @@ -29,8 +29,9 @@ extern "C" { #endif /* __cplusplus */ -#include "xml.h" -#include "ds_rsa_key_value.h" +#include "../xml.h" +#include "./ds_rsa_key_value.h" +#include "./ds_x509_data.h" #define LASSO_TYPE_DS_KEY_VALUE (lasso_ds_key_value_get_type()) #define LASSO_DS_KEY_VALUE(obj) \ @@ -62,6 +63,9 @@ struct _LassoDsKeyValueClass { LASSO_EXPORT GType lasso_ds_key_value_get_type(void); LASSO_EXPORT LassoDsKeyValue* lasso_ds_key_value_new(void); +LASSO_EXPORT LassoDsX509Data *lasso_ds_key_value_get_x509_data(LassoDsKeyValue *key_value); +LASSO_EXPORT void lasso_ds_key_value_set_x509_data(LassoDsKeyValue *key_value, LassoDsX509Data + *x509_data); #ifdef __cplusplus } diff --git a/lasso/xml/ds_rsa_key_value.c b/lasso/xml/dsig/ds_rsa_key_value.c similarity index 98% rename from lasso/xml/ds_rsa_key_value.c rename to lasso/xml/dsig/ds_rsa_key_value.c index 5e393966..790f5ce2 100644 --- a/lasso/xml/ds_rsa_key_value.c +++ b/lasso/xml/dsig/ds_rsa_key_value.c @@ -22,8 +22,8 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -#include "private.h" -#include "ds_rsa_key_value.h" +#include "../private.h" +#include "./ds_rsa_key_value.h" /* * SECTION:ds_rsa_key_value diff --git a/lasso/xml/ds_rsa_key_value.h b/lasso/xml/dsig/ds_rsa_key_value.h similarity index 99% rename from lasso/xml/ds_rsa_key_value.h rename to lasso/xml/dsig/ds_rsa_key_value.h index 1add7310..51bf4f70 100644 --- a/lasso/xml/ds_rsa_key_value.h +++ b/lasso/xml/dsig/ds_rsa_key_value.h @@ -29,7 +29,7 @@ extern "C" { #endif /* __cplusplus */ -#include "xml.h" +#include "../xml.h" #define LASSO_TYPE_DS_RSA_KEY_VALUE (lasso_ds_rsa_key_value_get_type()) #define LASSO_DS_RSA_KEY_VALUE(obj) \ diff --git a/lasso/xml/dsig/ds_x509_data.c b/lasso/xml/dsig/ds_x509_data.c new file mode 100644 index 00000000..c45a1c1b --- /dev/null +++ b/lasso/xml/dsig/ds_x509_data.c @@ -0,0 +1,204 @@ +/* $Id$ + * + * Lasso - A free implementation of the Liberty Alliance specifications. + * + * Copyright (C) 2004-2007 Entr'ouvert + * http://lasso.entrouvert.org + * + * Authors: See AUTHORS file in top-level directory. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#include "../private.h" +#include "./ds_x509_data.h" + +/** + * SECTION:ds_x509_data + * @short_description: object mapping for an XML DSIG KeyValue element + * + */ + +struct _LassoDsX509DataPrivate { + char *X509Certificate; + char *X509SubjectName; + char *X509CRL; +}; +#define LASSO_DS_X509_DATA_GET_PRIVATE(o) \ + (G_TYPE_INSTANCE_GET_PRIVATE ((o), LASSO_TYPE_DS_X509_DATA, LassoDsX509DataPrivate)) + +/*****************************************************************************/ +/* private methods */ +/*****************************************************************************/ + +static struct XmlSnippet schema_snippets[] = { + { "X509Certificate", SNIPPET_CONTENT|SNIPPET_PRIVATE, + G_STRUCT_OFFSET(LassoDsX509DataPrivate, X509Certificate), NULL, NULL, NULL}, + { "X509SubjectName", SNIPPET_CONTENT|SNIPPET_PRIVATE, + G_STRUCT_OFFSET(LassoDsX509DataPrivate, X509SubjectName), NULL, NULL, NULL}, + { "X509CRL", SNIPPET_CONTENT|SNIPPET_PRIVATE, G_STRUCT_OFFSET(LassoDsX509DataPrivate, + X509CRL), NULL, NULL, NULL}, + {NULL, 0, 0, NULL, NULL, NULL} +}; + +static LassoNodeClass *parent_class = NULL; + +/*****************************************************************************/ +/* instance and class init functions */ +/*****************************************************************************/ + +static void +instance_init(LassoDsX509Data *x509_data) +{ + x509_data->private_data = LASSO_DS_X509_DATA_GET_PRIVATE(x509_data); +} + +static void +class_init(LassoDsX509DataClass *klass) +{ + LassoNodeClass *nclass = LASSO_NODE_CLASS(klass); + + parent_class = g_type_class_peek_parent(klass); + nclass->node_data = g_new0(LassoNodeClassData, 1); + lasso_node_class_set_nodename(nclass, "X509Data"); + lasso_node_class_set_ns(nclass, LASSO_DS_HREF, LASSO_DS_PREFIX); + lasso_node_class_add_snippets(nclass, schema_snippets); + g_type_class_add_private(klass, sizeof(LassoDsX509DataPrivate)); +} + +GType +lasso_ds_x509_data_get_type() +{ + static GType this_type = 0; + + if (!this_type) { + static const GTypeInfo this_info = { + sizeof (LassoDsX509DataClass), + NULL, + NULL, + (GClassInitFunc) class_init, + NULL, + NULL, + sizeof(LassoDsX509Data), + 0, + (GInstanceInitFunc)instance_init, + NULL + }; + + this_type = g_type_register_static(LASSO_TYPE_NODE, + "LassoDsX509Data", &this_info, 0); + } + return this_type; +} + +/** + * lasso_ds_x509_data_new: + * + * Creates a new #LassoDsX509Data object. + * + * Return value: a newly created #LassoDsX509Data object + **/ +LassoDsX509Data* +lasso_ds_x509_data_new() +{ + return g_object_new(LASSO_TYPE_DS_X509_DATA, NULL); +} + +/** + * lasso_ds_x509_data_get_certificate: + * @x509_data: a #LassoDsX509Data object + * + * Return the content of the X509Certificate sub-element, it should be a base64 encoded string. + * + * Return value:(transfer none): the string currently set in the X509Certificate private field of + * the #LassoDsX509Data structure. + */ +const char* +lasso_ds_x509_data_get_certificate(LassoDsX509Data *x509_data) { + lasso_return_val_if_fail(LASSO_IS_DS_X509_DATA(x509_data), NULL); + return x509_data->private_data->X509Certificate; +} + +/** + * lasso_ds_x509_data_set_certificate: + * @x509_data: a #LassoDsX509Data object + * @certificate: a base64 encoded string of the DER representation of the X509 certificate + * + * Set the content of the X509Certificate sub-element, it should be a base64 encoded string. + * + */ +void +lasso_ds_x509_data_set_certificate(LassoDsX509Data *x509_data, const char *certificate) { + lasso_return_if_fail(LASSO_IS_DS_X509_DATA(x509_data)); + lasso_assign_string(x509_data->private_data->X509Certificate, certificate); +} + +/** + * lasso_ds_x509_data_get_subject_name: + * @x509_data: a #LassoDsX509Data object + * + * Return the content of the X509SubjectName sub-element, it should be a base64 encoded string. + * + * Return value:(transfer none): the string currently set in the X509SubjectName private field of + * the #LassoDsX509Data structure. + */ +const char* +lasso_ds_x509_data_get_subject_name(LassoDsX509Data *x509_data) { + lasso_return_val_if_fail(LASSO_IS_DS_X509_DATA(x509_data), NULL); + return x509_data->private_data->X509SubjectName; +} + +/** + * lasso_ds_x509_data_set_subject_name: + * @x509_data: a #LassoDsX509Data object + * @subject_name: a base64 encoded string of the DER representation of the X509 subject_name + * + * Set the content of the X509SubjectName sub-element, it should be a base64 encoded string. + * + */ +void +lasso_ds_x509_data_set_subject_name(LassoDsX509Data *x509_data, const char *subject_name) { + lasso_return_if_fail(LASSO_IS_DS_X509_DATA(x509_data)); + lasso_assign_string(x509_data->private_data->X509SubjectName, subject_name); +} + +/** + * lasso_ds_x509_data_get_crl: + * @x509_data: a #LassoDsX509Data object + * + * Return the content of the X509CRL sub-element, it should be a base64 encoded string. + * + * Return value:(transfer none): the string currently set in the X509CRL private field of + * the #LassoDsX509Data structure. + */ +const char* +lasso_ds_x509_data_get_crl(LassoDsX509Data *x509_data) { + lasso_return_val_if_fail(LASSO_IS_DS_X509_DATA(x509_data), NULL); + return x509_data->private_data->X509CRL; +} + +/** + * lasso_ds_x509_data_set_crl: + * @x509_data: a #LassoDsX509Data object + * @crl: a base64 encoded string of the DER representation of the X509 CRL + * + * Set the content of the X509CRL sub-element, it should be a base64 encoded string. + * + */ +void +lasso_ds_x509_data_set_crl(LassoDsX509Data *x509_data, const char *crl) { + lasso_return_if_fail(LASSO_IS_DS_X509_DATA(x509_data)); + lasso_assign_string(x509_data->private_data->X509CRL, crl); +} diff --git a/lasso/xml/dsig/ds_x509_data.h b/lasso/xml/dsig/ds_x509_data.h new file mode 100644 index 00000000..a6d2e451 --- /dev/null +++ b/lasso/xml/dsig/ds_x509_data.h @@ -0,0 +1,76 @@ +/* $Id + * + * Lasso - A free implementation of the Liberty Alliance specifications. + * + * Copyright (C) 2004-2007 Entr'ouvert + * http://lasso.entrouvert.org + * + * Authors: See AUTHORS file in top-level directory. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#ifndef __LASSO_DS_X509_DATA_H__ +#define __LASSO_DS_X509_DATA_H__ + +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ + +#include "../xml.h" + +#define LASSO_TYPE_DS_X509_DATA (lasso_ds_x509_data_get_type()) +#define LASSO_DS_X509_DATA(obj) \ + (G_TYPE_CHECK_INSTANCE_CAST((obj), LASSO_TYPE_DS_X509_DATA, \ + LassoDsX509Data)) +#define LASSO_DS_X509_DATA_CLASS(klass) \ + (G_TYPE_CHECK_CLASS_CAST((klass), LASSO_TYPE_DS_X509_DATA, \ + LassoDsX509DataClass)) +#define LASSO_IS_DS_X509_DATA(obj) \ + (G_TYPE_CHECK_INSTANCE_TYPE((obj), LASSO_TYPE_DS_X509_DATA)) +#define LASSO_IS_DS_X509_DATA_CLASS(klass) \ + (G_TYPE_CHECK_CLASS_TYPE ((klass), LASSO_TYPE_DS_X509_DATA)) +#define LASSO_DS_X509_DATA_GET_CLASS(o) \ + (G_TYPE_INSTANCE_GET_CLASS ((o), LASSO_TYPE_DS_X509_DATA, \ + LassoDsX509DataClass)) + +typedef struct _LassoDsX509Data LassoDsX509Data; +typedef struct _LassoDsX509DataClass LassoDsX509DataClass; +typedef struct _LassoDsX509DataPrivate LassoDsX509DataPrivate; + +struct _LassoDsX509Data { + LassoNode parent; + /*< private >*/ + LassoDsX509DataPrivate *private_data; +}; + +struct _LassoDsX509DataClass { + LassoNodeClass parent; +}; + +LASSO_EXPORT GType lasso_ds_x509_data_get_type(void); +LASSO_EXPORT LassoDsX509Data* lasso_ds_x509_data_new(void); +LASSO_EXPORT const char *lasso_ds_x509_data_get_certificate(LassoDsX509Data *x509_data); +LASSO_EXPORT void lasso_ds_x509_data_set_certificate(LassoDsX509Data *x509_data, const char *certificate); +LASSO_EXPORT const char *lasso_ds_x509_data_get_subject_name(LassoDsX509Data *x509_data); +LASSO_EXPORT void lasso_ds_x509_data_set_subject_name(LassoDsX509Data *x509_data, const char *subject_name); +LASSO_EXPORT const char *lasso_ds_x509_data_get_crl(LassoDsX509Data *x509_data); +LASSO_EXPORT void lasso_ds_x509_data_set_crl(LassoDsX509Data *x509_data, const char *crl); + +#ifdef __cplusplus +} +#endif /* __cplusplus */ + +#endif /* __LASSO_DS_X509_DATA_H__ */ diff --git a/lasso/xml/dsig/strings.h b/lasso/xml/dsig/strings.h new file mode 100644 index 00000000..a4c534a8 --- /dev/null +++ b/lasso/xml/dsig/strings.h @@ -0,0 +1,61 @@ +/* $Id$ + * + * Lasso - A free implementation of the Liberty Alliance specifications. + * + * Copyright (C) 2004-2007 Entr'ouvert + * http://lasso.entrouvert.org + * + * Authors: See AUTHORS file in top-level directory. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +/* + * This header file copy part of the SOAP 1.1 specification you can found there: + * http://www.w3.org/TR/soap12-part1/ + * whom copyright is: + * Copyright © 2007 W3C® (MIT, ERCIM, Keio), All Rights Reserved. W3C liability, trademark and + * document use rules apply. + */ + + +/** + * SECTION:dsig_strings + * @short_description: General strings constants for XMLDsig + * @include: lasso/xml/dsig/strings.h + * + **/ + +#ifndef __LASSO_DSIG_STRINGS_H__ +#define __LASSO_DSIG_STRINGS_H__ + +/* xmldsig prefix & href */ +/** + * LASSO_DS_HREF: + * + * Namespace for FIXME + * + */ +#define LASSO_DS_HREF "http://www.w3.org/2000/09/xmldsig#" +/** + * LASSO_DS_PREFIX: + * + * Preferred prefix for namespace of FIXME + * + */ +#define LASSO_DS_PREFIX "ds" + +#endif /* __LASSO_DSIG_STRINGS_H__ */ diff --git a/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.c b/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.c index ecccc654..50f3c46a 100644 --- a/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.c +++ b/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.c @@ -25,7 +25,7 @@ #include "../private.h" #include "saml2_key_info_confirmation_data_type.h" #include "../../registry.h" -#include "../ds_key_info.h" +#include "../dsig/ds_key_info.h" #include "../../utils.h" /** diff --git a/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.h b/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.h index a30610c8..6ebd0f64 100644 --- a/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.h +++ b/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.h @@ -30,7 +30,7 @@ extern "C" { #endif /* __cplusplus */ #include "../xml.h" -#include "../ds_key_info.h" +#include "../dsig/ds_key_info.h" #include "./saml2_subject_confirmation_data.h" #define LASSO_TYPE_SAML2_KEY_INFO_CONFIRMATION_DATA_TYPE \ diff --git a/lasso/xml/saml_subject_confirmation.h b/lasso/xml/saml_subject_confirmation.h index ca08882f..648b961c 100644 --- a/lasso/xml/saml_subject_confirmation.h +++ b/lasso/xml/saml_subject_confirmation.h @@ -30,7 +30,7 @@ extern "C" { #endif /* __cplusplus */ #include "xml.h" -#include "ds_key_info.h" +#include "./dsig/ds_key_info.h" #define LASSO_TYPE_SAML_SUBJECT_CONFIRMATION (lasso_saml_subject_confirmation_get_type()) #define LASSO_SAML_SUBJECT_CONFIRMATION(obj) \ diff --git a/lasso/xml/strings.h b/lasso/xml/strings.h index 86800325..1fe6bc95 100644 --- a/lasso/xml/strings.h +++ b/lasso/xml/strings.h @@ -43,6 +43,7 @@ #define __LASSO_STRINGS_H__ #include "./saml-2.0/saml2_strings.h" +#include "./dsig/strings.h" /*****************************************************************************/ /* SOAP 1.1 */ @@ -955,22 +956,6 @@ /* Others */ /*****************************************************************************/ -/* xmldsig prefix & href */ -/** - * LASSO_DS_HREF: - * - * Namespace for FIXME - * - */ -#define LASSO_DS_HREF "http://www.w3.org/2000/09/xmldsig#" -/** - * LASSO_DS_PREFIX: - * - * Preferred prefix for namespace of FIXME - * - */ -#define LASSO_DS_PREFIX "ds" - /* xsi prefix & href */ /** * LASSO_XSI_HREF: diff --git a/lasso/xml/xml.c b/lasso/xml/xml.c index ed6aa5ce..265236a8 100644 --- a/lasso/xml/xml.c +++ b/lasso/xml/xml.c @@ -2094,6 +2094,8 @@ prefix_from_href_and_nodename(const xmlChar *href, G_GNUC_UNUSED const xmlChar * prefix = "Samlp2"; else if (strcmp((char*)href, LASSO_SOAP_ENV_HREF) == 0) prefix = "Soap"; + else if (strcmp((char*)href, LASSO_DS_HREF) == 0) + prefix = "Ds"; #ifdef LASSO_WSF_ENABLED else if (strcmp((char*)href, LASSO_SOAP_BINDING_HREF) == 0) prefix = "SoapBinding"; @@ -2101,8 +2103,6 @@ prefix_from_href_and_nodename(const xmlChar *href, G_GNUC_UNUSED const xmlChar * prefix = "SoapBindingExt"; else if (strcmp((char*)href, LASSO_DISCO_HREF) == 0) prefix = "Disco"; - else if (strcmp((char*)href, LASSO_DS_HREF) == 0) - prefix = "Ds"; else if (strcmp((char*)href, LASSO_IS_HREF) == 0) prefix = "Is"; else if (strcmp((char*)href, LASSO_SA_HREF) == 0) diff --git a/lasso/xml/xml_idff.h b/lasso/xml/xml_idff.h index 5fc0f0bc..6ae04e29 100644 --- a/lasso/xml/xml_idff.h +++ b/lasso/xml/xml_idff.h @@ -26,9 +26,10 @@ #define __LASSO_XML_IDFF_H__ #include "./xml.h" -#include "./ds_key_info.h" -#include "./ds_key_value.h" -#include "./ds_rsa_key_value.h" +#include "./dsig/ds_key_info.h" +#include "./dsig/ds_key_value.h" +#include "./dsig/ds_rsa_key_value.h" +#include "./dsig/ds_x509_data.h" #include "./lib_assertion.h" #include "./lib_authentication_statement.h" #include "./lib_authn_context.h" diff --git a/tests/basic_tests.c b/tests/basic_tests.c index f2d3e51c..cb96a3c4 100644 --- a/tests/basic_tests.c +++ b/tests/basic_tests.c @@ -2012,6 +2012,34 @@ START_TEST(test14_lasso_key) } END_TEST +/* test load federation */ +START_TEST(test15_ds_key_info) +{ + LassoDsKeyInfo *ds_key_info = lasso_ds_key_info_new(); + LassoDsKeyValue *ds_key_value = lasso_ds_key_value_new(); + LassoDsX509Data *x509_data = lasso_ds_x509_data_new(); + char *dump; + + lasso_ds_x509_data_set_certificate(x509_data, "coucou"); + lasso_ds_key_value_set_x509_data(ds_key_value, x509_data); + ds_key_info->KeyValue = g_object_ref(ds_key_value); + dump = lasso_node_debug((LassoNode*)ds_key_info, 10); + lasso_release_gobject(ds_key_info); + lasso_release_gobject(ds_key_value); + lasso_release_gobject(x509_data); + ds_key_info = (LassoDsKeyInfo*)lasso_node_new_from_dump(dump); + check_not_null(ds_key_info); + check_true(LASSO_IS_DS_KEY_INFO(ds_key_info)); + check_not_null(ds_key_info->KeyValue); + check_true(LASSO_IS_DS_KEY_VALUE(ds_key_info->KeyValue)); + x509_data = lasso_ds_key_value_get_x509_data(ds_key_info->KeyValue); + check_not_null(x509_data); + check_true(LASSO_IS_DS_X509_DATA(x509_data)); + check_str_equals(lasso_ds_x509_data_get_certificate(x509_data), "coucou"); + lasso_release_gobject(ds_key_info); +} +END_TEST + Suite* basic_suite() { @@ -2028,6 +2056,7 @@ basic_suite() TCase *tc_custom_namespace = tcase_create("Test custom namespace handling"); TCase *tc_load_metadata = tcase_create("Test loading a federation metadata file"); TCase *tc_key = tcase_create("Test loading and manipulating LassoKey objects"); + TCase *tc_key_info = tcase_create("Test creating and dumping ds:KeyInfo nodes"); suite_add_tcase(s, tc_server_load_dump_empty_string); suite_add_tcase(s, tc_server_load_dump_random_string); @@ -2041,6 +2070,7 @@ basic_suite() suite_add_tcase(s, tc_custom_namespace); suite_add_tcase(s, tc_load_metadata); suite_add_tcase(s, tc_key); + suite_add_tcase(s, tc_key_info); tcase_add_test(tc_server_load_dump_empty_string, test01_server_load_dump_empty_string); tcase_add_test(tc_server_load_dump_random_string, test02_server_load_dump_random_string); @@ -2056,6 +2086,7 @@ basic_suite() tcase_add_test(tc_custom_namespace, test12_custom_namespace); tcase_add_test(tc_load_metadata, test13_test_lasso_server_load_metadata); tcase_add_test(tc_key, test14_lasso_key); + tcase_add_test(tc_key_info, test15_ds_key_info); tcase_set_timeout(tc_load_metadata, 10); return s; } From 900de512f2cf99d6c6371de492926de11b17078e Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Sat, 10 Dec 2011 12:04:33 +0100 Subject: [PATCH 07/17] [core] fix uninitialized pointer to a GError structure --- lasso/xml/tools.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lasso/xml/tools.c b/lasso/xml/tools.c index 156de4b6..429b4526 100644 --- a/lasso/xml/tools.c +++ b/lasso/xml/tools.c @@ -1767,7 +1767,7 @@ lasso_xml_parse_file(const char *filepath) { char *file_content; size_t file_length; - GError *error; + GError *error = NULL; if (g_file_get_contents(filepath, &file_content, &file_length, &error)) { xmlDocPtr ret; From ba014d9ca6b6474ee34b08582283b72ab9ed89c6 Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Sat, 10 Dec 2011 12:04:59 +0100 Subject: [PATCH 08/17] [Makefile] fix missing soap11 nodes when compiling for Mingw --- lasso/Makefile.am | 1 + 1 file changed, 1 insertion(+) diff --git a/lasso/Makefile.am b/lasso/Makefile.am index 042419da..61728475 100644 --- a/lasso/Makefile.am +++ b/lasso/Makefile.am @@ -57,6 +57,7 @@ if MINGW liblasso_la_LIBADD = \ $(top_builddir)/lasso/xml/liblasso-xml.la \ $(top_builddir)/lasso/xml/saml-2.0/liblasso-xml-saml2.la \ + $(top_builddir)/lasso/xml/soap-1.1/liblasso-xml-soap11.la \ $(top_builddir)/lasso/xml/dsig/liblasso-xml-dsig.la \ $(top_builddir)/lasso/id-ff/liblasso-id-ff.la \ $(top_builddir)/lasso/saml-2.0/liblasso-saml-20.la \ From c3467ed48c979a0f2029207a79f8f4e4c78ea513 Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Sat, 10 Dec 2011 12:05:31 +0100 Subject: [PATCH 09/17] [tests] rename login test suite, with mentions of ID-FF 1.2 and SAML 2.0 --- tests/login_tests.c | 2 +- tests/login_tests_saml2.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/login_tests.c b/tests/login_tests.c index 850aa4a4..5589b8d0 100644 --- a/tests/login_tests.c +++ b/tests/login_tests.c @@ -517,7 +517,7 @@ END_TEST Suite* login_suite() { - Suite *s = suite_create("Login"); + Suite *s = suite_create("Login using ID-FF 1.2"); TCase *tc_generate = tcase_create("Generate Server Contexts"); TCase *tc_spLogin = tcase_create("Login initiated by service provider"); TCase *tc_spLoginMemory = tcase_create("Login initiated by service provider without key loading"); diff --git a/tests/login_tests_saml2.c b/tests/login_tests_saml2.c index 055e6298..c17c7500 100644 --- a/tests/login_tests_saml2.c +++ b/tests/login_tests_saml2.c @@ -998,7 +998,7 @@ END_TEST Suite* login_saml2_suite() { - Suite *s = suite_create("Login"); + Suite *s = suite_create("Login using SAML 2.0"); TCase *tc_generate = tcase_create("Generate Server Contexts"); TCase *tc_spLogin = tcase_create("Login initiated by service provider"); TCase *tc_spLoginMemory = tcase_create("Login initiated by service provider without key loading"); From 65b94cc1f5b3d169647703950a707b4efc7c1f81 Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Sat, 10 Dec 2011 12:56:34 +0100 Subject: [PATCH 10/17] [tests] improve checking for log output - now any non expected log output is considered an error, by setting a g_log default handler. - block_lasso_logs()/unblock_lasso_logs() will block logging output at the DEBUG level - begin_check_do_log(level, message, endswith)/end_check_do_log() with check that the only message emitted between the two macros is one equals to "message" at the level "level", or ending (to work around variable parts in a log message) with "message" if "endswith" is True. --- tests/basic_tests.c | 8 +++++ tests/login_tests.c | 3 ++ tests/login_tests_saml2.c | 8 +++++ tests/non_regression_tests.c | 9 ----- tests/tests.c | 10 +++++- tests/tests.h | 70 ++++++++++++++++++++++++++++++++++++ 6 files changed, 98 insertions(+), 10 deletions(-) diff --git a/tests/basic_tests.c b/tests/basic_tests.c index cb96a3c4..406e93b4 100644 --- a/tests/basic_tests.c +++ b/tests/basic_tests.c @@ -51,7 +51,9 @@ END_TEST START_TEST(test02_server_load_dump_random_string) { LassoServer *serverContext; + begin_check_do_log(G_LOG_LEVEL_CRITICAL, "libxml2: Start tag expected, '<' not found\\n", FALSE); serverContext = lasso_server_new_from_dump("foo"); + end_check_do_log(); fail_unless(serverContext == NULL, "serverContext was created from a fake dump"); } @@ -60,7 +62,9 @@ END_TEST START_TEST(test03_server_load_dump_random_xml) { LassoServer *serverContext; + begin_check_do_log(G_LOG_LEVEL_CRITICAL, "(xml.c/:2307) Unable to build a LassoNode from a xmlNode", TRUE); serverContext = lasso_server_new_from_dump(""); + end_check_do_log(); fail_unless(serverContext == NULL, "serverContext was created from fake (but valid XML) dump"); } @@ -156,7 +160,9 @@ START_TEST(test08_test_new_from_xmlNode) "LassoTest", &this_info, 0); r = lasso_registry_default_add_direct_mapping("http://example.com", "Test1", LASSO_LASSO_HREF, "LassoTest"); fail_unless(r == 0, "no mapping for http://example.com:Test1 should exist"); + begin_check_do_log(G_LOG_LEVEL_WARNING, " Class LassoTest has no node_data so no initialization is possible", TRUE); node = lasso_node_new_from_dump(""); + end_check_do_log(); fail_unless(node != NULL, "parsing should return an object"); fail_unless(strcmp(G_OBJECT_TYPE_NAME(node), "LassoTest") == 0, "node classname should be LassoTest"); g_object_unref(node); @@ -1960,11 +1966,13 @@ START_TEST(test13_test_lasso_server_load_metadata) TESTSDATADIR "/idp5-saml2/private-key.pem", NULL, /* Secret key to unlock private key */ NULL)); + block_lasso_logs; check_good_rc(lasso_server_load_metadata(server, LASSO_PROVIDER_ROLE_IDP, TESTSDATADIR "/metadata/renater-metadata.xml", TESTSDATADIR "/metadata/metadata-federation-renater.crt", &blacklisted_1, &loaded_entity_ids, LASSO_SERVER_LOAD_METADATA_FLAG_DEFAULT)); + unblock_lasso_logs; check_equals(g_hash_table_size(server->providers), 110); check_equals(g_list_length(loaded_entity_ids), 110); diff --git a/tests/login_tests.c b/tests/login_tests.c index 5589b8d0..90573afc 100644 --- a/tests/login_tests.c +++ b/tests/login_tests.c @@ -285,7 +285,10 @@ START_TEST(test02_serviceProviderLogin) fail_unless(found != NULL, "We must find an InResponseTo attribute"); found[sizeof("InResponseTo=\"")] = '?'; lasso_set_flag("no-verify-signature"); + begin_check_do_log(G_LOG_LEVEL_DEBUG, " If inResponseTo attribute is present, a matching " + "request must be present too in the LassoLogin object", TRUE); check_not_equals(lasso_login_process_response_msg(spLoginContext, soapResponseMsg), 0); + end_check_do_log(); lasso_set_flag("verify-signature"); check_good_rc(lasso_login_accept_sso(spLoginContext)); fail_unless(rc == 0, "lasso_login_accept_sso must fail"); diff --git a/tests/login_tests_saml2.c b/tests/login_tests_saml2.c index c17c7500..1052c61a 100644 --- a/tests/login_tests_saml2.c +++ b/tests/login_tests_saml2.c @@ -785,8 +785,10 @@ START_TEST(test05_sso_idp_with_key_rollover) check_good_rc(lasso_login_accept_sso(spLoginContext)); /* Process response 2 */ + block_lasso_logs; check_good_rc(lasso_login_process_authn_response_msg(spLoginContext, idpLoginContext2->parent.msg_body)); + unblock_lasso_logs; check_good_rc(lasso_login_accept_sso(spLoginContext)); /* Cleanup */ @@ -838,7 +840,9 @@ sso_sp_with_key_rollover(LassoServer *idp_context, LassoServer *sp_context) LASSO_SAML2_NAME_IDENTIFIER_FORMAT_PERSISTENT); LASSO_SAMLP2_AUTHN_REQUEST(idp_login_context->parent.request)->NameIDPolicy->AllowCreate = 1; + block_lasso_logs; check_good_rc(lasso_login_process_authn_request_msg(idp_login_context, NULL)); + unblock_lasso_logs; check_good_rc(lasso_login_validate_request_msg(idp_login_context, 1, /* authentication_result */ 0 /* is_consent_obtained */ @@ -855,8 +859,10 @@ sso_sp_with_key_rollover(LassoServer *idp_context, LassoServer *sp_context) check_not_null(idp_login_context->parent.msg_url); /* Process response */ + block_lasso_logs; check_good_rc(lasso_login_process_authn_response_msg(sp_login_context, idp_login_context->parent.msg_body)); + unblock_lasso_logs; check_good_rc(lasso_login_accept_sso(sp_login_context)); /* Cleanup */ @@ -986,7 +992,9 @@ START_TEST(test07_sso_sp_with_hmac_sha1_signatures) test07_make_context(idp_context, "idp6-saml2", LASSO_PROVIDER_ROLE_SP, "sp6-saml2", key) test07_make_context(sp_context, "sp6-saml2", LASSO_PROVIDER_ROLE_IDP, "idp6-saml2", key) + block_lasso_logs; sso_initiated_by_sp(idp_context, sp_context); + unblock_lasso_logs; /* Cleanup */ lasso_release_gobject(idp_context); diff --git a/tests/non_regression_tests.c b/tests/non_regression_tests.c index 03c11a35..64886e94 100644 --- a/tests/non_regression_tests.c +++ b/tests/non_regression_tests.c @@ -165,26 +165,17 @@ START_TEST(indexed_endpoints_20101008) } END_TEST -void error_log_func(G_GNUC_UNUSED const gchar *log_domain, G_GNUC_UNUSED GLogLevelFlags log_level, - const gchar *message, G_GNUC_UNUSED gpointer user_data) -{ - fail_unless(FALSE, "error_func called... %s", message); -} - START_TEST(remove_warning_when_parssing_unknown_SNIPPET_LIST_NODES_20111007) { LassoNode *node; xmlDoc *xmldoc; const char content[] = "C8NQsm1Y3Gas9m0AMDhxU7UxCSI="; - guint log_handler; xmldoc = xmlReadMemory(content, sizeof(content)-1, NULL, NULL, 0); check_not_null(xmldoc); - log_handler = g_log_set_handler("Lasso", G_LOG_LEVEL_MASK, error_log_func, NULL); node = lasso_node_new_from_xmlNode(xmlDocGetRootElement(xmldoc)); check_not_null(node); check_true(LASSO_IS_SAML2_ATTRIBUTE(node)); - g_log_remove_handler("Lasso", log_handler); check_true(LASSO_IS_NODE(node)); xmlFreeDoc(xmldoc); lasso_release_gobject(node); diff --git a/tests/tests.c b/tests/tests.c index a32d32e9..8ec4a40f 100644 --- a/tests/tests.c +++ b/tests/tests.c @@ -26,8 +26,9 @@ #include #include +#include #include "../lasso/lasso.h" -#include "lasso_config.h" +#include "../lasso/lasso_config.h" extern Suite* basic_suite(); extern Suite* login_suite(); @@ -55,6 +56,12 @@ SuiteFunction suites[] = { #endif NULL }; +void error_logger(const gchar *log_domain, GLogLevelFlags log_level, + const gchar *message, G_GNUC_UNUSED gpointer user_data) +{ + fail("No logging output expected: message «%s» was emitted for domain «%s» at the level" + " «%d»", message, log_domain, log_level); +} int main(int argc, char *argv[]) @@ -71,6 +78,7 @@ main(int argc, char *argv[]) } lasso_init(); + g_log_set_default_handler(error_logger, NULL); sr = srunner_create(suites[0]()); diff --git a/tests/tests.h b/tests/tests.h index ce89ac98..62f01719 100644 --- a/tests/tests.h +++ b/tests/tests.h @@ -23,6 +23,8 @@ #ifndef __TESTS_H__ #define __TESTS_H__ +#include "../lasso/lasso_config.h" + #define check_not_null(what) \ fail_unless((what) != NULL, "%s:%i: " #what " returned NULL", __func__, __LINE__); @@ -72,4 +74,72 @@ fail_unless(g_strcmp0(__tmp, to) != 0, "%s:%i: " #what " is equal to %s", __func__, __LINE__, to); \ } +static inline void mute_logger(G_GNUC_UNUSED const gchar *domain, + G_GNUC_UNUSED GLogLevelFlags log_level, G_GNUC_UNUSED const gchar *message, + G_GNUC_UNUSED gpointer user_data) { +} +G_GNUC_UNUSED static guint mute_log_handler = 0; + +#define block_lasso_logs mute_log_handler = g_log_set_handler(LASSO_LOG_DOMAIN, G_LOG_LEVEL_DEBUG, \ + mute_logger, NULL) + +#define unblock_lasso_logs g_log_remove_handler(LASSO_LOG_DOMAIN, mute_log_handler) + +struct CheckingLogHandlerUserData { + GLogLevelFlags log_level; + const char *message; + gboolean endswith; + GLogLevelFlags log_level_found; + const char *message_found; +}; +G_GNUC_UNUSED static guint checking_log_handler = 0; +G_GNUC_UNUSED static guint checking_log_handler_flag = 0; +G_GNUC_UNUSED static struct CheckingLogHandlerUserData checking_logger_user_data; + +static inline gboolean check_message(const char *a, const char *b, gboolean endswith) { + if (endswith) { + return strlen(a) >= strlen(b) && + strcmp(a+(strlen(a)-strlen(b)), b) == 0; + } else { + return strcmp(a, b) == 0; + } +} + +static inline void checking_logger(G_GNUC_UNUSED const gchar *domain, + G_GNUC_UNUSED GLogLevelFlags log_level, G_GNUC_UNUSED const gchar *message, + G_GNUC_UNUSED gpointer user_data) { + struct CheckingLogHandlerUserData *ck_user_data = user_data; + if (log_level == ck_user_data->log_level && check_message(message, ck_user_data->message, + ck_user_data->endswith)) { + } else { + g_log_default_handler(domain, log_level, message, user_data); + checking_log_handler_flag = 0; + } + ck_user_data->log_level_found = log_level; + ck_user_data->message_found = g_strdup(message); +} +/* begin_check_do_log(level, message, endswith)/end_check_do_log() with check that the only + * message emitted between the two macros is one equals to message at the level level, + * or ending with message if endswith is True. + */ +static inline void begin_check_do_log(GLogLevelFlags level, const char *message, gboolean endswith) { + memset(&checking_logger_user_data, 0, sizeof(struct CheckingLogHandlerUserData)); + checking_logger_user_data.log_level = level; + checking_logger_user_data.message = message; + checking_logger_user_data.endswith = endswith; + checking_log_handler = g_log_set_handler(LASSO_LOG_DOMAIN, level, checking_logger, &checking_logger_user_data); + checking_log_handler_flag = 1; +} + +static inline void end_check_do_log() { + g_log_remove_handler(LASSO_LOG_DOMAIN, checking_log_handler); + checking_log_handler = 0; + fail_unless(checking_log_handler_flag, "Logging failure: expected log level %d and message «%s», got %d and «%s»", + checking_logger_user_data.log_level, + checking_logger_user_data.message, + checking_logger_user_data.log_level_found, + checking_logger_user_data.message_found); + checking_log_handler_flag = 0; +} + #endif /*__TESTS_H__ */ From 41538948ce1701174db9621d41abb3b7701d61ff Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Sat, 10 Dec 2011 12:57:07 +0100 Subject: [PATCH 11/17] [core] mark private_data field of the LassoKey structure as private --- lasso/key.h | 1 + 1 file changed, 1 insertion(+) diff --git a/lasso/key.h b/lasso/key.h index ae9c4c27..c459b20a 100644 --- a/lasso/key.h +++ b/lasso/key.h @@ -55,6 +55,7 @@ typedef enum _LassoKeyType { struct _LassoKey { LassoNode parent; + /*< private >*/ LassoKeyPrivate *private_data; }; From ed9c981989f007a124dc22dcde28284395053764 Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Fri, 16 Dec 2011 09:59:40 +0100 Subject: [PATCH 12/17] [xml] complete missing namespace declarations for child nodes To allow lasso_node_impl_init_from_xmlnode to do proper namespace checking, child node which are not of the same namespace as their parent in their XSD schema must have an explicit namespace declared in the XmlSnippet. --- lasso/xml/disco_encrypted_resource_id.c | 6 ++++-- lasso/xml/id-wsf-2.0/disco_endpoint_context.c | 3 ++- lasso/xml/id-wsf-2.0/disco_keys.c | 3 ++- lasso/xml/id-wsf-2.0/disco_query_response.c | 4 ++-- lasso/xml/id-wsf-2.0/disco_security_context.c | 3 ++- .../disco_svc_md_association_add_response.c | 2 +- .../disco_svc_md_association_delete_response.c | 2 +- .../disco_svc_md_association_query_response.c | 2 +- .../xml/id-wsf-2.0/disco_svc_md_delete_response.c | 2 +- .../xml/id-wsf-2.0/disco_svc_md_query_response.c | 2 +- .../id-wsf-2.0/disco_svc_md_register_response.c | 2 +- .../id-wsf-2.0/disco_svc_md_replace_response.c | 2 +- lasso/xml/id-wsf-2.0/dst_request.c | 2 +- lasso/xml/id-wsf-2.0/dstref_query_response.c | 3 ++- .../id-wsf-2.0/ims_identity_mapping_response.c | 2 +- lasso/xml/id-wsf-2.0/ims_mapping_input.c | 6 ++++-- lasso/xml/id-wsf-2.0/ims_mapping_output.c | 2 +- lasso/xml/id-wsf-2.0/is_interaction_request.c | 2 +- lasso/xml/id-wsf-2.0/is_interaction_response.c | 2 +- lasso/xml/id-wsf-2.0/is_interaction_statement.c | 2 +- lasso/xml/id-wsf-2.0/ps_add_entity_request.c | 3 ++- .../xml/id-wsf-2.0/ps_add_known_entity_request.c | 6 ++++-- lasso/xml/id-wsf-2.0/ps_response_abstract.c | 2 +- lasso/xml/id-wsf-2.0/ps_test_membership_request.c | 3 ++- lasso/xml/id-wsf-2.0/sb2_credentials_context.c | 2 +- .../xml/id-wsf-2.0/sec_transited_provider_path.c | 3 ++- lasso/xml/id-wsf-2.0/subs_notification.c | 2 +- lasso/xml/id-wsf-2.0/subs_subscription.c | 2 +- lasso/xml/id-wsf-2.0/subsref_query_response.c | 2 +- lasso/xml/is_interaction_request.c | 10 ++++++---- lasso/xml/is_interaction_statement.c | 5 +++-- .../xml/lib_federation_termination_notification.c | 12 ++++++++---- lasso/xml/lib_logout_request.c | 3 ++- lasso/xml/lib_name_identifier_mapping_request.c | 3 ++- lasso/xml/lib_name_identifier_mapping_response.c | 6 ++++-- lasso/xml/lib_register_name_identifier_request.c | 15 +++++++++------ lasso/xml/lib_status_response.c | 3 ++- lasso/xml/lib_subject.c | 5 +++-- lasso/xml/sa_sasl_request.c | 3 ++- lasso/xml/sa_sasl_response.c | 3 ++- lasso/xml/saml-2.0/saml2_assertion.c | 2 +- lasso/xml/saml-2.0/saml2_attribute_value.c | 10 +++++++++- lasso/xml/saml-2.0/saml2_encrypted_element.c | 6 ++++-- .../saml-2.0/saml2_subject_confirmation_data.c | 2 +- lasso/xml/saml-2.0/samlp2_assertion_id_request.c | 3 ++- lasso/xml/saml-2.0/samlp2_attribute_query.c | 3 ++- lasso/xml/saml-2.0/samlp2_authn_request.c | 6 ++++-- lasso/xml/saml-2.0/samlp2_authz_decision_query.c | 8 ++++---- lasso/xml/saml-2.0/samlp2_logout_request.c | 15 ++++++++------- .../xml/saml-2.0/samlp2_manage_name_id_request.c | 10 +++++----- .../xml/saml-2.0/samlp2_name_id_mapping_request.c | 14 +++++++------- .../saml-2.0/samlp2_name_id_mapping_response.c | 10 +++++----- lasso/xml/saml-2.0/samlp2_request_abstract.c | 7 +++---- lasso/xml/saml-2.0/samlp2_response.c | 9 +++++---- lasso/xml/saml-2.0/samlp2_status_response.c | 5 +++-- .../xml/saml-2.0/samlp2_subject_query_abstract.c | 4 ++-- lasso/xml/saml_assertion.c | 2 +- lasso/xml/saml_subject_confirmation.c | 3 ++- lasso/xml/samlp_request_abstract.c | 2 +- lasso/xml/samlp_response.c | 3 ++- lasso/xml/samlp_response_abstract.c | 3 ++- lasso/xml/soap-1.1/soap_body.c | 5 ++++- lasso/xml/soap_binding_ext_credentials_context.c | 3 ++- 63 files changed, 168 insertions(+), 114 deletions(-) diff --git a/lasso/xml/disco_encrypted_resource_id.c b/lasso/xml/disco_encrypted_resource_id.c index 025a951c..e38e476d 100644 --- a/lasso/xml/disco_encrypted_resource_id.c +++ b/lasso/xml/disco_encrypted_resource_id.c @@ -50,9 +50,11 @@ static struct XmlSnippet schema_snippets[] = { { "EncryptedData", SNIPPET_XMLNODE, - G_STRUCT_OFFSET(LassoDiscoEncryptedResourceID, EncryptedData), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoDiscoEncryptedResourceID, EncryptedData), NULL, + LASSO_XMLENC_PREFIX, LASSO_XMLENC_HREF}, { "EncryptedKey", SNIPPET_LIST_XMLNODES, - G_STRUCT_OFFSET(LassoDiscoEncryptedResourceID, EncryptedKey), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoDiscoEncryptedResourceID, EncryptedKey), NULL, + LASSO_XMLENC_PREFIX, LASSO_XMLENC_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/id-wsf-2.0/disco_endpoint_context.c b/lasso/xml/id-wsf-2.0/disco_endpoint_context.c index ed6aa27c..09f40337 100644 --- a/lasso/xml/id-wsf-2.0/disco_endpoint_context.c +++ b/lasso/xml/id-wsf-2.0/disco_endpoint_context.c @@ -56,7 +56,8 @@ static struct XmlSnippet schema_snippets[] = { { "Address", SNIPPET_LIST_CONTENT, G_STRUCT_OFFSET(LassoIdWsf2DiscoEndpointContext, Address), NULL, NULL, NULL}, { "Framework", SNIPPET_LIST_NODES, - G_STRUCT_OFFSET(LassoIdWsf2DiscoEndpointContext, Framework), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2DiscoEndpointContext, Framework), NULL, + LASSO_IDWSF2_SBF_PREFIX, LASSO_IDWSF2_SBF_HREF}, { "SecurityMechID", SNIPPET_LIST_CONTENT, G_STRUCT_OFFSET(LassoIdWsf2DiscoEndpointContext, SecurityMechID), NULL, NULL, NULL}, { "Action", SNIPPET_LIST_CONTENT, diff --git a/lasso/xml/id-wsf-2.0/disco_keys.c b/lasso/xml/id-wsf-2.0/disco_keys.c index 2f809a06..ba69fc60 100644 --- a/lasso/xml/id-wsf-2.0/disco_keys.c +++ b/lasso/xml/id-wsf-2.0/disco_keys.c @@ -51,7 +51,8 @@ static struct XmlSnippet schema_snippets[] = { { "KeyDescriptor", SNIPPET_LIST_NODES, - G_STRUCT_OFFSET(LassoIdWsf2DiscoKeys, KeyDescriptor), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2DiscoKeys, KeyDescriptor), NULL, LASSO_METADATA_PREFIX, + LASSO_METADATA_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/id-wsf-2.0/disco_query_response.c b/lasso/xml/id-wsf-2.0/disco_query_response.c index 7c6d50ae..0faad04f 100644 --- a/lasso/xml/id-wsf-2.0/disco_query_response.c +++ b/lasso/xml/id-wsf-2.0/disco_query_response.c @@ -55,10 +55,10 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2DiscoQueryResponse, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_DISCOVERY_HREF}, { "EndpointReference", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2DiscoQueryResponse, EndpointReference), - "LassoWsAddrEndpointReference", NULL, NULL }, + "LassoWsAddrEndpointReference", LASSO_WSA_PREFIX, LASSO_WSA_HREF}, { "attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY, G_STRUCT_OFFSET(LassoIdWsf2DiscoQueryResponse, attributes), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/id-wsf-2.0/disco_security_context.c b/lasso/xml/id-wsf-2.0/disco_security_context.c index 1a7f3829..66690cb4 100644 --- a/lasso/xml/id-wsf-2.0/disco_security_context.c +++ b/lasso/xml/id-wsf-2.0/disco_security_context.c @@ -59,7 +59,8 @@ static struct XmlSnippet schema_snippets[] = { { "SecurityMechID", SNIPPET_LIST_CONTENT, G_STRUCT_OFFSET(LassoIdWsf2DiscoSecurityContext, SecurityMechID), NULL, NULL, NULL}, { "Token", SNIPPET_LIST_NODES, - G_STRUCT_OFFSET(LassoIdWsf2DiscoSecurityContext, Token), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2DiscoSecurityContext, Token), NULL, + LASSO_IDWSF2_SEC_PREFIX, LASSO_IDWSF2_SEC_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/id-wsf-2.0/disco_svc_md_association_add_response.c b/lasso/xml/id-wsf-2.0/disco_svc_md_association_add_response.c index 41407a56..bdf9a298 100644 --- a/lasso/xml/id-wsf-2.0/disco_svc_md_association_add_response.c +++ b/lasso/xml/id-wsf-2.0/disco_svc_md_association_add_response.c @@ -51,7 +51,7 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDAssociationAddResponse, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDAssociationAddResponse, attributes), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/id-wsf-2.0/disco_svc_md_association_delete_response.c b/lasso/xml/id-wsf-2.0/disco_svc_md_association_delete_response.c index c82ba12b..0e976c8d 100644 --- a/lasso/xml/id-wsf-2.0/disco_svc_md_association_delete_response.c +++ b/lasso/xml/id-wsf-2.0/disco_svc_md_association_delete_response.c @@ -51,7 +51,7 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDAssociationDeleteResponse, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDAssociationDeleteResponse, attributes), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/id-wsf-2.0/disco_svc_md_association_query_response.c b/lasso/xml/id-wsf-2.0/disco_svc_md_association_query_response.c index c38f9cf2..8230ce7a 100644 --- a/lasso/xml/id-wsf-2.0/disco_svc_md_association_query_response.c +++ b/lasso/xml/id-wsf-2.0/disco_svc_md_association_query_response.c @@ -52,7 +52,7 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDAssociationQueryResponse, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "SvcMDID", SNIPPET_LIST_CONTENT, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDAssociationQueryResponse, SvcMDID), NULL, NULL, NULL}, { "attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY, diff --git a/lasso/xml/id-wsf-2.0/disco_svc_md_delete_response.c b/lasso/xml/id-wsf-2.0/disco_svc_md_delete_response.c index 9e9e52ec..e1bd2469 100644 --- a/lasso/xml/id-wsf-2.0/disco_svc_md_delete_response.c +++ b/lasso/xml/id-wsf-2.0/disco_svc_md_delete_response.c @@ -51,7 +51,7 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDDeleteResponse, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDDeleteResponse, attributes), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/id-wsf-2.0/disco_svc_md_query_response.c b/lasso/xml/id-wsf-2.0/disco_svc_md_query_response.c index e09d9dd9..9757f7e5 100644 --- a/lasso/xml/id-wsf-2.0/disco_svc_md_query_response.c +++ b/lasso/xml/id-wsf-2.0/disco_svc_md_query_response.c @@ -52,7 +52,7 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDQueryResponse, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "SvcMD", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDQueryResponse, SvcMD), "LassoIdWsf2DiscoSvcMetadata", NULL, NULL }, diff --git a/lasso/xml/id-wsf-2.0/disco_svc_md_register_response.c b/lasso/xml/id-wsf-2.0/disco_svc_md_register_response.c index 3f4b8a7e..5bde5287 100644 --- a/lasso/xml/id-wsf-2.0/disco_svc_md_register_response.c +++ b/lasso/xml/id-wsf-2.0/disco_svc_md_register_response.c @@ -55,7 +55,7 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDRegisterResponse, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_PREFIX}, { "SvcMDID", SNIPPET_LIST_CONTENT, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDRegisterResponse, SvcMDID), NULL, NULL, NULL}, { "Keys", SNIPPET_LIST_NODES, diff --git a/lasso/xml/id-wsf-2.0/disco_svc_md_replace_response.c b/lasso/xml/id-wsf-2.0/disco_svc_md_replace_response.c index 24aa97dc..d1a8acf0 100644 --- a/lasso/xml/id-wsf-2.0/disco_svc_md_replace_response.c +++ b/lasso/xml/id-wsf-2.0/disco_svc_md_replace_response.c @@ -51,7 +51,7 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDReplaceResponse, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY, G_STRUCT_OFFSET(LassoIdWsf2DiscoSvcMDReplaceResponse, attributes), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/id-wsf-2.0/dst_request.c b/lasso/xml/id-wsf-2.0/dst_request.c index 6980dd0b..2419c471 100644 --- a/lasso/xml/id-wsf-2.0/dst_request.c +++ b/lasso/xml/id-wsf-2.0/dst_request.c @@ -52,7 +52,7 @@ static struct XmlSnippet schema_snippets[] = { { "Extension", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2DstRequest, Extension), - "LassoIdWsf2Utilextension", NULL, NULL }, + "LassoIdWsf2Utilextension", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "itemID", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, G_STRUCT_OFFSET(LassoIdWsf2DstRequest, itemID), NULL, NULL, NULL}, { "attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY, diff --git a/lasso/xml/id-wsf-2.0/dstref_query_response.c b/lasso/xml/id-wsf-2.0/dstref_query_response.c index 26eb0e75..81bfc378 100644 --- a/lasso/xml/id-wsf-2.0/dstref_query_response.c +++ b/lasso/xml/id-wsf-2.0/dstref_query_response.c @@ -54,7 +54,8 @@ static struct XmlSnippet schema_snippets[] = { { "TestResult", SNIPPET_LIST_NODES, - G_STRUCT_OFFSET(LassoIdWsf2DstRefQueryResponse, TestResult), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2DstRefQueryResponse, TestResult), NULL, + LASSO_IDWSF2_DST_PREFIX, LASSO_IDWSF2_DST_HREF}, { "Data", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2DstRefQueryResponse, Data), "LassoIdWsf2DstRefData", NULL, NULL }, diff --git a/lasso/xml/id-wsf-2.0/ims_identity_mapping_response.c b/lasso/xml/id-wsf-2.0/ims_identity_mapping_response.c index 5393ff2c..1033498f 100644 --- a/lasso/xml/id-wsf-2.0/ims_identity_mapping_response.c +++ b/lasso/xml/id-wsf-2.0/ims_identity_mapping_response.c @@ -52,7 +52,7 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2ImsIdentityMappingResponse, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "MappingOutput", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2ImsIdentityMappingResponse, MappingOutput), NULL, NULL, NULL}, { "attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY, diff --git a/lasso/xml/id-wsf-2.0/ims_mapping_input.c b/lasso/xml/id-wsf-2.0/ims_mapping_input.c index d32b9ea6..3cd46d93 100644 --- a/lasso/xml/id-wsf-2.0/ims_mapping_input.c +++ b/lasso/xml/id-wsf-2.0/ims_mapping_input.c @@ -51,9 +51,11 @@ static struct XmlSnippet schema_snippets[] = { { "TokenPolicy", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoIdWsf2ImsMappingInput, TokenPolicy), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2ImsMappingInput, TokenPolicy), NULL, + LASSO_IDWSF2_SEC_PREFIX, LASSO_IDWSF2_SEC_HREF}, { "Token", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoIdWsf2ImsMappingInput, Token), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2ImsMappingInput, Token), NULL, LASSO_IDWSF2_SEC_PREFIX, + LASSO_IDWSF2_SEC_HREF}, { "reqID", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, G_STRUCT_OFFSET(LassoIdWsf2ImsMappingInput, reqID), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/id-wsf-2.0/ims_mapping_output.c b/lasso/xml/id-wsf-2.0/ims_mapping_output.c index 22c533e9..a2b2b71f 100644 --- a/lasso/xml/id-wsf-2.0/ims_mapping_output.c +++ b/lasso/xml/id-wsf-2.0/ims_mapping_output.c @@ -50,7 +50,7 @@ static struct XmlSnippet schema_snippets[] = { { "Token", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoIdWsf2ImsMappingOutput, Token), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2ImsMappingOutput, Token), NULL, LASSO_IDWSF2_SEC_PREFIX, LASSO_IDWSF2_SEC_HREF}, { "reqRef", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, G_STRUCT_OFFSET(LassoIdWsf2ImsMappingOutput, reqRef), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/id-wsf-2.0/is_interaction_request.c b/lasso/xml/id-wsf-2.0/is_interaction_request.c index 26236aef..e79abb48 100644 --- a/lasso/xml/id-wsf-2.0/is_interaction_request.c +++ b/lasso/xml/id-wsf-2.0/is_interaction_request.c @@ -56,7 +56,7 @@ static struct XmlSnippet schema_snippets[] = { { "Inquiry", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2IsInteractionRequest, Inquiry), NULL, NULL, NULL}, { "KeyInfo", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoIdWsf2IsInteractionRequest, KeyInfo), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2IsInteractionRequest, KeyInfo), NULL, LASSO_DS_PREFIX, LASSO_DS_HREF}, { "id", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, G_STRUCT_OFFSET(LassoIdWsf2IsInteractionRequest, id), NULL, NULL, NULL}, { "language", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, diff --git a/lasso/xml/id-wsf-2.0/is_interaction_response.c b/lasso/xml/id-wsf-2.0/is_interaction_response.c index 2158fdd6..20f561b9 100644 --- a/lasso/xml/id-wsf-2.0/is_interaction_response.c +++ b/lasso/xml/id-wsf-2.0/is_interaction_response.c @@ -55,7 +55,7 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2IsInteractionResponse, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "InteractionStatement", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2IsInteractionResponse, InteractionStatement), NULL, NULL, NULL}, { "Parameter", SNIPPET_LIST_NODES, diff --git a/lasso/xml/id-wsf-2.0/is_interaction_statement.c b/lasso/xml/id-wsf-2.0/is_interaction_statement.c index 3142b882..2fdd2da3 100644 --- a/lasso/xml/id-wsf-2.0/is_interaction_statement.c +++ b/lasso/xml/id-wsf-2.0/is_interaction_statement.c @@ -55,7 +55,7 @@ static struct XmlSnippet schema_snippets[] = { { "Inquiry", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2IsInteractionStatement, Inquiry), NULL, NULL, NULL}, - { "Signature", SNIPPET_SIGNATURE, 0, NULL, NULL, NULL }, + { "Signature", SNIPPET_SIGNATURE, 0, NULL, LASSO_DS_PREFIX, LASSO_DS_HREF }, /* hidden fields; used in lasso dumps */ { "SignType", SNIPPET_ATTRIBUTE | SNIPPET_INTEGER | SNIPPET_LASSO_DUMP, diff --git a/lasso/xml/id-wsf-2.0/ps_add_entity_request.c b/lasso/xml/id-wsf-2.0/ps_add_entity_request.c index a6d4f5ee..3fe7aae4 100644 --- a/lasso/xml/id-wsf-2.0/ps_add_entity_request.c +++ b/lasso/xml/id-wsf-2.0/ps_add_entity_request.c @@ -65,7 +65,8 @@ static struct XmlSnippet schema_snippets[] = { { "Subscription", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2PsAddEntityRequest, Subscription), NULL, NULL, NULL}, { "TokenPolicy", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoIdWsf2PsAddEntityRequest, TokenPolicy), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2PsAddEntityRequest, TokenPolicy), NULL, + LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/id-wsf-2.0/ps_add_known_entity_request.c b/lasso/xml/id-wsf-2.0/ps_add_known_entity_request.c index 3b651508..12cff94a 100644 --- a/lasso/xml/id-wsf-2.0/ps_add_known_entity_request.c +++ b/lasso/xml/id-wsf-2.0/ps_add_known_entity_request.c @@ -59,13 +59,15 @@ static struct XmlSnippet schema_snippets[] = { { "Object", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2PsAddKnownEntityRequest, Object), NULL, NULL, NULL}, { "Token", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoIdWsf2PsAddKnownEntityRequest, Token), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2PsAddKnownEntityRequest, Token), NULL, + LASSO_IDWSF2_SEC_PREFIX, LASSO_IDWSF2_SEC_HREF}, { "CreatePSObject", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoIdWsf2PsAddKnownEntityRequest, CreatePSObject), NULL, NULL, NULL}, { "Subscription", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2PsAddKnownEntityRequest, Subscription), NULL, NULL, NULL}, { "TokenPolicy", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoIdWsf2PsAddKnownEntityRequest, TokenPolicy), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2PsAddKnownEntityRequest, TokenPolicy), NULL, + LASSO_IDWSF2_SEC_PREFIX, LASSO_IDWSF2_SEC_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/id-wsf-2.0/ps_response_abstract.c b/lasso/xml/id-wsf-2.0/ps_response_abstract.c index 6baa41f9..da617268 100644 --- a/lasso/xml/id-wsf-2.0/ps_response_abstract.c +++ b/lasso/xml/id-wsf-2.0/ps_response_abstract.c @@ -51,7 +51,7 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2PsResponseAbstract, Status), - "LassoIdWsf2UtilStatus", NULL, NULL }, + "LassoIdWsf2UtilStatus", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY, G_STRUCT_OFFSET(LassoIdWsf2PsResponseAbstract, attributes), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/id-wsf-2.0/ps_test_membership_request.c b/lasso/xml/id-wsf-2.0/ps_test_membership_request.c index d458b50d..10d6ef67 100644 --- a/lasso/xml/id-wsf-2.0/ps_test_membership_request.c +++ b/lasso/xml/id-wsf-2.0/ps_test_membership_request.c @@ -57,7 +57,8 @@ static struct XmlSnippet schema_snippets[] = { { "TargetObjectID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2PsTestMembershipRequest, TargetObjectID), NULL, NULL, NULL}, { "Token", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoIdWsf2PsTestMembershipRequest, Token), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2PsTestMembershipRequest, Token), NULL, + LASSO_IDWSF2_SEC_PREFIX, LASSO_IDWSF2_SEC_TOKEN}, { "Subscription", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2PsTestMembershipRequest, Subscription), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/id-wsf-2.0/sb2_credentials_context.c b/lasso/xml/id-wsf-2.0/sb2_credentials_context.c index 907cf1f2..6100295c 100644 --- a/lasso/xml/id-wsf-2.0/sb2_credentials_context.c +++ b/lasso/xml/id-wsf-2.0/sb2_credentials_context.c @@ -52,7 +52,7 @@ static struct XmlSnippet schema_snippets[] = { { "RequestedAuthnContext", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIdWsf2Sb2CredentialsContext, RequestedAuthnContext), - "LassoSamlp2RequestedAuthnContext", NULL, NULL }, + "LassoSamlp2RequestedAuthnContext", LASSO_SAML_PROTOCOL_PREFIX, LASSO_SAML_PROTOCOL_HREF}, { "SecurityMechID", SNIPPET_LIST_CONTENT, G_STRUCT_OFFSET(LassoIdWsf2Sb2CredentialsContext, SecurityMechID), NULL, NULL, NULL}, { "attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY, diff --git a/lasso/xml/id-wsf-2.0/sec_transited_provider_path.c b/lasso/xml/id-wsf-2.0/sec_transited_provider_path.c index 0c689d46..a51763d8 100644 --- a/lasso/xml/id-wsf-2.0/sec_transited_provider_path.c +++ b/lasso/xml/id-wsf-2.0/sec_transited_provider_path.c @@ -50,7 +50,8 @@ static struct XmlSnippet schema_snippets[] = { { "TransitedProvider", SNIPPET_LIST_NODES, - G_STRUCT_OFFSET(LassoIdWsf2SecTransitedProviderPath, TransitedProvider), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIdWsf2SecTransitedProviderPath, TransitedProvider), NULL, + LASSO_IDWSF2_SEC_PREFIX, LASSO_IDWSF2_SEC_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/id-wsf-2.0/subs_notification.c b/lasso/xml/id-wsf-2.0/subs_notification.c index 60b14d25..459856ca 100644 --- a/lasso/xml/id-wsf-2.0/subs_notification.c +++ b/lasso/xml/id-wsf-2.0/subs_notification.c @@ -54,7 +54,7 @@ static struct XmlSnippet schema_snippets[] = { { "TestResult", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2SubsNotification, TestResult), - "LassoIdWsf2UtilTestResult", NULL, NULL }, + "LassoIdWsf2UtilTestResult", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "id", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, G_STRUCT_OFFSET(LassoIdWsf2SubsNotification, id), NULL, NULL, NULL}, { "subscriptionID", SNIPPET_ATTRIBUTE, diff --git a/lasso/xml/id-wsf-2.0/subs_subscription.c b/lasso/xml/id-wsf-2.0/subs_subscription.c index 89f0a79a..bdb87de8 100644 --- a/lasso/xml/id-wsf-2.0/subs_subscription.c +++ b/lasso/xml/id-wsf-2.0/subs_subscription.c @@ -68,7 +68,7 @@ static struct XmlSnippet schema_snippets[] = { G_STRUCT_OFFSET(LassoIdWsf2SubsSubscription, RefItem), NULL, NULL, NULL}, { "Extension", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2SubsSubscription, Extension), - "LassoIdWsf2Utilextension", NULL, NULL }, + "LassoIdWsf2Utilextension", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "subscriptionID", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoIdWsf2SubsSubscription, subscriptionID), NULL, NULL, NULL}, { "notifyToRef", SNIPPET_ATTRIBUTE, diff --git a/lasso/xml/id-wsf-2.0/subsref_query_response.c b/lasso/xml/id-wsf-2.0/subsref_query_response.c index 9c25c176..741a946e 100644 --- a/lasso/xml/id-wsf-2.0/subsref_query_response.c +++ b/lasso/xml/id-wsf-2.0/subsref_query_response.c @@ -55,7 +55,7 @@ static struct XmlSnippet schema_snippets[] = { { "TestResult", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2SubsRefQueryResponse, TestResult), - "LassoIdWsf2UtilTestResult", NULL, NULL }, + "LassoIdWsf2UtilTestResult", LASSO_IDWSF2_UTIL_PREFIX, LASSO_IDWSF2_UTIL_HREF}, { "Data", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIdWsf2SubsRefQueryResponse, Data), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/is_interaction_request.c b/lasso/xml/is_interaction_request.c index 55cd40f7..92037d9a 100644 --- a/lasso/xml/is_interaction_request.c +++ b/lasso/xml/is_interaction_request.c @@ -55,15 +55,17 @@ static struct XmlSnippet schema_snippets[] = { { "ResourceID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoIsInteractionRequest, ResourceID), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIsInteractionRequest, ResourceID), NULL, + LASSO_DISCO_PREFIX, LASSO_DISCO_HREF}, { "EncryptedResourceID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoIsInteractionRequest, EncryptedResourceID), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoIsInteractionRequest, EncryptedResourceID), NULL, + LASSO_DISCO_PREFIX, LASSO_DISCO_HREF}, { "Inquiry", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIsInteractionRequest, Inquiry), NULL, NULL, NULL}, /* TODO : KeyInfo */ - { "id", SNIPPET_ATTRIBUTE, + { "id", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, G_STRUCT_OFFSET(LassoIsInteractionRequest, id), NULL, NULL, NULL}, - { "language", SNIPPET_ATTRIBUTE, + { "language", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, G_STRUCT_OFFSET(LassoIsInteractionRequest, language), NULL, NULL, NULL}, { "maxInteractTime", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, G_STRUCT_OFFSET(LassoIsInteractionRequest, maxInteractTime), NULL, NULL, NULL}, diff --git a/lasso/xml/is_interaction_statement.c b/lasso/xml/is_interaction_statement.c index 1defe3db..a89f7736 100644 --- a/lasso/xml/is_interaction_statement.c +++ b/lasso/xml/is_interaction_statement.c @@ -49,8 +49,9 @@ /*****************************************************************************/ static struct XmlSnippet schema_snippets[] = { - { "Inquiry", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIsInteractionStatement, Inquiry), NULL, NULL, NULL}, - /* TODO : Signature */ + { "Inquiry", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIsInteractionStatement, Inquiry), NULL, + NULL, NULL}, + { "Signature", SNIPPET_SIGNATURE, 0, NULL, LASSO_DS_PREFIX, LASSO_DS_HREF }, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/lib_federation_termination_notification.c b/lasso/xml/lib_federation_termination_notification.c index 4758921a..8a8fcb4e 100644 --- a/lasso/xml/lib_federation_termination_notification.c +++ b/lasso/xml/lib_federation_termination_notification.c @@ -58,13 +58,17 @@ static struct XmlSnippet schema_snippets[] = { { "Extension", SNIPPET_EXTENSION, - G_STRUCT_OFFSET(LassoLibFederationTerminationNotification, Extension), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoLibFederationTerminationNotification, Extension), NULL, NULL, + NULL}, { "ProviderID", SNIPPET_CONTENT, - G_STRUCT_OFFSET(LassoLibFederationTerminationNotification, ProviderID), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoLibFederationTerminationNotification, ProviderID), NULL, NULL, + NULL}, { "NameIdentifier", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoLibFederationTerminationNotification, NameIdentifier), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoLibFederationTerminationNotification, NameIdentifier), NULL, + LASSO_SAML_ASSERTION_PREFIX, LASSO_SAML_ASSERTION_HREF}, { "consent", SNIPPET_ATTRIBUTE, - G_STRUCT_OFFSET(LassoLibFederationTerminationNotification, consent), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoLibFederationTerminationNotification, consent), NULL, NULL, + NULL}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/lib_logout_request.c b/lasso/xml/lib_logout_request.c index 69d8405b..13124c2e 100644 --- a/lasso/xml/lib_logout_request.c +++ b/lasso/xml/lib_logout_request.c @@ -63,7 +63,8 @@ static struct XmlSnippet schema_snippets[] = { { "Extension", SNIPPET_EXTENSION, G_STRUCT_OFFSET(LassoLibLogoutRequest, Extension), NULL, NULL, NULL}, { "ProviderID", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLibLogoutRequest, ProviderID), NULL, NULL, NULL}, - { "NameIdentifier", SNIPPET_NODE, G_STRUCT_OFFSET(LassoLibLogoutRequest, NameIdentifier), NULL, NULL, NULL}, + { "NameIdentifier", SNIPPET_NODE, G_STRUCT_OFFSET(LassoLibLogoutRequest, NameIdentifier), + NULL, LASSO_SAML_ASSERTION_PREFIX, LASSO_SAML_ASSERTION_HREF}, { "SessionIndex", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLibLogoutRequest, SessionIndex), NULL, NULL, NULL}, { "RelayState", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLibLogoutRequest, RelayState), NULL, NULL, NULL}, { "consent", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoLibLogoutRequest, consent), NULL, NULL, NULL}, diff --git a/lasso/xml/lib_name_identifier_mapping_request.c b/lasso/xml/lib_name_identifier_mapping_request.c index 142fe5dd..374a5380 100644 --- a/lasso/xml/lib_name_identifier_mapping_request.c +++ b/lasso/xml/lib_name_identifier_mapping_request.c @@ -61,7 +61,8 @@ static struct XmlSnippet schema_snippets[] = { { "ProviderID", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLibNameIdentifierMappingRequest, ProviderID), NULL, NULL, NULL}, { "NameIdentifier", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoLibNameIdentifierMappingRequest, NameIdentifier), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoLibNameIdentifierMappingRequest, NameIdentifier), NULL, + LASSO_SAML_ASSERTION_PREFIX, LASSO_SAML_ASSERTION_HREF}, { "TargetNamespace", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLibNameIdentifierMappingRequest, TargetNamespace), NULL, NULL, NULL}, { "consent", SNIPPET_ATTRIBUTE, diff --git a/lasso/xml/lib_name_identifier_mapping_response.c b/lasso/xml/lib_name_identifier_mapping_response.c index 22fc5853..1a758529 100644 --- a/lasso/xml/lib_name_identifier_mapping_response.c +++ b/lasso/xml/lib_name_identifier_mapping_response.c @@ -58,9 +58,11 @@ static struct XmlSnippet schema_snippets[] = { { "ProviderID", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLibNameIdentifierMappingResponse, ProviderID), NULL, NULL, NULL}, { "Status", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoLibNameIdentifierMappingResponse, Status), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoLibNameIdentifierMappingResponse, Status), NULL, + LASSO_SAML_PROTOCOL_PREFIX, LASSO_SAML_PROTOCOL_HREF}, { "NameIdentifier", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoLibNameIdentifierMappingResponse, NameIdentifier), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoLibNameIdentifierMappingResponse, NameIdentifier), NULL, + LASSO_SAML_ASSERTION_PREFIX, LASSO_SAML_ASSERTION_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/lib_register_name_identifier_request.c b/lasso/xml/lib_register_name_identifier_request.c index 0a883c3e..c3eece2a 100644 --- a/lasso/xml/lib_register_name_identifier_request.c +++ b/lasso/xml/lib_register_name_identifier_request.c @@ -66,12 +66,15 @@ static struct XmlSnippet schema_snippets[] = { G_STRUCT_OFFSET(LassoLibRegisterNameIdentifierRequest, Extension), NULL, NULL, NULL}, { "ProviderID", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLibRegisterNameIdentifierRequest, ProviderID), NULL, NULL, NULL}, - { "IDPProvidedNameIdentifier", SNIPPET_NAME_IDENTIFIER, - G_STRUCT_OFFSET(LassoLibRegisterNameIdentifierRequest, IDPProvidedNameIdentifier), NULL, NULL, NULL}, - { "SPProvidedNameIdentifier", SNIPPET_NAME_IDENTIFIER, - G_STRUCT_OFFSET(LassoLibRegisterNameIdentifierRequest, SPProvidedNameIdentifier), NULL, NULL, NULL}, - { "OldProvidedNameIdentifier", SNIPPET_NAME_IDENTIFIER, - G_STRUCT_OFFSET(LassoLibRegisterNameIdentifierRequest, OldProvidedNameIdentifier), NULL, NULL, NULL}, + { "IDPProvidedNameIdentifier", SNIPPET_NODE, + G_STRUCT_OFFSET(LassoLibRegisterNameIdentifierRequest, IDPProvidedNameIdentifier), + "LassoSamlNameIdentifier", LASSO_LIB_PREFIX, LASSO_LIB_HREF}, + { "SPProvidedNameIdentifier", SNIPPET_NODE, + G_STRUCT_OFFSET(LassoLibRegisterNameIdentifierRequest, SPProvidedNameIdentifier), + "LassoSamlNameIdentifier", LASSO_LIB_PREFIX, LASSO_LIB_HREF}, + { "OldProvidedNameIdentifier", SNIPPET_NODE, + G_STRUCT_OFFSET(LassoLibRegisterNameIdentifierRequest, OldProvidedNameIdentifier), + "LassoSamlNameIdentifier", LASSO_LIB_PREFIX, LASSO_LIB_HREF}, { "RelayState", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLibRegisterNameIdentifierRequest, RelayState), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/lib_status_response.c b/lasso/xml/lib_status_response.c index efce3ed2..20a73658 100644 --- a/lasso/xml/lib_status_response.c +++ b/lasso/xml/lib_status_response.c @@ -60,7 +60,8 @@ static struct XmlSnippet schema_snippets[] = { { "Extension", SNIPPET_EXTENSION, G_STRUCT_OFFSET(LassoLibStatusResponse, Extension), NULL, NULL, NULL}, { "ProviderID", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLibStatusResponse, ProviderID), NULL, NULL, NULL}, - { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoLibStatusResponse, Status), NULL, NULL, NULL}, + { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoLibStatusResponse, Status), NULL, + LASSO_SAML_PROTOCOL_PREFIX, LASSO_SAML_PROTOCOL_HREF}, { "RelayState", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLibStatusResponse, RelayState), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/lib_subject.c b/lasso/xml/lib_subject.c index 442f8882..49335b4c 100644 --- a/lasso/xml/lib_subject.c +++ b/lasso/xml/lib_subject.c @@ -50,8 +50,9 @@ /*****************************************************************************/ static struct XmlSnippet schema_snippets[] = { - { "IDPProvidedNameIdentifier", SNIPPET_NAME_IDENTIFIER, - G_STRUCT_OFFSET(LassoLibSubject, IDPProvidedNameIdentifier), NULL, NULL, NULL}, + { "IDPProvidedNameIdentifier", SNIPPET_NODE, + G_STRUCT_OFFSET(LassoLibSubject, IDPProvidedNameIdentifier), + "LassoSamlNameIdentifier", LASSO_LIB_PREFIX, LASSO_LIB_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/sa_sasl_request.c b/lasso/xml/sa_sasl_request.c index 467e1f8b..dc9ceee3 100644 --- a/lasso/xml/sa_sasl_request.c +++ b/lasso/xml/sa_sasl_request.c @@ -63,7 +63,8 @@ static struct XmlSnippet schema_snippets[] = { { "Data", SNIPPET_LIST_CONTENT, G_STRUCT_OFFSET(LassoSaSASLRequest, Data), NULL, NULL, NULL}, { "RequestAuthnContext", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSaSASLRequest, RequestAuthnContext), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSaSASLRequest, RequestAuthnContext), NULL, LASSO_LIB_PREFIX, + LASSO_LIB_HREF}, { "mechanism", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoSaSASLRequest, mechanism), NULL, NULL, NULL}, { "authzID", SNIPPET_ATTRIBUTE, diff --git a/lasso/xml/sa_sasl_response.c b/lasso/xml/sa_sasl_response.c index 4dfcf3a0..f57ae5b3 100644 --- a/lasso/xml/sa_sasl_response.c +++ b/lasso/xml/sa_sasl_response.c @@ -74,7 +74,8 @@ static struct XmlSnippet schema_snippets[] = { { "Data", SNIPPET_LIST_CONTENT, G_STRUCT_OFFSET(LassoSaSASLResponse, Data), NULL, NULL, NULL}, { "ResourceOffering", SNIPPET_LIST_NODES, - G_STRUCT_OFFSET(LassoSaSASLResponse, ResourceOffering), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSaSASLResponse, ResourceOffering), NULL, LASSO_DISCO_PREFIX, + LASSO_DISCO_HREF}, { "Credentials", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoSaSASLResponse, Credentials), NULL, NULL, NULL}, { "serverMechanism", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoSaSASLResponse, serverMechanism), NULL, NULL, NULL}, diff --git a/lasso/xml/saml-2.0/saml2_assertion.c b/lasso/xml/saml-2.0/saml2_assertion.c index aa0dfbb3..adf3caba 100644 --- a/lasso/xml/saml-2.0/saml2_assertion.c +++ b/lasso/xml/saml-2.0/saml2_assertion.c @@ -70,7 +70,7 @@ static struct XmlSnippet schema_snippets[] = { G_STRUCT_OFFSET(LassoSaml2Assertion, Issuer), "LassoSaml2NameID", NULL, NULL}, { "Signature", SNIPPET_SIGNATURE, - G_STRUCT_OFFSET(LassoSaml2Assertion, ID), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSaml2Assertion, ID), NULL, LASSO_DS_PREFIX, LASSO_DS_HREF}, { "Subject", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSaml2Assertion, Subject), NULL, NULL, NULL}, { "Conditions", SNIPPET_NODE, diff --git a/lasso/xml/saml-2.0/saml2_attribute_value.c b/lasso/xml/saml-2.0/saml2_attribute_value.c index 894ea3a1..7c4bbf7d 100644 --- a/lasso/xml/saml-2.0/saml2_attribute_value.c +++ b/lasso/xml/saml-2.0/saml2_attribute_value.c @@ -47,9 +47,16 @@ /* private methods */ /*****************************************************************************/ +struct _LassoSaml2AttributeValuePrivate { + GHashTable *any_attributes; +}; + static struct XmlSnippet schema_snippets[] = { - { "", SNIPPET_LIST_NODES | SNIPPET_ANY, + { "any", SNIPPET_LIST_NODES | SNIPPET_ANY | SNIPPET_ALLOW_TEXT, G_STRUCT_OFFSET(LassoSaml2AttributeValue, any), NULL, NULL, NULL}, + { "any_attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY | SNIPPET_PRIVATE, + G_STRUCT_OFFSET(struct _LassoSaml2AttributeValuePrivate, any_attributes), NULL, + NULL, NULL }, {NULL, 0, 0, NULL, NULL, NULL} }; @@ -85,6 +92,7 @@ class_init(LassoSaml2AttributeValueClass *klass) lasso_node_class_set_nodename(nclass, "AttributeValue"); lasso_node_class_set_ns(nclass, LASSO_SAML2_ASSERTION_HREF, LASSO_SAML2_ASSERTION_PREFIX); lasso_node_class_add_snippets(nclass, schema_snippets); + g_type_class_add_private(klass, sizeof(struct _LassoSaml2AttributeValuePrivate)); } GType diff --git a/lasso/xml/saml-2.0/saml2_encrypted_element.c b/lasso/xml/saml-2.0/saml2_encrypted_element.c index 45da903a..13d5bdc7 100644 --- a/lasso/xml/saml-2.0/saml2_encrypted_element.c +++ b/lasso/xml/saml-2.0/saml2_encrypted_element.c @@ -57,9 +57,11 @@ static struct XmlSnippet schema_snippets[] = { { "EncryptedData", SNIPPET_XMLNODE, - G_STRUCT_OFFSET(LassoSaml2EncryptedElement, EncryptedData), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSaml2EncryptedElement, EncryptedData), NULL, "xmlenc", + (char*) xmlSecEncNs}, { "EncryptedKey", SNIPPET_LIST_XMLNODES, - G_STRUCT_OFFSET(LassoSaml2EncryptedElement, EncryptedKey), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSaml2EncryptedElement, EncryptedKey), NULL, "xmlenc", + (char*) xmlSecEncNs}, { "NameID", SNIPPET_NODE | SNIPPET_LASSO_DUMP, G_STRUCT_OFFSET(LassoSaml2EncryptedElement, original_data), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/saml-2.0/saml2_subject_confirmation_data.c b/lasso/xml/saml-2.0/saml2_subject_confirmation_data.c index 3bc05cec..69114b62 100644 --- a/lasso/xml/saml-2.0/saml2_subject_confirmation_data.c +++ b/lasso/xml/saml-2.0/saml2_subject_confirmation_data.c @@ -52,7 +52,7 @@ */ struct _LassoSaml2SubjectConfirmationDataPrivate { - GList *any; /* of LassoMiscTextNode */ + GList *any; GHashTable *attributes; }; diff --git a/lasso/xml/saml-2.0/samlp2_assertion_id_request.c b/lasso/xml/saml-2.0/samlp2_assertion_id_request.c index 6bc12498..21fbc980 100644 --- a/lasso/xml/saml-2.0/samlp2_assertion_id_request.c +++ b/lasso/xml/saml-2.0/samlp2_assertion_id_request.c @@ -51,7 +51,8 @@ static struct XmlSnippet schema_snippets[] = { { "AssertionIDRef", SNIPPET_CONTENT, - G_STRUCT_OFFSET(LassoSamlp2AssertionIDRequest, AssertionIDRef), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSamlp2AssertionIDRequest, AssertionIDRef), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/saml-2.0/samlp2_attribute_query.c b/lasso/xml/saml-2.0/samlp2_attribute_query.c index 1d941d5c..f6314b59 100644 --- a/lasso/xml/saml-2.0/samlp2_attribute_query.c +++ b/lasso/xml/saml-2.0/samlp2_attribute_query.c @@ -52,7 +52,8 @@ static struct XmlSnippet schema_snippets[] = { { "Attribute", SNIPPET_LIST_NODES , - G_STRUCT_OFFSET(LassoSamlp2AttributeQuery, Attribute), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSamlp2AttributeQuery, Attribute), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/saml-2.0/samlp2_authn_request.c b/lasso/xml/saml-2.0/samlp2_authn_request.c index f4f0d4cd..22574a62 100644 --- a/lasso/xml/saml-2.0/samlp2_authn_request.c +++ b/lasso/xml/saml-2.0/samlp2_authn_request.c @@ -63,11 +63,13 @@ static struct XmlSnippet schema_snippets[] = { { "Subject", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2AuthnRequest, Subject), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSamlp2AuthnRequest, Subject), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, { "NameIDPolicy", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2AuthnRequest, NameIDPolicy), NULL, NULL, NULL}, { "Conditions", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2AuthnRequest, Conditions), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSamlp2AuthnRequest, Conditions), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, { "RequestedAuthnContext", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2AuthnRequest, RequestedAuthnContext), NULL, NULL, NULL}, { "Scoping", SNIPPET_NODE, diff --git a/lasso/xml/saml-2.0/samlp2_authz_decision_query.c b/lasso/xml/saml-2.0/samlp2_authz_decision_query.c index 060fee03..51dc39d3 100644 --- a/lasso/xml/saml-2.0/samlp2_authz_decision_query.c +++ b/lasso/xml/saml-2.0/samlp2_authz_decision_query.c @@ -53,10 +53,10 @@ static struct XmlSnippet schema_snippets[] = { - { "Action", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2AuthzDecisionQuery, Action), NULL, NULL, NULL}, - { "Evidence", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2AuthzDecisionQuery, Evidence), NULL, NULL, NULL}, + { "Action", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2AuthzDecisionQuery, Action), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, + { "Evidence", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2AuthzDecisionQuery, Evidence), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, { "Resource", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoSamlp2AuthzDecisionQuery, Resource), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/saml-2.0/samlp2_logout_request.c b/lasso/xml/saml-2.0/samlp2_logout_request.c index a4576685..0152a0d5 100644 --- a/lasso/xml/saml-2.0/samlp2_logout_request.c +++ b/lasso/xml/saml-2.0/samlp2_logout_request.c @@ -67,15 +67,16 @@ struct _LassoSamlp2LogoutRequestPrivate { static struct XmlSnippet schema_snippets[] = { - { "BaseID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2LogoutRequest, BaseID), NULL, NULL, NULL}, - { "NameID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2LogoutRequest, NameID), NULL, NULL, NULL}, - { "EncryptedID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2LogoutRequest, EncryptedID), - "LassoSaml2EncryptedElement", NULL, NULL }, + { "BaseID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2LogoutRequest, BaseID), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, + { "NameID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2LogoutRequest, NameID), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, + { "EncryptedID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2LogoutRequest, EncryptedID), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, { "SessionIndex", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoSamlp2LogoutRequest, SessionIndex), NULL, NULL, NULL}, + { "SessionIndex", SNIPPET_LIST_NODES, + 0, NULL, NULL, NULL}, { "Reason", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoSamlp2LogoutRequest, Reason), NULL, NULL, NULL}, { "NotOnOrAfter", SNIPPET_ATTRIBUTE, diff --git a/lasso/xml/saml-2.0/samlp2_manage_name_id_request.c b/lasso/xml/saml-2.0/samlp2_manage_name_id_request.c index dcdfc05b..207f1444 100644 --- a/lasso/xml/saml-2.0/samlp2_manage_name_id_request.c +++ b/lasso/xml/saml-2.0/samlp2_manage_name_id_request.c @@ -59,11 +59,11 @@ static struct XmlSnippet schema_snippets[] = { - { "NameID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2ManageNameIDRequest, NameID), NULL, NULL, NULL}, - { "EncryptedID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2ManageNameIDRequest, EncryptedID), - "LassoSaml2EncryptedElement", NULL, NULL}, + { "NameID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2ManageNameIDRequest, NameID), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, + { "EncryptedID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2ManageNameIDRequest, EncryptedID), + "LassoSaml2EncryptedElement", LASSO_SAML2_ASSERTION_PREFIX, + LASSO_SAML2_ASSERTION_HREF}, { "NewID", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoSamlp2ManageNameIDRequest, NewID), NULL, NULL, NULL}, { "NewEncryptedID", SNIPPET_NODE, diff --git a/lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c b/lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c index a3900c4e..559ef8c1 100644 --- a/lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c +++ b/lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c @@ -56,13 +56,13 @@ static struct XmlSnippet schema_snippets[] = { - { "BaseID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2NameIDMappingRequest, BaseID), NULL, NULL, NULL}, - { "NameID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2NameIDMappingRequest, NameID), NULL, NULL, NULL}, - { "EncryptedID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2NameIDMappingRequest, EncryptedID), - "LassoSaml2EncryptedElement", NULL, NULL }, + { "BaseID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2NameIDMappingRequest, BaseID), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, + { "NameID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2NameIDMappingRequest, NameID), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, + { "EncryptedID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2NameIDMappingRequest, + EncryptedID), NULL, LASSO_SAML2_ASSERTION_PREFIX, + LASSO_SAML2_ASSERTION_HREF}, { "NameIDPolicy", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2NameIDMappingRequest, NameIDPolicy), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} diff --git a/lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c b/lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c index ee2ecb3e..1dffb0a9 100644 --- a/lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c +++ b/lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c @@ -52,11 +52,11 @@ static struct XmlSnippet schema_snippets[] = { - { "NameID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2NameIDMappingResponse, NameID), NULL, NULL, NULL}, - { "EncryptedID", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2NameIDMappingResponse, EncryptedID), - "LassoSaml2EncryptedElement", NULL, NULL }, + { "NameID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2NameIDMappingResponse, NameID), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, + { "EncryptedID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2NameIDMappingResponse, + EncryptedID), NULL, LASSO_SAML2_ASSERTION_PREFIX, + LASSO_SAML2_ASSERTION_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/saml-2.0/samlp2_request_abstract.c b/lasso/xml/saml-2.0/samlp2_request_abstract.c index ba43b63e..3d3e6c9c 100644 --- a/lasso/xml/saml-2.0/samlp2_request_abstract.c +++ b/lasso/xml/saml-2.0/samlp2_request_abstract.c @@ -59,11 +59,10 @@ static struct XmlSnippet schema_snippets[] = { - { "Issuer", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2RequestAbstract, Issuer), - "LassoSaml2NameID", NULL, NULL }, + { "Issuer", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2RequestAbstract, Issuer), + "LassoSaml2NameID", LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, { "Signature", SNIPPET_SIGNATURE, - G_STRUCT_OFFSET(LassoSamlp2RequestAbstract, ID), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSamlp2RequestAbstract, ID), NULL, LASSO_DS_PREFIX, LASSO_DS_HREF}, { "Extensions", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2RequestAbstract, Extensions), NULL, NULL, NULL}, { "ID", SNIPPET_ATTRIBUTE, diff --git a/lasso/xml/saml-2.0/samlp2_response.c b/lasso/xml/saml-2.0/samlp2_response.c index 056ea948..bc8ab5b1 100644 --- a/lasso/xml/saml-2.0/samlp2_response.c +++ b/lasso/xml/saml-2.0/samlp2_response.c @@ -56,10 +56,11 @@ extern LassoNode* lasso_assertion_encrypt(LassoSaml2Assertion *assertion, char * /*****************************************************************************/ static struct XmlSnippet schema_snippets[] = { - { "Assertion", SNIPPET_LIST_NODES, - G_STRUCT_OFFSET(LassoSamlp2Response, Assertion), NULL, NULL, NULL}, - { "EncryptedAssertion", SNIPPET_LIST_NODES, - G_STRUCT_OFFSET(LassoSamlp2Response, EncryptedAssertion), NULL, NULL, NULL}, + { "Assertion", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoSamlp2Response, Assertion), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, + { "EncryptedAssertion", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoSamlp2Response, + EncryptedAssertion), NULL, LASSO_SAML2_ASSERTION_PREFIX, + LASSO_SAML2_ASSERTION_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/saml-2.0/samlp2_status_response.c b/lasso/xml/saml-2.0/samlp2_status_response.c index e8c9b74e..216bb701 100644 --- a/lasso/xml/saml-2.0/samlp2_status_response.c +++ b/lasso/xml/saml-2.0/samlp2_status_response.c @@ -26,6 +26,7 @@ #include "../private.h" #include "../../utils.h" #include "./samlp2_status_response.h" +#include "./saml2_strings.h" #include #include @@ -62,9 +63,9 @@ static struct XmlSnippet schema_snippets[] = { { "Issuer", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2StatusResponse, Issuer), - "LassoSaml2NameID", NULL, NULL}, + "LassoSaml2NameID", LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF}, { "Signature", SNIPPET_SIGNATURE, - G_STRUCT_OFFSET(LassoSamlp2StatusResponse, ID), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSamlp2StatusResponse, ID), NULL, LASSO_DS_PREFIX, LASSO_DS_HREF}, { "Extensions", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2StatusResponse, Extensions), NULL, NULL, NULL}, { "Status", SNIPPET_NODE, diff --git a/lasso/xml/saml-2.0/samlp2_subject_query_abstract.c b/lasso/xml/saml-2.0/samlp2_subject_query_abstract.c index f9c299b5..3db8016e 100644 --- a/lasso/xml/saml-2.0/samlp2_subject_query_abstract.c +++ b/lasso/xml/saml-2.0/samlp2_subject_query_abstract.c @@ -51,8 +51,8 @@ static struct XmlSnippet schema_snippets[] = { - { "Subject", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlp2SubjectQueryAbstract, Subject), NULL, NULL, NULL}, + { "Subject", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2SubjectQueryAbstract, Subject), NULL, + LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF }, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/saml_assertion.c b/lasso/xml/saml_assertion.c index 82f7db53..bc8d5d9e 100644 --- a/lasso/xml/saml_assertion.c +++ b/lasso/xml/saml_assertion.c @@ -80,7 +80,7 @@ static struct XmlSnippet schema_snippets[] = { { "AttributeStatement", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlAssertion, AttributeStatement), NULL, NULL, NULL}, { "Signature", SNIPPET_SIGNATURE, - G_STRUCT_OFFSET(LassoSamlAssertion, AssertionID), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSamlAssertion, AssertionID), NULL, LASSO_DS_PREFIX, LASSO_DS_HREF}, { "MajorVersion", SNIPPET_ATTRIBUTE | SNIPPET_INTEGER, G_STRUCT_OFFSET(LassoSamlAssertion, MajorVersion), NULL, NULL, NULL}, { "MinorVersion", SNIPPET_ATTRIBUTE | SNIPPET_INTEGER, diff --git a/lasso/xml/saml_subject_confirmation.c b/lasso/xml/saml_subject_confirmation.c index 1030536a..d8ed56e8 100644 --- a/lasso/xml/saml_subject_confirmation.c +++ b/lasso/xml/saml_subject_confirmation.c @@ -57,7 +57,8 @@ static struct XmlSnippet schema_snippets[] = { { "SubjectConfirmationData", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoSamlSubjectConfirmation, SubjectConfirmationData), NULL, NULL, NULL}, { "KeyInfo", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSamlSubjectConfirmation, KeyInfo), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSamlSubjectConfirmation, KeyInfo), NULL, LASSO_DS_PREFIX, + LASSO_DS_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/samlp_request_abstract.c b/lasso/xml/samlp_request_abstract.c index 05e7499d..1e183f2e 100644 --- a/lasso/xml/samlp_request_abstract.c +++ b/lasso/xml/samlp_request_abstract.c @@ -65,7 +65,7 @@ static struct XmlSnippet schema_snippets[] = { { "RespondWith", SNIPPET_LIST_CONTENT, G_STRUCT_OFFSET(LassoSamlpRequestAbstract, RespondWith), NULL, NULL, NULL}, { "Signature", SNIPPET_SIGNATURE, - G_STRUCT_OFFSET(LassoSamlpRequestAbstract, RequestID), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSamlpRequestAbstract, RequestID), NULL, LASSO_DS_PREFIX, LASSO_DS_HREF}, { "RequestID", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoSamlpRequestAbstract, RequestID), NULL, NULL, NULL}, { "MajorVersion", SNIPPET_ATTRIBUTE | SNIPPET_INTEGER, G_STRUCT_OFFSET(LassoSamlpRequestAbstract, MajorVersion), NULL, NULL, NULL}, diff --git a/lasso/xml/samlp_response.c b/lasso/xml/samlp_response.c index a7fccdee..06413fca 100644 --- a/lasso/xml/samlp_response.c +++ b/lasso/xml/samlp_response.c @@ -54,7 +54,8 @@ static struct XmlSnippet schema_snippets[] = { { "Status", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlpResponse, Status), NULL, NULL, NULL}, - { "Assertion", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoSamlpResponse, Assertion), NULL, NULL, NULL}, + { "Assertion", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoSamlpResponse, Assertion), NULL, + LASSO_SAML_ASSERTION_PREFIX, LASSO_SAML_ASSERTION_HREF}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/samlp_response_abstract.c b/lasso/xml/samlp_response_abstract.c index c671b93e..513396af 100644 --- a/lasso/xml/samlp_response_abstract.c +++ b/lasso/xml/samlp_response_abstract.c @@ -65,7 +65,8 @@ static struct XmlSnippet schema_snippets[] = { { "Signature", SNIPPET_SIGNATURE, - G_STRUCT_OFFSET(LassoSamlpResponseAbstract, ResponseID), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSamlpResponseAbstract, ResponseID), NULL, LASSO_DS_PREFIX, + LASSO_DS_HREF}, { "ResponseID", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoSamlpResponseAbstract, ResponseID), NULL, NULL, NULL}, { "MajorVersion", SNIPPET_ATTRIBUTE | SNIPPET_INTEGER, diff --git a/lasso/xml/soap-1.1/soap_body.c b/lasso/xml/soap-1.1/soap_body.c index 22f089f7..d88b805f 100644 --- a/lasso/xml/soap-1.1/soap_body.c +++ b/lasso/xml/soap-1.1/soap_body.c @@ -54,7 +54,10 @@ /*****************************************************************************/ static struct XmlSnippet schema_snippets[] = { - { "", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoSoapBody, any), NULL, NULL, NULL}, + { "any", SNIPPET_LIST_NODES | SNIPPET_ANY, G_STRUCT_OFFSET(LassoSoapBody, any), NULL, NULL, + NULL}, + { "Id", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoSoapBody, Id), NULL, LASSO_WSUTIL1_PREFIX, + LASSO_WSUTIL1_HREF }, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/soap_binding_ext_credentials_context.c b/lasso/xml/soap_binding_ext_credentials_context.c index f5aaf00a..7c704239 100644 --- a/lasso/xml/soap_binding_ext_credentials_context.c +++ b/lasso/xml/soap_binding_ext_credentials_context.c @@ -54,7 +54,8 @@ static struct XmlSnippet schema_snippets[] = { { "RequestAuthnContext", SNIPPET_NODE, - G_STRUCT_OFFSET(LassoSoapBindingExtCredentialsContext, RequestAuthnContext), NULL, NULL, NULL}, + G_STRUCT_OFFSET(LassoSoapBindingExtCredentialsContext, RequestAuthnContext), NULL, + LASSO_LIB_PREFIX, LASSO_LIB_HREF}, { "SecurityMechID", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoSoapBindingExtCredentialsContext, SecurityMechID), NULL, NULL, NULL}, { "id", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoSoapBindingExtCredentialsContext, id), NULL, NULL, NULL}, From 591a47002d9d759256b4b29e56a1e1303a421167 Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Fri, 16 Dec 2011 10:02:14 +0100 Subject: [PATCH 13/17] [xml] change saml_advice.h to declarer the real node type It also needed a change to bindings.py to parse struct as well as typedef node classes. --- bindings/bindings.py | 3 +++ lasso/xml/saml_advice.h | 3 +-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/bindings/bindings.py b/bindings/bindings.py index def735e7..0caf114a 100644 --- a/bindings/bindings.py +++ b/bindings/bindings.py @@ -483,6 +483,9 @@ def parse_header(header_file): pass else: # TODO: Add parsing of OFTYPE + # Transform struct to typedef + # example: "struct _LassoAssertion" -> "LassoAssertion" + line = re.sub('\s+struct _', ' ', line) member_match = re.match('\s+(\w+)\s+(\*?\w+)', line) if member_match: member_type, member_name = normalise_var(member_match.group(1), member_match.group(2)) diff --git a/lasso/xml/saml_advice.h b/lasso/xml/saml_advice.h index 82b0ecc2..8216e9de 100644 --- a/lasso/xml/saml_advice.h +++ b/lasso/xml/saml_advice.h @@ -52,8 +52,7 @@ struct _LassoSamlAdvice { /* */ GList *AssertionIDReference; /* of LassoNode */ /* */ - LassoNode *Assertion; /* actually LassoSamlAssertion* but it recurses */ - + struct _LassoSamlAssertion *Assertion; }; struct _LassoSamlAdviceClass { From c087569c48fbe2ad981e5f4ef0f838b7920f5e2b Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Fri, 16 Dec 2011 10:42:14 +0100 Subject: [PATCH 14/17] [xml] add missing nodes to LassoIsInteractionRequest --- lasso/xml/is_interaction_request.c | 6 ++++-- lasso/xml/is_interaction_request.h | 3 ++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/lasso/xml/is_interaction_request.c b/lasso/xml/is_interaction_request.c index 92037d9a..ab1774c7 100644 --- a/lasso/xml/is_interaction_request.c +++ b/lasso/xml/is_interaction_request.c @@ -62,14 +62,16 @@ static struct XmlSnippet schema_snippets[] = { LASSO_DISCO_PREFIX, LASSO_DISCO_HREF}, { "Inquiry", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoIsInteractionRequest, Inquiry), NULL, NULL, NULL}, - /* TODO : KeyInfo */ + { "KeyInfo", SNIPPET_NODE, G_STRUCT_OFFSET(LassoIsInteractionRequest, KeyInfo), NULL, + LASSO_DS_PREFIX, LASSO_DS_HREF}, { "id", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, G_STRUCT_OFFSET(LassoIsInteractionRequest, id), NULL, NULL, NULL}, { "language", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, G_STRUCT_OFFSET(LassoIsInteractionRequest, language), NULL, NULL, NULL}, { "maxInteractTime", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, G_STRUCT_OFFSET(LassoIsInteractionRequest, maxInteractTime), NULL, NULL, NULL}, - /* TODO : signed */ + { "signed", SNIPPET_ATTRIBUTE | SNIPPET_OPTIONAL, + G_STRUCT_OFFSET(LassoIsInteractionRequest, signed_attribute), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/is_interaction_request.h b/lasso/xml/is_interaction_request.h index 0cd06a23..6f58c8a8 100644 --- a/lasso/xml/is_interaction_request.h +++ b/lasso/xml/is_interaction_request.h @@ -60,11 +60,12 @@ struct _LassoIsInteractionRequest { LassoDiscoEncryptedResourceID *EncryptedResourceID; GList *Inquiry; /* of LassoNode */ /* TODO : ds:KeyInfo */ + LassoDsKeyInfo *KeyInfo; char *id; char *language; int maxInteractTime; - /* TODO : signed */ + char *signed_attribute; }; struct _LassoIsInteractionRequestClass { From 9a31985671edfaf877a1254e308bf7d61f1219fa Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Fri, 16 Dec 2011 10:55:37 +0100 Subject: [PATCH 15/17] [xml] add LASSO_XMLENC_PREFIX and LASSO_XMLENC_HREF defines --- lasso/xml/strings.h | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/lasso/xml/strings.h b/lasso/xml/strings.h index 1fe6bc95..9263db43 100644 --- a/lasso/xml/strings.h +++ b/lasso/xml/strings.h @@ -134,6 +134,20 @@ */ #define LASSO_WSUTIL1_PREFIX "wsutil" +/** + * LASSO_XMLENC_HREF + * + * Namespace for xmlenc-core + */ +#define LASSO_XMLENC_HREF "http://www.w3.org/2001/04/xmlenc#" + +/** + * LASSO_XMLENC_PREFIX + * + * Preferred prefix for namespace of xmlenc-core + */ +#define LASSO_XMLENC_PREFIX "xmlenc" + /*****************************************************************************/ /* Lasso */ /*****************************************************************************/ From 154812b401e3845977b3a4892dbc5e5a0b9d03cf Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Fri, 16 Dec 2011 11:12:58 +0100 Subject: [PATCH 16/17] [xml] rewrite schema directed serialization/deserialization methods The new implementations of lasso_node_impl_init_from_xml now validate namespace of all child nodes befores parsing. It stops on any error. For node which implement their own parsing of an attribute or a node, it must declare an XmlSnippet with an offset field set to 0. The 0 value is invalid for public GObject structure (it's the place of the GObject machinery like the reference count). The 0 offset can be used for XmlSnippet in a private structure, so never set the offset to 0 with the flag SNIPPET_PRIVATE, for a field which is parsed by you get_xmlNode virtual method. Other ameliorations in this commit is the possibility to set attributes with namespace when using the flags SNIPPET_ATTRIBUTE|SNIPPET_ANY. The syntax for an attribute is inspired by the element tree API from Python: {namespace}attribute_name an example: {http://www.w3.org/2001/XMLSchema-instance}type for the classic xsi:type attribute. --- lasso/id-ff/defederation.c | 13 +- lasso/id-ff/federation.c | 1 + lasso/id-ff/login.c | 24 +- lasso/id-ff/logout.c | 1 + lasso/id-ff/name_registration.c | 1 + lasso/id-ff/profile.c | 76 +- lasso/id-ff/profileprivate.h | 3 + lasso/id-ff/provider.c | 3 + lasso/id-ff/server.c | 14 +- lasso/xml/lib_assertion.c | 3 +- lasso/xml/lib_authentication_statement.c | 3 +- lasso/xml/lib_subject.c | 3 +- lasso/xml/misc_text_node.c | 28 +- lasso/xml/private.h | 33 +- .../saml2_key_info_confirmation_data_type.c | 102 ++- .../saml2_key_info_confirmation_data_type.h | 14 +- lasso/xml/saml-2.0/samlp2_logout_request.c | 10 +- lasso/xml/soap-1.1/soap_body.c | 20 - lasso/xml/tools.c | 59 ++ lasso/xml/xml.c | 833 ++++++++++-------- 20 files changed, 674 insertions(+), 570 deletions(-) diff --git a/lasso/id-ff/defederation.c b/lasso/id-ff/defederation.c index 062a5beb..4cf3aada 100644 --- a/lasso/id-ff/defederation.c +++ b/lasso/id-ff/defederation.c @@ -456,6 +456,15 @@ lasso_defederation_validate_notification(LassoDefederation *defederation) /* instance and class init functions */ /*****************************************************************************/ +static void +class_init(LassoDefederationClass *klass) +{ + LassoNodeClass *nclass = LASSO_NODE_CLASS(klass); + + nclass->node_data = NULL; +} + + GType lasso_defederation_get_type() { @@ -464,11 +473,11 @@ lasso_defederation_get_type() if (!this_type) { static const GTypeInfo this_info = { sizeof (LassoDefederationClass), - NULL, NULL, NULL, NULL, NULL, + NULL, NULL, (GClassInitFunc) class_init, NULL, NULL, sizeof(LassoDefederation), 0, NULL, - NULL + NULL, }; this_type = g_type_register_static(LASSO_TYPE_PROFILE, diff --git a/lasso/id-ff/federation.c b/lasso/id-ff/federation.c index 7c28e2be..4dbea978 100644 --- a/lasso/id-ff/federation.c +++ b/lasso/id-ff/federation.c @@ -167,6 +167,7 @@ static struct XmlSnippet schema_snippets[] = { G_STRUCT_OFFSET(LassoFederation, remote_nameIdentifier), NULL, NULL, NULL}, { "RemoteProviderID", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoFederation, remote_providerID), NULL, NULL, NULL}, + { "FederationDumpVersion", SNIPPET_ATTRIBUTE, 0, NULL, NULL, NULL }, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/id-ff/login.c b/lasso/id-ff/login.c index 15e4735e..dd3cc5c7 100644 --- a/lasso/id-ff/login.c +++ b/lasso/id-ff/login.c @@ -274,6 +274,9 @@ #include "../id-wsf/id_ff_extensions_private.h" #endif +#define LASSO_LOGIN_GET_PRIVATE(o) \ + (G_TYPE_INSTANCE_GET_PRIVATE ((o), LASSO_TYPE_LOGIN, LassoLoginPrivate)) + static void lasso_login_build_assertion_artifact(LassoLogin *login); @@ -2286,6 +2289,10 @@ static struct XmlSnippet schema_snippets[] = { { "AssertionArtifact", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLogin, assertionArtifact), NULL, NULL, NULL}, { "NameIDPolicy", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoLogin, nameIDPolicy), NULL, NULL, NULL}, { "Assertion", SNIPPET_NODE_IN_CHILD, G_STRUCT_OFFSET(LassoLogin, assertion), NULL, NULL, NULL}, + { "RequestID", SNIPPET_CONTENT | SNIPPET_PRIVATE, + G_STRUCT_OFFSET(LassoLoginPrivate, request_id), NULL, NULL, NULL}, + { "LoginDumpVersion", SNIPPET_ATTRIBUTE, 0, NULL, NULL, NULL}, + { "ProtocolProfile", SNIPPET_CONTENT, 0, NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} }; @@ -2299,7 +2306,6 @@ get_xmlNode(LassoNode *node, gboolean lasso_dump) xmlnode = parent_class->get_xmlNode(node, lasso_dump); xmlSetProp(xmlnode, (xmlChar*)"LoginDumpVersion", (xmlChar*)"2"); - xmlSetProp(xmlnode, (xmlChar*)"RequestID", (xmlChar*)LASSO_LOGIN(node)->private_data->request_id); if (login->protocolProfile == LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_ART) xmlNewTextChild(xmlnode, NULL, (xmlChar*)"ProtocolProfile", (xmlChar*)"Artifact"); @@ -2321,9 +2327,6 @@ init_from_xml(LassoNode *node, xmlNode *xmlnode) rc = parent_class->init_from_xml(node, xmlnode); if (rc) return rc; - lasso_assign_new_string(LASSO_LOGIN(node)->private_data->request_id, (char*)xmlGetProp(xmlnode, - (xmlChar*)"RequestID")); - t = xmlnode->children; while (t) { if (t->type != XML_ELEMENT_NODE) { @@ -2367,14 +2370,6 @@ dispose(GObject *object) G_OBJECT_CLASS(parent_class)->dispose(object); } -static void -finalize(GObject *object) -{ - LassoLogin *login = LASSO_LOGIN(object); - lasso_release(login->private_data); - G_OBJECT_CLASS(parent_class)->finalize(object); -} - /*****************************************************************************/ /* instance and class init functions */ /*****************************************************************************/ @@ -2382,8 +2377,7 @@ finalize(GObject *object) static void instance_init(LassoLogin *login) { - login->private_data = g_new0(LassoLoginPrivate, 1); - + login->private_data = LASSO_LOGIN_GET_PRIVATE(login); login->protocolProfile = 0; login->assertionArtifact = NULL; login->nameIDPolicy = NULL; @@ -2402,9 +2396,9 @@ class_init(LassoLoginClass *klass) lasso_node_class_set_nodename(nclass, "Login"); lasso_node_class_set_ns(nclass, LASSO_LASSO_HREF, LASSO_LASSO_PREFIX); lasso_node_class_add_snippets(nclass, schema_snippets); + g_type_class_add_private(klass, sizeof(LassoLoginPrivate)); G_OBJECT_CLASS(klass)->dispose = dispose; - G_OBJECT_CLASS(klass)->finalize = finalize; } GType diff --git a/lasso/id-ff/logout.c b/lasso/id-ff/logout.c index e8886933..7567a47d 100644 --- a/lasso/id-ff/logout.c +++ b/lasso/id-ff/logout.c @@ -1162,6 +1162,7 @@ static struct XmlSnippet schema_snippets[] = { G_STRUCT_OFFSET(LassoLogout, initial_remote_providerID), NULL, NULL, NULL}, { "InitialHttpRequestMethod", SNIPPET_CONTENT | SNIPPET_INTEGER, G_STRUCT_OFFSET(LassoLogout, initial_http_request_method), NULL, NULL, NULL}, + { "LogoutDumpVersion", SNIPPET_ATTRIBUTE, 0, NULL, NULL, NULL }, /* "ProviderIdIndex" must not be dumped (since apps assume to get * it back to 0 after a restore from dump) (maybe this behaviour should * be fixed) diff --git a/lasso/id-ff/name_registration.c b/lasso/id-ff/name_registration.c index 0badf76d..7d554902 100644 --- a/lasso/id-ff/name_registration.c +++ b/lasso/id-ff/name_registration.c @@ -645,6 +645,7 @@ lasso_name_registration_validate_request(LassoNameRegistration *name_registratio static struct XmlSnippet schema_snippets[] = { { "OldNameIdentifier", SNIPPET_NODE_IN_CHILD, G_STRUCT_OFFSET(LassoNameRegistration, oldNameIdentifier), NULL, NULL, NULL}, + { "NameRegistrationDumpVersion", SNIPPET_ATTRIBUTE, 0, NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/id-ff/profile.c b/lasso/id-ff/profile.c index c1c86daa..749fb119 100644 --- a/lasso/id-ff/profile.c +++ b/lasso/id-ff/profile.c @@ -539,69 +539,15 @@ static struct XmlSnippet schema_snippets[] = { NULL, NULL}, { "HttpRequestMethod", SNIPPET_CONTENT | SNIPPET_INTEGER, G_STRUCT_OFFSET(LassoProfile, http_request_method), NULL, NULL, NULL}, + { "Artifact", SNIPPET_CONTENT | SNIPPET_PRIVATE, G_STRUCT_OFFSET(LassoProfilePrivate, + artifact), NULL, NULL, NULL }, + { "ArtifactMessage", SNIPPET_CONTENT | SNIPPET_PRIVATE, G_STRUCT_OFFSET(LassoProfilePrivate, + artifact_message), NULL, NULL, NULL }, {NULL, 0, 0, NULL, NULL, NULL} }; static LassoNodeClass *parent_class = NULL; -static xmlNode* -get_xmlNode(LassoNode *node, gboolean lasso_dump) -{ - xmlNode *xmlnode; - LassoProfile *profile = LASSO_PROFILE(node); - - xmlnode = parent_class->get_xmlNode(node, lasso_dump); - - if (profile->private_data->artifact) { - xmlNewTextChild(xmlnode, NULL, (xmlChar*)"Artifact", - (xmlChar*)profile->private_data->artifact); - } - - if (profile->private_data->artifact_message) { - xmlNewTextChild(xmlnode, NULL, (xmlChar*)"ArtifactMessage", - (xmlChar*)profile->private_data->artifact_message); - } - - return xmlnode; -} - - -static int -init_from_xml(LassoNode *node, xmlNode *xmlnode) -{ - LassoProfile *profile = LASSO_PROFILE(node); - xmlNode *t; - - parent_class->init_from_xml(node, xmlnode); - - if (xmlnode == NULL) - return LASSO_XML_ERROR_OBJECT_CONSTRUCTION_FAILED; - - t = xmlnode->children; - while (t) { - xmlChar *s; - - if (t->type != XML_ELEMENT_NODE) { - t = t->next; - continue; - } - - if (strcmp((char*)t->name, "Artifact") == 0) { - s = xmlNodeGetContent(t); - lasso_assign_string(profile->private_data->artifact, (char*)s); - xmlFree(s); - } else if (strcmp((char*)t->name, "ArtifactMessage") == 0) { - s = xmlNodeGetContent(t); - lasso_assign_string(profile->private_data->artifact_message, (char*)s); - xmlFree(s); - } - - t = t->next; - } - - return 0; -} - /** * lasso_profile_set_signature_hint: * @profile: a #LassoProfile object @@ -819,14 +765,6 @@ dispose(GObject *object) G_OBJECT_CLASS(parent_class)->dispose(G_OBJECT(profile)); } -static void -finalize(GObject *object) -{ - LassoProfile *profile = LASSO_PROFILE(object); - lasso_release(profile->private_data); - G_OBJECT_CLASS(parent_class)->finalize(object); -} - /*****************************************************************************/ /* instance and class init functions */ /*****************************************************************************/ @@ -834,7 +772,7 @@ finalize(GObject *object) static void instance_init(LassoProfile *profile) { - profile->private_data = g_new0(LassoProfilePrivate, 1); + profile->private_data = LASSO_PROFILE_GET_PRIVATE(profile); profile->private_data->dispose_has_run = FALSE; profile->private_data->artifact = NULL; profile->private_data->artifact_message = NULL; @@ -864,11 +802,9 @@ class_init(LassoProfileClass *klass) lasso_node_class_set_nodename(nclass, "Profile"); lasso_node_class_set_ns(nclass, LASSO_LASSO_HREF, LASSO_LASSO_PREFIX); lasso_node_class_add_snippets(nclass, schema_snippets); - nclass->get_xmlNode = get_xmlNode; - nclass->init_from_xml = init_from_xml; + g_type_class_add_private(klass, sizeof(LassoProfilePrivate)); G_OBJECT_CLASS(klass)->dispose = dispose; - G_OBJECT_CLASS(klass)->finalize = finalize; } GType diff --git a/lasso/id-ff/profileprivate.h b/lasso/id-ff/profileprivate.h index 3a9f563f..2aeefad0 100644 --- a/lasso/id-ff/profileprivate.h +++ b/lasso/id-ff/profileprivate.h @@ -44,6 +44,9 @@ struct _LassoProfilePrivate void lasso_profile_set_response_status(LassoProfile *profile, const gchar *statusCodeValue); void lasso_profile_clean_msg_info(LassoProfile *profile); +#define LASSO_PROFILE_GET_PRIVATE(o) \ + (G_TYPE_INSTANCE_GET_PRIVATE ((o), LASSO_TYPE_PROFILE, LassoProfilePrivate)) + #ifdef __cplusplus } #endif /* __cplusplus */ diff --git a/lasso/id-ff/provider.c b/lasso/id-ff/provider.c index 494d1351..3f9e6173 100644 --- a/lasso/id-ff/provider.c +++ b/lasso/id-ff/provider.c @@ -516,6 +516,9 @@ static struct XmlSnippet schema_snippets[] = { { "CaCertChainFilePath", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoProvider, ca_cert_chain), NULL, NULL, NULL}, { "MetadataFilePath", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoProvider, metadata_filename), NULL, NULL, NULL}, { "ProviderID", SNIPPET_ATTRIBUTE, G_STRUCT_OFFSET(LassoProvider, ProviderID), NULL, NULL, NULL}, + { "ProviderRole", SNIPPET_ATTRIBUTE, 0, NULL, NULL, NULL}, + { "EncryptionMode", SNIPPET_ATTRIBUTE, 0, NULL, NULL, NULL}, + { "ProviderDumpVersion", SNIPPET_ATTRIBUTE, 0, NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/id-ff/server.c b/lasso/id-ff/server.c index c95e2713..390a55b7 100644 --- a/lasso/id-ff/server.c +++ b/lasso/id-ff/server.c @@ -254,10 +254,20 @@ cleanup: /*****************************************************************************/ static struct XmlSnippet schema_snippets[] = { - { "PrivateKeyFilePath", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoServer, private_key), NULL, NULL, NULL}, + { "PrivateKeyFilePath", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoServer, private_key), NULL, + NULL, NULL}, { "PrivateKeyPassword", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoServer, private_key_password), NULL, NULL, NULL}, - { "CertificateFilePath", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoServer, certificate), NULL, NULL, NULL}, + { "CertificateFilePath", SNIPPET_CONTENT, G_STRUCT_OFFSET(LassoServer, certificate), NULL, + NULL, NULL}, + { "SignatureMethod", SNIPPET_ATTRIBUTE, 0, NULL, NULL, NULL }, + { "Providers", SNIPPET_LIST_NODES, 0, NULL, NULL, NULL }, + { "ServerDumpVersion", SNIPPET_ATTRIBUTE, 0, NULL, NULL, NULL }, +#ifdef LASSO_WSF_ENABLED + { "Services", SNIPPET_LIST_NODES, 0, NULL, NULL, NULL }, + { "SvcMDs", SNIPPET_LIST_NODES, 0, NULL, NULL, NULL }, +#endif + {NULL, 0, 0, NULL, NULL, NULL} }; diff --git a/lasso/xml/lib_assertion.c b/lasso/xml/lib_assertion.c index b79b569e..17f71c14 100644 --- a/lasso/xml/lib_assertion.c +++ b/lasso/xml/lib_assertion.c @@ -79,7 +79,8 @@ class_init(LassoLibAssertionClass *klass) LassoNodeClass *nclass = LASSO_NODE_CLASS(klass); nclass->node_data = g_new0(LassoNodeClassData, 1); - lasso_node_class_set_nodename(nclass, "Assertion"); + nclass->node_data->xsi_sub_type = TRUE; + lasso_node_class_set_nodename(nclass, "AssertionType"); lasso_node_class_set_ns(nclass, LASSO_LIB_HREF, LASSO_LIB_PREFIX); lasso_node_class_add_snippets(nclass, schema_snippets); } diff --git a/lasso/xml/lib_authentication_statement.c b/lasso/xml/lib_authentication_statement.c index fb36d203..dff4be3a 100644 --- a/lasso/xml/lib_authentication_statement.c +++ b/lasso/xml/lib_authentication_statement.c @@ -74,7 +74,8 @@ class_init(LassoLibAuthenticationStatementClass *klass) LassoNodeClass *nclass = LASSO_NODE_CLASS(klass); nclass->node_data = g_new0(LassoNodeClassData, 1); - lasso_node_class_set_nodename(nclass, "AuthenticationStatement"); + nclass->node_data->xsi_sub_type = TRUE; + lasso_node_class_set_nodename(nclass, "AuthenticationStatementType"); lasso_node_class_set_ns(nclass, LASSO_LIB_HREF, LASSO_LIB_PREFIX); lasso_node_class_add_snippets(nclass, schema_snippets); } diff --git a/lasso/xml/lib_subject.c b/lasso/xml/lib_subject.c index 49335b4c..b44c9956 100644 --- a/lasso/xml/lib_subject.c +++ b/lasso/xml/lib_subject.c @@ -67,7 +67,8 @@ class_init(LassoLibSubjectClass *klass) LassoNodeClass *nclass = LASSO_NODE_CLASS(klass); nclass->node_data = g_new0(LassoNodeClassData, 1); - lasso_node_class_set_nodename(nclass, "Subject"); + nclass->node_data->xsi_sub_type = TRUE; + lasso_node_class_set_nodename(nclass, "SubjectType"); lasso_node_class_set_ns(nclass, LASSO_LIB_HREF, LASSO_LIB_PREFIX); lasso_node_class_add_snippets(nclass, schema_snippets); } diff --git a/lasso/xml/misc_text_node.c b/lasso/xml/misc_text_node.c index 1cbaa675..0d88ad5e 100644 --- a/lasso/xml/misc_text_node.c +++ b/lasso/xml/misc_text_node.c @@ -33,6 +33,7 @@ typedef struct { xmlNode *xml_content; + GHashTable *any_attributes; } LassoMiscTextNodePrivate; #define LASSO_MISC_TEXT_NODE_GET_PRIVATE(o) \ @@ -41,30 +42,19 @@ typedef struct { static struct XmlSnippet schema_snippets[] = { { "content", SNIPPET_TEXT_CHILD, G_STRUCT_OFFSET(LassoMiscTextNode, content), NULL, NULL, NULL}, + { "any_attributes", SNIPPET_ATTRIBUTE | SNIPPET_ANY | SNIPPET_PRIVATE, + G_STRUCT_OFFSET(LassoMiscTextNodePrivate, any_attributes), NULL, NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} }; static LassoNodeClass *parent_class = NULL; - -static void -insure_namespace(xmlNode *xmlnode, xmlNs *ns) -{ - xmlNode *t = xmlnode->children; - - xmlSetNs(xmlnode, ns); - while (t) { - if (t->type == XML_ELEMENT_NODE && t->ns == NULL) - insure_namespace(t, ns); - t = t->next; - } -} - static xmlNode* get_xmlNode(LassoNode *node, gboolean lasso_dump) { xmlNode *xmlnode; xmlNs *ns; + LassoMiscTextNode *mtnode = (LassoMiscTextNode*)node; LassoMiscTextNodePrivate *private; private = LASSO_MISC_TEXT_NODE_GET_PRIVATE(node); @@ -77,10 +67,12 @@ get_xmlNode(LassoNode *node, gboolean lasso_dump) } xmlnode = parent_class->get_xmlNode(node, lasso_dump); - xmlNodeSetName(xmlnode, (xmlChar*)LASSO_MISC_TEXT_NODE(node)->name); - ns = xmlNewNs(xmlnode, (xmlChar*)LASSO_MISC_TEXT_NODE(node)->ns_href, - (xmlChar*)LASSO_MISC_TEXT_NODE(node)->ns_prefix); - insure_namespace(xmlnode, ns); + xmlNodeSetName(xmlnode, BAD_CAST mtnode->name); + if (! lasso_strisempty(mtnode->ns_href) && ! lasso_strisempty(mtnode->ns_href)) { + ns = xmlNewNs(xmlnode, BAD_CAST mtnode->ns_href, + BAD_CAST mtnode->ns_prefix); + xmlSetNs(xmlnode, ns); + } return xmlnode; } diff --git a/lasso/xml/private.h b/lasso/xml/private.h index 0a301112..009596d8 100644 --- a/lasso/xml/private.h +++ b/lasso/xml/private.h @@ -40,7 +40,7 @@ typedef enum { SNIPPET_NODE, SNIPPET_CONTENT, SNIPPET_TEXT_CHILD, - SNIPPET_NAME_IDENTIFIER, + SNIPPET_UNUSED1, SNIPPET_ATTRIBUTE, SNIPPET_NODE_IN_CHILD, SNIPPET_LIST_NODES, @@ -72,11 +72,15 @@ typedef enum { } SignatureVerificationOption; struct XmlSnippet { - char *name; - SnippetType type; - guint offset; - char *class_name; - char *ns_name; + char *name; /* name of the node or attribute to match */ + SnippetType type; /* type of node to deserialize */ + guint offset; /* offset of the storage field relative to the public or private object (if + using SNIPPET_PRIVATE). If 0, means that no storage must be done, it will + be handled by the init_from_xml virtual method. */ + char *class_name; /* Force a certain LassoNode class for deserializing a node, usually + useless. */ + char *ns_name; /* if the namespace is different from the one of the parent node, specify it + there */ char *ns_uri; }; @@ -156,6 +160,7 @@ struct _LassoNodeClassData int private_key_file_offset; int certificate_file_offset; gboolean keep_xmlnode; + gboolean xsi_sub_type; }; void lasso_node_class_set_nodename(LassoNodeClass *klass, char *name); @@ -278,6 +283,22 @@ LassoSignatureContext lasso_make_signature_context_from_path_or_string(char *fil const char *password, LassoSignatureMethod signature_method, const char *certificate); +xmlNs * get_or_define_ns(xmlNode *xmlnode, const xmlChar *ns_uri, const xmlChar + *advised_prefix); + +void set_qname_attribute(xmlNode *node, + const xmlChar *attribute_ns_prefix, + const xmlChar *attribute_ns_href, + const xmlChar *attribute_name, + const xmlChar *prefix, + const xmlChar *href, + const xmlChar *name); + + +void set_xsi_type(xmlNode *node, + const xmlChar *type_ns_prefix, + const xmlChar *type_ns_href, + const xmlChar *type_name); #ifdef __cplusplus } #endif /* __cplusplus */ diff --git a/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.c b/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.c index 50f3c46a..901b709b 100644 --- a/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.c +++ b/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.c @@ -58,68 +58,33 @@ /* private methods */ /*****************************************************************************/ +struct _LassoSaml2KeyInfoConfirmationDataTypePrivate { + GList *KeyInfo; +}; static struct XmlSnippet schema_snippets[] = { - { "KeyInfo", SNIPPET_LIST_NODES, - G_STRUCT_OFFSET(LassoSaml2KeyInfoConfirmationDataType, KeyInfo), NULL, NULL, NULL}, + { "KeyInfo", SNIPPET_LIST_NODES|SNIPPET_PRIVATE, + G_STRUCT_OFFSET(LassoSaml2KeyInfoConfirmationDataTypePrivate, KeyInfo), "LassoDsKeyInfo", NULL, NULL}, {NULL, 0, 0, NULL, NULL, NULL} }; static LassoNodeClass *parent_class = NULL; +#define LASSO_SAML2_KEY_INFO_CONFIRMATION_DATA_TYPE_GET_PRIVATE(o) \ + (G_TYPE_INSTANCE_GET_PRIVATE ((o), LASSO_TYPE_SAML2_KEY_INFO_CONFIRMATION_DATA_TYPE, LassoSaml2KeyInfoConfirmationDataTypePrivate)) /*****************************************************************************/ /* instance and class init functions */ /*****************************************************************************/ -static xmlNs * -ensure_namespace(xmlNode *node, const xmlChar *href, const xmlChar *prefix) -{ - xmlNs *ns; - - ns = xmlSearchNsByHref(node->doc, node, href); - if (! ns) { - ns = xmlNewNs(node, href, prefix); - xmlSetNs(node, ns); - } - return ns; -} - static void -set_qname_attribue(xmlNode *node, xmlChar *attribute_name, const xmlChar *name, const - xmlChar *href, const xmlChar *prefix) { - xmlNs *type_ns; - xmlNs *xsi_ns; - xmlChar *value; - - xsi_ns = ensure_namespace(node, BAD_CAST LASSO_XSI_HREF, BAD_CAST LASSO_XSI_PREFIX); - type_ns = ensure_namespace(node, href, prefix); - value = BAD_CAST g_strdup_printf("%s:%s", type_ns->prefix, name); - xmlSetNsProp(node, xsi_ns, attribute_name, value); - lasso_release_string(value); -} - -static void -set_xsi_type(xmlNode *node, const xmlChar *type, const xmlChar *href, const xmlChar *prefix) { - set_qname_attribue(node, BAD_CAST "type", type, href, prefix); -} - -static xmlNode* -get_xmlNode(LassoNode *node, gboolean lasso_dump) +instance_init(LassoSaml2KeyInfoConfirmationDataType *saml2_key_info_confirmation_data_type) { - xmlNode *xmlnode = NULL; - - /* add xsi:type="KeyInfoConfirmationDataType" */ - xmlnode = parent_class->get_xmlNode(node, lasso_dump); - set_xsi_type(xmlnode, - BAD_CAST "KeyInfoConfirmationDataType", - BAD_CAST LASSO_SAML2_ASSERTION_HREF, - BAD_CAST LASSO_SAML2_ASSERTION_PREFIX); - - return xmlnode; + saml2_key_info_confirmation_data_type->private_data = + LASSO_SAML2_KEY_INFO_CONFIRMATION_DATA_TYPE_GET_PRIVATE( + saml2_key_info_confirmation_data_type); } - static void class_init(LassoSaml2KeyInfoConfirmationDataTypeClass *klass) { @@ -127,8 +92,11 @@ class_init(LassoSaml2KeyInfoConfirmationDataTypeClass *klass) parent_class = g_type_class_peek_parent(klass); nclass->node_data = g_new0(LassoNodeClassData, 1); - nclass->get_xmlNode = get_xmlNode; + nclass->node_data->xsi_sub_type = TRUE; + lasso_node_class_set_nodename(nclass, "KeyInfoConfirmationDataType"); + lasso_node_class_set_ns(nclass, LASSO_SAML2_ASSERTION_HREF, LASSO_SAML2_ASSERTION_PREFIX); lasso_node_class_add_snippets(nclass, schema_snippets); + g_type_class_add_private(klass, sizeof(LassoSaml2KeyInfoConfirmationDataTypePrivate)); } GType @@ -146,7 +114,7 @@ lasso_saml2_key_info_confirmation_data_type_get_type() NULL, sizeof(LassoSaml2KeyInfoConfirmationDataType), 0, - NULL, + (GInstanceInitFunc)instance_init, NULL }; @@ -171,3 +139,41 @@ lasso_saml2_key_info_confirmation_data_type_new() { return g_object_new(LASSO_TYPE_SAML2_KEY_INFO_CONFIRMATION_DATA_TYPE, NULL); } + +/** + * lasso_saml2_key_info_confirmation_data_type_get_key_info: + * @kicdt: a #LassoSaml2KeyInfoConfirmationDataType object. + * + * Return the list of KeyInfo node contained in the saml2:SubjectConfirmationData of type + * saml2:KeyInfoConfirmationDataType. + * + * Return value:(element-type LassoDsKeyInfo)(transfer none): a list of #LassoDsKeyInfo objects. + */ +GList* +lasso_saml2_key_info_confirmation_data_type_get_key_info( + LassoSaml2KeyInfoConfirmationDataType *kicdt) +{ + lasso_return_val_if_fail(LASSO_IS_SAML2_KEY_INFO_CONFIRMATION_DATA_TYPE(kicdt), NULL); + + return kicdt->private_data->KeyInfo; +} + +/** + * lasso_saml2_key_info_confirmation_data_type_set_key_info: + * @kicdt: a #LassoSaml2KeyInfoConfirmationDataType object. + * @key_infos:(tranfer none)(element-type LassoDsKeyInfo): a list of #LassoDsKeyInfo object. + * + * Set the list of ds:KeyInfo nodes for the saml2:SubjectConfirmationData of type + * saml2:KeyInfoConfirmationDataType. + */ +void +lasso_saml2_key_info_confirmation_data_type_set_key_info( + LassoSaml2KeyInfoConfirmationDataType *kicdt, + GList *key_infos) +{ + lasso_return_if_fail(LASSO_IS_SAML2_KEY_INFO_CONFIRMATION_DATA_TYPE(kicdt)); + + lasso_assign_list_of_gobjects( + kicdt->private_data->KeyInfo, + key_infos); +} diff --git a/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.h b/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.h index 6ebd0f64..f66235ab 100644 --- a/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.h +++ b/lasso/xml/saml-2.0/saml2_key_info_confirmation_data_type.h @@ -51,14 +51,13 @@ extern "C" { typedef struct _LassoSaml2KeyInfoConfirmationDataType LassoSaml2KeyInfoConfirmationDataType; typedef struct _LassoSaml2KeyInfoConfirmationDataTypeClass LassoSaml2KeyInfoConfirmationDataTypeClass; - +typedef struct _LassoSaml2KeyInfoConfirmationDataTypePrivate LassoSaml2KeyInfoConfirmationDataTypePrivate; struct _LassoSaml2KeyInfoConfirmationDataType { LassoSaml2SubjectConfirmationData parent; - /*< public >*/ - /* attributes */ - GList *KeyInfo; /* of LassoDsKeyInfo */ + /*< private >*/ + LassoSaml2KeyInfoConfirmationDataTypePrivate *private_data; }; @@ -68,8 +67,11 @@ struct _LassoSaml2KeyInfoConfirmationDataTypeClass { LASSO_EXPORT GType lasso_saml2_key_info_confirmation_data_type_get_type(void); LASSO_EXPORT LassoNode* lasso_saml2_key_info_confirmation_data_type_new(void); - - +LASSO_EXPORT GList *lasso_saml2_key_info_confirmation_data_type_get_key_info( + LassoSaml2KeyInfoConfirmationDataType *kicdt); +LASSO_EXPORT void lasso_saml2_key_info_confirmation_data_type_set_key_info( + LassoSaml2KeyInfoConfirmationDataType *kicdt, + GList *key_infos); #ifdef __cplusplus } diff --git a/lasso/xml/saml-2.0/samlp2_logout_request.c b/lasso/xml/saml-2.0/samlp2_logout_request.c index 0152a0d5..947e0cd6 100644 --- a/lasso/xml/saml-2.0/samlp2_logout_request.c +++ b/lasso/xml/saml-2.0/samlp2_logout_request.c @@ -142,7 +142,6 @@ init_from_xml(LassoNode *node, xmlNode *xmlnode) rc = parent_class->init_from_xml(node, xmlnode); if (rc == 0) { - GList *last; pv = GET_PRIVATE(node); child = xmlSecFindChild(xmlnode, BAD_CAST SESSION_INDEX, @@ -154,11 +153,10 @@ init_from_xml(LassoNode *node, xmlNode *xmlnode) lasso_release_xml_string(content); child = xmlSecGetNextElementNode(child->next); } - /* remove the last one, since it is also stored in node->SessionIndex */ - last = g_list_last(pv->SessionIndex); - if (last) { - lasso_release_string(last->data); - pv->SessionIndex = g_list_delete_link(pv->SessionIndex, last); + /* remove the first one, since it is also stored in node->SessionIndex */ + if (pv->SessionIndex) { + lasso_release_string(pv->SessionIndex->data); + pv->SessionIndex = g_list_delete_link(pv->SessionIndex, pv->SessionIndex); } } diff --git a/lasso/xml/soap-1.1/soap_body.c b/lasso/xml/soap-1.1/soap_body.c index d88b805f..4a1768d2 100644 --- a/lasso/xml/soap-1.1/soap_body.c +++ b/lasso/xml/soap-1.1/soap_body.c @@ -65,9 +65,6 @@ static struct XmlSnippet schema_snippets[] = { /* instance and class init functions */ /*****************************************************************************/ -static xmlNode* get_xmlNode(LassoNode *node, gboolean lasso_dump); - - static LassoNodeClass *parent_class = NULL; static void @@ -77,28 +74,11 @@ class_init(LassoSoapBodyClass *klass) parent_class = g_type_class_peek_parent(nclass); nclass->node_data = g_new0(LassoNodeClassData, 1); - nclass->get_xmlNode = get_xmlNode; lasso_node_class_set_nodename(nclass, "Body"); lasso_node_class_set_ns(nclass, LASSO_SOAP_ENV_HREF, LASSO_SOAP_ENV_PREFIX); lasso_node_class_add_snippets(nclass, schema_snippets); } -static xmlNode* -get_xmlNode(LassoNode *node, gboolean lasso_dump) { - xmlNodePtr ret; - - /* Fix namespace of Id */ - ret = parent_class->get_xmlNode(node, lasso_dump); - - { - xmlNsPtr ns; - ns = xmlNewNs(ret, (xmlChar*)LASSO_WSUTIL1_HREF, (xmlChar*)LASSO_WSUTIL1_PREFIX); - xmlNewNsProp(ret, ns, (xmlChar*)"Id", (xmlChar*)LASSO_SOAP_BODY(node)->Id); - } - - return ret; -} - GType lasso_soap_body_get_type() { diff --git a/lasso/xml/tools.c b/lasso/xml/tools.c index 429b4526..00425043 100644 --- a/lasso/xml/tools.c +++ b/lasso/xml/tools.c @@ -2405,3 +2405,62 @@ lasso_make_signature_context_from_path_or_string(char *filename_or_buffer, const } return context; } + +xmlNs * +get_or_define_ns(xmlNode *xmlnode, const xmlChar *ns_uri, const xmlChar *advised_prefix) { + xmlNs *ns; + char prefix[20]; + int i = 1; + + ns = xmlSearchNsByHref(NULL, xmlnode, ns_uri); + if (ns) + return ns; + /* Try with the advised prefix */ + if (advised_prefix) { + ns = xmlSearchNs(NULL, xmlnode, BAD_CAST prefix); + if (! ns) { /* If not taken, use it */ + return xmlNewNs(xmlnode, ns_uri, BAD_CAST advised_prefix); + } + } + /* Create a prefix from scratch */ + do { + sprintf(prefix, "ns%u", i); + i++; + ns = xmlSearchNs(NULL, xmlnode, BAD_CAST prefix); + } while (ns); + return xmlNewNs(xmlnode, ns_uri, BAD_CAST prefix); +} + + +void +set_qname_attribute(xmlNode *node, + const xmlChar *attribute_ns_prefix, + const xmlChar *attribute_ns_href, + const xmlChar *attribute_name, + const xmlChar *prefix, + const xmlChar *href, + const xmlChar *name) { + xmlNs *type_ns; + xmlNs *xsi_ns; + xmlChar *value; + + xsi_ns = get_or_define_ns(node, attribute_ns_href, attribute_ns_prefix); + type_ns = get_or_define_ns(node, href, prefix); + value = BAD_CAST g_strdup_printf("%s:%s", type_ns->prefix, name); + xmlSetNsProp(node, xsi_ns, attribute_name, value); + lasso_release_string(value); +} + +void +set_xsi_type(xmlNode *node, + const xmlChar *type_ns_prefix, + const xmlChar *type_ns_href, + const xmlChar *type_name) { + set_qname_attribute(node, + BAD_CAST LASSO_XSI_PREFIX, + BAD_CAST LASSO_XSI_HREF, + BAD_CAST "type", + type_ns_prefix, + type_ns_href, + type_name); +} diff --git a/lasso/xml/xml.c b/lasso/xml/xml.c index 265236a8..bc8111b9 100644 --- a/lasso/xml/xml.c +++ b/lasso/xml/xml.c @@ -52,6 +52,7 @@ #include "../debug.h" #include "./soap-1.1/soap_envelope.h" #include "./soap-1.1/soap_body.h" +#include "./misc_text_node.h" #include "../lasso_config.h" #ifdef LASSO_WSF_ENABLED #include "./idwsf_strings.h" @@ -72,7 +73,6 @@ static void lasso_node_traversal(LassoNode *node, void (*do_to_node)(LassoNode * static LassoNode* lasso_node_new_from_xmlNode_with_type(xmlNode *xmlnode, char *typename); static void lasso_node_remove_original_xmlnode(LassoNode *node, SnippetType type); -static xmlNs * get_or_define_ns(xmlNode *xmlnode, xmlChar *ns_uri); GHashTable *dst_services_by_href = NULL; /* ID-WSF 1 extra DST services, indexed on href */ GHashTable *dst_services_by_prefix = NULL; /* ID-WSF 1 extra DST services, indexed on prefix */ @@ -1191,7 +1191,6 @@ lasso_node_traversal(LassoNode *node, void (*do_to_node)(LassoNode *node, Snippe type = snippet->type & 0xff; switch (type) { case SNIPPET_NODE: - case SNIPPET_NAME_IDENTIFIER: case SNIPPET_NODE_IN_CHILD: lasso_node_traversal(*value, do_to_node, snippet->type); break; @@ -1206,6 +1205,8 @@ lasso_node_traversal(LassoNode *node, void (*do_to_node)(LassoNode *node, Snippe } } break; + case SNIPPET_UNUSED1: + g_assert_not_reached(); default: break; } @@ -1273,6 +1274,105 @@ cleanup: return rc; } +static inline gboolean +lasso_equal_namespace(xmlNs *t1, xmlNs *t2) { + return t1 && t2 && (t1 == t2 || + lasso_strisequal((char*)t1->href, (char*)t2->href)); +} + +static void +snippet_set_value(LassoNode *node, LassoNodeClass *class, struct XmlSnippet *snippet, xmlChar *content) { + void *value; + GType g_type = G_TYPE_FROM_CLASS(class); + + /* If not offset, it means it is handled by an adhoc init_from_xml */ + if (! snippet->offset && ! (snippet->type & SNIPPET_PRIVATE)) { + return; + } + value = SNIPPET_STRUCT_MEMBER_P(node, g_type, snippet); + if (snippet->type & SNIPPET_INTEGER) { + int val = strtol((char*)content, NULL, 10); + if (((val == LONG_MIN || val == LONG_MAX) && errno == ERANGE) + || errno == EINVAL || val < 0) { + if (snippet->type & SNIPPET_OPTIONAL_NEG) { + val = -1; + } else { + val = 0; + } + } + (*(int*)value) = val; + } else if (snippet->type & SNIPPET_BOOLEAN) { + int val = 0; + if (strcmp((char*)content, "true") == 0) { + val = 1; + } else if (strcmp((char*)content, "1") == 0) { + val = 1; + } + (*(int*)value) = val; + } else { + lasso_assign_string((*(char**)value), (char*)content); + if (lasso_flag_memory_debug == TRUE) { + fprintf(stderr, " setting prop %s/%s to value %p: %s\n", + G_OBJECT_TYPE_NAME(node), snippet->name, *(void**)value, (char*)content); + } + } +} + +gboolean +next_node_snippet(GSList **class_iter_p, struct XmlSnippet **snippet_p) +{ + while (*class_iter_p) { + if (*snippet_p) { + if ((*snippet_p)->name) { + SnippetType type = (*snippet_p)->type; + /* special case for ArtifactResponse */ + if (type & SNIPPET_ANY && (type & 0xff) == SNIPPET_NODE) + return TRUE; + if (! (type & SNIPPET_ANY) && (*snippet_p)->name[0] != '\0') { + switch (type & 0xff) { + case SNIPPET_NODE: + case SNIPPET_NODE_IN_CHILD: + case SNIPPET_LIST_XMLNODES: + case SNIPPET_LIST_CONTENT: + case SNIPPET_LIST_NODES: + case SNIPPET_EXTENSION: + case SNIPPET_XMLNODE: + case SNIPPET_CONTENT: + case SNIPPET_SIGNATURE: + return TRUE; + default: + break; + } + } + ++*snippet_p; + } else { + *class_iter_p = g_slist_next(*class_iter_p); + *snippet_p = NULL; + } + } else { + *snippet_p = ((LassoNodeClass*)(*class_iter_p)->data) + ->node_data->snippets; + } + } + return FALSE; +} + +static inline gboolean +is_snippet_type(struct XmlSnippet *snippet, SnippetType simple_type) { + return (snippet->type & 0xff) == simple_type; +} + +static inline gboolean +node_match_snippet(xmlNode *parent, xmlNode *node, struct XmlSnippet *snippet) +{ + /* special case of ArtifactResponse */ + if (snippet->type & SNIPPET_ANY) + return TRUE; + return (lasso_strisequal(snippet->name, (char*)node->name) + && ((!snippet->ns_uri && lasso_equal_namespace(parent->ns, node->ns)) || + (node->ns && lasso_strisequal((char*)node->ns->href, snippet->ns_uri)))); +} + /** FIXME: return a real error code */ static int lasso_node_impl_init_from_xml(LassoNode *node, xmlNode *xmlnode) @@ -1287,271 +1387,303 @@ lasso_node_impl_init_from_xml(LassoNode *node, xmlNode *xmlnode) GType g_type_collect_namespaces, g_type_any, g_type_any_attribute; struct XmlSnippet *snippet_collect_namespaces = NULL; struct XmlSnippet *snippet_signature = NULL; - GSList *unknown_nodes = NULL; - GSList *known_attributes = NULL; gboolean keep_xmlnode = FALSE; + GSList *class_list = NULL; + GSList *class_iter = NULL; + xmlAttr *attr = NULL; + GType g_type = 0; + LassoNodeClass *node_class; - class = LASSO_NODE_GET_CLASS(node); - - /* What do you want me to initialize ? */ if (! xmlnode) return 1; + node_class = class = LASSO_NODE_GET_CLASS(node); /* No node_data no initialization possible */ if (! class->node_data) { - message(G_LOG_LEVEL_WARNING, "Class %s has no node_data so no initialization is possible", G_OBJECT_CLASS_NAME(class)); + message(G_LOG_LEVEL_WARNING, "Class %s has no node_data so no initialization " + "is possible", G_OBJECT_CLASS_NAME(class)); return 0; } - if (lasso_flag_memory_debug == TRUE) { - fprintf(stderr, "Initializing %s (at %p)\n", G_OBJECT_TYPE_NAME(node), node); - } - - while (class && LASSO_IS_NODE_CLASS(class) && class->node_data) { - GType g_type = G_TYPE_FROM_CLASS(class); - - lasso_trace(" initializing %s\n", G_OBJECT_CLASS_NAME(class)); - - /* reduce keep_xmlnode flags */ - keep_xmlnode |= class->node_data->keep_xmlnode; - - for (t = xmlnode->children; t; t = t->next) { - if (t->type == XML_TEXT_NODE) { - for (snippet = class->node_data->snippets; - snippet && snippet->name; snippet++) { - GList **location = NULL; - - type = snippet->type & 0xff; - value = SNIPPET_STRUCT_MEMBER_P(node, g_type, snippet); - - if (type == SNIPPET_LIST_XMLNODES) { - location = value; - *location = g_list_append( - *location, xmlCopyNode(t, 1)); - trace_snippet(" adding xmlNode %p", g_list_last(*location)->data); - } else if (type == SNIPPET_LIST_NODES && - snippet->type & SNIPPET_ALLOW_TEXT) { - LassoNode *text_node; - text_node = lasso_node_new_from_xmlNode_with_type(t, - "LassoMiscTextNode"); - location = value; - *location = g_list_append(*location, text_node); - trace_snippet(" adding LassoMiscTextNode %p", text_node); - } - continue; - } - continue; - } - - if (t->type != XML_ELEMENT_NODE) - continue; - - for (snippet = class->node_data->snippets; - snippet && snippet->name; snippet++) { - void *tmp = NULL; + /* Collect special snippets like SNIPPET_COLLECT_NAMESPACES, SNIPPET_ANY, SNIPPET_ATTRIBUTE + * or SNIPPET_SIGNATURE, and initialize class_list in reverse. */ + while (class && LASSO_IS_NODE_CLASS(class)) { + if (class->node_data) { + GType g_type = G_TYPE_FROM_CLASS(class); + keep_xmlnode |= class->node_data->keep_xmlnode; + if (class->node_data->snippets) + class_list = g_slist_prepend(class_list, class); + for (snippet = class->node_data->snippets; snippet && snippet->name; snippet++) { type = snippet->type & 0xff; - value = SNIPPET_STRUCT_MEMBER_P(node, g_type, snippet); - if ((snippet->type & SNIPPET_ANY) && type != SNIPPET_ATTRIBUTE) { - g_type_any = g_type; - snippet_any = snippet; - } - - if (strcmp((char*)t->name, snippet->name) != 0 && snippet->name[0]) - continue; - - if (type == SNIPPET_NODE) { - tmp = lasso_node_new_from_xmlNode_with_type(t, - snippet->class_name); - } else if (type == SNIPPET_NODE_IN_CHILD) { - xmlNode *t2 = t->children; - while (t2 && t2->type != XML_ELEMENT_NODE) - t2 = t2->next; - if (t2) { - tmp = lasso_node_new_from_xmlNode_with_type(t2, - snippet->class_name); - } - } else if (type == SNIPPET_CONTENT) { - tmp = xmlNodeGetContent(t); - } else if (type == SNIPPET_NAME_IDENTIFIER) { - tmp = lasso_saml_name_identifier_new_from_xmlNode(t); - } else if (type == SNIPPET_LIST_NODES) { - GList **location = value; - LassoNode *n; - n = lasso_node_new_from_xmlNode_with_type(t, - snippet->class_name); - if (n == NULL && snippet_any == snippet) { - /* unknown, can be text or node -> make a - * LassoMiscTextNode */ - n = lasso_node_new_from_xmlNode_with_type(t, - "LassoMiscTextNode"); - } - if (n && snippet->type & SNIPPET_KEEP_XMLNODE && - ! LASSO_NODE_GET_CLASS(n)->node_data->keep_xmlnode) { - lasso_node_set_original_xmlnode(n, t); - } - - if (n) { - *location = g_list_append(*location, n); - trace_snippet(" adding %p of type %s(%s) to ", - n, G_OBJECT_TYPE_NAME(n), - snippet->class_name); - } else { - /* failed to do sth with */ - message(G_LOG_LEVEL_WARNING, - "Failed to do sth with %s", - t->name); - } - } else if (type == SNIPPET_LIST_CONTENT) { - GList **location = value; - xmlChar *s = xmlNodeGetContent(t); - lasso_list_add_string(*location, (char*)s); - trace_snippet(" adding text %s as content to ", s); - lasso_release_xml_string(s); - } else if (type == SNIPPET_EXTENSION || - type == SNIPPET_LIST_XMLNODES) { - GList **location = value; - *location = g_list_append(*location, xmlCopyNode(t, 1)); - trace_snippet(" adding xmlNode %p to ", g_list_last(*location)->data); - } else if (type == SNIPPET_XMLNODE) { - tmp = xmlCopyNode(t, 1); - } else if (type == SNIPPET_COLLECT_NAMESPACES) { - /* Collect namespaces on the children t */ - _lasso_node_collect_namespaces(value, t); - } - - if (tmp == NULL) - break; - - if (type == SNIPPET_XMLNODE || type == SNIPPET_NODE || type == SNIPPET_NODE_IN_CHILD || type == - SNIPPET_NAME_IDENTIFIER) { - if (snippet->type & SNIPPET_KEEP_XMLNODE && ! - LASSO_NODE_GET_CLASS(tmp)->node_data->keep_xmlnode) - { - lasso_trace(" setting original xmlNode of %p (%s) to %p", tmp, G_OBJECT_TYPE_NAME(tmp), t) - lasso_node_set_original_xmlnode(tmp, t); - } - if (type == SNIPPET_XMLNODE) { - trace_snippet(" setting xmlNode %p as ", tmp); - } else { - trace_snippet(" setting %p of type %s (wanted %s) as ", tmp, - G_OBJECT_TYPE_NAME(tmp), - snippet->class_name); - } - *(void**)value = tmp; - tmp = NULL; - } else if (snippet->type & SNIPPET_INTEGER) { - int val = strtol(tmp, NULL, 10); - if (((val == LONG_MIN || val == LONG_MAX) && errno == ERANGE) - || errno == EINVAL || val < 0) { - if (snippet->type & SNIPPET_OPTIONAL_NEG) { - val = -1; - } else { - val = 0; - } - } - (*(int*)value) = val; - trace_snippet(" setting integer %i for ", val); - xmlFree(tmp); - tmp = NULL; - } else if (snippet->type & SNIPPET_BOOLEAN) { - int val = 0; - if (strcmp((char*)tmp, "true") == 0) { - val = 1; - } else if (strcmp((char*)tmp, "1") == 0) { - val = 1; - } - trace_snippet(" setting bool %s for ", val ? "TRUE" : "FALSE"); - (*(int*)value) = val; - xmlFree(tmp); - tmp = NULL; - } else { - lasso_release_string(*(char**)value); - *(char**)value = g_strdup(tmp); - trace_snippet(" setting text %s as value for ", (char*)tmp); - if (lasso_flag_memory_debug == TRUE) { - fprintf(stderr, " setting field %s/%s to value %p: %s\n", G_OBJECT_TYPE_NAME(node), snippet->name, *(void**)value, (char*)tmp); - } - lasso_release_xml_string((*(xmlChar**)&tmp)); - tmp = NULL; - } - - break; - } - if ((snippet == NULL || snippet->name == NULL) && snippet_any) { - if (g_slist_find(unknown_nodes, t) == NULL) - unknown_nodes = g_slist_append(unknown_nodes, t); - } else { - unknown_nodes = g_slist_remove(unknown_nodes, t); - } - } - - for (snippet = class->node_data->snippets; snippet && snippet->name; snippet++) { - void *tmp = NULL; - type = snippet->type & 0xff; - - value = SNIPPET_STRUCT_MEMBER_P(node, g_type, snippet); - if (snippet->name && snippet->name[0] == '\0' && type == - SNIPPET_COLLECT_NAMESPACES) { - snippet_collect_namespaces = snippet; - g_type_collect_namespaces = g_type; - } - - if (type == SNIPPET_SIGNATURE) { - snippet_signature = snippet; - } - - if (type == SNIPPET_ATTRIBUTE) { - if (snippet->type & SNIPPET_ANY) { + if (snippet->name && snippet->name[0] == '\0' && type == + SNIPPET_COLLECT_NAMESPACES) { + snippet_collect_namespaces = snippet; + g_type_collect_namespaces = g_type; + } else if (type == SNIPPET_SIGNATURE) { + snippet_signature = snippet; + } else if (type == SNIPPET_ATTRIBUTE && snippet->type & SNIPPET_ANY) { g_type_any_attribute = g_type; snippet_any_attribute = snippet; - continue; - } - tmp = xmlGetProp(xmlnode, (xmlChar*)snippet->name); - known_attributes = g_slist_append(known_attributes, snippet->name); - } - if (type == SNIPPET_TEXT_CHILD) - tmp = xmlNodeGetContent(xmlnode); - if (tmp == NULL) - continue; - - if (snippet->type & SNIPPET_INTEGER) { - int val = strtol(tmp, NULL, 10); - if (((val == LONG_MIN || val == LONG_MAX) && errno == ERANGE) - || errno == EINVAL || val < 0) { - if (snippet->type & SNIPPET_OPTIONAL_NEG) { - val = -1; + } else if (type == SNIPPET_TEXT_CHILD) { + xmlChar *tmp = xmlNodeGetContent(xmlnode); + snippet_set_value(node, class, snippet, tmp); + lasso_release_xml_string(tmp); + } else if (type != SNIPPET_ATTRIBUTE && type != SNIPPET_NODE && snippet->type & SNIPPET_ANY) { + if (! snippet_any) { + g_type_any = g_type; + snippet_any = snippet; } else { - val = 0; + critical("Two any node snippet for class %s", + g_type_name(G_TYPE_FROM_INSTANCE(node))); } } - (*(int*)value) = val; - } else if (snippet->type & SNIPPET_BOOLEAN) { - int val = 0; - if (strcmp((char*)tmp, "true") == 0) { - val = 1; - } else if (strcmp((char*)tmp, "1") == 0) { - val = 1; - } - (*(int*)value) = val; - } else { - lasso_assign_string((*(char**)value), tmp); - if (lasso_flag_memory_debug == TRUE) { - fprintf(stderr, " setting prop %s/%s to value %p: %s\n", - G_OBJECT_TYPE_NAME(node), snippet->name, *(void**)value, (char*)tmp); - } } - xmlFree(tmp); } - class = g_type_class_peek_parent(class); } - /* If any parent asked for keeping the current xmlnode, keep it around */ + /* If any class asked for keeping the xmlNode, keep it around */ if (keep_xmlnode) { lasso_node_set_original_xmlnode(node, xmlnode); } + /** Collect attributes */ + for (attr = xmlnode->properties; attr; attr = attr->next) { + xmlChar *content; + content = xmlNodeGetContent((xmlNode*)attr); + int ok = 0; + + /* Skip xsi:type if it was used to find the node class */ + if (attr->ns && lasso_strisequal((char*)attr->name, "type") && + lasso_strisequal((char*)attr->ns->href, LASSO_XSI_HREF)) { + char *colon = strchr((char*)content, ':'); + xmlNs *ns; + *colon = '\0'; + ns = xmlSearchNs(NULL, xmlnode, content); + *colon = ':'; + if (ns && lasso_strisequal((char*)ns->href, (char*)node_class->node_data->ns->href) + && lasso_strisequal(&colon[1], node_class->node_data->node_name)) { + lasso_release_xml_string(content); + continue; + } + } + + for (class_iter = class_list; class_iter; class_iter = class_iter->next) { + class = class_iter->data; + for (snippet = class->node_data->snippets; + snippet && snippet->name; snippet++) { + type = snippet->type & 0xff; + /* assign attribute content if attribute has the same name as the + * snippet and: + * - the snippet and the attribute have no namespace + * - the snippet has no namespace but the attribute has the same + * namespace as the node + * - the snippet and the node have a namespace, which are equal. + */ + if (type != SNIPPET_ATTRIBUTE) + continue; + if (! lasso_strisequal((char*)attr->name, (char*)snippet->name)) + continue; + if (attr->ns) { + gboolean same_namespace, given_namespace; + + same_namespace = lasso_equal_namespace(attr->ns, + xmlnode->ns) && ! snippet->ns_uri; + given_namespace = snippet->ns_uri && + lasso_strisequal((char*)attr->ns->href, + snippet->ns_uri); + if (! same_namespace && ! given_namespace) + break; + } + snippet_set_value(node, class, snippet, content); + ok = 1; + break; + } + } + if (! ok && attr->ns && snippet_any_attribute) { + GHashTable **any_attribute; + gchar *key; + + any_attribute = SNIPPET_STRUCT_MEMBER_P(node, g_type_any_attribute, + snippet_any_attribute); + if (*any_attribute == NULL) { + *any_attribute = g_hash_table_new_full(g_str_hash, g_str_equal, + g_free, g_free); + } + if (lasso_equal_namespace(attr->ns, xmlnode->ns)) { + key = g_strdup((char*)attr->name); + } else { + key = g_strdup_printf("{%s}%s", attr->ns->href, attr->name); + } + g_hash_table_insert(*any_attribute, key, g_strdup((char*)content)); + lasso_release_xml_string(content); + } else if (! ok) { + warning("lasso_node_impl_init_from_xml: Unexpected attribute: {%s}%s = %s", + attr->ns ? attr->ns->href : NULL, attr->name, content); + } + lasso_release_xml_string(content); + } + + /* Collect children nodes in reverse order of class parents (older parent first), skip non + * node and ANY snippets) */ + class_iter = class_list; + snippet = ((LassoNodeClass*)class_iter->data)->node_data->snippets; + next_node_snippet(&class_iter, &snippet); + for (t = xmlnode->children; t && class_iter && snippet; t = t->next) { + /* Only collect text node if: + * - there is a LIST_XMLNODES any snippet + * - there is a LIST_NODES any snippet with the ALLOW_TEXT modifier + */ + if (t->type == XML_TEXT_NODE && snippet_any && + (is_snippet_type(snippet_any, SNIPPET_LIST_XMLNODES) + || (is_snippet_type(snippet_any, SNIPPET_LIST_NODES) && + (snippet_any->type & SNIPPET_ALLOW_TEXT)))) { + GList **location = SNIPPET_STRUCT_MEMBER_P(node, g_type_any, snippet_any); + if (is_snippet_type(snippet_any, SNIPPET_LIST_XMLNODES)) { + lasso_list_add_xml_node(*location, t); + } else { + lasso_list_add_new_gobject(*location, + lasso_node_new_from_xmlNode_with_type(t, + "LassoMiscTextNode")); + } + } else if (t->type == XML_COMMENT_NODE || t->type == XML_PI_NODE || t->type == XML_TEXT_NODE) { + /* ignore comments */ + continue; + } else if (t->type == XML_ELEMENT_NODE) { + LassoNode *subnode = NULL; + xmlNode *first_child = NULL; + GList **list = NULL; + xmlChar *content = NULL; + + /* Find a matching snippet */ + while (class_iter && ! node_match_snippet(xmlnode, t, snippet)) { + snippet++; + next_node_snippet(&class_iter, &snippet); + } + if (! class_iter) { + /* If we cannot find one, terminate here. */ + break; + } + class = class_iter->data; + g_type = G_TYPE_FROM_CLASS(class); + value = SNIPPET_STRUCT_MEMBER_P(node, g_type, snippet); + list = value; + + if (snippet->offset || (snippet->type & SNIPPET_PRIVATE)) { + switch (snippet->type & 0xff) { + case SNIPPET_LIST_NODES: + case SNIPPET_NODE: + subnode = lasso_node_new_from_xmlNode_with_type(t, + snippet->class_name); + if (is_snippet_type(snippet, SNIPPET_NODE)) { + lasso_assign_new_gobject(*(LassoNode**)value, subnode); + } else { + lasso_list_add_new_gobject(*list, subnode); + } + break; + case SNIPPET_NODE_IN_CHILD: + first_child = xmlSecGetNextElementNode(t->children); + if (first_child) { + subnode = lasso_node_new_from_xmlNode_with_type(first_child, + snippet->class_name); + lasso_assign_new_gobject(*(LassoNode**)value, subnode); + } + break; + case SNIPPET_XMLNODE: + lasso_assign_xml_node(*(xmlNode**)value, t); + break; + case SNIPPET_LIST_XMLNODES: + case SNIPPET_EXTENSION: + lasso_list_add_xml_node(*list, t); + break; + case SNIPPET_CONTENT: + case SNIPPET_LIST_CONTENT: + content = xmlNodeGetContent(t); + if (is_snippet_type(snippet, SNIPPET_CONTENT)) { + snippet_set_value(node, class, snippet, content); + } else { /* only list of string-like xsd:type supported */ + lasso_list_add_string(*list, (char*)content); + } + lasso_release_xml_string(content); + break; + case SNIPPET_SIGNATURE: + /* We ignore it */ + break; + default: + g_assert_not_reached(); + + } + } + /* When creating a new LassoNode and option KEEP_XMLNODE is present, + * we attached the xmlNode to the LassoNode */ + if (subnode && (snippet->type & SNIPPET_KEEP_XMLNODE)) { + lasso_node_set_original_xmlnode(subnode, t); + } + switch (snippet->type & 0xff) { + case SNIPPET_NODE: + case SNIPPET_NODE_IN_CHILD: + case SNIPPET_XMLNODE: + case SNIPPET_CONTENT: + case SNIPPET_SIGNATURE: + /* Only one node to read, advance ! */ + ++snippet; + next_node_snippet(&class_iter, &snippet); + break; + default: + break; + } + } else { + g_assert_not_reached(); + } + } + if (t) { /* t is an ELEMENT that dont match any snippet, when taken in order */ + if (snippet_any && is_snippet_type(snippet_any, SNIPPET_LIST_XMLNODES)) { + value = SNIPPET_STRUCT_MEMBER_P(node, g_type_any, snippet_any); + GList **list = value; + for (; t; t = t->next) { + lasso_list_add_xml_node(*list, t); + } + } else if (snippet_any && is_snippet_type(snippet_any, SNIPPET_LIST_NODES)) { + value = SNIPPET_STRUCT_MEMBER_P(node, g_type_any, snippet_any); + GList **list = value; + for (; t; t = t->next) { + LassoNode *subnode = NULL; + + if (t->type == XML_TEXT_NODE && (snippet_any->type & + SNIPPET_ALLOW_TEXT)) { + lasso_list_add_new_gobject(*list, + lasso_node_new_from_xmlNode_with_type(t, + "LassoMiscTextNode")); + } else if (t->type == XML_ELEMENT_NODE) { + subnode = lasso_node_new_from_xmlNode_with_type(t, + snippet_any->class_name); + if (subnode && (snippet_any->type & SNIPPET_KEEP_XMLNODE)) { + lasso_node_set_original_xmlnode(subnode, t); + } + if (! subnode) { + subnode = (LassoNode*) + lasso_misc_text_node_new_with_xml_node(t); + } + lasso_list_add_new_gobject(*list, subnode); + } + } + } else if (snippet_any) { + g_assert_not_reached(); + } else { + for (; t; t = t->next) { + if (t->type == XML_ELEMENT_NODE) { + critical("lasso_node_impl_init_from_xml: Cannot match " + "element {%s}%s with a snippet of " + "class %s", + t->ns ? t->ns->href : NULL, t->name, + g_type_name(G_TYPE_FROM_INSTANCE(node))); + return 1; + } + } + } + } + /* Collect namespaces on the current node */ if (snippet_collect_namespaces) { void *value = SNIPPET_STRUCT_MEMBER_P(node, g_type_collect_namespaces, @@ -1594,62 +1726,13 @@ lasso_node_impl_init_from_xml(LassoNode *node, xmlNode *xmlnode) signature_context.signature_key = lasso_xmlsec_load_private_key((char*) private_key, (char*) private_key_password, method, (char*) certificate); lasso_node_set_signature(node, signature_context); + break; } lasso_release_xml_string(private_key); lasso_release_xml_string(private_key_password); lasso_release_xml_string(certificate); } - /* Collect other children */ - if (unknown_nodes && snippet_any) { - xmlNode *t = unknown_nodes->data; - void *tmp; - value = SNIPPET_STRUCT_MEMBER_P(node, g_type_any, snippet_any); - tmp = lasso_node_new_from_xmlNode_with_type(t, snippet_any->class_name); - (*(char**)value) = tmp; - } - - /* Collect other attributes */ - if (snippet_any_attribute) { - GHashTable **any_attribute; - GSList *tmp_attr; - xmlAttr *node_attr; - - - any_attribute = SNIPPET_STRUCT_MEMBER_P(node, g_type_any_attribute, snippet_any_attribute); - if (*any_attribute == NULL) { - *any_attribute = g_hash_table_new_full( - g_str_hash, g_str_equal, g_free, g_free); - } - - for (node_attr = xmlnode->properties; node_attr; node_attr = node_attr->next) { - xmlChar *attr_name = (xmlChar*)node_attr->name; - gboolean known_attr = FALSE; - for (tmp_attr = known_attributes; tmp_attr; - tmp_attr = g_slist_next(tmp_attr)) { - if (strcmp(tmp_attr->data, (char*)attr_name) == 0) { - known_attr = TRUE; - break; - } - } - if (known_attr == FALSE) { - xmlChar *tmp = xmlGetProp(xmlnode, attr_name); - g_hash_table_insert(*any_attribute, - g_strdup((char*)attr_name), g_strdup((char*)tmp)); - xmlFree(tmp); - } - } - - } - - if (unknown_nodes) { - g_slist_free(unknown_nodes); - } - - if (known_attributes) { - g_slist_free(known_attributes); - } - return 0; } #undef trace_snippet @@ -1711,41 +1794,46 @@ lasso_node_impl_get_xmlNode(LassoNode *node, gboolean lasso_dump) LassoNodeClass *class = LASSO_NODE_GET_CLASS(node); LassoNodeClass *version_class = NULL; xmlNode *xmlnode; - xmlNs *ns; - GList *list_ns = NULL, *list_classes = NULL, *t; + xmlNs *ns = NULL; + GSList *list_classes = NULL, *iter_classes = NULL; LassoNode *value_node; struct XmlSnippet *version_snippet; struct _CustomElement *custom_element; - LassoNodeClass *node_data_class = class; + LassoNodeClass *xsi_sub_type_data_class = NULL; + LassoNodeClass *node_name_class = class; - while (node_data_class && node_data_class->node_data != NULL && node_data_class->node_data->node_name == NULL) { - node_data_class = g_type_class_peek_parent(node_data_class); + while (node_name_class->node_data->xsi_sub_type) { + node_name_class= g_type_class_peek_parent(node_name_class); } - if (! node_data_class || node_data_class->node_data == NULL || - node_data_class->node_data->node_name == NULL) - return NULL; + if (node_name_class != class) { + xsi_sub_type_data_class = class; + } + g_assert(node_name_class && node_name_class->node_data && + node_name_class->node_data->node_name); - xmlnode = xmlNewNode(NULL, (xmlChar*)node_data_class->node_data->node_name); + /* Create node in its namespace */ + xmlnode = xmlNewNode(NULL, (xmlChar*)node_name_class->node_data->node_name); + if (node_name_class->node_data->ns) { + ns = get_or_define_ns(xmlnode, node_name_class->node_data->ns->href, + node_name_class->node_data->ns->prefix); + xmlSetNs(xmlnode, ns); + } + /* If subtype, set an xsi:type attribute */ + if (xsi_sub_type_data_class) { + set_xsi_type(xmlnode, + xsi_sub_type_data_class->node_data->ns->prefix, + xsi_sub_type_data_class->node_data->ns->href, + BAD_CAST xsi_sub_type_data_class->node_data->node_name); + } custom_element = _lasso_node_get_custom_element(node); - /* collect namespaces in the order of ancestor classes, nearer first */ - while (class && LASSO_IS_NODE_CLASS(class) && class->node_data) { - if (class->node_data->ns && (! custom_element || ! custom_element->href || class != LASSO_NODE_GET_CLASS(node))) - list_ns = g_list_append(list_ns, class->node_data->ns); - list_classes = g_list_append(list_classes, class); + + /* collect all classes in reverse order */ + while (class && LASSO_IS_NODE_CLASS(class)) { + if (class->node_data && class->node_data->snippets) + list_classes = g_slist_prepend(list_classes, class); class = g_type_class_peek_parent(class); } - /* create the namespaces */ - t = g_list_first(list_ns); - while (t) { - ns = t->data; - xmlNewNs(xmlnode, ns->href, ns->prefix); - t = g_list_next(t); - } - lasso_release_list(list_ns); - /* first NS defined is the namespace of the element */ - xmlSetNs(xmlnode, xmlnode->nsDef); - /* set a custom namespace if one is found */ if (custom_element != NULL) { if (custom_element->href) { @@ -1785,14 +1873,13 @@ lasso_node_impl_get_xmlNode(LassoNode *node, gboolean lasso_dump) } - t = g_list_last(list_classes); - while (t) { - class = t->data; - lasso_node_build_xmlNode_from_snippets(node, (LassoNodeClass*)class, xmlnode, - class->node_data->snippets, lasso_dump); - t = g_list_previous(t); + for (iter_classes = list_classes; iter_classes; iter_classes = g_slist_next(iter_classes)) { + class = iter_classes->data; + lasso_node_build_xmlNode_from_snippets(node, + (LassoNodeClass*)class, xmlnode, + class->node_data->snippets, + lasso_dump); } - lasso_release_list(list_classes); xmlCleanNs(xmlnode); @@ -1819,6 +1906,7 @@ lasso_node_impl_get_xmlNode(LassoNode *node, gboolean lasso_dump) } } + g_slist_free(list_classes); return xmlnode; } @@ -1846,6 +1934,8 @@ lasso_node_dispose(GObject *object) void **value = SNIPPET_STRUCT_MEMBER_P(object, G_TYPE_FROM_CLASS(class), snippet); type = snippet->type & 0xff; + if (! snippet->offset && ! (snippet->type & SNIPPET_PRIVATE)) + continue; if (snippet->type & SNIPPET_BOOLEAN) continue; if (snippet->type & SNIPPET_INTEGER) @@ -1860,7 +1950,6 @@ lasso_node_dispose(GObject *object) } switch (type) { case SNIPPET_NODE: - case SNIPPET_NAME_IDENTIFIER: case SNIPPET_NODE_IN_CHILD: lasso_release_gobject(*value); break; @@ -2530,23 +2619,6 @@ lasso_node_class_set_ns(LassoNodeClass *klass, char *href, char *prefix) klass->node_data->ns = xmlNewNs(NULL, (xmlChar*)href, (xmlChar*)prefix); } -static xmlNs * -get_or_define_ns(xmlNode *xmlnode, xmlChar *ns_uri) { - xmlNs *ns; - char prefix[10]; - int i = 1; - - ns = xmlSearchNsByHref(NULL, xmlnode, ns_uri); - if (ns) - return ns; - do { - sprintf(prefix, "ns%u", i); - i++; - ns = xmlSearchNs(NULL, xmlnode, BAD_CAST prefix); - } while (ns); - return xmlNewNs(xmlnode, ns_uri, BAD_CAST prefix); -} - static void snippet_dump_any(gchar *key, gchar *value, xmlNode *xmlnode) { @@ -2564,13 +2636,32 @@ snippet_dump_any(gchar *key, gchar *value, xmlNode *xmlnode) return; } ns_uri = g_strndup(key+1, end-(key+1)); - ns = get_or_define_ns(xmlnode, BAD_CAST ns_uri); - xmlSetNsProp(xmlnode, ns, BAD_CAST key, BAD_CAST value); + ns = get_or_define_ns(xmlnode, BAD_CAST ns_uri, NULL); + xmlSetNsProp(xmlnode, ns, BAD_CAST &end[1], BAD_CAST value); } else { xmlSetProp(xmlnode, BAD_CAST key, BAD_CAST value); } } +static void +apply_snippet_ns(struct XmlSnippet *snippet, xmlNode *xmlnode) +{ + xmlNs *ns; + + if (! xmlnode) + return; + if (snippet->ns_uri) { + if (! xmlnode->ns || !lasso_strisequal((char*)xmlnode->ns->href, (char*)snippet->ns_uri)) { + ns = get_or_define_ns(xmlnode, BAD_CAST snippet->ns_uri, BAD_CAST snippet->ns_name); + xmlSetNs(xmlnode, ns); + } + /* If not a any snippet, apply given Name, what about xsi:type ? */ + } + if (! (snippet->type & SNIPPET_ANY) && ! lasso_strisempty(snippet->name) && + lasso_strisnotequal((char*)xmlnode->name, (char*)snippet->name)) + xmlNodeSetName(xmlnode, BAD_CAST snippet->name); +} + static void lasso_node_build_xmlNode_from_snippets(LassoNode *node, LassoNodeClass *class, xmlNode *xmlnode, struct XmlSnippet *snippets, gboolean lasso_dump) @@ -2579,17 +2670,21 @@ lasso_node_build_xmlNode_from_snippets(LassoNode *node, LassoNodeClass *class, x SnippetType type; GType g_type; xmlNode *t; - xmlNs *xmlns; GList *elem; struct XmlSnippet *snippet_any_attribute = NULL; g_type = G_TYPE_FROM_CLASS(class); for (snippet = snippets; snippet && snippet->name; snippet++) { - void *value = SNIPPET_STRUCT_MEMBER(void *, node, g_type, snippet); - char *str = value; - type = snippet->type & 0xff; + void *value; + char *str; + if (! snippet->offset && ! (snippet->type & SNIPPET_PRIVATE)) { + continue; + } + type = snippet->type & 0xff; + value = SNIPPET_STRUCT_MEMBER(void *, node, g_type, snippet); + str = value; if (lasso_dump == FALSE && snippet->type & SNIPPET_LASSO_DUMP) continue; @@ -2629,23 +2724,13 @@ lasso_node_build_xmlNode_from_snippets(LassoNode *node, LassoNodeClass *class, x { xmlNode *t2; t2 = lasso_node_get_xmlNode(LASSO_NODE(value), lasso_dump); - if (snippet->name && ! (snippet->type & SNIPPET_ANY)) { - xmlNodeSetName(t2, (xmlChar*)snippet->name); - } + apply_snippet_ns(snippet, t2); xmlAddChild(xmlnode, t2); } break; case SNIPPET_CONTENT: xmlNewTextChild(xmlnode, NULL, (xmlChar*)snippet->name, (xmlChar*)str); break; - case SNIPPET_NAME_IDENTIFIER: - xmlns = xmlNewNs(NULL, (xmlChar*)LASSO_LIB_HREF, - (xmlChar*)LASSO_LIB_PREFIX); - t = xmlAddChild(xmlnode, lasso_node_get_xmlNode( - LASSO_NODE(value), lasso_dump)); - xmlNodeSetName(t, (xmlChar*)snippet->name); - xmlSetNs(t, xmlns); - break; case SNIPPET_NODE_IN_CHILD: t = xmlNewTextChild(xmlnode, NULL, (xmlChar*)snippet->name, NULL); xmlAddChild(t, lasso_node_get_xmlNode( @@ -2657,10 +2742,7 @@ lasso_node_build_xmlNode_from_snippets(LassoNode *node, LassoNodeClass *class, x xmlNode *subnode = lasso_node_get_xmlNode( LASSO_NODE(elem->data), lasso_dump); if (subnode) { - if (snippet->name && snippet->name[0]) { - xmlNodeSetName(subnode, - (xmlChar*)snippet->name); - } + apply_snippet_ns(snippet, subnode); xmlAddChild(xmlnode, subnode); } elem = g_list_next(elem); @@ -2671,15 +2753,11 @@ lasso_node_build_xmlNode_from_snippets(LassoNode *node, LassoNodeClass *class, x * no attrs, just content) */ elem = (GList *)value; while (elem) { - xmlNs *content_ns = NULL; - if (snippet->ns_name) { - content_ns = xmlNewNs(xmlnode, - (const xmlChar*)snippet->ns_uri, - (const xmlChar*)snippet->ns_name); - } - xmlNewTextChild(xmlnode, content_ns, + xmlNode *subnode; + subnode = xmlNewTextChild(xmlnode, NULL, (xmlChar*)snippet->name, (xmlChar*)(elem->data)); + apply_snippet_ns(snippet, subnode); elem = g_list_next(elem); } break; @@ -2708,6 +2786,7 @@ lasso_node_build_xmlNode_from_snippets(LassoNode *node, LassoNodeClass *class, x case SNIPPET_ANY: case SNIPPET_KEEP_XMLNODE: case SNIPPET_PRIVATE: + case SNIPPET_UNUSED1: g_assert_not_reached(); } if (snippet->type & SNIPPET_INTEGER) @@ -2769,11 +2848,17 @@ lasso_node_add_signature_template(LassoNode *node, xmlNode *xmlnode, transform_id, NULL); xmlAddChild(xmlnode, signature); - id = SNIPPET_STRUCT_MEMBER(char *, node, G_TYPE_FROM_CLASS(klass), snippet_signature); - uri = g_strdup_printf("#%s", id); - reference = xmlSecTmplSignatureAddReference(signature, - xmlSecTransformSha1Id, NULL, (xmlChar*)uri, NULL); - lasso_release(uri); + /* Normally the signature is son of the signed node, which holds an Id attribute, but in + * other cases, set snippet->offset to 0 and use xmlSecTmpSignatureAddReference from another + * node get_xmlNode virtual method to add the needed reference. + */ + if (snippet_signature->offset) { + id = SNIPPET_STRUCT_MEMBER(char *, node, G_TYPE_FROM_CLASS(klass), snippet_signature); + uri = g_strdup_printf("#%s", id); + reference = xmlSecTmplSignatureAddReference(signature, + xmlSecTransformSha1Id, NULL, (xmlChar*)uri, NULL); + lasso_release(uri); + } /* add enveloped transform */ xmlSecTmplReferenceAddTransform(reference, xmlSecTransformEnvelopedId); From e2c6b92f3f7dec057700f07836c54f180bf1bada Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Fri, 16 Dec 2011 11:20:24 +0100 Subject: [PATCH 17/17] [tests] fix tests to comply with new implementation of parsing The test around parsing of EncryptedAssertion was wrong since it was missing the XMLEnc namespace declaration. --- bindings/python/tests/profiles_tests.py | 8 ++--- tests/basic_tests.c | 46 ++++++++++++++++++------- 2 files changed, 37 insertions(+), 17 deletions(-) diff --git a/bindings/python/tests/profiles_tests.py b/bindings/python/tests/profiles_tests.py index 45478f02..f5fd4637 100755 --- a/bindings/python/tests/profiles_tests.py +++ b/bindings/python/tests/profiles_tests.py @@ -452,8 +452,8 @@ class AttributeAuthorityTestCase(unittest.TestCase): class LogoutTestCase(unittest.TestCase): def test01(self): '''Test parsing of a logout request with more than one session index''' - content = ''' - me + content = ''' + me id1 id2 id3 @@ -461,8 +461,8 @@ class LogoutTestCase(unittest.TestCase): node = lasso.Samlp2LogoutRequest.newFromXmlNode(content) assert isinstance(node, lasso.Samlp2LogoutRequest) - assert node.sessionIndex == 'id3' - assert node.sessionIndexes == ('id1', 'id2', 'id3') + assert node.sessionIndex == 'id1' + assert node.sessionIndexes == ('id2', 'id3', 'id1') serverSuite = unittest.makeSuite(ServerTestCase, 'test') loginSuite = unittest.makeSuite(LoginTestCase, 'test') diff --git a/tests/basic_tests.c b/tests/basic_tests.c index 406e93b4..a73cc882 100644 --- a/tests/basic_tests.c +++ b/tests/basic_tests.c @@ -62,7 +62,7 @@ END_TEST START_TEST(test03_server_load_dump_random_xml) { LassoServer *serverContext; - begin_check_do_log(G_LOG_LEVEL_CRITICAL, "(xml.c/:2307) Unable to build a LassoNode from a xmlNode", TRUE); + begin_check_do_log(G_LOG_LEVEL_CRITICAL, " Unable to build a LassoNode from a xmlNode", TRUE); serverContext = lasso_server_new_from_dump(""); end_check_do_log(); fail_unless(serverContext == NULL, @@ -1856,21 +1856,21 @@ START_TEST(test10_test_alldumps) #endif /* test deserialization of saml2:EncryptedAssertion" */ const char *encrypted_element_xml[] = { - "\n\ - \ - \ + "\n\ + \ + \ ", - "\n\ - \ - \ + "\n\ + \ + \ ", - "\n\ - \ - \ + "\n\ + \ + \ ", - "\n\ - \ - \ + "\n\ + \ + \ ", NULL }; const char **iter = encrypted_element_xml; while (*iter) { @@ -2027,6 +2027,8 @@ START_TEST(test15_ds_key_info) LassoDsKeyValue *ds_key_value = lasso_ds_key_value_new(); LassoDsX509Data *x509_data = lasso_ds_x509_data_new(); char *dump; + GList list; + LassoNode *node; lasso_ds_x509_data_set_certificate(x509_data, "coucou"); lasso_ds_key_value_set_x509_data(ds_key_value, x509_data); @@ -2036,6 +2038,7 @@ START_TEST(test15_ds_key_info) lasso_release_gobject(ds_key_value); lasso_release_gobject(x509_data); ds_key_info = (LassoDsKeyInfo*)lasso_node_new_from_dump(dump); + lasso_release_string(dump); check_not_null(ds_key_info); check_true(LASSO_IS_DS_KEY_INFO(ds_key_info)); check_not_null(ds_key_info->KeyValue); @@ -2044,7 +2047,24 @@ START_TEST(test15_ds_key_info) check_not_null(x509_data); check_true(LASSO_IS_DS_X509_DATA(x509_data)); check_str_equals(lasso_ds_x509_data_get_certificate(x509_data), "coucou"); + /* LassoSaml2SubjectConfirmation */ + LassoSaml2SubjectConfirmation *sc = (LassoSaml2SubjectConfirmation*) \ + lasso_saml2_subject_confirmation_new(); + LassoSaml2KeyInfoConfirmationDataType *kicdt = (LassoSaml2KeyInfoConfirmationDataType*) \ + lasso_saml2_key_info_confirmation_data_type_new(); + lasso_assign_string(sc->Method, LASSO_SAML2_CONFIRMATION_METHOD_HOLDER_OF_KEY); + lasso_assign_new_gobject(sc->SubjectConfirmationData, &kicdt->parent); + list = (GList){ .data = ds_key_info, .next = NULL, .prev = NULL }; + lasso_saml2_key_info_confirmation_data_type_set_key_info(kicdt, &list); + dump = lasso_node_debug((LassoNode*)sc, 10); + printf("1 %s\n", dump); + lasso_release_gobject(sc); lasso_release_gobject(ds_key_info); + node = lasso_node_new_from_dump(dump); + lasso_release_string(dump); + dump = lasso_node_debug(node, 10); + printf("2 %s\n", dump); + lasso_release_string(dump); } END_TEST