The new implementations of lasso_node_impl_init_from_xml now validate
namespace of all child nodes befores parsing. It stops on any error. For
node which implement their own parsing of an attribute or a node, it
must declare an XmlSnippet with an offset field set to 0. The 0 value is
invalid for public GObject structure (it's the place of the GObject
machinery like the reference count). The 0 offset can be used for
XmlSnippet in a private structure, so never set the offset to 0 with the
flag SNIPPET_PRIVATE, for a field which is parsed by you get_xmlNode
virtual method.
Other ameliorations in this commit is the possibility to set attributes
with namespace when using the flags SNIPPET_ATTRIBUTE|SNIPPET_ANY. The
syntax for an attribute is inspired by the element tree API from Python:
{namespace}attribute_name
an example:
{http://www.w3.org/2001/XMLSchema-instance}type
for the classic xsi:type attribute.
- added new macros SNIPPET_STRUCT_MEMBER and SNIPPET_STRUCT_MEMBER_P
replaces use of G_STRUCT_MEMBER/_P macros.
- we use the GType of the class containing a given XmlSnippet to find
the proper private structure.
- added flag SNIPPET_PRIVATE to state XmlSnippet whose value
should be extracted from the private structure and not the public
one.
When used inside lasso_node_impl_init_from_xml the error logging is
prematurely sent as there is a backup procedure for parsing unknown
nodes inside a SNIPPET_LIST_NODES by creating a LassoMiscTextNode
containing a copy of the parsed xmlNode child.
xmlCopyPropList does not copy the property list into the target it just
copy it with respect to the target (mainly for namespace references).
This patch adds the real copy into the target node.
Code in core source file which depend upon ID-WSF symbols have been
conditionalized, and each id-wsf source file now include directly its
need string header.
Generic signature parameters (attached as qdata to nodes) is now
reloaded when initializing a node from XML for a node type with a
signature snippet in its metadatas.
It fixes the problematic usage of ciphered private keys with the
HTTP-Artifact binding (which needs to keep a copy of the AuthnResponse
around and to sign it later).
The signature parameters are serialized as global attributes from the
http://lasso.entrouvert.org/lasso/namespaces/0.0 named:
SignatureType
SignatureMethod
PrivateKey
PrivateKeyPassword
Certificate
Those two methods allows to associate signature parameters to any node.
They keep it inside the CustomElement quark. Using a private structure
may be more performant.
In order to permit subclass to modify the base xmlNode created by
lasso_node_impl_get_xmlNode we must defer the concrete to the virtual
method wrapper, lasso_node_get_xmlNode.
To do that it whas needed to make id_attribute another virtual field of
LassoNode subclasses (it can be accessed through an offset registered in
the class object).
This commit solves signature validation error since the patch for
managing more than one SessionIndex element in samlp2:LogoutRequest.
It also factorize the creation of signatures in one place.
We only looked to the keep_xmlnode flag in the node data of the top
level class, but any parent class can set this flag and in this case we
must honor it too.
Benjamin Dauvergne
Thomas NOËL
Jérôme Schneider