#define SHIB_INSTANTIATE
#include "internal.h"
-#include <log4cpp/Category.hh>
+#include "shib-threads.h"
+
#include <openssl/err.h>
using namespace saml;
using namespace log4cpp;
using namespace std;
-SAML_EXCEPTION_FACTORY(UnsupportedProtocolException);
SAML_EXCEPTION_FACTORY(MetadataException);
+SAML_EXCEPTION_FACTORY(CredentialException);
+SAML_EXCEPTION_FACTORY(InvalidHandleException);
namespace {
- ShibInternalConfig g_config;
+ ShibConfig g_config;
+ vector<Mutex*> g_openssl_locks;
}
-ShibConfig::~ShibConfig() {}
-
-extern "C" IMetadata* XMLMetadataFactory(const char* source)
+extern "C" void openssl_locking_callback(int mode,int n,const char *file,int line)
{
- return new XMLMetadata(source);
+ if (mode & CRYPTO_LOCK)
+ g_openssl_locks[n]->lock();
+ else
+ g_openssl_locks[n]->unlock();
}
-extern "C" ITrust* XMLTrustFactory(const char* source)
+#ifndef WIN32
+extern "C" unsigned long openssl_thread_id(void)
{
- return new XMLTrust(source);
+ return (unsigned long)(pthread_self());
}
+#endif
-extern "C" IAAP* XMLAAPFactory(const char* source)
+bool ShibConfig::init()
{
- return new XMLAAP(source);
-}
-
-bool ShibInternalConfig::init()
-{
- saml::NDC ndc("init");
-
- REGISTER_EXCEPTION_FACTORY(edu.internet2.middleware.shibboleth.common,UnsupportedProtocolException);
- REGISTER_EXCEPTION_FACTORY(edu.internet2.middleware.shibboleth.common,MetadataException);
-
- // Register extension schema.
- saml::XML::registerSchema(XML::SHIB_NS,XML::SHIB_SCHEMA_ID);
-
- regFactory("edu.internet2.middleware.shibboleth.metadata.XML",&XMLMetadataFactory);
- regFactory("edu.internet2.middleware.shibboleth.trust.XML",&XMLTrustFactory);
- regFactory("edu.internet2.middleware.shibboleth.target.AAP.XML",&XMLAAPFactory);
+ REGISTER_EXCEPTION_FACTORY(MetadataException);
+ REGISTER_EXCEPTION_FACTORY(CredentialException);
+ REGISTER_EXCEPTION_FACTORY(InvalidHandleException);
+
+ // Set up OpenSSL locking.
+ for (int i=0; i<CRYPTO_num_locks(); i++)
+ g_openssl_locks.push_back(Mutex::create());
+ CRYPTO_set_locking_callback(openssl_locking_callback);
+#ifndef WIN32
+ CRYPTO_set_id_callback(openssl_thread_id);
+#endif
return true;
}
-void ShibInternalConfig::term()
+void ShibConfig::term()
{
- for (vector<IMetadata*>::iterator i=m_providers.begin(); i!=m_providers.end(); i++)
- delete *i;
- for (vector<ITrust*>::iterator j=m_trust_providers.begin(); j!=m_trust_providers.end(); j++)
- delete *j;
- for (vector<IAAP*>::iterator k=m_aap_providers.begin(); k!=m_aap_providers.end(); k++)
- delete *k;
+ CRYPTO_set_locking_callback(NULL);
+ for (vector<Mutex*>::iterator i=g_openssl_locks.begin(); i!=g_openssl_locks.end(); i++)
+ delete (*i);
+ g_openssl_locks.clear();
}
-void ShibInternalConfig::regFactory(const char* type, MetadataFactory* factory)
+void PlugManager::regFactory(const char* type, Factory* factory)
{
if (type && factory)
- m_metadataFactoryMap[type]=factory;
+ m_map[type]=factory;
}
-void ShibInternalConfig::regFactory(const char* type, TrustFactory* factory)
+IPlugIn* PlugManager::newPlugin(const char* type, const DOMElement* source)
{
- if (type && factory)
- m_trustFactoryMap[type]=factory;
+ FactoryMap::const_iterator i=m_map.find(type);
+ if (i==m_map.end())
+ throw saml::UnsupportedExtensionException(std::string("unable to build plugin of type '") + type + "'");
+ return i->second(source);
}
-void ShibInternalConfig::regFactory(const char* type, AAPFactory* factory)
-{
- if (type && factory)
- m_aapFactoryMap[type]=factory;
-}
-
-void ShibInternalConfig::unregFactory(const char* type)
+void PlugManager::unregFactory(const char* type)
{
if (type)
- {
- m_metadataFactoryMap.erase(type);
- m_trustFactoryMap.erase(type);
- m_aapFactoryMap.erase(type);
- }
-}
-
-bool ShibInternalConfig::addMetadata(const char* type, const char* source)
-{
- saml::NDC ndc("addMetadata");
-
- bool ret=false;
- try
- {
- MetadataFactoryMap::const_iterator i=m_metadataFactoryMap.find(type);
- if (i!=m_metadataFactoryMap.end())
- {
- m_providers.push_back((i->second)(source));
- ret=true;
- }
- else
- {
- TrustFactoryMap::const_iterator j=m_trustFactoryMap.find(type);
- if (j!=m_trustFactoryMap.end())
- {
- m_trust_providers.push_back((j->second)(source));
- ret=true;
- }
- else
- {
- AAPFactoryMap::const_iterator k=m_aapFactoryMap.find(type);
- if (k!=m_aapFactoryMap.end())
- {
- m_aap_providers.push_back((k->second)(source));
- ret=true;
- }
- else
- throw MetadataException("ShibConfig::addMetadata() unable to locate a metadata factory of the requested type");
- }
- }
- }
- catch (SAMLException& e)
- {
- Category::getInstance(SHIB_LOGCAT".ShibConfig").error(
- "failed to add %s provider to system using source '%s': %s", type, source, e.what()
- );
- }
- catch (...)
- {
- Category::getInstance(SHIB_LOGCAT".ShibConfig").error(
- "failed to add %s provider to system using source '%s': unknown exception", type, source
- );
- }
- return ret;
+ m_map.erase(type);
}
ShibConfig& ShibConfig::getConfig()
code=ERR_get_error_line_data(&file,&line,&data,&flags);
}
}
-
-X509* shibboleth::B64_to_X509(const char* buf)
-{
- BIO* bmem = BIO_new_mem_buf((void*)buf,-1);
- BIO* b64 = BIO_new(BIO_f_base64());
- b64 = BIO_push(b64, bmem);
- X509* x=NULL;
- d2i_X509_bio(b64,&x);
- if (!x)
- log_openssl();
- BIO_free_all(b64);
- return x;
-}