De-inline some functions.

[shibboleth/cpp-xmltooling.git] / xmltooling / XMLToolingConfig.cpp

diff --git a/xmltooling/XMLToolingConfig.cpp b/xmltooling/XMLToolingConfig.cpp
index 9773dcd..202c9f1 100644 (file)
--- a/xmltooling/XMLToolingConfig.cpp
+++ b/xmltooling/XMLToolingConfig.cpp
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2009 Internet2
+ *  Copyright 2001-2010 Internet2
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,7 +17,7 @@
 /**
  * XMLToolingConfig.cpp
  *
- * Library configuration
+ * Library configuration.
  */
 
 #include "internal.h"
@@ -26,23 +26,22 @@
 #include "XMLToolingConfig.h"
 #include "encryption/Encryption.h"
 #include "encryption/Encrypter.h"
-#include "io/HTTPRequest.h"
-#include "io/HTTPResponse.h"
 #include "impl/UnknownElement.h"
+#include "io/HTTPResponse.h"
 #include "security/TrustEngine.h"
 #include "security/OpenSSLCryptoX509CRL.h"
 #include "security/CredentialResolver.h"
 #include "security/KeyInfoResolver.h"
+#include "signature/KeyInfo.h"
 #include "signature/Signature.h"
 #include "soap/SOAP.h"
-#include "soap/SOAPTransport.h"
 #include "util/NDC.h"
 #include "util/PathResolver.h"
 #include "util/ReplayCache.h"
 #include "util/StorageService.h"
 #include "util/TemplateEngine.h"
+#include "util/Threads.h"
 #include "util/URLEncoder.h"
-#include "util/XMLConstants.h"
 #include "validation/ValidatorSuite.h"
 
 #ifdef HAVE_DLFCN_H
@@ -58,18 +57,22 @@
 # include <log4cpp/OstreamAppender.hh>
 #endif
 #include <xercesc/util/PlatformUtils.hpp>
+#include <xercesc/util/XMLUniDefs.hpp>
 #ifndef XMLTOOLING_NO_XMLSEC
 # include <curl/curl.h>
 # include <openssl/err.h>
+# include <xsec/framework/XSECAlgorithmMapper.hpp>
+# include <xsec/framework/XSECException.hpp>
 # include <xsec/framework/XSECProvider.hpp>
+# include <xsec/transformers/TXFMBase.hpp>
 #endif
 
 using namespace soap11;
 using namespace xmltooling::logging;
 using namespace xmltooling;
+using namespace xercesc;
 using namespace std;
 
-using xercesc::XMLPlatformUtils;
 
 DECL_XMLTOOLING_EXCEPTION_FACTORY(XMLParserException,xmltooling);
 DECL_XMLTOOLING_EXCEPTION_FACTORY(XMLObjectException,xmltooling);
@@ -89,7 +92,7 @@ using namespace xmlsignature;
     DECL_XMLTOOLING_EXCEPTION_FACTORY(EncryptionException,xmlencryption);
 #endif
 
-namespace xmltooling {
+namespace {
     static XMLToolingInternalConfig g_config;
 #ifndef XMLTOOLING_NO_XMLSEC
     static vector<Mutex*> g_openssl_locks;
@@ -108,6 +111,79 @@ namespace xmltooling {
         return (unsigned long)(pthread_self());
     }
 # endif
+
+# ifdef XMLTOOLING_XMLSEC_DEBUGLOGGING
+    class TXFMOutputLog : public TXFMBase {
+           TXFMOutputLog();
+    public:
+        TXFMOutputLog(DOMDocument* doc) : TXFMBase(doc), m_log(Category::getInstance(XMLTOOLING_LOGCAT".Signature.Debugger")) {
+            input = nullptr;
+        }
+        ~TXFMOutputLog() {
+            m_log.debug("\n----- END SIGNATURE DEBUG -----\n");
+        }
+
+           void setInput(TXFMBase *newInput) {
+               input = newInput;
+               if (newInput->getOutputType() != TXFMBase::BYTE_STREAM)
+                       throw XSECException(XSECException::TransformInputOutputFail, "OutputLog transform requires BYTE_STREAM input");
+               keepComments = input->getCommentsStatus();
+            m_log.debug("\n----- BEGIN SIGNATURE DEBUG -----\n");
+        }
+
+           TXFMBase::ioType getInputType() {
+            return TXFMBase::BYTE_STREAM;
+        }
+           TXFMBase::ioType getOutputType() {
+            return TXFMBase::BYTE_STREAM;
+        }
+           TXFMBase::nodeType getNodeType() {
+            return TXFMBase::DOM_NODE_NONE;
+        }
+
+           unsigned int readBytes(XMLByte * const toFill, const unsigned int maxToFill) {
+               unsigned int sz = input->readBytes(toFill, maxToFill);
+            m_log.debug(string(reinterpret_cast<char* const>(toFill), sz));
+               return sz;
+        }
+
+           DOMDocument* getDocument() {
+            return nullptr;
+        }
+           DOMNode* getFragmentNode() {
+            return nullptr;
+        }
+           const XMLCh* getFragmentId() {
+            return nullptr;
+        }
+       
+    private:
+        Category& m_log;
+    };
+
+    TXFMBase* TXFMOutputLogFactory(DOMDocument* doc) {
+        if (Category::getInstance(XMLTOOLING_LOGCAT".Signature.Debugger").isDebugEnabled())
+            return new TXFMOutputLog(doc);
+        return nullptr;
+    }
+# endif
+
+#endif
+
+#ifdef WIN32
+    BOOL LogEvent(
+        LPCSTR  lpUNCServerName,
+        WORD  wType,
+        DWORD  dwEventID,
+        PSID  lpUserSid,
+        LPCSTR  message)
+    {
+        LPCSTR  messages[] = {message, nullptr};
+
+        HANDLE hElog = RegisterEventSource(lpUNCServerName, "OpenSAML XMLTooling Library");
+        BOOL res = ReportEvent(hElog, wType, 0, dwEventID, lpUserSid, 1, 0, messages, nullptr);
+        return (DeregisterEventSource(hElog) && res);
+    }
 #endif
 }
 
@@ -121,6 +197,20 @@ XMLToolingInternalConfig& XMLToolingInternalConfig::getInternalConfig()
     return g_config;
 }
 
+#ifndef XMLTOOLING_NO_XMLSEC
+XMLToolingConfig::XMLToolingConfig()
+    : m_keyInfoResolver(nullptr), m_replayCache(nullptr), m_pathResolver(nullptr), m_templateEngine(nullptr), m_urlEncoder(nullptr), clock_skew_secs(180)
+#else
+XMLToolingConfig::XMLToolingConfig()
+    : m_pathResolver(nullptr), m_templateEngine(nullptr), m_urlEncoder(nullptr), clock_skew_secs(180)
+#endif
+{
+}
+
+XMLToolingConfig::~XMLToolingConfig()
+{
+}
+
 bool XMLToolingInternalConfig::log_config(const char* config)
 {
     try {
@@ -176,7 +266,11 @@ bool XMLToolingInternalConfig::log_config(const char* config)
         }
     }
     catch (const ConfigureFailure& e) {
-        Category::getInstance(XMLTOOLING_LOGCAT".Logging").crit("failed to initialize log4cpp: %s", e.what());
+        string msg = string("failed to configure logging: ") + e.what();
+        Category::getInstance(XMLTOOLING_LOGCAT".Logging").crit(msg);
+#ifdef WIN32
+        LogEvent(nullptr, EVENTLOG_ERROR_TYPE, 2100, nullptr, msg.c_str());
+#endif
         return false;
     }
 
@@ -184,6 +278,22 @@ bool XMLToolingInternalConfig::log_config(const char* config)
 }
 
 #ifndef XMLTOOLING_LITE
+const KeyInfoResolver* XMLToolingConfig::getKeyInfoResolver() const
+{
+    return m_keyInfoResolver;
+}
+
+ReplayCache* XMLToolingConfig::getReplayCache() const
+{
+    return m_replayCache;
+}
+
+void XMLToolingConfig::setKeyInfoResolver(xmltooling::KeyInfoResolver *keyInfoResolver)
+{
+    delete m_keyInfoResolver;
+    m_keyInfoResolver = keyInfoResolver;
+}
+
 void XMLToolingConfig::setReplayCache(ReplayCache* replayCache)
 {
     delete m_replayCache;
@@ -191,6 +301,21 @@ void XMLToolingConfig::setReplayCache(ReplayCache* replayCache)
 }
 #endif
 
+PathResolver* XMLToolingConfig::getPathResolver() const
+{
+    return m_pathResolver;
+}
+
+TemplateEngine* XMLToolingConfig::getTemplateEngine() const
+{
+    return m_templateEngine;
+}
+
+const URLEncoder* XMLToolingConfig::getURLEncoder() const
+{
+    return m_urlEncoder;
+}
+
 void XMLToolingConfig::setPathResolver(PathResolver* pathResolver)
 {
     delete m_pathResolver;
@@ -231,6 +356,9 @@ bool XMLToolingInternalConfig::init()
 
 #ifndef XMLTOOLING_NO_XMLSEC
         XSECPlatformUtils::Initialise();
+# ifdef XMLTOOLING_XMLSEC_DEBUGLOGGING
+        XSECPlatformUtils::SetReferenceLoggingSink(TXFMOutputLogFactory);
+# endif
         m_xsecProvider=new XSECProvider();
         log.debug("XML-Security %s initialization complete", XSEC_FULLVERSIONDOT);
 #endif
@@ -242,7 +370,7 @@ bool XMLToolingInternalConfig::init()
         // Load catalogs from path.
         if (!catalog_path.empty()) {
             char* catpath=strdup(catalog_path.c_str());
-            char* sep=NULL;
+            char* sep=nullptr;
             char* start=catpath;
             while (start && *start) {
                 sep=strchr(start,PATH_SEPARATOR_CHAR);
@@ -250,7 +378,7 @@ bool XMLToolingInternalConfig::init()
                     *sep=0;
                 auto_ptr_XMLCh temp(start);
                 m_validatingPool->loadCatalog(temp.get());
-                start = sep ? sep + 1 : NULL;
+                start = sep ? sep + 1 : nullptr;
             }
             free(catpath);
         }
@@ -283,12 +411,15 @@ bool XMLToolingInternalConfig::init()
         registerSOAPTransports();
         initSOAPTransports();
         registerStorageServices();
-        m_keyInfoResolver = KeyInfoResolverManager.newPlugin(INLINE_KEYINFO_RESOLVER,NULL);
+        m_keyInfoResolver = KeyInfoResolverManager.newPlugin(INLINE_KEYINFO_RESOLVER,nullptr);
 #endif
 
         m_pathResolver = new PathResolver();
         m_urlEncoder = new URLEncoder();
 
+        HTTPResponse::getAllowedSchemes().push_back("https");
+        HTTPResponse::getAllowedSchemes().push_back("http");
+
         // Register xml:id as an ID attribute.
         static const XMLCh xmlid[] = UNICODE_LITERAL_2(i,d);
         AttributeExtensibleXMLObject::registerIDAttribute(QName(xmlconstants::XML_NS, xmlid));
@@ -318,7 +449,7 @@ bool XMLToolingInternalConfig::init()
 void XMLToolingInternalConfig::term()
 {
 #ifndef XMLTOOLING_NO_XMLSEC
-    CRYPTO_set_locking_callback(NULL);
+    CRYPTO_set_locking_callback(nullptr);
     for_each(g_openssl_locks.begin(), g_openssl_locks.end(), xmltooling::cleanup<Mutex>());
     g_openssl_locks.clear();
 #endif
@@ -338,20 +469,20 @@ void XMLToolingInternalConfig::term()
     m_algorithmMap.clear();
 
     delete m_keyInfoResolver;
-    m_keyInfoResolver = NULL;
+    m_keyInfoResolver = nullptr;
 
     delete m_replayCache;
-    m_replayCache = NULL;
+    m_replayCache = nullptr;
 #endif
 
     delete m_pathResolver;
-    m_pathResolver = NULL;
+    m_pathResolver = nullptr;
 
     delete m_templateEngine;
-    m_templateEngine = NULL;
+    m_templateEngine = nullptr;
 
     delete m_urlEncoder;
-    m_urlEncoder = NULL;
+    m_urlEncoder = nullptr;
 
     for (vector<void*>::reverse_iterator i=m_libhandles.rbegin(); i!=m_libhandles.rend(); i++) {
 #if defined(WIN32)
@@ -371,18 +502,18 @@ void XMLToolingInternalConfig::term()
     m_libhandles.clear();
 
     delete m_parserPool;
-    m_parserPool=NULL;
+    m_parserPool=nullptr;
     delete m_validatingPool;
-    m_validatingPool=NULL;
+    m_validatingPool=nullptr;
 
 #ifndef XMLTOOLING_NO_XMLSEC
     delete m_xsecProvider;
-    m_xsecProvider=NULL;
+    m_xsecProvider=nullptr;
     XSECPlatformUtils::Terminate();
 #endif
 
     XMLPlatformUtils::closeMutex(m_lock);
-    m_lock=NULL;
+    m_lock=nullptr;
     XMLPlatformUtils::Terminate();
 
 #ifndef XMLTOOLING_NO_XMLSEC
@@ -419,16 +550,16 @@ bool XMLToolingInternalConfig::load_library(const char* path, void* context)
     m_pathResolver->resolve(resolved, PathResolver::XMLTOOLING_LIB_FILE);
 
 #if defined(WIN32)
-    HMODULE handle=NULL;
+    HMODULE handle=nullptr;
     for (string::iterator i = resolved.begin(); i != resolved.end(); ++i)
         if (*i == '/')
             *i = '\\';
 
     UINT em=SetErrorMode(SEM_FAILCRITICALERRORS);
     try {
-        handle=LoadLibraryEx(resolved.c_str(),NULL,LOAD_WITH_ALTERED_SEARCH_PATH);
+        handle=LoadLibraryEx(resolved.c_str(),nullptr,LOAD_WITH_ALTERED_SEARCH_PATH);
         if (!handle)
-             handle=LoadLibraryEx(resolved.c_str(),NULL,0);
+             handle=LoadLibraryEx(resolved.c_str(),nullptr,0);
         if (!handle)
             throw runtime_error(string("unable to load extension library: ") + resolved);
         FARPROC fn=GetProcAddress(handle,"xmltooling_extension_init");
@@ -475,6 +606,7 @@ bool XMLToolingInternalConfig::load_library(const char* path, void* context)
 }
 
 #ifndef XMLTOOLING_NO_XMLSEC
+
 void xmltooling::log_openssl()
 {
     const char* file;
@@ -496,6 +628,30 @@ XSECCryptoX509CRL* XMLToolingInternalConfig::X509CRL() const
     return new OpenSSLCryptoX509CRL();
 }
 
+pair<const char*,unsigned int> XMLToolingInternalConfig::mapXMLAlgorithmToKeyAlgorithm(const XMLCh* xmlAlgorithm) const
+{
+    algmap_t::const_iterator i = m_algorithmMap.find(xmlAlgorithm);
+    if (i == m_algorithmMap.end())
+        return pair<const char*,unsigned int>(nullptr, 0);
+    return make_pair(i->second.first.c_str(), i->second.second);
+}
+
+void XMLToolingInternalConfig::registerXMLAlgorithm(const XMLCh* xmlAlgorithm, const char* keyAlgorithm, unsigned int size)
+{
+    m_algorithmMap[xmlAlgorithm] = pair<string,unsigned int>(keyAlgorithm, size);
+}
+
+bool XMLToolingInternalConfig::isXMLAlgorithmSupported(const XMLCh* xmlAlgorithm)
+{
+    try {
+        if (XSECPlatformUtils::g_algorithmMapper->mapURIToHandler(xmlAlgorithm))
+            return true;
+    }
+    catch (XSECException&) {
+    }
+    return false;
+}
+
 void XMLToolingInternalConfig::registerXMLAlgorithms()
 {
     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_MD5, "RSA", 0);
@@ -510,6 +666,11 @@ void XMLToolingInternalConfig::registerXMLAlgorithms()
 
     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIDSA_SHA1, "DSA", 0);
 
+    registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA1, "EC", 0);
+    registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA256, "EC", 0);
+    registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA384, "EC", 0);
+    registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA512, "EC", 0);
+
     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA1, "HMAC", 0);
     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA224, "HMAC", 0);
     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA256, "HMAC", 0);
@@ -528,6 +689,7 @@ void XMLToolingInternalConfig::registerXMLAlgorithms()
     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES256_CBC, "AES", 256);
     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES256, "AES", 256);
 }
+
 #endif
 
 #ifdef WIN32