Package fixes.

[shibboleth/xmltooling.git] / xmltooling / security / impl / FilesystemCredentialResolver.cpp

diff --git a/xmltooling/security/impl/FilesystemCredentialResolver.cpp b/xmltooling/security/impl/FilesystemCredentialResolver.cpp
index b555291..a4bef3c 100644 (file)
--- a/xmltooling/security/impl/FilesystemCredentialResolver.cpp
+++ b/xmltooling/security/impl/FilesystemCredentialResolver.cpp
@@ -73,8 +73,7 @@ namespace xmltooling {
         FilesystemCredential(
             FilesystemCredentialResolver* resolver, XSECCryptoKey* key, const std::vector<XSECCryptoX509*>& xseccerts, XSECCryptoX509CRL* crl=NULL
             ) : BasicX509Credential(key, xseccerts, crl), m_resolver(resolver), m_usage(UNSPECIFIED_CREDENTIAL) {
-            if (!m_xseccerts.empty())
-                extractNames(m_xseccerts.front(), m_keyNames);
+            extract();
             initKeyInfo();
         }
         virtual ~FilesystemCredential() {
@@ -166,6 +165,7 @@ namespace xmltooling {
     static const XMLCh format[] =           UNICODE_LITERAL_6(f,o,r,m,a,t);
     static const XMLCh Key[] =              UNICODE_LITERAL_3(K,e,y);
     static const XMLCh _key[] =             UNICODE_LITERAL_3(k,e,y);
+    static const XMLCh keyName[] =          UNICODE_LITERAL_7(k,e,y,N,a,m,e);
     static const XMLCh Name[] =             UNICODE_LITERAL_4(N,a,m,e);
     static const XMLCh password[] =         UNICODE_LITERAL_8(p,a,s,s,w,o,r,d);
     static const XMLCh Path[] =             UNICODE_LITERAL_4(P,a,t,h);
@@ -192,6 +192,11 @@ FilesystemCredentialResolver::FilesystemCredentialResolver(const DOMElement* e)
             path->appendChild(e->getOwnerDocument()->createTextNode(e->getAttributeNS(NULL,_key)));
             if (e->hasAttributeNS(NULL,password))
                 child->setAttributeNS(NULL,password,e->getAttributeNS(NULL,password));
+            if (e->hasAttributeNS(NULL,keyName)) {
+                path = e->getOwnerDocument()->createElementNS(NULL,Name);
+                child->appendChild(path);
+                path->appendChild(e->getOwnerDocument()->createTextNode(e->getAttributeNS(NULL,keyName)));
+            }
         }
         if (e->hasAttributeNS(NULL,_certificate)) {
             child = e->getOwnerDocument()->createElementNS(NULL,Certificate);
@@ -235,14 +240,14 @@ FilesystemCredentialResolver::FilesystemCredentialResolver(const DOMElement* e)
             XMLToolingConfig::getConfig().getPathResolver()->resolve(m_keypath, PathResolver::XMLTOOLING_CFG_FILE);
 #ifdef WIN32
             struct _stat stat_buf;
-            if (_stat(kpath.get(), &stat_buf) != 0)
+            if (_stat(m_keypath.c_str(), &stat_buf) != 0)
 #else
             struct stat stat_buf;
-            if (stat(kpath.get(), &stat_buf) != 0)
+            if (stat(m_keypath.c_str(), &stat_buf) != 0)
 #endif
             {
-                log.error("key file (%s) can't be opened", kpath.get());
-                throw XMLSecurityException("FilesystemCredentialResolver can't access key file ($1)",params(1,kpath.get()));
+                log.error("key file (%s) can't be opened", m_keypath.c_str());
+                throw XMLSecurityException("FilesystemCredentialResolver can't access key file ($1)",params(1,m_keypath.c_str()));
             }
         }
         else {
@@ -296,14 +301,14 @@ FilesystemCredentialResolver::FilesystemCredentialResolver(const DOMElement* e)
             XMLToolingConfig::getConfig().getPathResolver()->resolve(m_crlpath, PathResolver::XMLTOOLING_CFG_FILE);
 #ifdef WIN32
             struct _stat stat_buf;
-            if (_stat(kpath.get(), &stat_buf) != 0)
+            if (_stat(m_crlpath.c_str(), &stat_buf) != 0)
 #else
             struct stat stat_buf;
-            if (stat(kpath.get(), &stat_buf) != 0)
+            if (stat(m_crlpath.c_str(), &stat_buf) != 0)
 #endif
             {
-                log.error("CRL file (%s) can't be opened", kpath.get());
-                throw XMLSecurityException("FilesystemCredentialResolver can't access CRL file ($1)",params(1,kpath.get()));
+                log.error("CRL file (%s) can't be opened", m_crlpath.c_str());
+                throw XMLSecurityException("FilesystemCredentialResolver can't access CRL file ($1)",params(1,m_crlpath.c_str()));
             }
         }
         else {
@@ -387,6 +392,10 @@ FilesystemCredentialResolver::FilesystemCredentialResolver(const DOMElement* e)
                 log.debug("certificate encoding format for (%s) dynamically resolved as (%s)", certpath.c_str(), formatToString(fformat).c_str());
             }
 
+            Category::getInstance(XMLTOOLING_LOGCAT".CredentialResolver."FILESYSTEM_CREDENTIAL_RESOLVER).info(
+                "loading certificate from file (%s)", certpath.c_str()
+                );
+
             switch(fformat) {
                 case PEM:
                     while (x=PEM_read_bio_X509(in,NULL,passwd_callback,const_cast<char*>(certpass.get())))
@@ -458,6 +467,10 @@ FilesystemCredentialResolver::FilesystemCredentialResolver(const DOMElement* e)
                     log.debug("CA certificate encoding format for (%s) dynamically resolved as (%s)", capath.c_str(), formatToString(fformat).c_str());
                 }
 
+                Category::getInstance(XMLTOOLING_LOGCAT".CredentialResolver."FILESYSTEM_CREDENTIAL_RESOLVER).info(
+                    "loading CA certificate from file (%s)", capath.c_str()
+                    );
+
                 switch (fformat) {
                     case PEM:
                         while (x=PEM_read_bio_X509(in,NULL,NULL,NULL))
@@ -499,8 +512,8 @@ FilesystemCredentialResolver::FilesystemCredentialResolver(const DOMElement* e)
                 if (in)
                     BIO_free(in);
                 log_openssl();
-                log.error("CA file (%s) can't be opened", capath.c_str());
-                throw XMLSecurityException("FilesystemCredentialResolver can't open CA file ($1)",params(1,capath.c_str()));
+                log.error("CA certificate file (%s) can't be opened", capath.c_str());
+                throw XMLSecurityException("FilesystemCredentialResolver can't open CA certificate file ($1)",params(1,capath.c_str()));
             }
             
             extra = XMLHelper::getNextSiblingElement(extra,CAPath);
@@ -528,6 +541,9 @@ XSECCryptoKey* FilesystemCredentialResolver::loadKey()
 #ifdef _DEBUG
     NDC ndc("loadKey");
 #endif
+    Category::getInstance(XMLTOOLING_LOGCAT".CredentialResolver."FILESYSTEM_CREDENTIAL_RESOLVER).info(
+        "loading private key from file (%s)", m_keypath.c_str()
+        );
 
     // Get a EVP_PKEY.
     EVP_PKEY* pkey=NULL;
@@ -583,6 +599,9 @@ XSECCryptoX509CRL* FilesystemCredentialResolver::loadCRL()
 #ifdef _DEBUG
     NDC ndc("loadCRL");
 #endif
+    Category::getInstance(XMLTOOLING_LOGCAT".CredentialResolver."FILESYSTEM_CREDENTIAL_RESOLVER).info(
+        "loading CRL from file (%s)", m_crlpath.c_str()
+        );
 
     X509_CRL* crl=NULL;
     BIO* in=BIO_new(BIO_s_file_internal());