X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=mech_eap%2Futil_saml.cpp;h=afce7f70c479c4777d88fd351c61704393ef8751;hb=75f822a560d9fa5ec12eb3a5162ecc40dad01f9d;hp=24d125d39fb8c4d42705379c718802225d4cb838;hpb=43146f6400fc19e112ed1a7c7d6e8dce3755f008;p=moonshot.git diff --git a/mech_eap/util_saml.cpp b/mech_eap/util_saml.cpp index 24d125d..afce7f7 100644 --- a/mech_eap/util_saml.cpp +++ b/mech_eap/util_saml.cpp @@ -73,7 +73,7 @@ gss_eap_saml_assertion_provider::~gss_eap_saml_assertion_provider(void) } bool -gss_eap_saml_assertion_provider::initFromExistingContext(const gss_eap_attr_ctx *manager, +gss_eap_saml_assertion_provider::initWithExistingContext(const gss_eap_attr_ctx *manager, const gss_eap_attr_provider *ctx) { /* Then we may be creating from an existing attribute context */ @@ -81,7 +81,7 @@ gss_eap_saml_assertion_provider::initFromExistingContext(const gss_eap_attr_ctx assert(m_assertion == NULL); - if (!gss_eap_attr_provider::initFromExistingContext(manager, ctx)) + if (!gss_eap_attr_provider::initWithExistingContext(manager, ctx)) return false; saml = static_cast(ctx); @@ -91,7 +91,7 @@ gss_eap_saml_assertion_provider::initFromExistingContext(const gss_eap_attr_ctx } bool -gss_eap_saml_assertion_provider::initFromGssContext(const gss_eap_attr_ctx *manager, +gss_eap_saml_assertion_provider::initWithGssContext(const gss_eap_attr_ctx *manager, const gss_cred_id_t gssCred, const gss_ctx_id_t gssCtx) { @@ -102,7 +102,7 @@ gss_eap_saml_assertion_provider::initFromGssContext(const gss_eap_attr_ctx *mana assert(m_assertion == NULL); - if (!gss_eap_attr_provider::initFromGssContext(manager, gssCred, gssCtx)) + if (!gss_eap_attr_provider::initWithGssContext(manager, gssCred, gssCtx)) return false; /* @@ -252,6 +252,8 @@ gss_eap_saml_assertion_provider::mapException(OM_uint32 *minor, else return GSS_S_CONTINUE_NEEDED; + gssEapSaveStatusInfo(*minor, "%s", e.what()); + return GSS_S_FAILURE; } @@ -281,7 +283,11 @@ gss_eap_saml_assertion_provider::getAttribute(const gss_buffer_t attr, XMLHelper::serialize(m_assertion->marshall((DOMDocument *)NULL), str); - duplicateBuffer(str, value); + if (value != NULL) + duplicateBuffer(str, value); + if (display_value != NULL) + duplicateBuffer(str, display_value); + *more = 0; return true; @@ -310,20 +316,6 @@ gss_eap_saml_assertion_provider::prefix(void) const return "urn:ietf:params:gss-eap:saml-aaa-assertion"; } -void -gss_eap_saml_assertion_provider::exportToBuffer(gss_buffer_t buffer) const -{ - buffer->length = 0; - buffer->value = NULL; -} - -bool -gss_eap_saml_assertion_provider::initFromBuffer(const gss_eap_attr_ctx *ctx GSSEAP_UNUSED, - const gss_buffer_t buffer GSSEAP_UNUSED) -{ - return false; -} - bool gss_eap_saml_assertion_provider::init(void) { @@ -427,18 +419,16 @@ gss_eap_saml_attr_provider::getAttributeTypes(gss_eap_attr_enumeration_cb addAtt for (vector::const_iterator a = attrs.begin(); a != attrs.end(); ++a) { const XMLCh *attributeName, *attributeNameFormat; - XMLCh *qualifiedName; XMLCh space[2] = { ' ', 0 }; gss_buffer_desc utf8; - bool ret; attributeName = (*a)->getName(); attributeNameFormat = (*a)->getNameFormat(); if (attributeNameFormat == NULL || attributeNameFormat[0] == '\0') attributeNameFormat = saml2::Attribute::UNSPECIFIED; - qualifiedName = new XMLCh[XMLString::stringLen(attributeNameFormat) + 1 + - XMLString::stringLen(attributeName) + 1]; + XMLCh qualifiedName[XMLString::stringLen(attributeNameFormat) + 1 + + XMLString::stringLen(attributeName) + 1]; XMLString::copyString(qualifiedName, attributeNameFormat); XMLString::catString(qualifiedName, space); XMLString::catString(qualifiedName, attributeName); @@ -446,12 +436,8 @@ gss_eap_saml_attr_provider::getAttributeTypes(gss_eap_attr_enumeration_cb addAtt utf8.value = (void *)toUTF8(qualifiedName); utf8.length = strlen((char *)utf8.value); - ret = addAttribute(m_manager, this, &utf8, data); - - delete qualifiedName; - - if (!ret) - return ret; + if (!addAttribute(m_manager, this, &utf8, data)) + return false; } } @@ -461,12 +447,11 @@ gss_eap_saml_attr_provider::getAttributeTypes(gss_eap_attr_enumeration_cb addAtt static BaseRefVectorOf * decomposeAttributeName(const gss_buffer_t attr) { - XMLCh *qualifiedAttr = new XMLCh[attr->length + 1]; - XMLString::transcode((const char *)attr->value, qualifiedAttr, attr->length); + BaseRefVectorOf *components; + string str((const char *)attr->value, attr->length); + auto_ptr_XMLCh qualifiedAttr(str.c_str()); - BaseRefVectorOf *components = XMLString::tokenizeString(qualifiedAttr); - - delete qualifiedAttr; + components = XMLString::tokenizeString(qualifiedAttr.get()); if (components->size() != 2) { delete components; @@ -476,6 +461,25 @@ decomposeAttributeName(const gss_buffer_t attr) return components; } +static bool +isNotPrintable(const gss_buffer_t value) +{ + size_t i; + char *p = (char *)value->value; + + if (isgraph(p[0]) && + isgraph(p[value->length - 1])) + { + for (i = 0; p[i]; i++) { + if (!isascii(p[i]) || !isprint(p[i])) + return true; + } + return false; + } + + return true; +} + bool gss_eap_saml_attr_provider::setAttribute(int complete GSSEAP_UNUSED, const gss_buffer_t attr, @@ -505,11 +509,19 @@ gss_eap_saml_attr_provider::setAttribute(int complete GSSEAP_UNUSED, attribute->setNameFormat(components->elementAt(0)); attribute->setName(components->elementAt(1)); - XMLCh *xmlValue = new XMLCh[value->length + 1]; - XMLString::transcode((const char *)value->value, xmlValue, attr->length); - attributeValue = saml2::AttributeValueBuilder::buildAttributeValue(); - attributeValue->setTextContent(xmlValue); + if (isNotPrintable(value)) { + char *b64; + + if (base64Encode(value->value, value->length, &b64)) + return false; + + auto_ptr_XMLCh unistr(b64); + attributeValue->setTextContent(unistr.get()); + } else { + auto_ptr_XMLCh unistr((char *)value->value); + attributeValue->setTextContent(unistr.get()); + } attribute->getAttributeValues().push_back(attributeValue); @@ -517,7 +529,6 @@ gss_eap_saml_attr_provider::setAttribute(int complete GSSEAP_UNUSED, attributeStatement->getAttributes().push_back(attribute); delete components; - delete xmlValue; return true; } @@ -651,7 +662,7 @@ gss_eap_saml_attr_provider::getAttribute(const gss_buffer_t attr, if (i == -1) i = 0; - else if (i >= nvalues) + if (i >= nvalues) return false; #ifdef __APPLE__ av = (const saml2::AttributeValue *)((void *)(a->getAttributeValues().at(i))); @@ -660,8 +671,31 @@ gss_eap_saml_attr_provider::getAttribute(const gss_buffer_t attr, #endif if (av != NULL) { if (value != NULL) { - value->value = toUTF8(av->getTextContent(), true); - value->length = strlen((char *)value->value); + char *stringValue = toUTF8(av->getTextContent(), true); + size_t stringValueLen = strlen(stringValue); + + if (base64Valid(stringValue)) { + ssize_t binaryLen; + + value->value = GSSEAP_MALLOC(stringValueLen); + if (value->value == NULL) { + GSSEAP_FREE(stringValue); + throw new std::bad_alloc; + } + + binaryLen = base64Decode(stringValue, value->value); + if (binaryLen < 0) { + GSSEAP_FREE(value->value); + GSSEAP_FREE(stringValue); + value->value = NULL; + return false; + } + value->length = binaryLen; + GSSEAP_FREE(stringValue); + } else { + value->value = stringValue; + value->length = stringValueLen; + } } if (display_value != NULL) { display_value->value = toUTF8(av->getTextContent(), true); @@ -694,20 +728,6 @@ gss_eap_saml_attr_provider::prefix(void) const return "urn:ietf:params:gss-eap:saml-attr"; } -void -gss_eap_saml_attr_provider::exportToBuffer(gss_buffer_t buffer) const -{ - buffer->length = 0; - buffer->value = NULL; -} - -bool -gss_eap_saml_attr_provider::initFromBuffer(const gss_eap_attr_ctx *ctx GSSEAP_UNUSED, - const gss_buffer_t buffer GSSEAP_UNUSED) -{ - return false; -} - bool gss_eap_saml_attr_provider::init(void) {