X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=plugins%2FGSSAPIAttributeExtractor.cpp;h=a405eaeedd1d41b72e2ab7a412a8882233b6c65f;hb=c51bfd77603cf0ddb0b5e374c35586a8435895d6;hp=b17aed7a73e4097af40d9e9c8bd0b98c6f0a2ce7;hpb=dda6631496160077a9a8b962650b15c70844e7c3;p=shibboleth%2Fcpp-sp.git diff --git a/plugins/GSSAPIAttributeExtractor.cpp b/plugins/GSSAPIAttributeExtractor.cpp index b17aed7..a405eae 100644 --- a/plugins/GSSAPIAttributeExtractor.cpp +++ b/plugins/GSSAPIAttributeExtractor.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2011 JANET(UK) +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -27,6 +31,7 @@ #include #include #include +#include #include #include #include @@ -42,6 +47,7 @@ #include #include #include +#include #ifdef SHIBSP_HAVE_GSSGNU # include @@ -56,6 +62,8 @@ using namespace shibsp; using namespace opensaml::saml2md; using namespace opensaml; using namespace xmltooling; +using namespace xercesc; +using namespace boost; using namespace std; namespace shibsp { @@ -103,12 +111,11 @@ namespace shibsp { { public: GSSAPIExtractor(const DOMElement* e) - : ReloadableXMLFile(e, Category::getInstance(SHIBSP_LOGCAT".AttributeExtractor.GSSAPI")), m_impl(nullptr) { + : ReloadableXMLFile(e, Category::getInstance(SHIBSP_LOGCAT ".AttributeExtractor.GSSAPI")) { background_load(); } ~GSSAPIExtractor() { shutdown(); - delete m_impl; } void extractAttributes( @@ -127,7 +134,7 @@ namespace shibsp { pair background_load(); private: - GSSAPIExtractorImpl* m_impl; + scoped_ptr m_impl; }; #if defined (_MSC_VER) @@ -198,25 +205,16 @@ GSSAPIExtractorImpl::GSSAPIExtractorImpl(const DOMElement* e, Category& log) name = child->getAttributeNS(nullptr, _aliases); if (name && *name) { auto_ptr_char aliases(name); - char* pos; - char* start = const_cast(aliases.get()); - while (start && *start) { - while (*start && isspace(*start)) - start++; - if (!*start) - break; - pos = strchr(start,' '); - if (pos) - *pos=0; - if (strcmp(start, "REMOTE_USER")) { - decl.ids.push_back(start); - m_attributeIds.push_back(start); - } - else { - m_log.warn("skipping alias, REMOTE_USER is a reserved name"); - } - start = pos ? pos+1 : nullptr; + string dup(aliases.get()); + trim(dup); + set new_aliases; + split(new_aliases, dup, is_space(), algorithm::token_compress_on); + set::iterator ru = new_aliases.find("REMOTE_USER"); + if (ru != new_aliases.end()) { + m_log.warn("skipping alias, REMOTE_USER is a reserved name"); + new_aliases.erase(ru); } + m_attributeIds.insert(m_attributeIds.end(), new_aliases.begin(), new_aliases.end()); } decl.authenticated = XMLHelper::getAttrBool(child, true, _authenticated); @@ -273,22 +271,7 @@ void GSSAPIExtractorImpl::extractAttributes( return; } if (buf.length) { - if (rule->second.binary) { - // base64 encode the value - xsecsize_t len=0; - XMLByte* out=Base64::encode(reinterpret_cast(buf.value), buf.length, &len); - if (out) { - values.push_back(string(reinterpret_cast(out), len)); -#ifdef SHIBSP_XERCESC_HAS_XMLBYTE_RELEASE - XMLString::release(&out); -#else - XMLString::release((char**)&out); -#endif - } - } - else { - values.push_back(string(reinterpret_cast(buf.value), buf.length)); - } + values.push_back(string(reinterpret_cast(buf.value), buf.length)); } gss_release_buffer(&minor, &buf); } @@ -316,14 +299,22 @@ void GSSAPIExtractorImpl::extractAttributes( m_log.warn("ignoring unscoped value"); } } - if (!scoped->getValues().empty()) - attributes.push_back(scoped.release()); + if (!scoped->getValues().empty()) { + attributes.push_back(scoped.get()); + scoped.release(); + } + } + else if (rule->second.binary) { + auto_ptr binary(new BinaryAttribute(rule->second.ids)); + binary->getValues() = values; + attributes.push_back(binary.get()); + binary.release(); } else { - // If unscoped, just copy over the values. auto_ptr simple(new SimpleAttribute(rule->second.ids)); simple->getValues() = values; - attributes.push_back(simple.release()); + attributes.push_back(simple.get()); + simple.release(); } } @@ -419,7 +410,7 @@ pair GSSAPIExtractor::background_load() // If we own it, wrap it. XercesJanitor docjanitor(raw.first ? raw.second->getOwnerDocument() : nullptr); - GSSAPIExtractorImpl* impl = new GSSAPIExtractorImpl(raw.second, m_log); + scoped_ptr impl(new GSSAPIExtractorImpl(raw.second, m_log)); // If we held the document, transfer it to the impl. If we didn't, it's a no-op. impl->setDocument(docjanitor.release()); @@ -428,8 +419,7 @@ pair GSSAPIExtractor::background_load() if (m_lock) m_lock->wrlock(); SharedLock locker(m_lock, false); - delete m_impl; - m_impl = impl; + m_impl.swap(impl); return make_pair(false,(DOMElement*)nullptr); }