X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=saml%2FSAMLConfig.cpp;h=a03b172a81e8710191004793fa855b7d36626379;hb=b1614d3c1fc1f4230ab2a123f43994127c25462c;hp=e154646187f4a132005dcbada1ba54479b60edb1;hpb=d70c88b320fcc61aa5f657abbf57f8c451f4ab25;p=shibboleth%2Fcpp-opensaml.git diff --git a/saml/SAMLConfig.cpp b/saml/SAMLConfig.cpp index e154646..a03b172 100644 --- a/saml/SAMLConfig.cpp +++ b/saml/SAMLConfig.cpp @@ -1,5 +1,6 @@ + /* - * Copyright 2001-2006 Internet2 + * Copyright 2001-2007 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -22,14 +23,18 @@ #include "internal.h" #include "exceptions.h" -#include "SAMLArtifact.h" #include "SAMLConfig.h" +#include "binding/ArtifactMap.h" +#include "binding/MessageDecoder.h" +#include "binding/MessageEncoder.h" +#include "binding/SAMLArtifact.h" +#include "binding/SecurityPolicyRule.h" #include "saml1/core/Assertions.h" #include "saml1/core/Protocols.h" #include "saml2/core/Protocols.h" #include "saml2/metadata/Metadata.h" +#include "saml2/metadata/MetadataFilter.h" #include "saml2/metadata/MetadataProvider.h" -#include "security/TrustEngine.h" #include "util/SAMLConstants.h" #include @@ -40,7 +45,7 @@ #include #include #include - +#include using namespace opensaml; using namespace xmlsignature; @@ -48,8 +53,27 @@ using namespace xmltooling; using namespace log4cpp; using namespace std; -DECL_EXCEPTION_FACTORY(ArtifactException,opensaml); -DECL_EXCEPTION_FACTORY(MetadataFilterException,opensaml::saml2md); +// Expose entry points when used as an extension library + +extern "C" int SAML_API xmltooling_extension_init(void*) +{ + if (SAMLConfig::getConfig().init(false)) + return 0; + return -1; +} + +extern "C" void SAML_API xmltooling_extension_term() +{ + SAMLConfig::getConfig().term(false); +} + +DECL_XMLTOOLING_EXCEPTION_FACTORY(ArtifactException,opensaml); +DECL_XMLTOOLING_EXCEPTION_FACTORY(MetadataException,opensaml::saml2md); +DECL_XMLTOOLING_EXCEPTION_FACTORY(MetadataFilterException,opensaml::saml2md); +DECL_XMLTOOLING_EXCEPTION_FACTORY(BindingException,opensaml); +DECL_XMLTOOLING_EXCEPTION_FACTORY(ProfileException,opensaml); +DECL_XMLTOOLING_EXCEPTION_FACTORY(FatalProfileException,opensaml); +DECL_XMLTOOLING_EXCEPTION_FACTORY(RetryableProfileException,opensaml); namespace opensaml { SAMLInternalConfig g_config; @@ -65,7 +89,13 @@ SAMLInternalConfig& SAMLInternalConfig::getInternalConfig() return g_config; } -bool SAMLInternalConfig::init() +void SAMLConfig::setArtifactMap(ArtifactMap* artifactMap) +{ + delete m_artifactMap; + m_artifactMap = artifactMap; +} + +bool SAMLInternalConfig::init(bool initXMLTooling) { #ifdef _DEBUG xmltooling::NDC ndc("init"); @@ -73,13 +103,19 @@ bool SAMLInternalConfig::init() Category& log=Category::getInstance(SAML_LOGCAT".SAMLConfig"); log.debug("library initialization started"); - XMLToolingConfig::getConfig().init(); - log.debug("XMLTooling library initialized"); + if (initXMLTooling) { + XMLToolingConfig::getConfig().init(); + log.debug("XMLTooling library initialized"); + } - REGISTER_EXCEPTION_FACTORY(ArtifactException,opensaml); - REGISTER_EXCEPTION_FACTORY(MetadataFilterException,opensaml::saml2md); + REGISTER_XMLTOOLING_EXCEPTION_FACTORY(ArtifactException,opensaml); + REGISTER_XMLTOOLING_EXCEPTION_FACTORY(MetadataException,opensaml::saml2md); + REGISTER_XMLTOOLING_EXCEPTION_FACTORY(MetadataFilterException,opensaml::saml2md); + REGISTER_XMLTOOLING_EXCEPTION_FACTORY(BindingException,opensaml); + REGISTER_XMLTOOLING_EXCEPTION_FACTORY(ProfileException,opensaml); + REGISTER_XMLTOOLING_EXCEPTION_FACTORY(FatalProfileException,opensaml); + REGISTER_XMLTOOLING_EXCEPTION_FACTORY(RetryableProfileException,opensaml); - registerSAMLArtifacts(); saml1::registerAssertionClasses(); saml1p::registerProtocolClasses(); saml2::registerAssertionClasses(); @@ -87,30 +123,37 @@ bool SAMLInternalConfig::init() saml2md::registerMetadataClasses(); saml2md::registerMetadataProviders(); saml2md::registerMetadataFilters(); - registerTrustEngines(); + registerSAMLArtifacts(); + registerMessageEncoders(); + registerMessageDecoders(); + registerSecurityPolicyRules(); log.info("library initialization complete"); return true; } -void SAMLInternalConfig::term() +void SAMLInternalConfig::term(bool termXMLTooling) { #ifdef _DEBUG xmltooling::NDC ndc("term"); #endif + Category& log=Category::getInstance(SAML_LOGCAT".SAMLConfig"); - saml1::AssertionSchemaValidators.destroyValidators(); - saml1p::ProtocolSchemaValidators.destroyValidators(); - saml2::AssertionSchemaValidators.destroyValidators(); - saml2md::MetadataSchemaValidators.destroyValidators(); - + MessageDecoderManager.deregisterFactories(); + MessageEncoderManager.deregisterFactories(); + SecurityPolicyRuleManager.deregisterFactories(); SAMLArtifactManager.deregisterFactories(); MetadataFilterManager.deregisterFactories(); MetadataProviderManager.deregisterFactories(); - TrustEngineManager.deregisterFactories(); - XMLToolingConfig::getConfig().term(); - Category::getInstance(SAML_LOGCAT".SAMLConfig").info("library shutdown complete"); + delete m_artifactMap; + m_artifactMap = NULL; + + if (termXMLTooling) { + XMLToolingConfig::getConfig().term(); + log.debug("XMLTooling library shut down"); + } + log.info("library shutdown complete"); } void SAMLInternalConfig::generateRandomBytes(void* buf, unsigned int len) @@ -152,9 +195,8 @@ string SAMLInternalConfig::hashSHA1(const char* s, bool toHex) auto_ptr hasher(XSECPlatformUtils::g_cryptoProvider->hashSHA1()); if (hasher.get()) { - auto_ptr dup(strdup(s)); unsigned char buf[21]; - hasher->hash(reinterpret_cast(dup.get()),strlen(dup.get())); + hasher->hash(reinterpret_cast(const_cast(s)),strlen(s)); if (hasher->finish(buf,20)==20) { string ret; if (toHex) { @@ -173,3 +215,114 @@ string SAMLInternalConfig::hashSHA1(const char* s, bool toHex) } throw XMLSecurityException("Unable to generate SHA-1 hash."); } + +void opensaml::log_openssl() +{ + const char* file; + const char* data; + int flags,line; + + unsigned long code=ERR_get_error_line_data(&file,&line,&data,&flags); + while (code) { + Category& log=Category::getInstance("OpenSSL"); + log.errorStream() << "error code: " << code << " in " << file << ", line " << line << CategoryStream::ENDLINE; + if (data && (flags & ERR_TXT_STRING)) + log.errorStream() << "error data: " << data << CategoryStream::ENDLINE; + code=ERR_get_error_line_data(&file,&line,&data,&flags); + } +} + +using namespace saml2md; + +void opensaml::annotateException(XMLToolingException* e, const EntityDescriptor* entity, bool rethrow) +{ + if (entity) { + auto_ptr_char id(entity->getEntityID()); + e->addProperty("entityID",id.get()); + const list& roles=entity->getOrderedChildren(); + for (list::const_iterator child=roles.begin(); child!=roles.end(); ++child) { + const RoleDescriptor* role=dynamic_cast(*child); + if (role && role->isValid()) { + const vector& contacts=role->getContactPersons(); + for (vector::const_iterator c=contacts.begin(); c!=contacts.end(); ++c) { + const XMLCh* ctype=(*c)->getContactType(); + if (ctype && (XMLString::equals(ctype,ContactPerson::CONTACT_SUPPORT) + || XMLString::equals(ctype,ContactPerson::CONTACT_TECHNICAL))) { + GivenName* fname=(*c)->getGivenName(); + SurName* lname=(*c)->getSurName(); + auto_ptr_char first(fname ? fname->getName() : NULL); + auto_ptr_char last(lname ? lname->getName() : NULL); + if (first.get() && last.get()) { + string contact=string(first.get()) + ' ' + last.get(); + e->addProperty("contactName",contact.c_str()); + } + else if (first.get()) + e->addProperty("contactName",first.get()); + else if (last.get()) + e->addProperty("contactName",last.get()); + const vector& emails=const_cast(*c)->getEmailAddresss(); + if (!emails.empty()) { + auto_ptr_char email(emails.front()->getAddress()); + if (email.get()) + e->addProperty("contactEmail",email.get()); + } + break; + } + } + if (e->getProperty("contactName") || e->getProperty("contactEmail")) { + auto_ptr_char eurl(role->getErrorURL()); + if (eurl.get()) { + e->addProperty("errorURL",eurl.get()); + } + } + break; + } + } + } + + if (rethrow) + e->raise(); +} + +void opensaml::annotateException(XMLToolingException* e, const RoleDescriptor* role, bool rethrow) +{ + if (role) { + auto_ptr_char id(dynamic_cast(role->getParent())->getEntityID()); + e->addProperty("entityID",id.get()); + + const vector& contacts=role->getContactPersons(); + for (vector::const_iterator c=contacts.begin(); c!=contacts.end(); ++c) { + const XMLCh* ctype=(*c)->getContactType(); + if (ctype && (XMLString::equals(ctype,ContactPerson::CONTACT_SUPPORT) + || XMLString::equals(ctype,ContactPerson::CONTACT_TECHNICAL))) { + GivenName* fname=(*c)->getGivenName(); + SurName* lname=(*c)->getSurName(); + auto_ptr_char first(fname ? fname->getName() : NULL); + auto_ptr_char last(lname ? lname->getName() : NULL); + if (first.get() && last.get()) { + string contact=string(first.get()) + ' ' + last.get(); + e->addProperty("contactName",contact.c_str()); + } + else if (first.get()) + e->addProperty("contactName",first.get()); + else if (last.get()) + e->addProperty("contactName",last.get()); + const vector& emails=const_cast(*c)->getEmailAddresss(); + if (!emails.empty()) { + auto_ptr_char email(emails.front()->getAddress()); + if (email.get()) + e->addProperty("contactEmail",email.get()); + } + break; + } + } + + auto_ptr_char eurl(role->getErrorURL()); + if (eurl.get()) { + e->addProperty("errorURL",eurl.get()); + } + } + + if (rethrow) + e->raise(); +}