From: cantor <cantor@de75baf8-a10c-0410-a50a-987c0e22f00f>
Date: Sat, 22 Jan 2011 00:00:00 +0000 (+0000)
Subject: https://bugs.internet2.edu/jira/browse/CPPXT-69
X-Git-Tag: 1.4.1~9
X-Git-Url: http://www.project-moonshot.org/gitweb/?a=commitdiff_plain;ds=sidebyside;h=c79e71f049bcb485c1b037d94e9cb593aabbf547;p=shibboleth%2Fxmltooling.git

https://bugs.internet2.edu/jira/browse/CPPXT-69


git-svn-id: https://svn.shibboleth.net/cpp-xmltooling/branches/REL_1@831 de75baf8-a10c-0410-a50a-987c0e22f00f
---

diff --git a/xmltooling/security/impl/ChainingTrustEngine.cpp b/xmltooling/security/impl/ChainingTrustEngine.cpp
index ac2ab61..a609cc5 100644
--- a/xmltooling/security/impl/ChainingTrustEngine.cpp
+++ b/xmltooling/security/impl/ChainingTrustEngine.cpp
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2010 Internet2
+ *  Copyright 2001-2011 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -24,6 +24,7 @@
 #include "exceptions.h"
 #include "logging.h"
 #include "security/ChainingTrustEngine.h"
+#include "security/CredentialCriteria.h"
 #include "util/XMLHelper.h"
 
 #include <algorithm>
@@ -119,6 +120,8 @@ bool ChainingTrustEngine::validate(Signature& sig, const CredentialResolver& cre
     for (vector<SignatureTrustEngine*>::const_iterator i=m_sigEngines.begin(); i!=m_sigEngines.end(); ++i) {
         if ((*i)->validate(sig,credResolver,criteria))
             return true;
+        if (criteria)
+            criteria->reset();
     }
     return false;
 }
@@ -136,6 +139,8 @@ bool ChainingTrustEngine::validate(
     for (vector<SignatureTrustEngine*>::const_iterator i=m_sigEngines.begin(); i!=m_sigEngines.end(); ++i) {
         if ((*i)->validate(sigAlgorithm, sig, keyInfo, in, in_len, credResolver, criteria))
             return true;
+        if (criteria)
+            criteria->reset();
     }
     return false;
 }
@@ -150,6 +155,8 @@ bool ChainingTrustEngine::validate(
     for (vector<X509TrustEngine*>::const_iterator i=m_x509Engines.begin(); i!=m_x509Engines.end(); ++i) {
         if ((*i)->validate(certEE,certChain,credResolver,criteria))
             return true;
+        if (criteria)
+            criteria->reset();
     }
     return false;
 }
@@ -164,6 +171,8 @@ bool ChainingTrustEngine::validate(
     for (vector<OpenSSLTrustEngine*>::const_iterator i=m_osslEngines.begin(); i!=m_osslEngines.end(); ++i) {
         if ((*i)->validate(certEE,certChain,credResolver,criteria))
             return true;
+        if (criteria)
+            criteria->reset();
     }
     return false;
 }