From: Sam Hartman Date: Tue, 13 Dec 2011 20:20:37 +0000 (-0500) Subject: Merge remote-tracking branch 'origin/moonshot' into HEAD X-Git-Url: http://www.project-moonshot.org/gitweb/?a=commitdiff_plain;h=caa02a370397aef9c4a2c834d819420cc529252f;hp=312796597338d3740f9c46246f437521b880a1bb;p=shibboleth%2Fxmltooling.git Merge remote-tracking branch 'origin/moonshot' into HEAD --- diff --git a/.autotools b/.autotools deleted file mode 100644 index 91ce455..0000000 --- a/.autotools +++ /dev/null @@ -1,37 +0,0 @@ - - - - - diff --git a/.cproject b/.cproject deleted file mode 100644 index d154550..0000000 --- a/.cproject +++ /dev/null @@ -1,2534 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - make - - all - true - true - false - - - make - - all-local - true - true - false - - - make - - am--refresh - true - true - false - - - make - - check - true - true - false - - - make - - clean - true - true - false - - - make - - clean-libtool - true - true - false - - - make - - config.h - true - true - false - - - make - - ctags - true - true - false - - - make - - ctags-recursive - true - true - false - - - make - - dist - true - true - false - - - make - - dist-all - true - true - false - - - make - - dist-bzip2 - true - true - false - - - make - - dist-gzip - true - true - false - - - make - - dist-hook - true - true - false - - - make - - dist-shar - true - true - false - - - make - - dist-tarZ - true - true - false - - - make - - dist-zip - true - true - false - - - make - - distcheck - true - true - false - - - make - - distclean - true - true - false - - - make - - distclean-hdr - true - true - false - - - make - - distclean-libtool - true - true - false - - - make - - distclean-tags - true - true - false - - - make - - distcleancheck - true - true - false - - - make - - distdir - true - true - false - - - make - - distuninstallcheck - true - true - false - - - make - - dvi - true - true - false - - - make - - html - true - true - false - - - make - - info - true - true - false - - - make - - install - true - true - false - - - make - - install-data - true - true - false - - - make - - install-dvi - true - true - false - - - make - - install-exec - true - true - false - - - make - - install-html - true - true - false - - - make - - install-info - true - true - false - - - make - - install-man - true - true - false - - - make - - install-pdf - true - true - false - - - make - - install-pkgconfigDATA - true - true - false - - - make - - install-ps - true - true - false - - - make - - install-strip - true - true - false - - - make - - installcheck - true - true - false - - - make - - installdirs - true - true - false - - - make - - maintainer-clean - true - true - false - - - make - - Makefile - true - true - false - - - make - - mostlyclean - true - true - false - - - make - - mostlyclean-libtool - true - true - false - - - make - - pdf - true - true - false - - - make - - pkginfo - true - true - false - - - make - - Portfile - true - true - false - - - make - - ps - true - true - false - - - make - - stamp-h1 - true - true - false - - - make - - tags - true - true - false - - - make - - tags-recursive - true - true - false - - - make - - uninstall - true - true - false - - - make - - uninstall-pkgconfigDATA - true - true - false - - - make - - xmltooling.spec - true - true - false - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - make - - all - true - true - false - - - make - - all-local - true - true - false - - - make - - am--refresh - true - true - false - - - make - - check - true - true - false - - - make - - clean - true - true - false - - - make - - clean-libtool - true - true - false - - - make - - config.h - true - true - false - - - make - - ctags - true - true - false - - - make - - ctags-recursive - true - true - false - - - make - - dist - true - true - false - - - make - - dist-all - true - true - false - - - make - - dist-bzip2 - true - true - false - - - make - - dist-gzip - true - true - false - - - make - - dist-hook - true - true - false - - - make - - dist-shar - true - true - false - - - make - - dist-tarZ - true - true - false - - - make - - dist-zip - true - true - false - - - make - - distcheck - true - true - false - - - make - - distclean - true - true - false - - - make - - distclean-hdr - true - true - false - - - make - - distclean-libtool - true - true - false - - - make - - distclean-tags - true - true - false - - - make - - distcleancheck - true - true - false - - - make - - distdir - true - true - false - - - make - - distuninstallcheck - true - true - false - - - make - - dvi - true - true - false - - - make - - html - true - true - false - - - make - - info - true - true - false - - - make - - install - true - true - false - - - make - - install-data - true - true - false - - - make - - install-dvi - true - true - false - - - make - - install-exec - true - true - false - - - make - - install-html - true - true - false - - - make - - install-info - true - true - false - - - make - - install-man - true - true - false - - - make - - install-pdf - true - true - false - - - make - - install-pkgconfigDATA - true - true - false - - - make - - install-ps - true - true - false - - - make - - install-strip - true - true - false - - - make - - installcheck - true - true - false - - - make - - installdirs - true - true - false - - - make - - maintainer-clean - true - true - false - - - make - - Makefile - true - true - false - - - make - - mostlyclean - true - true - false - - - make - - mostlyclean-libtool - true - true - false - - - make - - pdf - true - true - false - - - make - - pkginfo - true - true - false - - - make - - Portfile - true - true - false - - - make - - ps - true - true - false - - - make - - stamp-h1 - true - true - false - - - make - - tags - true - true - false - - - make - - tags-recursive - true - true - false - - - make - - uninstall - true - true - false - - - make - - uninstall-pkgconfigDATA - true - true - false - - - make - - xmltooling.spec - true - true - false - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..bf6b3b9 --- /dev/null +++ b/.gitignore @@ -0,0 +1,80 @@ +# / +/build +/build-aux +/Debug +/*.ncb +/*.suo +/Release +/aclocal.m4 +/autom4te.cache +/config.guess +/config.h +/config.h.in +/config.h.in~ +/config.log +/config.status +/config.sub +/configure +/depcomp +/install-sh +/libtool +/Makefile +/Makefile.in +/missing +/pkginfo +/stamp-h1 +/xmltooling.spec +/.settings +/.autotools +/.cproject +/.project +/doxyfile +/x64 +/Portfile +/*.gz +/*.opensdf +/*.sdf +/ipch + +# /doc/ +/doc/Makefile +/doc/Makefile.in + +# /m4/ +/m4/libtool.m4 +/m4/lt*.m4 + +# /schemas/ +/schemas/catalog.xml +/schemas/Makefile +/schemas/Makefile.in + +# /xmltooling/ +/xmltooling/Debug +/xmltooling/*.user +/xmltooling/Release +/xmltooling/config_pub.h +/xmltooling/.deps +/xmltooling/.libs +/xmltooling/Makefile +/xmltooling/Makefile.in +/xmltooling/stamp-h2 +/xmltooling/xmltooling-lite-Debug +/xmltooling/xmltooling-lite-Release +/xmltooling/x64 +/xmltooling/*.aps + +# /xmltoolingtest/ +/xmltoolingtest/Debug +/xmltoolingtest/*.user +/xmltoolingtest/*.cpp +/xmltoolingtest/Release +/xmltoolingtest/.deps +/xmltoolingtest/.libs +/xmltoolingtest/Makefile +/xmltoolingtest/Makefile.in +/xmltoolingtest/xmltoolingtest +/xmltoolingtest/x64 + +# /xmltoolingtest/data/ +/xmltoolingtest/data/*.bak diff --git a/Makefile.am b/Makefile.am index 0a93d04..d918f6b 100644 --- a/Makefile.am +++ b/Makefile.am @@ -27,11 +27,10 @@ endif pkgconfigdir = $(libdir)/pkgconfig pkgconfig_DATA = @PACKAGE_NAME@.pc -GENFILES = @PACKAGE_NAME@.spec pkginfo Portfile +GENFILES = @PACKAGE_NAME@.spec EXTRA_DIST = $(DX_CONFIG) \ cpp-@PACKAGE_NAME@.sln \ config_win32.h \ $(GENFILES) \ - $(GENFILES:%=%.in) \ - postinstall + $(GENFILES:%=%.in) diff --git a/Portfile.in b/Portfile.in deleted file mode 100644 index a17841d..0000000 --- a/Portfile.in +++ /dev/null @@ -1,29 +0,0 @@ -PortSystem 1.0 - -name @PACKAGE@ -version @PACKAGE_VERSION@ -categories security textproc xml shibboleth -maintainers snc scantor -description XMLTooling library for C++ -long_description Toolkit for security-aware XML processing -homepage http://www.opensaml.org/ - -platforms darwin -depends_lib port:curl \ - port:xercesc3 \ - port:xml-security-c \ - port:log4shib - -master_sites http://shibboleth.internet2.edu/downloads/opensaml/cpp/2.3/ -checksums sha1 @CHECKSUM@ - -configure.args --disable-static \ - --with-openssl=${prefix} \ - --with-curl=${prefix} \ - --with-xerces=${prefix} \ - --with-xmlsec=${prefix} - - -livecheck.check regex -livecheck.url http://shibboleth.internet2.edu/downloads/shibboleth/cppsp/latest/mac/ports/shibboleth/xmltooling/Portfile -livecheck.regex "version *(\\d+\\.\\d+(\\.\\d+)?)" diff --git a/config_win32.h b/config_win32.h index 48fdfb9..eaa5c52 100644 --- a/config_win32.h +++ b/config_win32.h @@ -1,3 +1,23 @@ +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. + */ + /* config_win32.h. Copied from a ./configure on Unix */ /* Define if C++ compiler supports covariant virtual methods. */ @@ -88,7 +108,7 @@ #define PACKAGE "xmltooling" /* Define to the address where bug reports for this package should be sent. */ -#define PACKAGE_BUGREPORT "https://bugs.internet2.edu/" +#define PACKAGE_BUGREPORT "https://issues.shibboleth.net/" /* Define to the full name of this package. */ #define PACKAGE_NAME "xmltooling" diff --git a/configure.ac b/configure.ac index 8e8e0ae..c407691 100644 --- a/configure.ac +++ b/configure.ac @@ -1,6 +1,6 @@ # Process this file with autoreconf AC_PREREQ([2.50]) -AC_INIT([xmltooling],[1.5],[https://bugs.internet2.edu/],[xmltooling]) +AC_INIT([xmltooling],[1.5],[https://issues.shibboleth.net/],[xmltooling]) AC_CONFIG_SRCDIR(xmltooling) AC_CONFIG_AUX_DIR(build-aux) AC_CONFIG_MACRO_DIR(m4) @@ -32,7 +32,7 @@ else fi AC_CONFIG_HEADERS([config.h xmltooling/config_pub.h]) -AC_CONFIG_FILES([xmltooling.spec pkginfo Portfile]) +AC_CONFIG_FILES([xmltooling.spec]) AC_CONFIG_FILES([Makefile xmltooling/Makefile xmltoolingtest/Makefile schemas/Makefile doc/Makefile]) AC_PROG_CC([gcc gcc3 cc]) @@ -49,17 +49,20 @@ if test "$GCC" = "yes" ; then # ]) CFLAGS="-Wall $GCC_CFLAGS" CXXFLAGS="-Wall $GCC_CXXFLAGS" -else -# Fix for Sun Workshop compiler in debug mode, may be Sun case #6360993 - case "${host_cpu}-${host_os}" in - *solaris*) - if test "$CXX" = "CC" ; then - CXXFLAGS="$CXXFLAGS -Qoption ccfe -stabs=no%dfltlit+no%dflthlp" - fi - ;; - esac fi +# Fix for Sun Workshop compiler in debug mode, may be Sun case #6360993 +# Also enables POSIX semantics for some functions. +case "${host_cpu}-${host_os}" in + *solaris*) + CFLAGS="$CFLAGS -D_POSIX_PTHREAD_SEMANTICS" + CXXFLAGS="$CXXFLAGS -D_POSIX_PTHREAD_SEMANTICS" + if test "$CXX" = "CC" ; then + CXXFLAGS="$CXXFLAGS -Qoption ccfe -stabs=no%dfltlit+no%dflthlp" + fi + ;; +esac + # Checks for typedefs, structures, and compiler characteristics. AC_C_CONST AC_TYPE_SIZE_T @@ -90,6 +93,16 @@ AC_LANG([C++]) AC_CXX_NAMESPACES AC_CXX_REQUIRE_STL +# Boost +BOOST_REQUIRE +BOOST_BIND +BOOST_CONVERSION +BOOST_LAMBDA +BOOST_PTR_CONTAINER +BOOST_STRING_ALGO +BOOST_TOKENIZER +CPPFLAGS = "$BOOST_CPPFLAGS $CPPFLAGS" + # are covariant methods allowed? AC_LINK_IFELSE( [AC_LANG_PROGRAM([[]], @@ -155,13 +168,16 @@ else fi # Xerces settings -AC_ARG_WITH(xerces, - AS_HELP_STRING([--with-xerces=PATH], [where xerces-c is installed]), - [if test x_$with_xerces != x_/usr; then - LDFLAGS="-L${with_xerces}/lib $LDFLAGS" - CPPFLAGS="-I${with_xerces}/include $CPPFLAGS" - fi]) -LIBS="-lxerces-c $LIBS" +AC_ARG_WITH(xerces, + AS_HELP_STRING([--with-xerces=PATH],[where xerces-c is installed]),, + [with_xerces=/usr]) +if test x_$with_xerces != x_/usr; then + CPPFLAGS="-I${with_xerces}/include $CPPFLAGS" + LIBS="-L${with_xerces}/lib -lxerces-c $LIBS" +else + LIBS="-lxerces-c $LIBS" +fi + AC_CHECK_HEADER([xercesc/dom/DOM.hpp],,AC_MSG_ERROR([unable to find xerces header files])) AC_MSG_CHECKING([Xerces version]) AC_PREPROC_IFELSE( @@ -276,9 +292,10 @@ if test x_$with_xmlsec != x_no; then if test x_$with_xmlsec != x_/usr; then CPPFLAGS="-I${with_xmlsec}/include $CPPFLAGS" - LDFLAGS="-L${with_xmlsec}/lib $LDFLAGS" - fi - XMLSEC_LIBS="$XMLSEC_LIBS -lxml-security-c" + XMLSEC_LIBS="-L${with_xmlsec}/lib -lxml-security-c $XMLSEC_LIBS" + else + XMLSEC_LIBS="-lxml-security-c $XMLSEC_LIBS" + fi # save and append master libs save_LIBS="$LIBS" @@ -362,12 +379,15 @@ int i = 0; LIBS="$XMLSEC_LIBS $LIBS" AC_CHECK_HEADER([curl/curl.h],,AC_MSG_ERROR([unable to find libcurl header files])) - AC_CHECK_LIB([curl],[curl_global_init],,AC_MSG_ERROR([unable to link with libcurl])) + AC_LINK_IFELSE( + [AC_LANG_PROGRAM([[#include ]], + [[curl_global_init(CURL_GLOBAL_ALL)]])],, + [AC_MSG_ERROR([unable to link with libcurl])]) AC_MSG_CHECKING([for CURLOPT_SSL_CTX_FUNCTION in curl.h]) AC_EGREP_HEADER([CURLOPT_SSL_CTX_FUNCTION], [curl/curl.h], [AC_MSG_RESULT(yes)], [AC_MSG_ERROR([need libcurl that supports CURLOPT_SSL_CTX_FUNCTION])]) - AC_CHECK_TYPE([curl_off_t],[AC_DEFINE([HAVE_CURL_OFF_T],[1],[Define to 1 if you have the 'curl_off_t' type.])]) + AC_CHECK_TYPE([curl_off_t],[AC_DEFINE([HAVE_CURL_OFF_T],[1],[Define to 1 if you have the 'curl_off_t' type.])],,[[#include ]]) # restore master libs LIBS="$save_LIBS" diff --git a/cpp-xmltooling.sln b/cpp-xmltooling.sln index 4ab76f8..872535b 100644 --- a/cpp-xmltooling.sln +++ b/cpp-xmltooling.sln @@ -6,16 +6,13 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Misc", "Misc", "{61BF324D-2 m4\acinclude.m4 = m4\acinclude.m4 m4\acx_pthread.m4 = m4\acx_pthread.m4 m4\ax_create_pkgconfig_info.m4 = m4\ax_create_pkgconfig_info.m4 + ..\cpp-sp-ext\m4\boost.m4 = ..\cpp-sp-ext\m4\boost.m4 config_win32.h = config_win32.h configure.ac = configure.ac doxygen.am = doxygen.am doxygen.cfg = doxygen.cfg m4\doxygen.m4 = m4\doxygen.m4 Makefile.am = Makefile.am - pkginfo.in = pkginfo.in - Portfile.in = Portfile.in - postinstall = postinstall - xmltooling.spec.in = xmltooling.spec.in EndProjectSection EndProject Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Schemas", "Schemas", "{23EF5C29-2A13-4F73-99D1-96B8120F148E}" @@ -78,7 +75,6 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Doc", "Doc", "{847EC34E-006 doc\LICENSE.txt = doc\LICENSE.txt doc\LOG4CPP.LICENSE = doc\LOG4CPP.LICENSE doc\Makefile.am = doc\Makefile.am - doc\NOTICE.txt = doc\NOTICE.txt doc\OPENSSL.LICENSE = doc\OPENSSL.LICENSE doc\README.txt = doc\README.txt EndProjectSection diff --git a/doc/NOTICE.txt b/doc/NOTICE.txt index 20b11da..39d2301 100644 --- a/doc/NOTICE.txt +++ b/doc/NOTICE.txt @@ -1,5 +1,4 @@ -We wish to acknowledge the following copyrighted works that make up -portions of this software: +OpenSAML XMLTooling C++ Library This product includes software developed by the Apache Software Foundation (http://www.apache.org/). @@ -9,3 +8,8 @@ for use in the OpenSSL Toolkit. (http://www.openssl.org/). This project uses libraries covered by the Lesser GNU Public License. Source code for these libraries is available on request. + +This product includes software developed, copyrighted, and contributed by: + +The Ohio State University +SWITCH, Zurich, CH diff --git a/doc/README.txt b/doc/README.txt index 3b9a257..1f369a1 100644 --- a/doc/README.txt +++ b/doc/README.txt @@ -1,18 +1,18 @@ Release Notes ----------- -See https://bugs.internet2.edu/jira/secure/ReleaseNote.jspa?projectId=10009 +https://issues.shibboleth.net/jira/secure/ReleaseNote.jspa?projectId=10040 Documentation: -------------- The OpenSAML wiki is the home for any documentation on the XMLTooling package. -https://spaces.internet2.edu/display/OpenSAML/ +https://wiki.shibboleth.net/confluence/display/OpenSAML/ Reporting Bugs: --------------- A Jira instance is available. -https://bugs.internet2.edu/ +https://issues.shibboleth.net/ Support: -------- A mailing list is available. -https://spaces.internet2.edu/display/OpenSAML/MailingList +https://wiki.shibboleth.net/confluence/display/OpenSAML/MailingList diff --git a/m4/acinclude.m4 b/m4/acinclude.m4 index 0448519..d5f732a 100644 --- a/m4/acinclude.m4 +++ b/m4/acinclude.m4 @@ -44,7 +44,7 @@ dnl Determine whether we have gcc of a particular version or later, dnl based on major, minor, patchlevel versions and date. dnl AC_HAVE_GCC_VERSION(MAJOR_VERSION, MINOR_VERSION, PATCH_LEVEL, dnl SNAPSHOT_DATE [, ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND]]) -AC_DEFUN(AC_HAVE_GCC_VERSION, +AC_DEFUN([AC_HAVE_GCC_VERSION], [AC_CACHE_CHECK([gcc is at least version $1.$2.$3.$4], ac_cv_gcc_version_$1_$2_$3_$4, [ @@ -52,7 +52,7 @@ AC_DEFUN(AC_HAVE_GCC_VERSION, else ac_gcc_date=`$CC -v 2>&1 | grep '^gcc version ' | sed 's/ (.*//; s/.* //'` if test 0$ac_gcc_date -eq 0 ; then ac_gcc_date=0 ; fi - AC_EGREP_CPP(yes, [#define HAVE_GCC_VERSION(MAJOR, MINOR, MICRO, DATE) \ + AC_EGREP_CPP([yes], [#define HAVE_GCC_VERSION(MAJOR, MINOR, MICRO, DATE) \ (__GNUC__ > (MAJOR) \ || (__GNUC__ == (MAJOR) && __GNUC_MINOR__ > (MINOR)) \ || (__GNUC__ == (MAJOR) && __GNUC_MINOR__ == (MINOR) \ diff --git a/m4/boost.m4 b/m4/boost.m4 new file mode 100644 index 0000000..8d0920a --- /dev/null +++ b/m4/boost.m4 @@ -0,0 +1,1138 @@ +# boost.m4: Locate Boost headers and libraries for autoconf-based projects. +# Copyright (C) 2007, 2008, 2009, 2010, 2011 Benoit Sigoure +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Additional permission under section 7 of the GNU General Public +# License, version 3 ("GPLv3"): +# +# If you convey this file as part of a work that contains a +# configuration script generated by Autoconf, you may do so under +# terms of your choice. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +m4_define([_BOOST_SERIAL], [m4_translit([ +# serial 16 +], [# +], [])]) + +# Original sources can be found at http://github.com/tsuna/boost.m4 +# You can fetch the latest version of the script by doing: +# wget http://github.com/tsuna/boost.m4/raw/master/build-aux/boost.m4 + +# ------ # +# README # +# ------ # + +# This file provides several macros to use the various Boost libraries. +# The first macro is BOOST_REQUIRE. It will simply check if it's possible to +# find the Boost headers of a given (optional) minimum version and it will +# define BOOST_CPPFLAGS accordingly. It will add an option --with-boost to +# your configure so that users can specify non standard locations. +# If the user's environment contains BOOST_ROOT and --with-boost was not +# specified, --with-boost=$BOOST_ROOT is implicitly used. +# For more README and documentation, go to http://github.com/tsuna/boost.m4 +# Note: THESE MACROS ASSUME THAT YOU USE LIBTOOL. If you don't, don't worry, +# simply read the README, it will show you what to do step by step. + +m4_pattern_forbid([^_?(BOOST|Boost)_]) + + +# _BOOST_SED_CPP(SED-PROGRAM, PROGRAM, +# [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND]) +# -------------------------------------------------------- +# Same as AC_EGREP_CPP, but leave the result in conftest.i. +# +# SED-PROGRAM is *not* overquoted, as in AC_EGREP_CPP. It is expanded +# in double-quotes, so escape your double quotes. +# +# It could be useful to turn this into a macro which extracts the +# value of any macro. +m4_define([_BOOST_SED_CPP], +[AC_LANG_PREPROC_REQUIRE()dnl +AC_REQUIRE([AC_PROG_SED])dnl +AC_LANG_CONFTEST([AC_LANG_SOURCE([[$2]])]) +AS_IF([dnl eval is necessary to expand ac_cpp. +dnl Ultrix and Pyramid sh refuse to redirect output of eval, so use subshell. +dnl Beware of Windows end-of-lines, for instance if we are running +dnl some Windows programs under Wine. In that case, boost/version.hpp +dnl is certainly using "\r\n", but the regular Unix shell will only +dnl strip `\n' with backquotes, not the `\r'. This results in +dnl boost_cv_lib_version='1_37\r' for instance, which breaks +dnl everything else. +dnl Cannot use 'dnl' after [$4] because a trailing dnl may break AC_CACHE_CHECK +(eval "$ac_cpp conftest.$ac_ext") 2>&AS_MESSAGE_LOG_FD | + tr -d '\r' | + $SED -n -e "$1" >conftest.i 2>&1], + [$3], + [$4]) +rm -rf conftest* +])# AC_EGREP_CPP + + + +# BOOST_REQUIRE([VERSION], [ACTION-IF-NOT-FOUND]) +# ----------------------------------------------- +# Look for Boost. If version is given, it must either be a literal of the form +# "X.Y.Z" where X, Y and Z are integers (the ".Z" part being optional) or a +# variable "$var". +# Defines the value BOOST_CPPFLAGS. This macro only checks for headers with +# the required version, it does not check for any of the Boost libraries. +# On # success, defines HAVE_BOOST. On failure, calls the optional +# ACTION-IF-NOT-FOUND action if one was supplied. +# Otherwise aborts with an error message. +AC_DEFUN([BOOST_REQUIRE], +[AC_REQUIRE([AC_PROG_CXX])dnl +AC_REQUIRE([AC_PROG_GREP])dnl +echo "$as_me: this is boost.m4[]_BOOST_SERIAL" >&AS_MESSAGE_LOG_FD +boost_save_IFS=$IFS +boost_version_req=$1 +IFS=. +set x $boost_version_req 0 0 0 +IFS=$boost_save_IFS +shift +boost_version_req=`expr "$[1]" '*' 100000 + "$[2]" '*' 100 + "$[3]"` +boost_version_req_string=$[1].$[2].$[3] +AC_ARG_WITH([boost], + [AS_HELP_STRING([--with-boost=DIR], + [prefix of Boost $1 @<:@guess@:>@])])dnl +AC_ARG_VAR([BOOST_ROOT],[Location of Boost installation])dnl +# If BOOST_ROOT is set and the user has not provided a value to +# --with-boost, then treat BOOST_ROOT as if it the user supplied it. +if test x"$BOOST_ROOT" != x; then + if test x"$with_boost" = x; then + AC_MSG_NOTICE([Detected BOOST_ROOT; continuing with --with-boost=$BOOST_ROOT]) + with_boost=$BOOST_ROOT + else + AC_MSG_NOTICE([Detected BOOST_ROOT=$BOOST_ROOT, but overridden by --with-boost=$with_boost]) + fi +fi +AC_SUBST([DISTCHECK_CONFIGURE_FLAGS], + ["$DISTCHECK_CONFIGURE_FLAGS '--with-boost=$with_boost'"])dnl +boost_save_CPPFLAGS=$CPPFLAGS + AC_CACHE_CHECK([for Boost headers version >= $boost_version_req_string], + [boost_cv_inc_path], + [boost_cv_inc_path=no +AC_LANG_PUSH([C++])dnl +m4_pattern_allow([^BOOST_VERSION$])dnl + AC_LANG_CONFTEST([AC_LANG_PROGRAM([[#include +#if !defined BOOST_VERSION +# error BOOST_VERSION is not defined +#elif BOOST_VERSION < $boost_version_req +# error Boost headers version < $boost_version_req +#endif +]])]) + # If the user provided a value to --with-boost, use it and only it. + case $with_boost in #( + ''|yes) set x '' /opt/local/include /usr/local/include /opt/include \ + /usr/include C:/Boost/include;; #( + *) set x "$with_boost/include" "$with_boost";; + esac + shift + for boost_dir + do + # Without --layout=system, Boost (or at least some versions) installs + # itself in /include/boost-. This inner loop helps to + # find headers in such directories. + # + # Any ${boost_dir}/boost-x_xx directories are searched in reverse version + # order followed by ${boost_dir}. The final '.' is a sentinel for + # searching $boost_dir" itself. Entries are whitespace separated. + # + # I didn't indent this loop on purpose (to avoid over-indented code) + boost_layout_system_search_list=`cd "$boost_dir" 2>/dev/null \ + && ls -1 | "${GREP}" '^boost-' | sort -rn -t- -k2 \ + && echo .` + for boost_inc in $boost_layout_system_search_list + do + if test x"$boost_inc" != x.; then + boost_inc="$boost_dir/$boost_inc" + else + boost_inc="$boost_dir" # Uses sentinel in boost_layout_system_search_list + fi + if test x"$boost_inc" != x; then + # We are going to check whether the version of Boost installed + # in $boost_inc is usable by running a compilation that + # #includes it. But if we pass a -I/some/path in which Boost + # is not installed, the compiler will just skip this -I and + # use other locations (either from CPPFLAGS, or from its list + # of system include directories). As a result we would use + # header installed on the machine instead of the /some/path + # specified by the user. So in that precise case (trying + # $boost_inc), make sure the version.hpp exists. + # + # Use test -e as there can be symlinks. + test -e "$boost_inc/boost/version.hpp" || continue + CPPFLAGS="$CPPFLAGS -I$boost_inc" + fi + AC_COMPILE_IFELSE([], [boost_cv_inc_path=yes], [boost_cv_version=no]) + if test x"$boost_cv_inc_path" = xyes; then + if test x"$boost_inc" != x; then + boost_cv_inc_path=$boost_inc + fi + break 2 + fi + done + done +AC_LANG_POP([C++])dnl + ]) + case $boost_cv_inc_path in #( + no) + boost_errmsg="cannot find Boost headers version >= $boost_version_req_string" + m4_if([$2], [], [AC_MSG_ERROR([$boost_errmsg])], + [AC_MSG_NOTICE([$boost_errmsg])]) + $2 + ;;#( + yes) + BOOST_CPPFLAGS= + ;;#( + *) + AC_SUBST([BOOST_CPPFLAGS], ["-I$boost_cv_inc_path"])dnl + ;; + esac + if test x"$boost_cv_inc_path" != xno; then + AC_DEFINE([HAVE_BOOST], [1], + [Defined if the requested minimum BOOST version is satisfied]) + AC_CACHE_CHECK([for Boost's header version], + [boost_cv_lib_version], + [m4_pattern_allow([^BOOST_LIB_VERSION$])dnl + _BOOST_SED_CPP([/^boost_lib_version = /{s///;s/\"//g;p;q;}], + [#include +boost_lib_version = BOOST_LIB_VERSION], + [boost_cv_lib_version=`cat conftest.i`])]) + # e.g. "134" for 1_34_1 or "135" for 1_35 + boost_major_version=`echo "$boost_cv_lib_version" | $SED 's/_//;s/_.*//;s/ //'` + case $boost_major_version in #( + '' | *[[!0-9]]*) + AC_MSG_ERROR([invalid value: boost_major_version=$boost_major_version]) + ;; + esac +fi +CPPFLAGS=$boost_save_CPPFLAGS +])# BOOST_REQUIRE + +# BOOST_STATIC() +# -------------- +# Add the "--enable-static-boost" configure argument. If this argument is given +# on the command line, static versions of the libraries will be looked up. +AC_DEFUN([BOOST_STATIC], + [AC_ARG_ENABLE([static-boost], + [AC_HELP_STRING([--enable-static-boost], + [Prefer the static boost libraries over the shared ones [no]])], + [enable_static_boost=yes], + [enable_static_boost=no])])# BOOST_STATIC + +# BOOST_FIND_HEADER([HEADER-NAME], [ACTION-IF-NOT-FOUND], [ACTION-IF-FOUND]) +# -------------------------------------------------------------------------- +# Wrapper around AC_CHECK_HEADER for Boost headers. Useful to check for +# some parts of the Boost library which are only made of headers and don't +# require linking (such as Boost.Foreach). +# +# Default ACTION-IF-NOT-FOUND: Fail with a fatal error unless Boost couldn't be +# found in the first place, in which case by default a notice is issued to the +# user. Presumably if we haven't died already it's because it's OK to not have +# Boost, which is why only a notice is issued instead of a hard error. +# +# Default ACTION-IF-FOUND: define the preprocessor symbol HAVE_ in +# case of success # (where HEADER-NAME is written LIKE_THIS, e.g., +# HAVE_BOOST_FOREACH_HPP). +AC_DEFUN([BOOST_FIND_HEADER], +[AC_REQUIRE([BOOST_REQUIRE])dnl +if test x"$boost_cv_inc_path" = xno; then + m4_default([$2], [AC_MSG_NOTICE([Boost not available, not searching for $1])]) +else +AC_LANG_PUSH([C++])dnl +boost_save_CPPFLAGS=$CPPFLAGS +CPPFLAGS="$CPPFLAGS $BOOST_CPPFLAGS" +AC_CHECK_HEADER([$1], + [m4_default([$3], [AC_DEFINE(AS_TR_CPP([HAVE_$1]), [1], + [Define to 1 if you have <$1>])])], + [m4_default([$2], [AC_MSG_ERROR([cannot find $1])])]) +CPPFLAGS=$boost_save_CPPFLAGS +AC_LANG_POP([C++])dnl +fi +])# BOOST_FIND_HEADER + + +# BOOST_FIND_LIB([LIB-NAME], [PREFERRED-RT-OPT], [HEADER-NAME], [CXX-TEST], +# [CXX-PROLOGUE]) +# ------------------------------------------------------------------------- +# Look for the Boost library LIB-NAME (e.g., LIB-NAME = `thread', for +# libboost_thread). Check that HEADER-NAME works and check that +# libboost_LIB-NAME can link with the code CXX-TEST. The optional argument +# CXX-PROLOGUE can be used to include some C++ code before the `main' +# function. +# +# Invokes BOOST_FIND_HEADER([HEADER-NAME]) (see above). +# +# Boost libraries typically come compiled with several flavors (with different +# runtime options) so PREFERRED-RT-OPT is the preferred suffix. A suffix is one +# or more of the following letters: sgdpn (in that order). s = static +# runtime, d = debug build, g = debug/diagnostic runtime, p = STLPort build, +# n = (unsure) STLPort build without iostreams from STLPort (it looks like `n' +# must always be used along with `p'). Additionally, PREFERRED-RT-OPT can +# start with `mt-' to indicate that there is a preference for multi-thread +# builds. Some sample values for PREFERRED-RT-OPT: (nothing), mt, d, mt-d, gdp +# ... If you want to make sure you have a specific version of Boost +# (eg, >= 1.33) you *must* invoke BOOST_REQUIRE before this macro. +AC_DEFUN([BOOST_FIND_LIB], +[AC_REQUIRE([BOOST_REQUIRE])dnl +AC_REQUIRE([_BOOST_FIND_COMPILER_TAG])dnl +AC_REQUIRE([BOOST_STATIC])dnl +AC_REQUIRE([_BOOST_GUESS_WHETHER_TO_USE_MT])dnl +if test x"$boost_cv_inc_path" = xno; then + AC_MSG_NOTICE([Boost not available, not searching for the Boost $1 library]) +else +dnl The else branch is huge and wasn't intended on purpose. +AC_LANG_PUSH([C++])dnl +AS_VAR_PUSHDEF([Boost_lib], [boost_cv_lib_$1])dnl +AS_VAR_PUSHDEF([Boost_lib_LDFLAGS], [boost_cv_lib_$1_LDFLAGS])dnl +AS_VAR_PUSHDEF([Boost_lib_LDPATH], [boost_cv_lib_$1_LDPATH])dnl +AS_VAR_PUSHDEF([Boost_lib_LIBS], [boost_cv_lib_$1_LIBS])dnl +BOOST_FIND_HEADER([$3]) +boost_save_CPPFLAGS=$CPPFLAGS +CPPFLAGS="$CPPFLAGS $BOOST_CPPFLAGS" +# Now let's try to find the library. The algorithm is as follows: first look +# for a given library name according to the user's PREFERRED-RT-OPT. For each +# library name, we prefer to use the ones that carry the tag (toolset name). +# Each library is searched through the various standard paths were Boost is +# usually installed. If we can't find the standard variants, we try to +# enforce -mt (for instance on MacOSX, libboost_threads.dylib doesn't exist +# but there's -obviously- libboost_threads-mt.dylib). +AC_CACHE_CHECK([for the Boost $1 library], [Boost_lib], + [Boost_lib=no + case "$2" in #( + mt | mt-) boost_mt=-mt; boost_rtopt=;; #( + mt* | mt-*) boost_mt=-mt; boost_rtopt=`expr "X$2" : 'Xmt-*\(.*\)'`;; #( + *) boost_mt=; boost_rtopt=$2;; + esac + if test $enable_static_boost = yes; then + boost_rtopt="s$boost_rtopt" + fi + # Find the proper debug variant depending on what we've been asked to find. + case $boost_rtopt in #( + *d*) boost_rt_d=$boost_rtopt;; #( + *[[sgpn]]*) # Insert the `d' at the right place (in between `sg' and `pn') + boost_rt_d=`echo "$boost_rtopt" | sed 's/\(s*g*\)\(p*n*\)/\1\2/'`;; #( + *) boost_rt_d='-d';; + esac + # If the PREFERRED-RT-OPT are not empty, prepend a `-'. + test -n "$boost_rtopt" && boost_rtopt="-$boost_rtopt" + $boost_guess_use_mt && boost_mt=-mt + # Look for the abs path the static archive. + # $libext is computed by Libtool but let's make sure it's non empty. + test -z "$libext" && + AC_MSG_ERROR([the libext variable is empty, did you invoke Libtool?]) + boost_save_ac_objext=$ac_objext + # Generate the test file. + AC_LANG_CONFTEST([AC_LANG_PROGRAM([#include <$3> +$5], [$4])]) +dnl Optimization hacks: compiling C++ is slow, especially with Boost. What +dnl we're trying to do here is guess the right combination of link flags +dnl (LIBS / LDFLAGS) to use a given library. This can take several +dnl iterations before it succeeds and is thus *very* slow. So what we do +dnl instead is that we compile the code first (and thus get an object file, +dnl typically conftest.o). Then we try various combinations of link flags +dnl until we succeed to link conftest.o in an executable. The problem is +dnl that the various TRY_LINK / COMPILE_IFELSE macros of Autoconf always +dnl remove all the temporary files including conftest.o. So the trick here +dnl is to temporarily change the value of ac_objext so that conftest.o is +dnl preserved accross tests. This is obviously fragile and I will burn in +dnl hell for not respecting Autoconf's documented interfaces, but in the +dnl mean time, it optimizes the macro by a factor of 5 to 30. +dnl Another small optimization: the first argument of AC_COMPILE_IFELSE left +dnl empty because the test file is generated only once above (before we +dnl start the for loops). + AC_COMPILE_IFELSE([], + [ac_objext=do_not_rm_me_plz], + [AC_MSG_ERROR([cannot compile a test that uses Boost $1])]) + ac_objext=$boost_save_ac_objext + boost_failed_libs= +# Don't bother to ident the 6 nested for loops, only the 2 innermost ones +# matter. +for boost_tag_ in -$boost_cv_lib_tag ''; do +for boost_ver_ in -$boost_cv_lib_version ''; do +for boost_mt_ in $boost_mt -mt ''; do +for boost_rtopt_ in $boost_rtopt '' -d; do + for boost_lib in \ + boost_$1$boost_tag_$boost_mt_$boost_rtopt_$boost_ver_ \ + boost_$1$boost_tag_$boost_rtopt_$boost_ver_ \ + boost_$1$boost_tag_$boost_mt_$boost_ver_ \ + boost_$1$boost_tag_$boost_ver_ + do + # Avoid testing twice the same lib + case $boost_failed_libs in #( + *@$boost_lib@*) continue;; + esac + # If with_boost is empty, we'll search in /lib first, which is not quite + # right so instead we'll try to a location based on where the headers are. + boost_tmp_lib=$with_boost + test x"$with_boost" = x && boost_tmp_lib=${boost_cv_inc_path%/include} + for boost_ldpath in "$boost_tmp_lib/lib" '' \ + /opt/local/lib* /usr/local/lib* /opt/lib* /usr/lib* \ + "$with_boost" C:/Boost/lib /lib* + do + test -e "$boost_ldpath" || continue + boost_save_LDFLAGS=$LDFLAGS + # Are we looking for a static library? + case $boost_ldpath:$boost_rtopt_ in #( + *?*:*s*) # Yes (Non empty boost_ldpath + s in rt opt) + Boost_lib_LIBS="$boost_ldpath/lib$boost_lib.$libext" + test -e "$Boost_lib_LIBS" || continue;; #( + *) # No: use -lboost_foo to find the shared library. + Boost_lib_LIBS="-l$boost_lib";; + esac + boost_save_LIBS=$LIBS + LIBS="$Boost_lib_LIBS $LIBS" + test x"$boost_ldpath" != x && LDFLAGS="$LDFLAGS -L$boost_ldpath" +dnl First argument of AC_LINK_IFELSE left empty because the test file is +dnl generated only once above (before we start the for loops). + _BOOST_AC_LINK_IFELSE([], + [Boost_lib=yes], [Boost_lib=no]) + ac_objext=$boost_save_ac_objext + LDFLAGS=$boost_save_LDFLAGS + LIBS=$boost_save_LIBS + if test x"$Boost_lib" = xyes; then + Boost_lib_LDFLAGS="-L$boost_ldpath -Wl,-R$boost_ldpath" + Boost_lib_LDPATH="$boost_ldpath" + break 6 + else + boost_failed_libs="$boost_failed_libs@$boost_lib@" + fi + done + done +done +done +done +done +rm -f conftest.$ac_objext +]) +case $Boost_lib in #( + no) _AC_MSG_LOG_CONFTEST + AC_MSG_ERROR([cannot find the flags to link with Boost $1]) + ;; +esac +AC_SUBST(AS_TR_CPP([BOOST_$1_LDFLAGS]), [$Boost_lib_LDFLAGS])dnl +AC_SUBST(AS_TR_CPP([BOOST_$1_LDPATH]), [$Boost_lib_LDPATH])dnl +AC_SUBST([BOOST_LDPATH], [$Boost_lib_LDPATH])dnl +AC_SUBST(AS_TR_CPP([BOOST_$1_LIBS]), [$Boost_lib_LIBS])dnl +CPPFLAGS=$boost_save_CPPFLAGS +AS_VAR_POPDEF([Boost_lib])dnl +AS_VAR_POPDEF([Boost_lib_LDFLAGS])dnl +AS_VAR_POPDEF([Boost_lib_LDPATH])dnl +AS_VAR_POPDEF([Boost_lib_LIBS])dnl +AC_LANG_POP([C++])dnl +fi +])# BOOST_FIND_LIB + + +# --------------------------------------- # +# Checks for the various Boost libraries. # +# --------------------------------------- # + +# List of boost libraries: http://www.boost.org/libs/libraries.htm +# The page http://beta.boost.org/doc/libs is useful: it gives the first release +# version of each library (among other things). + +# BOOST_DEFUN(LIBRARY, CODE) +# -------------------------- +# Define BOOST_ as a macro that runs CODE. +# +# Use indir to avoid the warning on underquoted macro name given to AC_DEFUN. +m4_define([BOOST_DEFUN], +[m4_indir([AC_DEFUN], + m4_toupper([BOOST_$1]), +[m4_pushdef([BOOST_Library], [$1])dnl +$2 +m4_popdef([BOOST_Library])dnl +]) +]) + +# BOOST_ARRAY() +# ------------- +# Look for Boost.Array +BOOST_DEFUN([Array], +[BOOST_FIND_HEADER([boost/array.hpp])]) + + +# BOOST_ASIO() +# ------------ +# Look for Boost.Asio (new in Boost 1.35). +BOOST_DEFUN([Asio], +[AC_REQUIRE([BOOST_SYSTEM])dnl +BOOST_FIND_HEADER([boost/asio.hpp])]) + + +# BOOST_BIND() +# ------------ +# Look for Boost.Bind +BOOST_DEFUN([Bind], +[BOOST_FIND_HEADER([boost/bind.hpp])]) + + +# BOOST_CONVERSION() +# ------------------ +# Look for Boost.Conversion (cast / lexical_cast) +BOOST_DEFUN([Conversion], +[BOOST_FIND_HEADER([boost/cast.hpp]) +BOOST_FIND_HEADER([boost/lexical_cast.hpp]) +])# BOOST_CONVERSION + + +# BOOST_DATE_TIME([PREFERRED-RT-OPT]) +# ----------------------------------- +# Look for Boost.Date_Time. For the documentation of PREFERRED-RT-OPT, see the +# documentation of BOOST_FIND_LIB above. +BOOST_DEFUN([Date_Time], +[BOOST_FIND_LIB([date_time], [$1], + [boost/date_time/posix_time/posix_time.hpp], + [boost::posix_time::ptime t;]) +])# BOOST_DATE_TIME + + +# BOOST_FILESYSTEM([PREFERRED-RT-OPT]) +# ------------------------------------ +# Look for Boost.Filesystem. For the documentation of PREFERRED-RT-OPT, see +# the documentation of BOOST_FIND_LIB above. +# Do not check for boost/filesystem.hpp because this file was introduced in +# 1.34. +BOOST_DEFUN([Filesystem], +[# Do we have to check for Boost.System? This link-time dependency was +# added as of 1.35.0. If we have a version <1.35, we must not attempt to +# find Boost.System as it didn't exist by then. +if test $boost_major_version -ge 135; then +BOOST_SYSTEM([$1]) +fi # end of the Boost.System check. +boost_filesystem_save_LIBS=$LIBS +boost_filesystem_save_LDFLAGS=$LDFLAGS +m4_pattern_allow([^BOOST_SYSTEM_(LIBS|LDFLAGS)$])dnl +LIBS="$LIBS $BOOST_SYSTEM_LIBS" +LDFLAGS="$LDFLAGS $BOOST_SYSTEM_LDFLAGS" +BOOST_FIND_LIB([filesystem], [$1], + [boost/filesystem/path.hpp], [boost::filesystem::path p;]) +if test $enable_static_boost = yes && test $boost_major_version -ge 135; then + AC_SUBST([BOOST_FILESYSTEM_LIBS], ["$BOOST_FILESYSTEM_LIBS $BOOST_SYSTEM_LIBS"]) +fi +LIBS=$boost_filesystem_save_LIBS +LDFLAGS=$boost_filesystem_save_LDFLAGS +])# BOOST_FILESYSTEM + + +# BOOST_FOREACH() +# --------------- +# Look for Boost.Foreach +BOOST_DEFUN([Foreach], +[BOOST_FIND_HEADER([boost/foreach.hpp])]) + + +# BOOST_FORMAT() +# -------------- +# Look for Boost.Format +# Note: we can't check for boost/format/format_fwd.hpp because the header isn't +# standalone. It can't be compiled because it triggers the following error: +# boost/format/detail/config_macros.hpp:88: error: 'locale' in namespace 'std' +# does not name a type +BOOST_DEFUN([Format], +[BOOST_FIND_HEADER([boost/format.hpp])]) + + +# BOOST_FUNCTION() +# ---------------- +# Look for Boost.Function +BOOST_DEFUN([Function], +[BOOST_FIND_HEADER([boost/function.hpp])]) + + +# BOOST_GRAPH([PREFERRED-RT-OPT]) +# ------------------------------- +# Look for Boost.Graphs. For the documentation of PREFERRED-RT-OPT, see the +# documentation of BOOST_FIND_LIB above. +BOOST_DEFUN([Graph], +[BOOST_FIND_LIB([graph], [$1], + [boost/graph/adjacency_list.hpp], [boost::adjacency_list<> g;]) +])# BOOST_GRAPH + + +# BOOST_IOSTREAMS([PREFERRED-RT-OPT]) +# ----------------------------------- +# Look for Boost.IOStreams. For the documentation of PREFERRED-RT-OPT, see the +# documentation of BOOST_FIND_LIB above. +BOOST_DEFUN([IOStreams], +[BOOST_FIND_LIB([iostreams], [$1], + [boost/iostreams/device/file_descriptor.hpp], + [boost::iostreams::file_descriptor fd; fd.close();]) +])# BOOST_IOSTREAMS + + +# BOOST_HASH() +# ------------ +# Look for Boost.Functional/Hash +BOOST_DEFUN([Hash], +[BOOST_FIND_HEADER([boost/functional/hash.hpp])]) + + +# BOOST_LAMBDA() +# -------------- +# Look for Boost.Lambda +BOOST_DEFUN([Lambda], +[BOOST_FIND_HEADER([boost/lambda/lambda.hpp])]) + + +# BOOST_LOG([PREFERRED-RT-OPT]) +# ----------------------------- +# Look for Boost.Log For the documentation of PREFERRED-RT-OPT, see the +# documentation of BOOST_FIND_LIB above. +BOOST_DEFUN([Log], +[BOOST_FIND_LIB([log], [$1], + [boost/log/core/core.hpp], + [boost::log::attribute a; a.get_value();]) +])# BOOST_LOG + + +# BOOST_LOG_SETUP([PREFERRED-RT-OPT]) +# ----------------------------------- +# Look for Boost.Log For the documentation of PREFERRED-RT-OPT, see the +# documentation of BOOST_FIND_LIB above. +BOOST_DEFUN([Log_Setup], +[AC_REQUIRE([BOOST_LOG])dnl +BOOST_FIND_LIB([log_setup], [$1], + [boost/log/utility/init/from_settings.hpp], + [boost::log::basic_settings bs; bs.empty();]) +])# BOOST_LOG_SETUP + + +# BOOST_MATH() +# ------------ +# Look for Boost.Math +# TODO: This library isn't header-only but it comes in multiple different +# flavors that don't play well with BOOST_FIND_LIB (e.g, libboost_math_c99, +# libboost_math_c99f, libboost_math_c99l, libboost_math_tr1, +# libboost_math_tr1f, libboost_math_tr1l). This macro must be fixed to do the +# right thing anyway. +BOOST_DEFUN([Math], +[BOOST_FIND_HEADER([boost/math/special_functions.hpp])]) + + +# BOOST_MULTIARRAY() +# ------------------ +# Look for Boost.MultiArray +BOOST_DEFUN([MultiArray], +[BOOST_FIND_HEADER([boost/multi_array.hpp])]) + + +# BOOST_NUMERIC_CONVERSION() +# -------------------------- +# Look for Boost.NumericConversion (policy-based numeric conversion) +BOOST_DEFUN([Numeric_Conversion], +[BOOST_FIND_HEADER([boost/numeric/conversion/converter.hpp]) +])# BOOST_NUMERIC_CONVERSION + + +# BOOST_OPTIONAL() +# ---------------- +# Look for Boost.Optional +BOOST_DEFUN([Optional], +[BOOST_FIND_HEADER([boost/optional.hpp])]) + +# BOOST_PTR_CONTAINER() +# ---------------- +# Look for Boost.PointerContainer +BOOST_DEFUN([Ptr_Container], +[BOOST_FIND_HEADER([boost/ptr_container/ptr_vector.hpp])]) + +# BOOST_PREPROCESSOR() +# -------------------- +# Look for Boost.Preprocessor +BOOST_DEFUN([Preprocessor], +[BOOST_FIND_HEADER([boost/preprocessor/repeat.hpp])]) + + +# BOOST_UNORDERED() +# ----------------- +# Look for Boost.Unordered +BOOST_DEFUN([Unordered], +[BOOST_FIND_HEADER([boost/unordered_map.hpp])]) + + +# BOOST_UUID() +# ------------ +# Look for Boost.Uuid +BOOST_DEFUN([Uuid], +[BOOST_FIND_HEADER([boost/uuid/uuid.hpp])]) + + +# BOOST_PROGRAM_OPTIONS([PREFERRED-RT-OPT]) +# ----------------------------------------- +# Look for Boost.Program_options. For the documentation of PREFERRED-RT-OPT, +# see the documentation of BOOST_FIND_LIB above. +BOOST_DEFUN([Program_Options], +[BOOST_FIND_LIB([program_options], [$1], + [boost/program_options.hpp], + [boost::program_options::options_description d("test");]) +])# BOOST_PROGRAM_OPTIONS + + + +# _BOOST_PYTHON_CONFIG(VARIABLE, FLAG) +# ------------------------------------ +# Save VARIABLE, and define it via `python-config --FLAG`. +# Substitute BOOST_PYTHON_VARIABLE. +m4_define([_BOOST_PYTHON_CONFIG], +[AC_SUBST([BOOST_PYTHON_$1], + [`python-config --$2 2>/dev/null`])dnl +boost_python_save_$1=$$1 +$1="$$1 $BOOST_PYTHON_$1"]) + + +# BOOST_PYTHON([PREFERRED-RT-OPT]) +# -------------------------------- +# Look for Boost.Python. For the documentation of PREFERRED-RT-OPT, +# see the documentation of BOOST_FIND_LIB above. +BOOST_DEFUN([Python], +[_BOOST_PYTHON_CONFIG([CPPFLAGS], [includes]) +_BOOST_PYTHON_CONFIG([LDFLAGS], [ldflags]) +_BOOST_PYTHON_CONFIG([LIBS], [libs]) +m4_pattern_allow([^BOOST_PYTHON_MODULE$])dnl +BOOST_FIND_LIB([python], [$1], + [boost/python.hpp], + [], [BOOST_PYTHON_MODULE(empty) {}]) +CPPFLAGS=$boost_python_save_CPPFLAGS +LDFLAGS=$boost_python_save_LDFLAGS +LIBS=$boost_python_save_LIBS +])# BOOST_PYTHON + + +# BOOST_REF() +# ----------- +# Look for Boost.Ref +BOOST_DEFUN([Ref], +[BOOST_FIND_HEADER([boost/ref.hpp])]) + + +# BOOST_REGEX([PREFERRED-RT-OPT]) +# ------------------------------- +# Look for Boost.Regex. For the documentation of PREFERRED-RT-OPT, see the +# documentation of BOOST_FIND_LIB above. +BOOST_DEFUN([Regex], +[BOOST_FIND_LIB([regex], [$1], + [boost/regex.hpp], + [boost::regex exp("*"); boost::regex_match("foo", exp);]) +])# BOOST_REGEX + + +# BOOST_SERIALIZATION([PREFERRED-RT-OPT]) +# --------------------------------------- +# Look for Boost.Serialization. For the documentation of PREFERRED-RT-OPT, see +# the documentation of BOOST_FIND_LIB above. +BOOST_DEFUN([Serialization], +[BOOST_FIND_LIB([serialization], [$1], + [boost/archive/text_oarchive.hpp], + [std::ostream* o = 0; // Cheap way to get an ostream... + boost::archive::text_oarchive t(*o);]) +])# BOOST_SERIALIZATION + + +# BOOST_SIGNALS([PREFERRED-RT-OPT]) +# --------------------------------- +# Look for Boost.Signals. For the documentation of PREFERRED-RT-OPT, see the +# documentation of BOOST_FIND_LIB above. +BOOST_DEFUN([Signals], +[BOOST_FIND_LIB([signals], [$1], + [boost/signal.hpp], + [boost::signal s;]) +])# BOOST_SIGNALS + + +# BOOST_SMART_PTR() +# ----------------- +# Look for Boost.SmartPtr +BOOST_DEFUN([Smart_Ptr], +[BOOST_FIND_HEADER([boost/scoped_ptr.hpp]) +BOOST_FIND_HEADER([boost/shared_ptr.hpp]) +]) + + +# BOOST_STATICASSERT() +# -------------------- +# Look for Boost.StaticAssert +BOOST_DEFUN([StaticAssert], +[BOOST_FIND_HEADER([boost/static_assert.hpp])]) + + +# BOOST_STRING_ALGO() +# ------------------- +# Look for Boost.StringAlgo +BOOST_DEFUN([String_Algo], +[BOOST_FIND_HEADER([boost/algorithm/string.hpp]) +]) + + +# BOOST_SYSTEM([PREFERRED-RT-OPT]) +# -------------------------------- +# Look for Boost.System. For the documentation of PREFERRED-RT-OPT, see the +# documentation of BOOST_FIND_LIB above. This library was introduced in Boost +# 1.35.0. +BOOST_DEFUN([System], +[BOOST_FIND_LIB([system], [$1], + [boost/system/error_code.hpp], + [boost::system::error_code e; e.clear();]) +])# BOOST_SYSTEM + + +# BOOST_TEST([PREFERRED-RT-OPT]) +# ------------------------------ +# Look for Boost.Test. For the documentation of PREFERRED-RT-OPT, see the +# documentation of BOOST_FIND_LIB above. +BOOST_DEFUN([Test], +[m4_pattern_allow([^BOOST_CHECK$])dnl +BOOST_FIND_LIB([unit_test_framework], [$1], + [boost/test/unit_test.hpp], [BOOST_CHECK(2 == 2);], + [using boost::unit_test::test_suite; + test_suite* init_unit_test_suite(int argc, char ** argv) + { return NULL; }]) +])# BOOST_TEST + + +# BOOST_THREADS([PREFERRED-RT-OPT]) +# --------------------------------- +# Look for Boost.Thread. For the documentation of PREFERRED-RT-OPT, see the +# documentation of BOOST_FIND_LIB above. +# FIXME: Provide an alias "BOOST_THREAD". +BOOST_DEFUN([Threads], +[dnl Having the pthread flag is required at least on GCC3 where +dnl boost/thread.hpp would complain if we try to compile without +dnl -pthread on GNU/Linux. +AC_REQUIRE([_BOOST_PTHREAD_FLAG])dnl +boost_threads_save_LIBS=$LIBS +boost_threads_save_CPPFLAGS=$CPPFLAGS +LIBS="$LIBS $boost_cv_pthread_flag" +# Yes, we *need* to put the -pthread thing in CPPFLAGS because with GCC3, +# boost/thread.hpp will trigger a #error if -pthread isn't used: +# boost/config/requires_threads.hpp:47:5: #error "Compiler threading support +# is not turned on. Please set the correct command line options for +# threading: -pthread (Linux), -pthreads (Solaris) or -mthreads (Mingw32)" +CPPFLAGS="$CPPFLAGS $boost_cv_pthread_flag" +BOOST_FIND_LIB([thread], [$1], + [boost/thread.hpp], [boost::thread t; boost::mutex m;]) +BOOST_THREAD_LIBS="$BOOST_THREAD_LIBS $boost_cv_pthread_flag" +BOOST_CPPFLAGS="$BOOST_CPPFLAGS $boost_cv_pthread_flag" +LIBS=$boost_threads_save_LIBS +CPPFLAGS=$boost_threads_save_CPPFLAGS +])# BOOST_THREADS + + +# BOOST_TOKENIZER() +# ----------------- +# Look for Boost.Tokenizer +BOOST_DEFUN([Tokenizer], +[BOOST_FIND_HEADER([boost/tokenizer.hpp])]) + + +# BOOST_TRIBOOL() +# --------------- +# Look for Boost.Tribool +BOOST_DEFUN([Tribool], +[BOOST_FIND_HEADER([boost/logic/tribool_fwd.hpp]) +BOOST_FIND_HEADER([boost/logic/tribool.hpp]) +]) + + +# BOOST_TUPLE() +# ------------- +# Look for Boost.Tuple +BOOST_DEFUN([Tuple], +[BOOST_FIND_HEADER([boost/tuple/tuple.hpp])]) + + +# BOOST_TYPETRAITS() +# -------------------- +# Look for Boost.TypeTraits +BOOST_DEFUN([TypeTraits], +[BOOST_FIND_HEADER([boost/type_traits.hpp])]) + + +# BOOST_UTILITY() +# --------------- +# Look for Boost.Utility (noncopyable, result_of, base-from-member idiom, +# etc.) +BOOST_DEFUN([Utility], +[BOOST_FIND_HEADER([boost/utility.hpp])]) + + +# BOOST_VARIANT() +# --------------- +# Look for Boost.Variant. +BOOST_DEFUN([Variant], +[BOOST_FIND_HEADER([boost/variant/variant_fwd.hpp]) +BOOST_FIND_HEADER([boost/variant.hpp])]) + + +# BOOST_WAVE([PREFERRED-RT-OPT]) +# ------------------------------ +# NOTE: If you intend to use Wave/Spirit with thread support, make sure you +# call BOOST_THREADS first. +# Look for Boost.Wave. For the documentation of PREFERRED-RT-OPT, see the +# documentation of BOOST_FIND_LIB above. +BOOST_DEFUN([Wave], +[AC_REQUIRE([BOOST_FILESYSTEM])dnl +AC_REQUIRE([BOOST_DATE_TIME])dnl +boost_wave_save_LIBS=$LIBS +boost_wave_save_LDFLAGS=$LDFLAGS +m4_pattern_allow([^BOOST_((FILE)?SYSTEM|DATE_TIME|THREAD)_(LIBS|LDFLAGS)$])dnl +LIBS="$LIBS $BOOST_SYSTEM_LIBS $BOOST_FILESYSTEM_LIBS $BOOST_DATE_TIME_LIBS\ +$BOOST_THREAD_LIBS" +LDFLAGS="$LDFLAGS $BOOST_SYSTEM_LDFLAGS $BOOST_FILESYSTEM_LDFLAGS\ +$BOOST_DATE_TIME_LDFLAGS $BOOST_THREAD_LDFLAGS" +BOOST_FIND_LIB([wave], [$1], + [boost/wave.hpp], + [boost::wave::token_id id; get_token_name(id);]) +LIBS=$boost_wave_save_LIBS +LDFLAGS=$boost_wave_save_LDFLAGS +])# BOOST_WAVE + + +# BOOST_XPRESSIVE() +# ----------------- +# Look for Boost.Xpressive (new since 1.36.0). +BOOST_DEFUN([Xpressive], +[BOOST_FIND_HEADER([boost/xpressive/xpressive.hpp])]) + + +# ----------------- # +# Internal helpers. # +# ----------------- # + + +# _BOOST_PTHREAD_FLAG() +# --------------------- +# Internal helper for BOOST_THREADS. Based on ACX_PTHREAD: +# http://autoconf-archive.cryp.to/acx_pthread.html +AC_DEFUN([_BOOST_PTHREAD_FLAG], +[AC_REQUIRE([AC_PROG_CXX])dnl +AC_REQUIRE([AC_CANONICAL_HOST])dnl +AC_LANG_PUSH([C++])dnl +AC_CACHE_CHECK([for the flags needed to use pthreads], [boost_cv_pthread_flag], +[ boost_cv_pthread_flag= + # The ordering *is* (sometimes) important. Some notes on the + # individual items follow: + # (none): in case threads are in libc; should be tried before -Kthread and + # other compiler flags to prevent continual compiler warnings + # -lpthreads: AIX (must check this before -lpthread) + # -Kthread: Sequent (threads in libc, but -Kthread needed for pthread.h) + # -kthread: FreeBSD kernel threads (preferred to -pthread since SMP-able) + # -llthread: LinuxThreads port on FreeBSD (also preferred to -pthread) + # -pthread: GNU Linux/GCC (kernel threads), BSD/GCC (userland threads) + # -pthreads: Solaris/GCC + # -mthreads: MinGW32/GCC, Lynx/GCC + # -mt: Sun Workshop C (may only link SunOS threads [-lthread], but it + # doesn't hurt to check since this sometimes defines pthreads too; + # also defines -D_REENTRANT) + # ... -mt is also the pthreads flag for HP/aCC + # -lpthread: GNU Linux, etc. + # --thread-safe: KAI C++ + case $host_os in #( + *solaris*) + # On Solaris (at least, for some versions), libc contains stubbed + # (non-functional) versions of the pthreads routines, so link-based + # tests will erroneously succeed. (We need to link with -pthreads/-mt/ + # -lpthread.) (The stubs are missing pthread_cleanup_push, or rather + # a function called by this macro, so we could check for that, but + # who knows whether they'll stub that too in a future libc.) So, + # we'll just look for -pthreads and -lpthread first: + boost_pthread_flags="-pthreads -lpthread -mt -pthread";; #( + *) + boost_pthread_flags="-lpthreads -Kthread -kthread -llthread -pthread \ + -pthreads -mthreads -lpthread --thread-safe -mt";; + esac + # Generate the test file. + AC_LANG_CONFTEST([AC_LANG_PROGRAM([#include ], + [pthread_t th; pthread_join(th, 0); + pthread_attr_init(0); pthread_cleanup_push(0, 0); + pthread_create(0,0,0,0); pthread_cleanup_pop(0);])]) + for boost_pthread_flag in '' $boost_pthread_flags; do + boost_pthread_ok=false +dnl Re-use the test file already generated. + boost_pthreads__save_LIBS=$LIBS + LIBS="$LIBS $boost_pthread_flag" + AC_LINK_IFELSE([], + [if grep ".*$boost_pthread_flag" conftest.err; then + echo "This flag seems to have triggered warnings" >&AS_MESSAGE_LOG_FD + else + boost_pthread_ok=:; boost_cv_pthread_flag=$boost_pthread_flag + fi]) + LIBS=$boost_pthreads__save_LIBS + $boost_pthread_ok && break + done +]) +AC_LANG_POP([C++])dnl +])# _BOOST_PTHREAD_FLAG + + +# _BOOST_gcc_test(MAJOR, MINOR) +# ----------------------------- +# Internal helper for _BOOST_FIND_COMPILER_TAG. +m4_define([_BOOST_gcc_test], +["defined __GNUC__ && __GNUC__ == $1 && __GNUC_MINOR__ == $2 && !defined __ICC @ gcc$1$2"])dnl + + +# _BOOST_FIND_COMPILER_TAG() +# -------------------------- +# Internal. When Boost is installed without --layout=system, each library +# filename will hold a suffix that encodes the compiler used during the +# build. The Boost build system seems to call this a `tag'. +AC_DEFUN([_BOOST_FIND_COMPILER_TAG], +[AC_REQUIRE([AC_PROG_CXX])dnl +AC_REQUIRE([AC_CANONICAL_HOST])dnl +AC_CACHE_CHECK([for the toolset name used by Boost for $CXX], [boost_cv_lib_tag], +[boost_cv_lib_tag=unknown +if test x$boost_cv_inc_path != xno; then + AC_LANG_PUSH([C++])dnl + # The following tests are mostly inspired by boost/config/auto_link.hpp + # The list is sorted to most recent/common to oldest compiler (in order + # to increase the likelihood of finding the right compiler with the + # least number of compilation attempt). + # Beware that some tests are sensible to the order (for instance, we must + # look for MinGW before looking for GCC3). + # I used one compilation test per compiler with a #error to recognize + # each compiler so that it works even when cross-compiling (let me know + # if you know a better approach). + # Known missing tags (known from Boost's tools/build/v2/tools/common.jam): + # como, edg, kcc, bck, mp, sw, tru, xlc + # I'm not sure about my test for `il' (be careful: Intel's ICC pre-defines + # the same defines as GCC's). + for i in \ + _BOOST_gcc_test(4, 6) \ + _BOOST_gcc_test(4, 5) \ + _BOOST_gcc_test(4, 4) \ + _BOOST_gcc_test(4, 3) \ + _BOOST_gcc_test(4, 2) \ + _BOOST_gcc_test(4, 1) \ + _BOOST_gcc_test(4, 0) \ + "defined __GNUC__ && __GNUC__ == 3 && !defined __ICC \ + && (defined WIN32 || defined WINNT || defined _WIN32 || defined __WIN32 \ + || defined __WIN32__ || defined __WINNT || defined __WINNT__) @ mgw" \ + _BOOST_gcc_test(3, 4) \ + _BOOST_gcc_test(3, 3) \ + "defined _MSC_VER && _MSC_VER >= 1500 @ vc90" \ + "defined _MSC_VER && _MSC_VER == 1400 @ vc80" \ + _BOOST_gcc_test(3, 2) \ + "defined _MSC_VER && _MSC_VER == 1310 @ vc71" \ + _BOOST_gcc_test(3, 1) \ + _BOOST_gcc_test(3, 0) \ + "defined __BORLANDC__ @ bcb" \ + "defined __ICC && (defined __unix || defined __unix__) @ il" \ + "defined __ICL @ iw" \ + "defined _MSC_VER && _MSC_VER == 1300 @ vc7" \ + _BOOST_gcc_test(2, 95) \ + "defined __MWERKS__ && __MWERKS__ <= 0x32FF @ cw9" \ + "defined _MSC_VER && _MSC_VER < 1300 && !defined UNDER_CE @ vc6" \ + "defined _MSC_VER && _MSC_VER < 1300 && defined UNDER_CE @ evc4" \ + "defined __MWERKS__ && __MWERKS__ <= 0x31FF @ cw8" + do + boost_tag_test=`expr "X$i" : 'X\([[^@]]*\) @ '` + boost_tag=`expr "X$i" : 'X[[^@]]* @ \(.*\)'` + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ +#if $boost_tag_test +/* OK */ +#else +# error $boost_tag_test +#endif +]])], [boost_cv_lib_tag=$boost_tag; break], []) + done +AC_LANG_POP([C++])dnl + case $boost_cv_lib_tag in #( + # Some newer (>= 1.35?) versions of Boost seem to only use "gcc" as opposed + # to "gcc41" for instance. + *-gcc | *'-gcc ') :;; #( Don't re-add -gcc: it's already in there. + gcc*) + boost_tag_x= + case $host_os in #( + darwin*) + if test $boost_major_version -ge 136; then + # The `x' added in r46793 of Boost. + boost_tag_x=x + fi;; + esac + # We can specify multiple tags in this variable because it's used by + # BOOST_FIND_LIB that does a `for tag in -$boost_cv_lib_tag' ... + boost_cv_lib_tag="$boost_tag_x$boost_cv_lib_tag -${boost_tag_x}gcc" + ;; #( + unknown) + AC_MSG_WARN([[could not figure out which toolset name to use for $CXX]]) + boost_cv_lib_tag= + ;; + esac +fi])dnl end of AC_CACHE_CHECK +])# _BOOST_FIND_COMPILER_TAG + + +# _BOOST_GUESS_WHETHER_TO_USE_MT() +# -------------------------------- +# Compile a small test to try to guess whether we should favor MT (Multi +# Thread) flavors of Boost. Sets boost_guess_use_mt accordingly. +AC_DEFUN([_BOOST_GUESS_WHETHER_TO_USE_MT], +[# Check whether we do better use `mt' even though we weren't ask to. +AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ +#if defined _REENTRANT || defined _MT || defined __MT__ +/* use -mt */ +#else +# error MT not needed +#endif +]])], [boost_guess_use_mt=:], [boost_guess_use_mt=false]) +]) + +# _BOOST_AC_LINK_IFELSE(PROGRAM, [ACTION-IF-TRUE], [ACTION-IF-FALSE]) +# ------------------------------------------------------------------- +# Fork of _AC_LINK_IFELSE that preserves conftest.o across calls. Fragile, +# will break when Autoconf changes its internals. Requires that you manually +# rm -f conftest.$ac_objext in between to really different tests, otherwise +# you will try to link a conftest.o left behind by a previous test. +# Used to aggressively optimize BOOST_FIND_LIB (see the big comment in this +# macro). +# +# Don't use "break" in the actions, as it would short-circuit some code +# this macro runs after the actions. +m4_define([_BOOST_AC_LINK_IFELSE], +[m4_ifvaln([$1], [AC_LANG_CONFTEST([$1])])dnl +rm -f conftest$ac_exeext +boost_save_ac_ext=$ac_ext +boost_use_source=: +# If we already have a .o, re-use it. We change $ac_ext so that $ac_link +# tries to link the existing object file instead of compiling from source. +test -f conftest.$ac_objext && ac_ext=$ac_objext && boost_use_source=false && + _AS_ECHO_LOG([re-using the existing conftest.$ac_objext]) +AS_IF([_AC_DO_STDERR($ac_link) && { + test -z "$ac_[]_AC_LANG_ABBREV[]_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && { + test "$cross_compiling" = yes || + $as_executable_p conftest$ac_exeext +dnl FIXME: use AS_TEST_X instead when 2.61 is widespread enough. + }], + [$2], + [if $boost_use_source; then + _AC_MSG_LOG_CONFTEST + fi + $3]) +ac_objext=$boost_save_ac_objext +ac_ext=$boost_save_ac_ext +dnl Delete also the IPA/IPO (Inter Procedural Analysis/Optimization) +dnl information created by the PGI compiler (conftest_ipa8_conftest.oo), +dnl as it would interfere with the next link command. +rm -f core conftest.err conftest_ipa8_conftest.oo \ + conftest$ac_exeext m4_ifval([$1], [conftest.$ac_ext])[]dnl +])# _BOOST_AC_LINK_IFELSE + +# Local Variables: +# mode: autoconf +# End: diff --git a/pkginfo.in b/pkginfo.in deleted file mode 100644 index f2e85c0..0000000 --- a/pkginfo.in +++ /dev/null @@ -1,10 +0,0 @@ -PKG=SHIBxmltool -VERSION=@PACKAGE_VERSION@ -NAME=@PACKAGE@-c -CATEGORY=application,textproc,security -DESC=Library for DOM processing with Signature/Encryption for C++ -VENDOR=Internet2 -HOTLINE=https://bugs.internet2.edu/ -CLASSES=none -PSTAMP=sunra.internet2.edu 2008-03-17 -EMAIL=cantor.2@osu.edu diff --git a/postinstall b/postinstall deleted file mode 100644 index bc80af9..0000000 --- a/postinstall +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/sh - -cd ${CLIENT_BASEDIR}/share/xml/xmltooling - -sed "s|uri=\".*/share/xml/xmltooling/\(.*\)\"|uri=\"${CLIENT_BASEDIR}/share/xml/xmltooling/\1\"|1" catalog.xml > catalog.xml.tmp -mv catalog.xml.tmp catalog.xml -chmod 644 catalog.xml - -exit 0 diff --git a/xmltooling.spec.in b/xmltooling.spec.in index def50a4..61e4ff2 100644 --- a/xmltooling.spec.in +++ b/xmltooling.spec.in @@ -1,12 +1,12 @@ Name: @PACKAGE_NAME@ Version: @PACKAGE_VERSION@ Release: 1 -Summary: OpenSAML XMLTooling library +Summary: OpenSAML XMLTooling library Group: Development/Libraries/C and C++ Vendor: Internet2 License: Apache 2.0 URL: http://www.opensaml.org/ -Source: %{name}-%{version}.tar.gz +Source: %{name}-%{version}.tar.gz BuildRoot: %{_tmppath}/%{name}-%{version}-root %if 0%{?suse_version} > 1030 && 0%{?suse_version} < 1130 BuildRequires: libXerces-c-devel >= 2.8.0 @@ -16,7 +16,13 @@ BuildRequires: libxerces-c-devel >= 2.8.0 BuildRequires: libxml-security-c-devel >= 1.4.0 %{?_with_log4cpp:BuildRequires: liblog4cpp-devel >= 1.0} %{!?_with_log4cpp:BuildRequires: liblog4shib-devel} -BuildRequires: gcc-c++, openssl-devel, curl-devel >= 7.10.6 +BuildRequires: gcc-c++, openssl-devel, boost-devel >= 1.32.0 +%if 0%{?rhel} >= 6 || 0%{?centos_version} >= 600 +BuildRequires: libcurl-openssl-devel >= 7.21.7 +Requires: libcurl-openssl >= 7.21.7 +%else +BuildRequires: curl-devel >= 7.10.6 +%endif %if 0%{?suse_version} > 1000 BuildRequires: pkg-config %endif @@ -31,6 +37,12 @@ BuildRequires: redhat-rpm-config %define pkgdocdir %{_docdir}/%{name}-%{version} %endif +# Prevent the RH6 package from requiring a vanilla libcurl. +%if 0%{?rhel} >= 6 || 0%{?centos_version} >= 600 +%filter_from_requires /libcurl\.so\..*/d +%filter_setup +%endif + %description The XMLTooling library contains generic XML parsing and processing classes based on the Xerces-C DOM. It adds more powerful facilities @@ -38,13 +50,16 @@ for declaring element- and type-specific API and implementation classes to add value around the DOM, as well as signing and encryption support. -%package -n lib@PACKAGE_NAME@5 +%package -n lib@PACKAGE_NAME@6 Summary: OpenSAML XMLTooling library Group: Development/Libraries/C and C++ Provides: @PACKAGE_NAME@ = %{version}-%{release} Obsoletes: @PACKAGE_NAME@ < %{version}-%{release} +%if 0%{?rhel} >= 6 || 0%{?centos_version} >= 600 +Requires: libcurl-openssl >= 7.21.7 +%endif -%description -n lib@PACKAGE_NAME@5 +%description -n lib@PACKAGE_NAME@6 The XMLTooling library contains generic XML parsing and processing classes based on the Xerces-C DOM. It adds more powerful facilities for declaring element- and type-specific API and implementation @@ -56,7 +71,7 @@ This package contains just the shared library. %package -n lib@PACKAGE_NAME@-devel Summary: XMLTooling development Headers Group: Development/Libraries/C and C++ -Requires: lib@PACKAGE_NAME@5 = %{version}-%{release} +Requires: lib@PACKAGE_NAME@6 = %{version}-%{release} Provides: @PACKAGE_NAME@-devel = %{version}-%{release} Obsoletes: @PACKAGE_NAME@-devel < %{version}-%{release} %if 0%{?suse_version} > 1030 && 0%{?suse_version} < 1130 @@ -67,7 +82,12 @@ Requires: libxerces-c-devel >= 2.8.0 Requires: libxml-security-c-devel >= 1.4.0 %{?_with_log4cpp:Requires: liblog4cpp-devel >= 1.0} %{!?_with_log4cpp:Requires: liblog4shib-devel} -Requires: openssl-devel, curl-devel >= 7.10.6 +Requires: openssl-devel +%if 0%{?rhel} >= 6 || 0%{?centos_version} >= 600 +Requires: libcurl-openssl-devel >= 7.21.7 +%else +Requires: curl-devel >= 7.10.6 +%endif %description -n lib@PACKAGE_NAME@-devel The XMLTooling library contains generic XML parsing and processing @@ -95,7 +115,11 @@ This package includes XML schemas and related files. %setup -q %build +%if 0%{?rhel} >= 6 || 0%{?centos_version} >= 600 +%configure %{?@PACKAGE_NAME@_options} --with-curl=/opt/shibboleth +%else %configure %{?@PACKAGE_NAME@_options} +%endif %{__make} %install @@ -110,14 +134,14 @@ This package includes XML schemas and related files. [ "$RPM_BUILD_ROOT" != "/" ] && %{__rm} -rf $RPM_BUILD_ROOT %ifnos solaris2.8 solaris2.9 solaris2.10 -%post -n lib@PACKAGE_NAME@5 -p /sbin/ldconfig +%post -n lib@PACKAGE_NAME@6 -p /sbin/ldconfig %endif %ifnos solaris2.8 solaris2.9 solaris2.10 -%postun -n lib@PACKAGE_NAME@5 -p /sbin/ldconfig +%postun -n lib@PACKAGE_NAME@6 -p /sbin/ldconfig %endif -%files -n lib@PACKAGE@5 +%files -n lib@PACKAGE_NAME@6 %defattr(-,root,root,-) %{_libdir}/*.so.* @@ -134,6 +158,13 @@ This package includes XML schemas and related files. %doc %{pkgdocdir} %changelog +* Mon Nov 14 2011 Scott Cantor - 1.5-1 +- Update lib package number. +- Add boost-devel dependency. + +* Sun Jun 26 2011 Scott Cantor - 1.4.2-1 +- Override curl build for RHEL6. + * Tue Oct 26 2010 Scott Cantor - 1.4-1 - Update version - Add pkg-config support. diff --git a/xmltooling/AbstractAttributeExtensibleXMLObject.cpp b/xmltooling/AbstractAttributeExtensibleXMLObject.cpp index 3c1f6c9..1f819f6 100644 --- a/xmltooling/AbstractAttributeExtensibleXMLObject.cpp +++ b/xmltooling/AbstractAttributeExtensibleXMLObject.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -27,15 +31,16 @@ #include #include +#include +#include #include using namespace xmltooling; +using namespace xercesc; +using namespace boost::lambda; +using namespace boost; using namespace std; -using xercesc::chColon; -using xercesc::DOMAttr; -using xercesc::DOMElement; -using xercesc::XMLString; ElementExtensibleXMLObject::ElementExtensibleXMLObject() { @@ -53,7 +58,7 @@ ElementProxy::~ElementProxy() { } -set AttributeExtensibleXMLObject::m_idAttributeSet; +set AttributeExtensibleXMLObject::m_idAttributeSet; AttributeExtensibleXMLObject::AttributeExtensibleXMLObject() { @@ -63,22 +68,22 @@ AttributeExtensibleXMLObject::~AttributeExtensibleXMLObject() { } -const set& AttributeExtensibleXMLObject::getRegisteredIDAttributes() +const set& AttributeExtensibleXMLObject::getRegisteredIDAttributes() { return m_idAttributeSet; } -bool AttributeExtensibleXMLObject::isRegisteredIDAttribute(const QName& name) +bool AttributeExtensibleXMLObject::isRegisteredIDAttribute(const xmltooling::QName& name) { return m_idAttributeSet.find(name)!=m_idAttributeSet.end(); } -void AttributeExtensibleXMLObject::registerIDAttribute(const QName& name) +void AttributeExtensibleXMLObject::registerIDAttribute(const xmltooling::QName& name) { m_idAttributeSet.insert(name); } -void AttributeExtensibleXMLObject::deregisterIDAttribute(const QName& name) +void AttributeExtensibleXMLObject::deregisterIDAttribute(const xmltooling::QName& name) { m_idAttributeSet.erase(name); } @@ -97,7 +102,7 @@ AbstractAttributeExtensibleXMLObject::AbstractAttributeExtensibleXMLObject(const : AbstractXMLObject(src) { m_idAttribute = m_attributeMap.end(); - for (map::const_iterator i=src.m_attributeMap.begin(); i!=src.m_attributeMap.end(); i++) { + for (map::const_iterator i = src.m_attributeMap.begin(); i != src.m_attributeMap.end(); ++i) { m_attributeMap[i->first] = XMLString::replicate(i->second); } if (src.m_idAttribute != src.m_attributeMap.end()) { @@ -107,36 +112,43 @@ AbstractAttributeExtensibleXMLObject::AbstractAttributeExtensibleXMLObject(const AbstractAttributeExtensibleXMLObject::~AbstractAttributeExtensibleXMLObject() { - for (map::iterator i=m_attributeMap.begin(); i!=m_attributeMap.end(); i++) - XMLString::release(&(i->second)); + static void (*release)(XMLCh**,MemoryManager*) = &XMLString::release; + for_each( + m_attributeMap.begin(), m_attributeMap.end(), + lambda::bind( + release, + &lambda::bind(&map::value_type::second, boost::ref(_1)), + XMLPlatformUtils::fgMemoryManager + ) + ); } -const XMLCh* AbstractAttributeExtensibleXMLObject::getAttribute(const QName& qualifiedName) const +const XMLCh* AbstractAttributeExtensibleXMLObject::getAttribute(const xmltooling::QName& qualifiedName) const { - map::const_iterator i=m_attributeMap.find(qualifiedName); - return (i==m_attributeMap.end()) ? nullptr : i->second; + map::const_iterator i = m_attributeMap.find(qualifiedName); + return (i != m_attributeMap.end()) ? i->second : nullptr; } -void AbstractAttributeExtensibleXMLObject::setAttribute(const QName& qualifiedName, const XMLCh* value, bool ID) +void AbstractAttributeExtensibleXMLObject::setAttribute(const xmltooling::QName& qualifiedName, const XMLCh* value, bool ID) { - map::iterator i=m_attributeMap.find(qualifiedName); - if (i!=m_attributeMap.end()) { + map::iterator i=m_attributeMap.find(qualifiedName); + if (i != m_attributeMap.end()) { releaseThisandParentDOM(); XMLString::release(&(i->second)); if (value && *value) { - i->second=XMLString::replicate(value); + i->second = XMLString::replicate(value); if (ID) - m_idAttribute=i; + m_idAttribute = i; } else { - if (m_idAttribute==i) - m_idAttribute=m_attributeMap.end(); + if (m_idAttribute == i) + m_idAttribute = m_attributeMap.end(); m_attributeMap.erase(i); } } else if (value && *value) { releaseThisandParentDOM(); - m_attributeMap[qualifiedName]=XMLString::replicate(value); + m_attributeMap[qualifiedName] = XMLString::replicate(value); if (ID) m_idAttribute = m_attributeMap.find(qualifiedName); Namespace newNamespace(qualifiedName.getNamespaceURI(), qualifiedName.getPrefix(), false, Namespace::VisiblyUsed); @@ -144,7 +156,7 @@ void AbstractAttributeExtensibleXMLObject::setAttribute(const QName& qualifiedNa } } -void AttributeExtensibleXMLObject::setAttribute(const QName& qualifiedName, const QName& value) +void AttributeExtensibleXMLObject::setAttribute(const xmltooling::QName& qualifiedName, const xmltooling::QName& value) { if (!value.hasLocalPart()) return; @@ -162,18 +174,18 @@ void AttributeExtensibleXMLObject::setAttribute(const QName& qualifiedName, cons addNamespace(newNamespace); } -const map& AbstractAttributeExtensibleXMLObject::getExtensionAttributes() const +const map& AbstractAttributeExtensibleXMLObject::getExtensionAttributes() const { return m_attributeMap; } const XMLCh* AbstractAttributeExtensibleXMLObject::getXMLID() const { - return (m_idAttribute == m_attributeMap.end()) ? nullptr : m_idAttribute->second; + return (m_idAttribute != m_attributeMap.end()) ? m_idAttribute->second : nullptr; } void AbstractAttributeExtensibleXMLObject::unmarshallExtensionAttribute(const DOMAttr* attribute) { - QName q(attribute->getNamespaceURI(),attribute->getLocalName(),attribute->getPrefix()); + xmltooling::QName q(attribute->getNamespaceURI(), attribute->getLocalName(), attribute->getPrefix()); bool ID = attribute->isId() || isRegisteredIDAttribute(q); setAttribute(q,attribute->getNodeValue(),ID); if (ID) { @@ -187,13 +199,13 @@ void AbstractAttributeExtensibleXMLObject::unmarshallExtensionAttribute(const DO void AbstractAttributeExtensibleXMLObject::marshallExtensionAttributes(DOMElement* domElement) const { - for (map::const_iterator i=m_attributeMap.begin(); i!=m_attributeMap.end(); i++) { - DOMAttr* attr=domElement->getOwnerDocument()->createAttributeNS(i->first.getNamespaceURI(),i->first.getLocalPart()); + for (map::const_iterator i = m_attributeMap.begin(); i != m_attributeMap.end(); ++i) { + DOMAttr* attr = domElement->getOwnerDocument()->createAttributeNS(i->first.getNamespaceURI(), i->first.getLocalPart()); if (i->first.hasPrefix()) attr->setPrefix(i->first.getPrefix()); attr->setNodeValue(i->second); domElement->setAttributeNodeNS(attr); - if (m_idAttribute==i) { + if (m_idAttribute == i) { #ifdef XMLTOOLING_XERCESC_BOOLSETIDATTRIBUTE domElement->setIdAttributeNode(attr, true); #else diff --git a/xmltooling/AbstractAttributeExtensibleXMLObject.h b/xmltooling/AbstractAttributeExtensibleXMLObject.h index 0429461..c09d711 100644 --- a/xmltooling/AbstractAttributeExtensibleXMLObject.h +++ b/xmltooling/AbstractAttributeExtensibleXMLObject.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/AbstractComplexElement.cpp b/xmltooling/AbstractComplexElement.cpp index cc8f68d..fa1e6ef 100644 --- a/xmltooling/AbstractComplexElement.cpp +++ b/xmltooling/AbstractComplexElement.cpp @@ -1,17 +1,21 @@ -/* -* Copyright 2001-2010 Internet2 - * -* Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -24,17 +28,15 @@ #include "AbstractComplexElement.h" #include +#include +#include using namespace xmltooling; +using namespace xercesc; +using namespace boost::lambda; +using namespace boost; using namespace std; -using xercesc::XMLString; - -namespace { - bool _nonnull(const XMLObject* ptr) { - return (ptr!=nullptr); - } -} AbstractComplexElement::AbstractComplexElement() { @@ -42,21 +44,27 @@ AbstractComplexElement::AbstractComplexElement() AbstractComplexElement::AbstractComplexElement(const AbstractComplexElement& src) { - for (vector::const_iterator i=src.m_text.begin(); i!=src.m_text.end(); ++i) - m_text.push_back(XMLString::replicate(*i)); + static void (vector::* push_back)(XMLCh* const&) = &vector::push_back; + static XMLCh* (*replicate)(const XMLCh*,MemoryManager*) = &XMLString::replicate; + + for_each( + src.m_text.begin(), src.m_text.end(), + lambda::bind(push_back, boost::ref(m_text), lambda::bind(replicate, _1, XMLPlatformUtils::fgMemoryManager)) + ); } AbstractComplexElement::~AbstractComplexElement() { + static void (*release)(XMLCh**,MemoryManager*) = &XMLString::release; + for_each(m_children.begin(), m_children.end(), cleanup()); - for (vector::iterator i=m_text.begin(); i!=m_text.end(); ++i) - XMLString::release(&(*i)); + for_each(m_text.begin(), m_text.end(), lambda::bind(release, &_1, XMLPlatformUtils::fgMemoryManager)); } bool AbstractComplexElement::hasChildren() const { if (m_children.empty()) return false; - return (find_if(m_children.begin(), m_children.end(), _nonnull) != m_children.end()); + return (find_if(m_children.begin(), m_children.end(), (_1 != nullptr)) != m_children.end()); } const list& AbstractComplexElement::getOrderedChildren() const @@ -83,5 +91,5 @@ void AbstractComplexElement::setTextContent(const XMLCh* value, unsigned int pos m_text.push_back(nullptr); ++size; } - m_text[position]=prepareForAssignment(m_text[position],value); + m_text[position] = prepareForAssignment(m_text[position], value); } diff --git a/xmltooling/AbstractComplexElement.h b/xmltooling/AbstractComplexElement.h index 9f8c24d..65567b6 100644 --- a/xmltooling/AbstractComplexElement.h +++ b/xmltooling/AbstractComplexElement.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/AbstractDOMCachingXMLObject.cpp b/xmltooling/AbstractDOMCachingXMLObject.cpp index 684b466..061df1a 100644 --- a/xmltooling/AbstractDOMCachingXMLObject.cpp +++ b/xmltooling/AbstractDOMCachingXMLObject.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/AbstractDOMCachingXMLObject.h b/xmltooling/AbstractDOMCachingXMLObject.h index ed5862e..3f02e32 100644 --- a/xmltooling/AbstractDOMCachingXMLObject.h +++ b/xmltooling/AbstractDOMCachingXMLObject.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/AbstractSimpleElement.cpp b/xmltooling/AbstractSimpleElement.cpp index 3dea687..5782e3b 100644 --- a/xmltooling/AbstractSimpleElement.cpp +++ b/xmltooling/AbstractSimpleElement.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/AbstractSimpleElement.h b/xmltooling/AbstractSimpleElement.h index 2abf232..d1d54c6 100644 --- a/xmltooling/AbstractSimpleElement.h +++ b/xmltooling/AbstractSimpleElement.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/AbstractXMLObject.cpp b/xmltooling/AbstractXMLObject.cpp index b7c3cac..cb2d7f4 100644 --- a/xmltooling/AbstractXMLObject.cpp +++ b/xmltooling/AbstractXMLObject.cpp @@ -1,17 +1,21 @@ -/* -* Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * -* Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -55,11 +59,11 @@ void XMLObject::releaseThisAndChildrenDOM() const AbstractXMLObject::AbstractXMLObject(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType) : m_log(logging::Category::getInstance(XMLTOOLING_LOGCAT".XMLObject")), m_schemaLocation(nullptr), m_noNamespaceSchemaLocation(nullptr), m_nil(xmlconstants::XML_BOOL_NULL), - m_parent(nullptr), m_elementQname(nsURI, localName, prefix), m_typeQname(nullptr) + m_parent(nullptr), m_elementQname(nsURI, localName, prefix) { addNamespace(Namespace(nsURI, prefix, false, Namespace::VisiblyUsed)); if (schemaType) { - m_typeQname = new QName(*schemaType); + m_typeQname.reset(new QName(*schemaType)); addNamespace(Namespace(m_typeQname->getNamespaceURI(), m_typeQname->getPrefix(), false, Namespace::NonVisiblyUsed)); } } @@ -67,15 +71,13 @@ AbstractXMLObject::AbstractXMLObject(const XMLCh* nsURI, const XMLCh* localName, AbstractXMLObject::AbstractXMLObject(const AbstractXMLObject& src) : m_namespaces(src.m_namespaces), m_log(src.m_log), m_schemaLocation(XMLString::replicate(src.m_schemaLocation)), m_noNamespaceSchemaLocation(XMLString::replicate(src.m_noNamespaceSchemaLocation)), m_nil(src.m_nil), - m_parent(nullptr), m_elementQname(src.m_elementQname), m_typeQname(nullptr) + m_parent(nullptr), m_elementQname(src.m_elementQname), + m_typeQname(src.m_typeQname.get() ? new QName(*src.m_typeQname) : nullptr) { - if (src.m_typeQname) - m_typeQname=new QName(*src.m_typeQname); } AbstractXMLObject::~AbstractXMLObject() { - delete m_typeQname; xercesc::XMLString::release(&m_schemaLocation); xercesc::XMLString::release(&m_noNamespaceSchemaLocation); } @@ -164,7 +166,7 @@ void AbstractXMLObject::removeNamespace(const Namespace& ns) const QName* AbstractXMLObject::getSchemaType() const { - return m_typeQname; + return m_typeQname.get(); } const XMLCh* AbstractXMLObject::getXMLID() const diff --git a/xmltooling/AbstractXMLObject.h b/xmltooling/AbstractXMLObject.h index ab06573..49a0bbf 100644 --- a/xmltooling/AbstractXMLObject.h +++ b/xmltooling/AbstractXMLObject.h @@ -1,17 +1,21 @@ -/* -* Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * -* Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -186,7 +190,7 @@ namespace xmltooling { private: XMLObject* m_parent; QName m_elementQname; - QName* m_typeQname; + std::auto_ptr m_typeQname; }; }; diff --git a/xmltooling/AttributeExtensibleXMLObject.h b/xmltooling/AttributeExtensibleXMLObject.h index 79b0ca3..598b3fa 100644 --- a/xmltooling/AttributeExtensibleXMLObject.h +++ b/xmltooling/AttributeExtensibleXMLObject.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/ConcreteXMLObjectBuilder.h b/xmltooling/ConcreteXMLObjectBuilder.h index be6f101..c8e16d8 100644 --- a/xmltooling/ConcreteXMLObjectBuilder.h +++ b/xmltooling/ConcreteXMLObjectBuilder.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/ElementExtensibleXMLObject.h b/xmltooling/ElementExtensibleXMLObject.h index eb1097c..2096ddb 100644 --- a/xmltooling/ElementExtensibleXMLObject.h +++ b/xmltooling/ElementExtensibleXMLObject.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/ElementProxy.h b/xmltooling/ElementProxy.h index 1dee1a5..d473817 100644 --- a/xmltooling/ElementProxy.h +++ b/xmltooling/ElementProxy.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/Lockable.cpp b/xmltooling/Lockable.cpp index 3f692a9..18d78b6 100644 --- a/xmltooling/Lockable.cpp +++ b/xmltooling/Lockable.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2009-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/Lockable.h b/xmltooling/Lockable.h index ced79d3..c10c2bf 100644 --- a/xmltooling/Lockable.h +++ b/xmltooling/Lockable.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/Makefile.am b/xmltooling/Makefile.am index 035e2af..f162795 100644 --- a/xmltooling/Makefile.am +++ b/xmltooling/Makefile.am @@ -78,6 +78,9 @@ secinclude_HEADERS = \ security/KeyInfoCredentialContext.h \ security/KeyInfoResolver.h \ security/OpenSSLCredential.h \ + security/OpenSSLPathValidator.h \ + security/PathValidator.h \ + security/PKIXPathValidatorParams.h \ security/SecurityHelper.h \ security/SignatureTrustEngine.h \ security/TrustEngine.h \ @@ -137,11 +140,13 @@ xmlsec_sources = \ security/impl/ChainingTrustEngine.cpp \ security/impl/CredentialCriteria.cpp \ security/impl/CredentialResolver.cpp \ + security/impl/DummyCredentialResolver.cpp \ security/impl/ExplicitKeyTrustEngine.cpp \ security/impl/FilesystemCredentialResolver.cpp \ security/impl/InlineKeyResolver.cpp \ security/impl/KeyInfoResolver.cpp \ security/impl/OpenSSLCryptoX509CRL.cpp \ + security/impl/PKIXPathValidator.cpp \ security/impl/SecurityHelper.cpp \ security/impl/StaticPKIXTrustEngine.cpp \ security/impl/TrustEngine.cpp \ @@ -202,10 +207,10 @@ libxmltooling_lite_la_CPPFLAGS = -DXMLTOOLING_LITE libxmltooling_lite_la_LDFLAGS = -version-info 6:0:0 if BUILD_XMLSEC -libxmltooling_la_LDFLAGS = $(XMLSEC_LIBS) -version-info 6:0:0 libxmltooling_la_SOURCES = \ ${common_sources} \ ${xmlsec_sources} +libxmltooling_la_LDFLAGS = $(XMLSEC_LIBS) -version-info 6:0:0 endif install-exec-hook: diff --git a/xmltooling/Namespace.cpp b/xmltooling/Namespace.cpp index ae388db..aebb5b6 100644 --- a/xmltooling/Namespace.cpp +++ b/xmltooling/Namespace.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/Namespace.h b/xmltooling/Namespace.h index de17cb0..0e97bbe 100644 --- a/xmltooling/Namespace.h +++ b/xmltooling/Namespace.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/PluginManager.h b/xmltooling/PluginManager.h index 5dd7628..2f37c80 100644 --- a/xmltooling/PluginManager.h +++ b/xmltooling/PluginManager.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2007 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/QName.cpp b/xmltooling/QName.cpp index 7aa88d2..d80d1a8 100644 --- a/xmltooling/QName.cpp +++ b/xmltooling/QName.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/QName.h b/xmltooling/QName.h index 0f75b82..02ce210 100644 --- a/xmltooling/QName.h +++ b/xmltooling/QName.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/XMLObject.h b/xmltooling/XMLObject.h index 636d575..e0391ad 100644 --- a/xmltooling/XMLObject.h +++ b/xmltooling/XMLObject.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/XMLObjectBuilder.cpp b/xmltooling/XMLObjectBuilder.cpp index 5b6c17e..ec08c16 100644 --- a/xmltooling/XMLObjectBuilder.cpp +++ b/xmltooling/XMLObjectBuilder.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -51,8 +55,9 @@ XMLObject* XMLObjectBuilder::buildFromQName(const QName& q) const XMLObject* XMLObjectBuilder::buildFromElement(DOMElement* element, bool bindDocument) const { + auto_ptr schemaType(XMLHelper::getXSIType(element)); auto_ptr ret( - buildObject(element->getNamespaceURI(),element->getLocalName(),element->getPrefix(),XMLHelper::getXSIType(element)) + buildObject(element->getNamespaceURI(),element->getLocalName(),element->getPrefix(),schemaType.get()) ); ret->unmarshall(element,bindDocument); return ret.release(); diff --git a/xmltooling/XMLObjectBuilder.h b/xmltooling/XMLObjectBuilder.h index a3b5f42..bb0b3ef 100644 --- a/xmltooling/XMLObjectBuilder.h +++ b/xmltooling/XMLObjectBuilder.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/XMLToolingConfig.cpp b/xmltooling/XMLToolingConfig.cpp index 377a030..bcd6eba 100644 --- a/xmltooling/XMLToolingConfig.cpp +++ b/xmltooling/XMLToolingConfig.cpp @@ -1,18 +1,21 @@ -/* - * Licensed to UCAID under one or more contributor license agreements. - * See the NOTICE file distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may not use this - * file except in compliance with the License. You may obtain a copy of the +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -33,9 +36,11 @@ #include "security/OpenSSLCryptoX509CRL.h" #include "security/CredentialResolver.h" #include "security/KeyInfoResolver.h" +#include "security/PathValidator.h" #include "signature/KeyInfo.h" #include "signature/Signature.h" #include "soap/SOAP.h" +#include "soap/SOAPTransport.h" #include "util/NDC.h" #include "util/PathResolver.h" #include "util/ReplayCache.h" @@ -50,6 +55,10 @@ #endif #include +#include +#include +#include + #if defined(XMLTOOLING_LOG4SHIB) # include # include @@ -73,6 +82,7 @@ using namespace soap11; using namespace xmltooling::logging; using namespace xmltooling; using namespace xercesc; +using namespace boost; using namespace std; #ifdef WIN32 @@ -103,14 +113,14 @@ using namespace xmlsignature; namespace { static XMLToolingInternalConfig g_config; #ifndef XMLTOOLING_NO_XMLSEC - static vector g_openssl_locks; + static ptr_vector g_openssl_locks; extern "C" void openssl_locking_callback(int mode,int n,const char *file,int line) { if (mode & CRYPTO_LOCK) - g_openssl_locks[n]->lock(); + g_openssl_locks[n].lock(); else - g_openssl_locks[n]->unlock(); + g_openssl_locks[n].unlock(); } # ifndef WIN32 @@ -219,6 +229,76 @@ XMLToolingConfig::~XMLToolingConfig() { } +#ifndef XMLTOOLING_LITE +const KeyInfoResolver* XMLToolingConfig::getKeyInfoResolver() const +{ + return m_keyInfoResolver; +} + +ReplayCache* XMLToolingConfig::getReplayCache() const +{ + return m_replayCache; +} + +void XMLToolingConfig::setKeyInfoResolver(xmltooling::KeyInfoResolver *keyInfoResolver) +{ + delete m_keyInfoResolver; + m_keyInfoResolver = keyInfoResolver; +} + +void XMLToolingConfig::setReplayCache(ReplayCache* replayCache) +{ + delete m_replayCache; + m_replayCache = replayCache; +} +#endif + +PathResolver* XMLToolingConfig::getPathResolver() const +{ + return m_pathResolver; +} + +TemplateEngine* XMLToolingConfig::getTemplateEngine() const +{ + return m_templateEngine; +} + +const URLEncoder* XMLToolingConfig::getURLEncoder() const +{ + return m_urlEncoder; +} + +void XMLToolingConfig::setPathResolver(PathResolver* pathResolver) +{ + delete m_pathResolver; + m_pathResolver = pathResolver; +} + +void XMLToolingConfig::setTemplateEngine(TemplateEngine* templateEngine) +{ + delete m_templateEngine; + m_templateEngine = templateEngine; +} + +void XMLToolingConfig::setURLEncoder(URLEncoder* urlEncoder) +{ + delete m_urlEncoder; + m_urlEncoder = urlEncoder; +} + +XMLToolingInternalConfig::XMLToolingInternalConfig() : +#ifndef XMLTOOLING_NO_XMLSEC + m_xsecProvider(nullptr), +#endif + m_initCount(0), m_lock(Mutex::create()), m_parserPool(nullptr), m_validatingPool(nullptr) +{ +} + +XMLToolingInternalConfig::~XMLToolingInternalConfig() +{ + delete m_lock; +} + bool XMLToolingInternalConfig::log_config(const char* config) { try { @@ -278,7 +358,7 @@ bool XMLToolingInternalConfig::log_config(const char* config) #endif } catch (const ConfigureFailure& e) { - string msg = string("failed to configure logging: ") + e.what(); + string msg = string("error in file permissions or logging configuration: ") + e.what(); Category::getInstance(XMLTOOLING_LOGCAT".Logging").crit(msg); #ifdef WIN32 LogEvent(nullptr, EVENTLOG_ERROR_TYPE, 2100, nullptr, msg.c_str()); @@ -289,69 +369,25 @@ bool XMLToolingInternalConfig::log_config(const char* config) return true; } -#ifndef XMLTOOLING_LITE -const KeyInfoResolver* XMLToolingConfig::getKeyInfoResolver() const -{ - return m_keyInfoResolver; -} - -ReplayCache* XMLToolingConfig::getReplayCache() const -{ - return m_replayCache; -} - -void XMLToolingConfig::setKeyInfoResolver(xmltooling::KeyInfoResolver *keyInfoResolver) -{ - delete m_keyInfoResolver; - m_keyInfoResolver = keyInfoResolver; -} - -void XMLToolingConfig::setReplayCache(ReplayCache* replayCache) +bool XMLToolingInternalConfig::init() { - delete m_replayCache; - m_replayCache = replayCache; -} +#ifdef _DEBUG + xmltooling::NDC ndc("init"); #endif + Category& log=Category::getInstance(XMLTOOLING_LOGCAT".Config"); -PathResolver* XMLToolingConfig::getPathResolver() const -{ - return m_pathResolver; -} - -TemplateEngine* XMLToolingConfig::getTemplateEngine() const -{ - return m_templateEngine; -} + Lock initLock(m_lock); -const URLEncoder* XMLToolingConfig::getURLEncoder() const -{ - return m_urlEncoder; -} - -void XMLToolingConfig::setPathResolver(PathResolver* pathResolver) -{ - delete m_pathResolver; - m_pathResolver = pathResolver; -} - -void XMLToolingConfig::setTemplateEngine(TemplateEngine* templateEngine) -{ - delete m_templateEngine; - m_templateEngine = templateEngine; -} + if (m_initCount == INT_MAX) { + log.crit("library initialized too many times"); + return false; + } -void XMLToolingConfig::setURLEncoder(URLEncoder* urlEncoder) -{ - delete m_urlEncoder; - m_urlEncoder = urlEncoder; -} + if (m_initCount >= 1) { + ++m_initCount; + return true; + } -bool XMLToolingInternalConfig::init() -{ -#ifdef _DEBUG - xmltooling::NDC ndc("init"); -#endif - Category& log=Category::getInstance(XMLTOOLING_LOGCAT".XMLToolingConfig"); try { log.debug("library initialization started"); @@ -386,22 +422,16 @@ bool XMLToolingInternalConfig::init() m_parserPool=new ParserPool(); m_validatingPool=new ParserPool(true,true); - m_lock=XMLPlatformUtils::makeMutex(); // Load catalogs from path. if (!catalog_path.empty()) { - char* catpath=strdup(catalog_path.c_str()); - char* sep=nullptr; - char* start=catpath; - while (start && *start) { - sep=strchr(start,PATH_SEPARATOR_CHAR); - if (sep) - *sep=0; - auto_ptr_XMLCh temp(start); - m_validatingPool->loadCatalog(temp.get()); - start = sep ? sep + 1 : nullptr; - } - free(catpath); + boost::tokenizer< char_separator > catpaths(catalog_path, char_separator(PATH_SEPARATOR_STR)); + for_each( + catpaths.begin(), catpaths.end(), + // Call loadCatalog with an inner call to s->c_str() on each entry. + boost::bind(static_cast(&ParserPool::loadCatalog), + m_validatingPool, boost::bind(&string::c_str,_1)) + ); } // default registrations @@ -425,16 +455,20 @@ bool XMLToolingInternalConfig::init() REGISTER_XMLTOOLING_EXCEPTION_FACTORY(EncryptionException,xmlencryption); registerKeyInfoClasses(); registerEncryptionClasses(); - registerKeyInfoResolvers(); registerCredentialResolvers(); + registerKeyInfoResolvers(); + registerPathValidators(); registerTrustEngines(); registerXMLAlgorithms(); - registerSOAPTransports(); - initSOAPTransports(); - registerStorageServices(); m_keyInfoResolver = KeyInfoResolverManager.newPlugin(INLINE_KEYINFO_RESOLVER,nullptr); #endif +#ifndef XMLTOOLING_LITE + registerStorageServices(); +#endif + registerSOAPTransports(); + initSOAPTransports(); + m_pathResolver = new PathResolver(); m_urlEncoder = new URLEncoder(); @@ -464,14 +498,27 @@ bool XMLToolingInternalConfig::init() #endif log.info("%s library initialization complete", PACKAGE_STRING); + ++m_initCount; return true; } void XMLToolingInternalConfig::term() { +#ifdef _DEBUG + xmltooling::NDC ndc("term"); +#endif + + Lock initLock(m_lock); + if (m_initCount == 0) { + Category::getInstance(XMLTOOLING_LOGCAT".Config").crit("term without corresponding init"); + return; + } + else if (--m_initCount > 0) { + return; + } + #ifndef XMLTOOLING_NO_XMLSEC CRYPTO_set_locking_callback(nullptr); - for_each(g_openssl_locks.begin(), g_openssl_locks.end(), xmltooling::cleanup()); g_openssl_locks.clear(); #endif @@ -480,10 +527,14 @@ void XMLToolingInternalConfig::term() XMLToolingException::deregisterFactories(); AttributeExtensibleXMLObject::deregisterIDAttributes(); -#ifndef XMLTOOLING_NO_XMLSEC - StorageServiceManager.deregisterFactories(); termSOAPTransports(); SOAPTransportManager.deregisterFactories(); + +#ifndef XMLTOOLING_LITE + StorageServiceManager.deregisterFactories(); +#endif + +#ifndef XMLTOOLING_NO_XMLSEC TrustEngineManager.deregisterFactories(); CredentialResolverManager.deregisterFactories(); KeyInfoResolverManager.deregisterFactories(); @@ -527,34 +578,43 @@ void XMLToolingInternalConfig::term() delete m_validatingPool; m_validatingPool=nullptr; + for_each(m_namedLocks.begin(), m_namedLocks.end(), cleanup_pair()); + m_namedLocks.clear(); + #ifndef XMLTOOLING_NO_XMLSEC delete m_xsecProvider; m_xsecProvider=nullptr; XSECPlatformUtils::Terminate(); #endif - XMLPlatformUtils::closeMutex(m_lock); - m_lock=nullptr; XMLPlatformUtils::Terminate(); #ifndef XMLTOOLING_NO_XMLSEC curl_global_cleanup(); #endif -#ifdef _DEBUG - xmltooling::NDC ndc("term"); -#endif - Category::getInstance(XMLTOOLING_LOGCAT".XMLToolingConfig").info("%s library shutdown complete", PACKAGE_STRING); + Category::getInstance(XMLTOOLING_LOGCAT".Config").info("%s library shutdown complete", PACKAGE_STRING); } Lockable* XMLToolingInternalConfig::lock() { - xercesc::XMLPlatformUtils::lockMutex(m_lock); + m_lock->lock(); return this; } void XMLToolingInternalConfig::unlock() { - xercesc::XMLPlatformUtils::unlockMutex(m_lock); + m_lock->unlock(); +} + +Mutex& XMLToolingInternalConfig::getNamedMutex(const char* name) +{ + Locker glock(this); + map::const_iterator m = m_namedLocks.find(name); + if (m != m_namedLocks.end()) + return *(m->second); + Mutex* newlock = Mutex::create(); + m_namedLocks[name] = newlock; + return *newlock; } bool XMLToolingInternalConfig::load_library(const char* path, void* context) @@ -562,7 +622,7 @@ bool XMLToolingInternalConfig::load_library(const char* path, void* context) #ifdef _DEBUG xmltooling::NDC ndc("LoadLibrary"); #endif - Category& log=Category::getInstance(XMLTOOLING_LOGCAT".XMLToolingConfig"); + Category& log=Category::getInstance(XMLTOOLING_LOGCAT".Config"); log.info("loading extension: %s", path); Locker locker(this); @@ -590,7 +650,7 @@ bool XMLToolingInternalConfig::load_library(const char* path, void* context) throw runtime_error(string("detected error in xmltooling_extension_init: ") + resolved); SetErrorMode(em); } - catch(exception&) { + catch(std::exception&) { if (handle) FreeLibrary(handle); SetErrorMode(em); @@ -613,7 +673,7 @@ bool XMLToolingInternalConfig::load_library(const char* path, void* context) if (fn(context)!=0) throw runtime_error(string("detected error in xmltooling_extension_init in ") + resolved); } - catch(exception&) { + catch(std::exception&) { if (handle) dlclose(handle); throw; diff --git a/xmltooling/XMLToolingConfig.h b/xmltooling/XMLToolingConfig.h index 6aa6af9..928ce71 100644 --- a/xmltooling/XMLToolingConfig.h +++ b/xmltooling/XMLToolingConfig.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -37,6 +41,7 @@ namespace xmltooling { + class XMLTOOL_API Mutex; class XMLTOOL_API ParserPool; class XMLTOOL_API PathResolver; class XMLTOOL_API TemplateEngine; @@ -48,6 +53,7 @@ namespace xmltooling { #ifndef XMLTOOLING_NO_XMLSEC class XMLTOOL_API CredentialResolver; class XMLTOOL_API KeyInfoResolver; + class XMLTOOL_API PathValidator; class XMLTOOL_API TrustEngine; class XMLTOOL_API XSECCryptoX509CRL; #endif @@ -152,6 +158,15 @@ namespace xmltooling { */ virtual ParserPool& getValidatingParser() const=0; + /** + * Returns a reference to a named mutex. + *

The first access to a given name will create the object. + * + * @param name name of mutex to access + * @return reference to a mutex object + */ + virtual Mutex& getNamedMutex(const char* name)=0; + #ifndef XMLTOOLING_NO_XMLSEC /** * Returns the global KeyInfoResolver instance. @@ -250,6 +265,13 @@ namespace xmltooling { */ unsigned int clock_skew_secs; +#ifndef XMLTOOLING_LITE + /** + * Manages factories for StorageService plugins. + */ + PluginManager StorageServiceManager; +#endif + #ifndef XMLTOOLING_NO_XMLSEC /** * Returns an X.509 CRL implementation object. @@ -257,14 +279,19 @@ namespace xmltooling { virtual XSECCryptoX509CRL* X509CRL() const=0; /** + * Manages factories for CredentialResolver plugins. + */ + PluginManager CredentialResolverManager; + + /** * Manages factories for KeyInfoResolver plugins. */ PluginManager KeyInfoResolverManager; /** - * Manages factories for CredentialResolver plugins. + * Manages factories for PathValidator plugins. */ - PluginManager CredentialResolverManager; + PluginManager PathValidatorManager; /** * Manages factories for TrustEngine plugins. @@ -272,11 +299,6 @@ namespace xmltooling { PluginManager TrustEngineManager; /** - * Manages factories for StorageService plugins. - */ - PluginManager StorageServiceManager; - - /** * Maps an XML Signature/Encryption algorithm identifier to a library-specific * key algorithm and size for use in resolving credentials. * diff --git a/xmltooling/base.h b/xmltooling/base.h index 0bd9062..ff96588 100644 --- a/xmltooling/base.h +++ b/xmltooling/base.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -694,8 +698,8 @@ } \ void set##proper(int proper) { \ char buf##proper[64]; \ - sprintf(buf##proper,"%d",proper); \ - auto_ptr_XMLCh wide##proper(buf##proper); \ + std::sprintf(buf##proper,"%d",proper); \ + xmltooling::auto_ptr_XMLCh wide##proper(buf##proper); \ set##proper(wide##proper.get()); \ } @@ -734,7 +738,7 @@ } \ void set##proper(const type* proper) { \ m_##proper = prepareForAssignment(m_##proper,proper); \ - XMLString::release(&m_##proper##Prefix); \ + xercesc::XMLString::release(&m_##proper##Prefix); \ m_##proper##Prefix = nullptr; \ } @@ -1015,7 +1019,7 @@ */ #define MARSHALL_QNAME_ATTRIB(proper,ucase,namespaceURI) \ if (m_##proper) { \ - auto_ptr_XMLCh qstr(m_##proper->toString().c_str()); \ + xmltooling::auto_ptr_XMLCh qstr(m_##proper->toString().c_str()); \ domElement->setAttributeNS(namespaceURI, ucase##_ATTRIB_NAME, qstr.get()); \ } @@ -1109,7 +1113,8 @@ */ #define PROC_QNAME_ATTRIB(proper,ucase,namespaceURI) \ if (xmltooling::XMLHelper::isNodeNamed(attribute, namespaceURI, ucase##_ATTRIB_NAME)) { \ - set##proper(XMLHelper::getAttributeValueAsQName(attribute)); \ + std::auto_ptr q(xmltooling::XMLHelper::getAttributeValueAsQName(attribute)); \ + set##proper(q.get()); \ return; \ } @@ -1246,7 +1251,7 @@ XMLTOOLING_DOXYGEN(Sets proper.) \ void set##proper(int proper) { \ char buf[64]; \ - sprintf(buf,"%d",proper); \ + std::sprintf(buf,"%d",proper); \ xmltooling::auto_ptr_XMLCh widebuf(buf); \ setTextContent(widebuf.get()); \ } \ @@ -1258,7 +1263,7 @@ /** * Implements cloning methods for an XMLObject specialization implementation class. * - * @param cname the name of the XMLObject specialization + * @param cname the name of the XMLObject specialization */ #define IMPL_XMLOBJECT_CLONE(cname) \ cname* clone##cname() const { \ @@ -1275,6 +1280,79 @@ } /** + * Implements cloning methods for an XMLObject specialization implementation class + * that must override a base class clone method. + * + * @param cname the name of the XMLObject specialization + * @param base name of base type. + */ +#define IMPL_XMLOBJECT_CLONE2(cname,base) \ + cname* clone##cname() const { \ + return dynamic_cast(clone()); \ + } \ + base* clone##base() const { \ + return dynamic_cast(clone()); \ + } \ + xmltooling::XMLObject* clone() const { \ + std::auto_ptr domClone(xmltooling::AbstractDOMCachingXMLObject::clone()); \ + cname##Impl* ret=dynamic_cast(domClone.get()); \ + if (ret) { \ + domClone.release(); \ + return ret; \ + } \ + return new cname##Impl(*this); \ + } + +/** + * Implements cloning methods for an XMLObject specialization implementation class that + * needs two stage duplication to avoid invoking virtual methods during construction. + * + * @param cname the name of the XMLObject specialization + */ +#define IMPL_XMLOBJECT_CLONE_EX(cname) \ + cname* clone##cname() const { \ + return dynamic_cast(clone()); \ + } \ + xmltooling::XMLObject* clone() const { \ + std::auto_ptr domClone(xmltooling::AbstractDOMCachingXMLObject::clone()); \ + cname##Impl* ret=dynamic_cast(domClone.get()); \ + if (ret) { \ + domClone.release(); \ + return ret; \ + } \ + std::auto_ptr ret2(new cname##Impl(*this)); \ + ret2->_clone(*this); \ + return ret2.release(); \ + } + +/** + * Implements cloning methods for an XMLObject specialization implementation class that + * needs two stage duplication to avoid invoking virtual methods during construction, + * and must override a base class clone method. + * + * @param cname the name of the XMLObject specialization + * @param base name of base type + */ +#define IMPL_XMLOBJECT_CLONE_EX2(cname,base) \ + cname* clone##cname() const { \ + return dynamic_cast(clone()); \ + } \ + base* clone##base() const { \ + return dynamic_cast(clone()); \ + } \ + xmltooling::XMLObject* clone() const { \ + std::auto_ptr domClone(xmltooling::AbstractDOMCachingXMLObject::clone()); \ + cname##Impl* ret=dynamic_cast(domClone.get()); \ + if (ret) { \ + domClone.release(); \ + return ret; \ + } \ + std::auto_ptr ret2(new cname##Impl(*this)); \ + ret2->_clone(*this); \ + return ret2.release(); \ + } + +/** * Declares an XMLObject specialization with a simple content model and type, * handling it as string data. * diff --git a/xmltooling/char_traits.h b/xmltooling/char_traits.h index fac30bb..c126b62 100644 --- a/xmltooling/char_traits.h +++ b/xmltooling/char_traits.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/config_pub_win32.h b/xmltooling/config_pub_win32.h index ae1db58..f58f6b7 100644 --- a/xmltooling/config_pub_win32.h +++ b/xmltooling/config_pub_win32.h @@ -1,3 +1,23 @@ +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. + */ + /* Define if C++ compiler supports covariant virtual methods. */ #define HAVE_COVARIANT_RETURNS 1 diff --git a/xmltooling/encryption/Decrypter.h b/xmltooling/encryption/Decrypter.h index 1a3ddc0..3fbdfb4 100644 --- a/xmltooling/encryption/Decrypter.h +++ b/xmltooling/encryption/Decrypter.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/encryption/EncryptedKeyResolver.h b/xmltooling/encryption/EncryptedKeyResolver.h index 3cd7a90..40a1901 100644 --- a/xmltooling/encryption/EncryptedKeyResolver.h +++ b/xmltooling/encryption/EncryptedKeyResolver.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/encryption/Encrypter.h b/xmltooling/encryption/Encrypter.h index e1723e9..1996b48 100644 --- a/xmltooling/encryption/Encrypter.h +++ b/xmltooling/encryption/Encrypter.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/encryption/Encryption.h b/xmltooling/encryption/Encryption.h index f56a248..e7e3329 100644 --- a/xmltooling/encryption/Encryption.h +++ b/xmltooling/encryption/Encryption.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/encryption/impl/Decrypter.cpp b/xmltooling/encryption/impl/Decrypter.cpp index 3f4adb9..489834c 100644 --- a/xmltooling/encryption/impl/Decrypter.cpp +++ b/xmltooling/encryption/impl/Decrypter.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -344,5 +348,24 @@ XSECCryptoKey* Decrypter::decryptKey(const EncryptedKey& encryptedKey, const XML } } - throw DecryptionException("Unable to decrypt key."); + // Some algorithms are vulnerable to chosen ciphertext attacks, so we generate a random key + // to prevent discovery of the validity of the original candidate. + logging::Category::getInstance(XMLTOOLING_LOGCAT".Decrypter").warn( + "unable to decrypt key, generating random key for defensive purposes" + ); + pair mapped = XMLToolingConfig::getConfig().mapXMLAlgorithmToKeyAlgorithm(algorithm); + if (!mapped.second) + mapped.second = 256; + try { + if (XSECPlatformUtils::g_cryptoProvider->getRandom(reinterpret_cast(buffer),mapped.second) < mapped.second) + throw DecryptionException("Unable to generate random data; was PRNG seeded?"); + return handler->createKeyForURI(algorithm, buffer, mapped.second); + } + catch(XSECException& e) { + auto_ptr_char temp(e.getMsg()); + throw DecryptionException(string("XMLSecurity exception while generating key: ") + temp.get()); + } + catch (XSECCryptoException& e) { + throw DecryptionException(string("XMLSecurity exception while generating key: ") + e.getMsg()); + } } diff --git a/xmltooling/encryption/impl/EncryptedKeyResolver.cpp b/xmltooling/encryption/impl/EncryptedKeyResolver.cpp index 79553e6..eeec5cb 100644 --- a/xmltooling/encryption/impl/EncryptedKeyResolver.cpp +++ b/xmltooling/encryption/impl/EncryptedKeyResolver.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/encryption/impl/Encrypter.cpp b/xmltooling/encryption/impl/Encrypter.cpp index 97583a7..6e0856b 100644 --- a/xmltooling/encryption/impl/Encrypter.cpp +++ b/xmltooling/encryption/impl/Encrypter.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -334,18 +338,10 @@ const XMLCh* Encrypter::getKeyTransportAlgorithm(const Credential& credential, c XMLToolingConfig& conf = XMLToolingConfig::getConfig(); const char* alg = credential.getAlgorithm(); if (!alg || !strcmp(alg, "RSA")) { - if (XMLString::equals(encryptionAlg,DSIGConstants::s_unicodeStrURI3DES_CBC)) { - if (conf.isXMLAlgorithmSupported(DSIGConstants::s_unicodeStrURIRSA_1_5, XMLToolingConfig::ALGTYPE_KEYENCRYPT)) - return DSIGConstants::s_unicodeStrURIRSA_1_5; - else if (conf.isXMLAlgorithmSupported(DSIGConstants::s_unicodeStrURIRSA_OAEP_MGFP1, XMLToolingConfig::ALGTYPE_KEYENCRYPT)) - return DSIGConstants::s_unicodeStrURIRSA_OAEP_MGFP1; - } - else { - if (conf.isXMLAlgorithmSupported(DSIGConstants::s_unicodeStrURIRSA_OAEP_MGFP1, XMLToolingConfig::ALGTYPE_KEYENCRYPT)) - return DSIGConstants::s_unicodeStrURIRSA_OAEP_MGFP1; - else if (conf.isXMLAlgorithmSupported(DSIGConstants::s_unicodeStrURIRSA_1_5, XMLToolingConfig::ALGTYPE_KEYENCRYPT)) - return DSIGConstants::s_unicodeStrURIRSA_1_5; - } + if (conf.isXMLAlgorithmSupported(DSIGConstants::s_unicodeStrURIRSA_OAEP_MGFP1, XMLToolingConfig::ALGTYPE_KEYENCRYPT)) + return DSIGConstants::s_unicodeStrURIRSA_OAEP_MGFP1; + else if (conf.isXMLAlgorithmSupported(DSIGConstants::s_unicodeStrURIRSA_1_5, XMLToolingConfig::ALGTYPE_KEYENCRYPT)) + return DSIGConstants::s_unicodeStrURIRSA_1_5; } else if (!strcmp(alg, "AES")) { const XMLCh* ret = nullptr; diff --git a/xmltooling/encryption/impl/EncryptionImpl.cpp b/xmltooling/encryption/impl/EncryptionImpl.cpp index ab5223e..5e25d72 100644 --- a/xmltooling/encryption/impl/EncryptionImpl.cpp +++ b/xmltooling/encryption/impl/EncryptionImpl.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -68,6 +72,7 @@ namespace xmlencryption { m_pos_OAEPparams=m_pos_KeySize; ++m_pos_OAEPparams; } + public: virtual ~EncryptionMethodImpl() { XMLString::release(&m_Algorithm); @@ -86,9 +91,11 @@ namespace xmlencryption { setKeySize(src.getKeySize()->cloneKeySize()); if (src.getOAEPparams()) setOAEPparams(src.getOAEPparams()->cloneOAEPparams()); - VectorOf(XMLObject) v=getUnknownXMLObjects(); - for (vector::const_iterator i=src.m_UnknownXMLObjects.begin(); i!=src.m_UnknownXMLObjects.end(); ++i) - v.push_back((*i)->clone()); + for (vector::const_iterator i=src.m_UnknownXMLObjects.begin(); i!=src.m_UnknownXMLObjects.end(); ++i) { + if (*i) { + getUnknownXMLObjects().push_back((*i)->clone()); + } + } } IMPL_XMLOBJECT_CLONE(EncryptionMethod); @@ -137,10 +144,9 @@ namespace xmlencryption { TransformsImpl(const TransformsImpl& src) : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) { - VectorOf(xmlsignature::Transform) v=getTransforms(); for (vector::const_iterator i=src.m_Transforms.begin(); i!=src.m_Transforms.end(); i++) { if (*i) { - v.push_back((*i)->cloneTransform()); + getTransforms().push_back((*i)->cloneTransform()); } } } @@ -167,6 +173,7 @@ namespace xmlencryption { m_children.push_back(nullptr); m_pos_Transforms=m_children.begin(); } + public: virtual ~CipherReferenceImpl() { XMLString::release(&m_URI); @@ -220,6 +227,7 @@ namespace xmlencryption { m_pos_CipherReference=m_pos_CipherValue; ++m_pos_CipherReference; } + public: virtual ~CipherDataImpl() {} @@ -259,6 +267,7 @@ namespace xmlencryption { void init() { m_Id=m_Target=nullptr; } + public: virtual ~EncryptionPropertyImpl() { XMLString::release(&m_Id); @@ -278,9 +287,11 @@ namespace xmlencryption { init(); setId(src.getId()); setTarget(src.getTarget()); - VectorOf(XMLObject) v=getUnknownXMLObjects(); - for (vector::const_iterator i=src.m_UnknownXMLObjects.begin(); i!=src.m_UnknownXMLObjects.end(); ++i) - v.push_back((*i)->clone()); + for (vector::const_iterator i=src.m_UnknownXMLObjects.begin(); i!=src.m_UnknownXMLObjects.end(); ++i) { + if (*i) { + getUnknownXMLObjects().push_back((*i)->clone()); + } + } } IMPL_XMLOBJECT_CLONE(EncryptionProperty); @@ -328,6 +339,7 @@ namespace xmlencryption { void init() { m_Id=nullptr; } + public: virtual ~EncryptionPropertiesImpl() { XMLString::release(&m_Id); @@ -342,10 +354,9 @@ namespace xmlencryption { : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) { init(); setId(src.getId()); - VectorOf(EncryptionProperty) v=getEncryptionPropertys(); for (vector::const_iterator i=src.m_EncryptionPropertys.begin(); i!=src.m_EncryptionPropertys.end(); i++) { if (*i) { - v.push_back((*i)->cloneEncryptionProperty()); + getEncryptionPropertys().push_back((*i)->cloneEncryptionProperty()); } } } @@ -376,13 +387,9 @@ namespace xmlencryption { public AbstractXMLObjectMarshaller, public AbstractXMLObjectUnmarshaller { - void init() { - m_URI=nullptr; - } - protected: ReferenceTypeImpl() { - init(); + m_URI=nullptr; } public: @@ -391,20 +398,23 @@ namespace xmlencryption { } ReferenceTypeImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType) - : AbstractXMLObject(nsURI, localName, prefix, schemaType) { - init(); + : AbstractXMLObject(nsURI, localName, prefix, schemaType), m_URI(nullptr) { } ReferenceTypeImpl(const ReferenceTypeImpl& src) - : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) { - init(); + : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src), m_URI(nullptr) { + } + + void _clone(const ReferenceTypeImpl& src) { setURI(src.getURI()); - VectorOf(XMLObject) v=getUnknownXMLObjects(); - for (vector::const_iterator i=src.m_UnknownXMLObjects.begin(); i!=src.m_UnknownXMLObjects.end(); ++i) - v.push_back((*i)->clone()); + for (vector::const_iterator i=src.m_UnknownXMLObjects.begin(); i!=src.m_UnknownXMLObjects.end(); ++i) { + if (*i) { + getUnknownXMLObjects().push_back((*i)->clone()); + } + } } - IMPL_XMLOBJECT_CLONE(ReferenceType); + IMPL_XMLOBJECT_CLONE_EX(ReferenceType); IMPL_STRING_ATTRIB(URI); IMPL_XMLOBJECT_CHILDREN(UnknownXMLObject,m_children.end()); @@ -432,11 +442,8 @@ namespace xmlencryption { : AbstractXMLObject(nsURI, localName, prefix, schemaType) {} DataReferenceImpl(const DataReferenceImpl& src) : AbstractXMLObject(src), ReferenceTypeImpl(src) {} - - IMPL_XMLOBJECT_CLONE(DataReference); - ReferenceType* cloneReferenceType() const { - return new DataReferenceImpl(*this); - } + + IMPL_XMLOBJECT_CLONE_EX(DataReference); }; class XMLTOOL_DLLLOCAL KeyReferenceImpl : public virtual KeyReference, public ReferenceTypeImpl @@ -449,10 +456,7 @@ namespace xmlencryption { KeyReferenceImpl(const KeyReferenceImpl& src) : AbstractXMLObject(src), ReferenceTypeImpl(src) {} - IMPL_XMLOBJECT_CLONE(KeyReference); - ReferenceType* cloneReferenceType() const { - return new KeyReferenceImpl(*this); - } + IMPL_XMLOBJECT_CLONE_EX(KeyReference); }; class XMLTOOL_DLLLOCAL ReferenceListImpl : public virtual ReferenceList, @@ -523,6 +527,7 @@ namespace xmlencryption { m_pos_EncryptionProperties=m_pos_CipherData; ++m_pos_EncryptionProperties; } + protected: EncryptedTypeImpl() { init(); @@ -544,6 +549,9 @@ namespace xmlencryption { EncryptedTypeImpl(const EncryptedTypeImpl& src) : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) { init(); + } + + void _clone(const EncryptedTypeImpl& src) { setId(src.getId()); setType(src.getType()); setMimeType(src.getMimeType()); @@ -558,7 +566,7 @@ namespace xmlencryption { setEncryptionProperties(src.getEncryptionProperties()->cloneEncryptionProperties()); } - IMPL_XMLOBJECT_CLONE(EncryptedType); + IMPL_XMLOBJECT_CLONE_EX(EncryptedType); IMPL_ID_ATTRIB_EX(Id,ID,nullptr); IMPL_STRING_ATTRIB(Type); IMPL_STRING_ATTRIB(MimeType); @@ -603,10 +611,7 @@ namespace xmlencryption { EncryptedDataImpl(const EncryptedDataImpl& src) : AbstractXMLObject(src), EncryptedTypeImpl(src) {} - IMPL_XMLOBJECT_CLONE(EncryptedData); - EncryptedType* cloneEncryptedType() const { - return new EncryptedDataImpl(*this); - } + IMPL_XMLOBJECT_CLONE_EX(EncryptedData); }; class XMLTOOL_DLLLOCAL EncryptedKeyImpl : public virtual EncryptedKey, public EncryptedTypeImpl @@ -637,10 +642,16 @@ namespace xmlencryption { init(); } - IMPL_XMLOBJECT_CLONE(EncryptedKey); - EncryptedType* cloneEncryptedType() const { - return new EncryptedKeyImpl(*this); + void _clone(const EncryptedKeyImpl& src) { + EncryptedTypeImpl::_clone(src); + setRecipient(src.getRecipient()); + if (src.getReferenceList()) + setReferenceList(src.getReferenceList()->cloneReferenceList()); + if (src.getCarriedKeyName()) + setCarriedKeyName(src.getCarriedKeyName()->cloneCarriedKeyName()); } + + IMPL_XMLOBJECT_CLONE_EX(EncryptedKey); IMPL_STRING_ATTRIB(Recipient); IMPL_TYPED_CHILD(ReferenceList); IMPL_TYPED_CHILD(CarriedKeyName); diff --git a/xmltooling/encryption/impl/EncryptionSchemaValidators.cpp b/xmltooling/encryption/impl/EncryptionSchemaValidators.cpp index 16d7adc..ed781e6 100644 --- a/xmltooling/encryption/impl/EncryptionSchemaValidators.cpp +++ b/xmltooling/encryption/impl/EncryptionSchemaValidators.cpp @@ -1,17 +1,21 @@ -/* -* Copyright 2001-2009 Internet2 - * -* Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/exceptions.cpp b/xmltooling/exceptions.cpp index 8f39ddc..6ff78ca 100644 --- a/xmltooling/exceptions.cpp +++ b/xmltooling/exceptions.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -30,10 +34,12 @@ #include #include #include +#include #include using namespace xmltooling; using namespace xercesc; +using namespace boost; using namespace std; using xmlconstants::XMLTOOLING_NS; @@ -101,88 +107,45 @@ void XMLToolingException::setMessage(const char* msg) m_processedmsg.erase(); } -inline const char* get_digit_character() -{ - static const char s_characters[19] = - { - '9' - , '8' - , '7' - , '6' - , '5' - , '4' - , '3' - , '2' - , '1' - , '0' - , '1' - , '2' - , '3' - , '4' - , '5' - , '6' - , '7' - , '8' - , '9' - }; - static const char *s_mid = s_characters + 9; - - return s_mid; -} - -inline const char* unsigned_integer_to_string(char* buf, size_t cchBuf, size_t i) -{ - char* psz=buf + cchBuf - 1; // Set psz to last char - *psz = 0; // Set terminating null - - do { - size_t lsd = i % 10; // Get least significant - // digit - - i /= 10; // Prepare for next most - // significant digit - - --psz; // Move back - - *psz = get_digit_character()[lsd]; // Place the digit - - } while(i!=0 && psz>buf); - - return psz; -} - void XMLToolingException::addProperties(const params& p) { m_processedmsg.erase(); - map::size_type i=m_params.size()+1; - char buf[20]; + map::size_type i = m_params.size() + 1; const vector& v=p.get(); - for (vector::const_iterator ci=v.begin(); ci!=v.end(); ci++) { - m_params[unsigned_integer_to_string(buf,sizeof(buf),i++)] = *ci; + for (vector::const_iterator ci = v.begin(); ci != v.end(); ++ci) { + try { + m_params[lexical_cast(i++)] = *ci; + } + catch (bad_lexical_cast&) { + } } } void XMLToolingException::addProperties(const namedparams& p) { m_processedmsg.erase(); - const vector& v=p.get(); - for (vector::const_iterator ci=v.begin(); ci!=v.end(); ci++) { + const vector& v = p.get(); + for (vector::const_iterator ci = v.begin(); ci != v.end(); ++ci) { m_params.erase(*ci); m_params[*ci] = *(ci+1); - ci++; // advance past name to value, then loop will advance it again + ++ci; // advance past name to value, then loop will advance it again } } const char* XMLToolingException::getProperty(unsigned int index) const { - char buf[20]; - map::const_iterator i=m_params.find(unsigned_integer_to_string(buf,sizeof(buf),index)); - return (i==m_params.end()) ? nullptr : i->second.c_str(); + try { + map::const_iterator i = m_params.find(lexical_cast(index)); + return (i==m_params.end()) ? nullptr : i->second.c_str(); + } + catch (bad_lexical_cast&) { + return nullptr; + } } const char* XMLToolingException::getProperty(const char* name) const { - map::const_iterator i=m_params.find(name); + map::const_iterator i = m_params.find(name); return (i==m_params.end()) ? nullptr : i->second.c_str(); } @@ -250,7 +213,7 @@ string XMLToolingException::toString() const if (msg) xml_encode(xml, "", msg, ""); const URLEncoder* encoder = XMLToolingConfig::getConfig().getURLEncoder(); - for (map::const_iterator i=m_params.begin(); i!=m_params.end(); i++) { + for (map::const_iterator i = m_params.begin(); i != m_params.end(); ++i) { xml_encode(xml, "", encoder->encode(i->second.c_str()).c_str(), ""); } @@ -262,7 +225,7 @@ string XMLToolingException::toQueryString() const { string q; const URLEncoder* enc = XMLToolingConfig::getConfig().getURLEncoder(); - for (map::const_iterator i=m_params.begin(); i!=m_params.end(); i++) { + for (map::const_iterator i = m_params.begin(); i != m_params.end(); ++i) { if (!q.empty()) q += '&'; q = q + i->first + '=' + enc->encode(i->second.c_str()); diff --git a/xmltooling/exceptions.h b/xmltooling/exceptions.h index 67baa82..c04c870 100644 --- a/xmltooling/exceptions.h +++ b/xmltooling/exceptions.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/impl/AnyElement.cpp b/xmltooling/impl/AnyElement.cpp index 27c1702..72c833d 100644 --- a/xmltooling/impl/AnyElement.cpp +++ b/xmltooling/impl/AnyElement.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -41,10 +45,25 @@ AnyElementImpl::AnyElementImpl(const XMLCh* nsURI, const XMLCh* localName, const { } +AnyElementImpl::AnyElementImpl(const AnyElementImpl& src) + : AbstractXMLObject(src), + AbstractDOMCachingXMLObject(src), + AbstractComplexElement(src), + AbstractAttributeExtensibleXMLObject(src) +{ +} + AnyElementImpl::~AnyElementImpl() { } +void AnyElementImpl::_clone(const AnyElementImpl& src) +{ + const vector& children = src.getUnknownXMLObjects(); + for (vector::const_iterator i=children.begin(); i!=children.end(); ++i) + getUnknownXMLObjects().push_back((*i)->clone()); +} + XMLObject* AnyElementImpl::clone() const { auto_ptr domClone(AbstractDOMCachingXMLObject::clone()); AnyElementImpl* ret=dynamic_cast(domClone.get()); @@ -53,19 +72,11 @@ XMLObject* AnyElementImpl::clone() const { return ret; } - return new AnyElementImpl(*this); + auto_ptr ret2(new AnyElementImpl(*this)); + ret2->_clone(*ret2.get()); + return ret2.release(); } -AnyElementImpl::AnyElementImpl(const AnyElementImpl& src) - : AbstractXMLObject(src), - AbstractDOMCachingXMLObject(src), - AbstractComplexElement(src), - AbstractAttributeExtensibleXMLObject(src) { - const vector& children = src.getUnknownXMLObjects(); - for (vector::const_iterator i=children.begin(); i!=children.end(); ++i) - getUnknownXMLObjects().push_back((*i)->clone()); -} - void AnyElementImpl::marshallAttributes(DOMElement* domElement) const { marshallExtensionAttributes(domElement); diff --git a/xmltooling/impl/AnyElement.h b/xmltooling/impl/AnyElement.h index 0dc1c78..4a79eef 100644 --- a/xmltooling/impl/AnyElement.h +++ b/xmltooling/impl/AnyElement.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -59,6 +63,15 @@ namespace xmltooling { AnyElementImpl(); AnyElementImpl(const AnyElementImpl& src); + /** + * Copies the content of a source object into a newly constructed instance. + *

Used to solve compiler problems that limit calling virtual functions + * from the actual copy constructor. + * + * @param src source to clone + */ + void _clone(const AnyElementImpl& src); + IMPL_XMLOBJECT_CHILDREN(UnknownXMLObject,m_children.end()); void marshallAttributes(xercesc::DOMElement* domElement) const; diff --git a/xmltooling/impl/MemoryStorageService.cpp b/xmltooling/impl/MemoryStorageService.cpp index 55a1f19..6d4688f 100644 --- a/xmltooling/impl/MemoryStorageService.cpp +++ b/xmltooling/impl/MemoryStorageService.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -36,6 +40,11 @@ using namespace std; using xercesc::DOMElement; +namespace { + // Reasonably extended sizes to avoid callers needing to shrink unduly. + static const XMLTOOL_DLLLOCAL StorageService::Capabilities g_memCaps(0x4000, 0x4000, 0x4000); +}; + namespace xmltooling { class XMLTOOL_DLLLOCAL MemoryStorageService : public StorageService { @@ -43,6 +52,10 @@ namespace xmltooling { MemoryStorageService(const DOMElement* e); virtual ~MemoryStorageService(); + const Capabilities& getCapabilities() const { + return g_memCaps; + } + bool createString(const char* context, const char* key, const char* value, time_t expiration); int readString(const char* context, const char* key, string* pvalue=nullptr, time_t* pexpiration=nullptr, int version=0); int updateString(const char* context, const char* key, const char* value=nullptr, time_t expiration=0, int version=0); @@ -103,9 +116,9 @@ namespace xmltooling { } map m_contextMap; - RWLock* m_lock; - CondWait* shutdown_wait; - Thread* cleanup_thread; + auto_ptr m_lock; + auto_ptr shutdown_wait; + auto_ptr cleanup_thread; static void* cleanup_fn(void*); bool shutdown; int m_cleanupInterval; @@ -121,13 +134,11 @@ namespace xmltooling { static const XMLCh cleanupInterval[] = UNICODE_LITERAL_15(c,l,e,a,n,u,p,I,n,t,e,r,v,a,l); MemoryStorageService::MemoryStorageService(const DOMElement* e) - : m_lock(nullptr), shutdown_wait(nullptr), cleanup_thread(nullptr), shutdown(false), + : m_lock(RWLock::create()), shutdown_wait(CondWait::create()), shutdown(false), m_cleanupInterval(XMLHelper::getAttrInt(e, 900, cleanupInterval)), m_log(Category::getInstance(XMLTOOLING_LOGCAT".StorageService")) { - m_lock = RWLock::create(); - shutdown_wait = CondWait::create(); - cleanup_thread = Thread::create(&cleanup_fn, (void*)this); + cleanup_thread.reset(Thread::create(&cleanup_fn, (void*)this)); } MemoryStorageService::~MemoryStorageService() @@ -136,10 +147,6 @@ MemoryStorageService::~MemoryStorageService() shutdown = true; shutdown_wait->signal(); cleanup_thread->join(nullptr); - - delete cleanup_thread; - delete shutdown_wait; - delete m_lock; } void* MemoryStorageService::cleanup_fn(void* pv) @@ -168,7 +175,7 @@ void* MemoryStorageService::cleanup_fn(void* pv) unsigned long count=0; time_t now = time(nullptr); cache->m_lock->wrlock(); - SharedLock locker(cache->m_lock, false); + SharedLock locker(cache->m_lock.get(), false); for (map::iterator i=cache->m_contextMap.begin(); i!=cache->m_contextMap.end(); ++i) count += i->second.reap(now); @@ -185,7 +192,7 @@ void* MemoryStorageService::cleanup_fn(void* pv) void MemoryStorageService::reap(const char* context) { Context& ctx = writeContext(context); - SharedLock locker(m_lock, false); + SharedLock locker(m_lock.get(), false); ctx.reap(time(nullptr)); } @@ -211,7 +218,7 @@ unsigned long MemoryStorageService::Context::reap(time_t exp) bool MemoryStorageService::createString(const char* context, const char* key, const char* value, time_t expiration) { Context& ctx = writeContext(context); - SharedLock locker(m_lock, false); + SharedLock locker(m_lock.get(), false); // Check for a duplicate. map::iterator i=ctx.m_dataMap.find(key); @@ -232,7 +239,7 @@ bool MemoryStorageService::createString(const char* context, const char* key, co int MemoryStorageService::readString(const char* context, const char* key, string* pvalue, time_t* pexpiration, int version) { Context& ctx = readContext(context); - SharedLock locker(m_lock, false); + SharedLock locker(m_lock.get(), false); map::iterator i=ctx.m_dataMap.find(key); if (i==ctx.m_dataMap.end()) @@ -251,7 +258,7 @@ int MemoryStorageService::readString(const char* context, const char* key, strin int MemoryStorageService::updateString(const char* context, const char* key, const char* value, time_t expiration, int version) { Context& ctx = writeContext(context); - SharedLock locker(m_lock, false); + SharedLock locker(m_lock.get(), false); map::iterator i=ctx.m_dataMap.find(key); if (i==ctx.m_dataMap.end()) @@ -277,7 +284,7 @@ int MemoryStorageService::updateString(const char* context, const char* key, con bool MemoryStorageService::deleteString(const char* context, const char* key) { Context& ctx = writeContext(context); - SharedLock locker(m_lock, false); + SharedLock locker(m_lock.get(), false); // Find the record. map::iterator i=ctx.m_dataMap.find(key); @@ -294,7 +301,7 @@ bool MemoryStorageService::deleteString(const char* context, const char* key) void MemoryStorageService::updateContext(const char* context, time_t expiration) { Context& ctx = writeContext(context); - SharedLock locker(m_lock, false); + SharedLock locker(m_lock.get(), false); time_t now = time(nullptr); map::iterator stop=ctx.m_dataMap.end(); diff --git a/xmltooling/impl/UnknownElement.cpp b/xmltooling/impl/UnknownElement.cpp index 1cf0373..2155eb0 100644 --- a/xmltooling/impl/UnknownElement.cpp +++ b/xmltooling/impl/UnknownElement.cpp @@ -1,17 +1,21 @@ -/* -* Copyright 2001-2010 Internet2 - * -* Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/impl/UnknownElement.h b/xmltooling/impl/UnknownElement.h index 90d9a67..411ef40 100644 --- a/xmltooling/impl/UnknownElement.h +++ b/xmltooling/impl/UnknownElement.h @@ -1,17 +1,21 @@ -/* -* Copyright 2001-2010 Internet2 - * -* Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/internal.h b/xmltooling/internal.h index d4eb294..c486b10 100644 --- a/xmltooling/internal.h +++ b/xmltooling/internal.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /* @@ -24,6 +28,7 @@ #ifdef WIN32 # define _CRT_SECURE_NO_DEPRECATE 1 # define _CRT_NONSTDC_NO_DEPRECATE 1 +# define _SCL_SECURE_NO_WARNINGS 1 #endif // Export public APIs. @@ -40,7 +45,10 @@ #include "XMLToolingConfig.h" #include "util/ParserPool.h" +#include +#include #include + #ifndef XMLTOOLING_NO_XMLSEC #include #endif @@ -75,16 +83,11 @@ namespace xmltooling { /// @cond OFF - class XMLToolingInternalConfig : public XMLToolingConfig + class XMLTOOL_DLLLOCAL XMLToolingInternalConfig : public XMLToolingConfig { public: - XMLToolingInternalConfig() : -#ifndef XMLTOOLING_NO_XMLSEC - m_xsecProvider(nullptr), -#endif - m_lock(nullptr), m_parserPool(nullptr), m_validatingPool(nullptr) - { - } + XMLToolingInternalConfig(); + ~XMLToolingInternalConfig(); static XMLToolingInternalConfig& getInternalConfig(); @@ -96,6 +99,9 @@ namespace xmltooling { Lockable* lock(); void unlock(); + // named mutexes to limit lock scope + Mutex& getNamedMutex(const char* name); + // configuration bool load_library(const char* path, void* context=nullptr); bool log_config(const char* config=nullptr); @@ -125,8 +131,10 @@ namespace xmltooling { #endif private: + int m_initCount; + Mutex* m_lock; + std::map m_namedLocks; std::vector m_libhandles; - void* m_lock; ParserPool* m_parserPool; ParserPool* m_validatingPool; }; diff --git a/xmltooling/io/AbstractXMLObjectMarshaller.cpp b/xmltooling/io/AbstractXMLObjectMarshaller.cpp index d3af0cb..2fcc667 100644 --- a/xmltooling/io/AbstractXMLObjectMarshaller.cpp +++ b/xmltooling/io/AbstractXMLObjectMarshaller.cpp @@ -1,17 +1,21 @@ -/* -* Copyright 2001-2010 Internet2 - * -* Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -277,7 +281,7 @@ void AbstractXMLObjectMarshaller::marshallElementType(DOMElement* domElement) co } domElement->setAttributeNS(XSI_NS, xsitype, xsivalue); if (xsivalue != typeLocalName) - XMLString::release(&xsivalue); + delete[] xsivalue; m_log.debug("adding XSI namespace to list of namespaces visibly used by XMLObject"); addNamespace(Namespace(XSI_NS, XSI_PREFIX, false, Namespace::VisiblyUsed)); diff --git a/xmltooling/io/AbstractXMLObjectMarshaller.h b/xmltooling/io/AbstractXMLObjectMarshaller.h index c22b173..5f9bce8 100644 --- a/xmltooling/io/AbstractXMLObjectMarshaller.h +++ b/xmltooling/io/AbstractXMLObjectMarshaller.h @@ -1,17 +1,21 @@ -/* -* Copyright 2001-2010 Internet2 - * -* Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/io/AbstractXMLObjectUnmarshaller.cpp b/xmltooling/io/AbstractXMLObjectUnmarshaller.cpp index e33a673..ae2709e 100644 --- a/xmltooling/io/AbstractXMLObjectUnmarshaller.cpp +++ b/xmltooling/io/AbstractXMLObjectUnmarshaller.cpp @@ -1,17 +1,21 @@ -/* -* Copyright 2001-2010 Internet2 - * -* Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/io/AbstractXMLObjectUnmarshaller.h b/xmltooling/io/AbstractXMLObjectUnmarshaller.h index d25c18a..8f3ee27 100644 --- a/xmltooling/io/AbstractXMLObjectUnmarshaller.h +++ b/xmltooling/io/AbstractXMLObjectUnmarshaller.h @@ -1,17 +1,21 @@ -/* -* Copyright 2001-2009 Internet2 - * -* Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/io/GenericRequest.h b/xmltooling/io/GenericRequest.h index cbf6e2f..82bbcc3 100644 --- a/xmltooling/io/GenericRequest.h +++ b/xmltooling/io/GenericRequest.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/io/GenericResponse.h b/xmltooling/io/GenericResponse.h index 5655762..24374aa 100644 --- a/xmltooling/io/GenericResponse.h +++ b/xmltooling/io/GenericResponse.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/io/HTTPRequest.cpp b/xmltooling/io/HTTPRequest.cpp index 8ca93c3..af790e9 100644 --- a/xmltooling/io/HTTPRequest.cpp +++ b/xmltooling/io/HTTPRequest.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -23,7 +27,12 @@ #include "internal.h" #include "HTTPRequest.h" +#include +#include +#include + using namespace xmltooling; +using namespace boost; using namespace std; GenericRequest::GenericRequest() @@ -47,32 +56,24 @@ bool HTTPRequest::isSecure() const return strcmp(getScheme(),"https")==0; } +namespace { + void handle_cookie_fn(map& cookieMap, vector& nvpair, const string& s) { + nvpair.clear(); + split(nvpair, s, is_any_of("=")); + if (nvpair.size() == 2) { + trim(nvpair[0]); + cookieMap[nvpair[0]] = nvpair[1]; + } + } +} + const char* HTTPRequest::getCookie(const char* name) const { if (m_cookieMap.empty()) { string cookies=getHeader("Cookie"); - - string::size_type pos=0,cname,namelen,val,vallen; - while (pos !=string::npos && pos < cookies.length()) { - while (isspace(cookies[pos])) pos++; - cname=pos; - pos=cookies.find_first_of("=",pos); - if (pos == string::npos) - break; - namelen=pos-cname; - pos++; - if (pos==cookies.length()) - break; - val=pos; - pos=cookies.find_first_of(";",pos); - if (pos != string::npos) { - vallen=pos-val; - pos++; - m_cookieMap.insert(make_pair(cookies.substr(cname,namelen),cookies.substr(val,vallen))); - } - else - m_cookieMap.insert(make_pair(cookies.substr(cname,namelen),cookies.substr(val))); - } + vector nvpair; + tokenizer< char_separator > nvpairs(cookies, char_separator(";")); + for_each(nvpairs.begin(), nvpairs.end(), boost::bind(handle_cookie_fn, boost::ref(m_cookieMap), boost::ref(nvpair), _1)); } map::const_iterator lookup=m_cookieMap.find(name); return (lookup==m_cookieMap.end()) ? nullptr : lookup->second.c_str(); diff --git a/xmltooling/io/HTTPRequest.h b/xmltooling/io/HTTPRequest.h index 5eb454f..666c862 100644 --- a/xmltooling/io/HTTPRequest.h +++ b/xmltooling/io/HTTPRequest.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/io/HTTPResponse.cpp b/xmltooling/io/HTTPResponse.cpp index 3eee258..c49c9a8 100644 --- a/xmltooling/io/HTTPResponse.cpp +++ b/xmltooling/io/HTTPResponse.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -23,7 +27,11 @@ #include "internal.h" #include "HTTPResponse.h" +#include +#include + using namespace xmltooling; +using namespace boost; using namespace std; GenericResponse::GenericResponse() @@ -43,6 +51,9 @@ vector& HTTPResponse::getAllowedSchemes() void HTTPResponse::sanitizeURL(const char* url) { + // predicate for checking scheme below + static bool (*fn)(const string&, const string&, const std::locale&) = iequals; + const char* ch; for (ch=url; *ch; ++ch) { if (iscntrl((unsigned char)(*ch))) // convert to unsigned to allow full range from 00-FF @@ -53,14 +64,10 @@ void HTTPResponse::sanitizeURL(const char* url) if (!ch) throw IOException("URL is malformed."); string s(url, ch - url); - for (vector::const_iterator i = m_allowedSchemes.begin(); i != m_allowedSchemes.end(); ++i) { -#ifdef HAVE_STRCASECMP - if (!strcasecmp(s.c_str(), i->c_str())) -#else - if (!stricmp(s.c_str(), i->c_str())) -#endif - return; - } + vector::const_iterator i = + find_if(m_allowedSchemes.begin(), m_allowedSchemes.end(), boost::bind(fn, boost::cref(s), _1, boost::cref(std::locale()))); + if (i != m_allowedSchemes.end()) + return; throw IOException("URL contains invalid scheme ($1).", params(1, s.c_str())); } diff --git a/xmltooling/io/HTTPResponse.h b/xmltooling/io/HTTPResponse.h index 6e4514f..fa70d5b 100644 --- a/xmltooling/io/HTTPResponse.h +++ b/xmltooling/io/HTTPResponse.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/logging.h b/xmltooling/logging.h index 377db18..7851866 100644 --- a/xmltooling/logging.h +++ b/xmltooling/logging.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2007 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -26,12 +30,14 @@ #include #if defined(XMLTOOLING_LOG4SHIB) +# define LOG4SHIB_HAVE_INT64_T 1 # include # include namespace xmltooling { namespace logging = log4shib; }; #elif defined(XMLTOOLING_LOG4CPP) +# define LOG4CPP_HAVE_INT64_T 1 # include # include namespace xmltooling { diff --git a/xmltooling/resource.h b/xmltooling/resource.h index 79fe549..9b2726a 100644 --- a/xmltooling/resource.h +++ b/xmltooling/resource.h @@ -1,3 +1,23 @@ +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. + */ + //{{NO_DEPENDENCIES}} // Microsoft Developer Studio generated include file. // Used by shibsp.rc diff --git a/xmltooling/security/AbstractPKIXTrustEngine.h b/xmltooling/security/AbstractPKIXTrustEngine.h index 354821f..3666fb7 100644 --- a/xmltooling/security/AbstractPKIXTrustEngine.h +++ b/xmltooling/security/AbstractPKIXTrustEngine.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -27,10 +31,13 @@ #include #include +#include #include +#include namespace xmltooling { + class XMLTOOL_API OpenSSLPathValidator; class XMLTOOL_API XSECCryptoX509CRL; /** @@ -47,24 +54,45 @@ namespace xmltooling { * *

    *
  • checkRevocation attribute (off, entityOnly, fullChain) + *
  • policyMappingInhibit attribute (boolean) + *
  • anyPolicyInhibit attribute (boolean) + *
  • &t;PathValidator> element (zero or more) + *
  • <TrustedName> element (zero or more) + *
  • <PolicyOID> element (zero or more) *
* * @param e DOM to supply configuration for provider */ AbstractPKIXTrustEngine(const xercesc::DOMElement* e=nullptr); - /** Controls revocation checking, currently limited to CRLs and supports "off", "entityOnly", "fullChain". */ - std::string m_checkRevocation; + /** Plugins used to perform path validation. */ + boost::ptr_vector m_pathValidators; + + /** Controls revocation checking, currently limited to CRLs and supports "off", "entityOnly", "fullChain". */ + std::string m_checkRevocation; /** Deprecated option, equivalent to checkRevocation="fullChain". */ bool m_fullCRLChain; - + + /** Disable policy mapping when applying PKIX policy checking. */ + bool m_policyMappingInhibit; + + /** Disallow the anyPolicy OID (2.5.29.32.0) when applying PKIX policy checking. */ + bool m_anyPolicyInhibit; + + /** A list of acceptable policy OIDs (explicit policy checking). */ + std::set m_policyOIDs; + + /** A list of trusted names (subject DNs / CN attributes / subjectAltName entries). */ + std::set m_trustedNames; + /** * Checks that either the name of the peer with the given credentials or the names * of the credentials match the subject or subject alternate names of the certificate. + * Alternatively explicit trusted names can be supplied statically via configuration. * * @param certEE the credential for the entity to validate - * @param credResolver source of credentials + * @param credResolver source of trusted credentials * @param criteria criteria for selecting credentials, including the peer name * * @return true the name check succeeds, false if not @@ -176,6 +204,8 @@ namespace xmltooling { CredentialCriteria* criteria=nullptr, const std::vector* inlineCRLs=nullptr ) const; + + friend class XMLTOOL_DLLLOCAL PKIXParams; }; }; diff --git a/xmltooling/security/BasicX509Credential.h b/xmltooling/security/BasicX509Credential.h index 1bfe2ec..7dd2108 100644 --- a/xmltooling/security/BasicX509Credential.h +++ b/xmltooling/security/BasicX509Credential.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/ChainingTrustEngine.h b/xmltooling/security/ChainingTrustEngine.h index 80e5849..a48decb 100644 --- a/xmltooling/security/ChainingTrustEngine.h +++ b/xmltooling/security/ChainingTrustEngine.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -26,7 +30,7 @@ #include #include -#include +#include namespace xmltooling { @@ -97,10 +101,10 @@ namespace xmltooling { CredentialCriteria* criteria=nullptr ) const; private: - std::vector m_engines; - std::vector m_sigEngines; - std::vector m_x509Engines; - std::vector m_osslEngines; + boost::ptr_vector m_engines; + boost::ptr_vector m_sigEngines; + boost::ptr_vector m_x509Engines; + boost::ptr_vector m_osslEngines; }; }; diff --git a/xmltooling/security/Credential.h b/xmltooling/security/Credential.h index a334d62..fcc9c64 100644 --- a/xmltooling/security/Credential.h +++ b/xmltooling/security/Credential.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/CredentialContext.h b/xmltooling/security/CredentialContext.h index aa38656..fa7f676 100644 --- a/xmltooling/security/CredentialContext.h +++ b/xmltooling/security/CredentialContext.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/CredentialCriteria.h b/xmltooling/security/CredentialCriteria.h index 131f9a6..e1b65e6 100644 --- a/xmltooling/security/CredentialCriteria.h +++ b/xmltooling/security/CredentialCriteria.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/CredentialResolver.h b/xmltooling/security/CredentialResolver.h index 2ad4ffc..89be8c2 100644 --- a/xmltooling/security/CredentialResolver.h +++ b/xmltooling/security/CredentialResolver.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -70,6 +74,9 @@ namespace xmltooling { /** CredentialResolver based on local files with no criteria support. */ #define FILESYSTEM_CREDENTIAL_RESOLVER "File" + /** CredentialResolver that returns nothing, for use with some APIs. */ + #define DUMMY_CREDENTIAL_RESOLVER "Dummy" + /** CredentialResolver based on chaining together other resolvers. */ #define CHAINING_CREDENTIAL_RESOLVER "Chaining" }; diff --git a/xmltooling/security/KeyInfoCredentialContext.h b/xmltooling/security/KeyInfoCredentialContext.h index 3f244a3..a110aed 100644 --- a/xmltooling/security/KeyInfoCredentialContext.h +++ b/xmltooling/security/KeyInfoCredentialContext.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/KeyInfoResolver.h b/xmltooling/security/KeyInfoResolver.h index 042ccd3..c210149 100644 --- a/xmltooling/security/KeyInfoResolver.h +++ b/xmltooling/security/KeyInfoResolver.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/OpenSSLCredential.h b/xmltooling/security/OpenSSLCredential.h index 24ccf42..2234f1c 100644 --- a/xmltooling/security/OpenSSLCredential.h +++ b/xmltooling/security/OpenSSLCredential.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/OpenSSLCryptoX509CRL.h b/xmltooling/security/OpenSSLCryptoX509CRL.h index 8a93dd3..9e885ed 100644 --- a/xmltooling/security/OpenSSLCryptoX509CRL.h +++ b/xmltooling/security/OpenSSLCryptoX509CRL.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 The Apache Software Foundation. +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/OpenSSLPathValidator.h b/xmltooling/security/OpenSSLPathValidator.h new file mode 100644 index 0000000..cd365ed --- /dev/null +++ b/xmltooling/security/OpenSSLPathValidator.h @@ -0,0 +1,68 @@ +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. + */ + +/** + * @file xmltooling/security/OpenSSLPathValidator.h + * + * Extended PathValidator interface that adds validation + * using OpenSSL data types directly for efficiency. + */ + +#if !defined(__xmltooling_opensslpathval_h__) && !defined(XMLTOOLING_NO_XMLSEC) +#define __xmltooling_opensslpathval_h__ + +#include + +#include + + +namespace xmltooling { + + /** + * Extended PathValidator interface that adds validation + * using OpenSSL data types directly for efficiency. + */ + class XMLTOOL_API OpenSSLPathValidator : public PathValidator + { + MAKE_NONCOPYABLE(OpenSSLPathValidator); + protected: + OpenSSLPathValidator(); + + public: + virtual ~OpenSSLPathValidator(); + + /** + * Validates an end-entity certificate. + * + * @param certEE end-entity certificate + * @param certChain the complete untrusted certificate chain + * @param params plugin-specific parameters to the validation process + * @return true iff validaton succeeds + */ + virtual bool validate( + X509* certEE, + STACK_OF(X509)* certChain, + const PathValidatorParams& params + ) const=0; + + }; +}; + +#endif /* __xmltooling_opensslpathval_h__ */ diff --git a/xmltooling/security/OpenSSLTrustEngine.h b/xmltooling/security/OpenSSLTrustEngine.h index f7fb4b8..aae00ee 100644 --- a/xmltooling/security/OpenSSLTrustEngine.h +++ b/xmltooling/security/OpenSSLTrustEngine.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/PKIXPathValidatorParams.h b/xmltooling/security/PKIXPathValidatorParams.h new file mode 100644 index 0000000..e460e4e --- /dev/null +++ b/xmltooling/security/PKIXPathValidatorParams.h @@ -0,0 +1,108 @@ +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. + */ + +/** + * @file xmltooling/security/PKIXPathValidatorParams.h + * + * PKIX-specific parameters to a PathValidator. + */ + +#if !defined(__xmltooling_pkixvalparam_h__) && !defined(XMLTOOLING_NO_XMLSEC) +#define __xmltooling_pkixvalparam_h__ + +#include + +#include +#include + +namespace xmltooling { + + class XMLTOOL_API XSECCryptoX509CRL; + + /** + * PKIX-specific parameters to a PathValidator. + */ + class XMLTOOL_API PKIXPathValidatorParams : public PathValidator::PathValidatorParams + { + protected: + PKIXPathValidatorParams(); + + public: + virtual ~PKIXPathValidatorParams(); + + /** + * Returns the allowable trust chain verification depth. + * + * @return allowable trust chain verification depth + */ + virtual int getVerificationDepth() const=0; + + /** + * Checks whether the any policy OID should be processed + * if it is included in a certificate. + * + * @return true iff the any policy OID should *not* be processed + */ + virtual bool isAnyPolicyInhibited() const=0; + + /** + * Checks if policy mapping is inhibited. + * + * @return true iff policy mapping should not be allowed + */ + virtual bool isPolicyMappingInhibited() const=0; + + /** + * Returns a set of policy OIDs. + * + * @return set of policy OIDs + */ + virtual const std::set& getPolicies() const=0; + + /** + * Returns a set of trust anchors. + * + * @return set of trust anchors + */ + virtual const std::vector& getTrustAnchors() const=0; + + enum revocation_t { + REVOCATION_OFF = 0, + REVOCATION_ENTITYONLY = 1, + REVOCATION_FULLCHAIN = 2 + }; + + /** + * Returns the type of revocation checking to perform. + * + * @return revocation checking option + */ + virtual revocation_t getRevocationChecking() const=0; + + /** + * Returns a set of CRLs. + * + * @return set of CRLs + */ + virtual const std::vector& getCRLs() const=0; + }; +}; + +#endif /* __xmltooling_pkixvalparam_h__ */ diff --git a/xmltooling/security/PathValidator.h b/xmltooling/security/PathValidator.h new file mode 100644 index 0000000..736eeb3 --- /dev/null +++ b/xmltooling/security/PathValidator.h @@ -0,0 +1,87 @@ +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. + */ + +/** + * @file xmltooling/security/PathValidator.h + * + * Plugin interface to certificate path validation. + */ + +#if !defined(__xmltooling_pathval_h__) && !defined(XMLTOOLING_NO_XMLSEC) +#define __xmltooling_pathval_h__ + +#include + +class XSECCryptoX509; + +namespace xmltooling { + + /** + * Plugin interface to certificate path validation, independent of context. + *

This interface assumes that the end-entity certificate is "correctly" + * bound to a party, and solely addresses the validity of that certificate. + */ + class XMLTOOL_API PathValidator + { + MAKE_NONCOPYABLE(PathValidator); + protected: + PathValidator(); + + public: + virtual ~PathValidator(); + + /** + * Marker interface for plugin-specific parameters into the validation + * process. + */ + class XMLTOOL_API PathValidatorParams { + MAKE_NONCOPYABLE(PathValidatorParams); + protected: + PathValidatorParams(); + + public: + virtual ~PathValidatorParams(); + }; + + /** + * Validates an end-entity certificate. + * + * @param certEE end-entity certificate + * @param certChain the complete untrusted certificate chain + * @param params plugin-specific parameters to the validation process + * @return true iff validaton succeeds + */ + virtual bool validate( + XSECCryptoX509* certEE, + const std::vector& certChain, + const PathValidatorParams& params + ) const=0; + }; + + /** + * Registers PathValidator classes into the runtime. + */ + void XMLTOOL_API registerPathValidators(); + + /** PathValidator based on PKIX. */ + #define PKIX_PATHVALIDATOR "PKIX" +}; + +#endif /* __xmltooling_pathval_h__ */ diff --git a/xmltooling/security/SecurityHelper.h b/xmltooling/security/SecurityHelper.h index 7c045a9..b1e7c58 100644 --- a/xmltooling/security/SecurityHelper.h +++ b/xmltooling/security/SecurityHelper.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/SignatureTrustEngine.h b/xmltooling/security/SignatureTrustEngine.h index 995b2f2..71ee2bc 100644 --- a/xmltooling/security/SignatureTrustEngine.h +++ b/xmltooling/security/SignatureTrustEngine.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/TrustEngine.h b/xmltooling/security/TrustEngine.h index 6c25ec4..c397441 100644 --- a/xmltooling/security/TrustEngine.h +++ b/xmltooling/security/TrustEngine.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/X509Credential.h b/xmltooling/security/X509Credential.h index a2b1d89..a29f438 100644 --- a/xmltooling/security/X509Credential.h +++ b/xmltooling/security/X509Credential.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/X509TrustEngine.h b/xmltooling/security/X509TrustEngine.h index 6f020cd..f386602 100644 --- a/xmltooling/security/X509TrustEngine.h +++ b/xmltooling/security/X509TrustEngine.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/XSECCryptoX509CRL.h b/xmltooling/security/XSECCryptoX509CRL.h index ccfe05c..afe6ee8 100644 --- a/xmltooling/security/XSECCryptoX509CRL.h +++ b/xmltooling/security/XSECCryptoX509CRL.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 The Apache Software Foundation. +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/impl/AbstractPKIXTrustEngine.cpp b/xmltooling/security/impl/AbstractPKIXTrustEngine.cpp index 5f42ad2..9a3f95b 100644 --- a/xmltooling/security/impl/AbstractPKIXTrustEngine.cpp +++ b/xmltooling/security/impl/AbstractPKIXTrustEngine.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -30,6 +34,8 @@ #include "security/CredentialResolver.h" #include "security/KeyInfoResolver.h" #include "security/OpenSSLCryptoX509CRL.h" +#include "security/OpenSSLPathValidator.h" +#include "security/PKIXPathValidatorParams.h" #include "security/SecurityHelper.h" #include "security/X509Credential.h" #include "signature/SignatureValidator.h" @@ -37,8 +43,6 @@ #include "util/PathResolver.h" #include -#include -#include #include #include @@ -46,373 +50,67 @@ using namespace xmlsignature; using namespace xmltooling::logging; using namespace xmltooling; using namespace std; +using boost::ptr_vector; - -namespace { - static int XMLTOOL_DLLLOCAL error_callback(int ok, X509_STORE_CTX* ctx) - { - if (!ok) - Category::getInstance("OpenSSL").error("path validation failure: %s", X509_verify_cert_error_string(ctx->error)); - return ok; - } - - static string XMLTOOL_DLLLOCAL X509_NAME_to_string(X509_NAME* n) - { - string s; - BIO* b = BIO_new(BIO_s_mem()); - X509_NAME_print_ex(b,n,0,XN_FLAG_RFC2253); - BIO_flush(b); - BUF_MEM* bptr=nullptr; - BIO_get_mem_ptr(b, &bptr); - if (bptr && bptr->length > 0) { - s.append(bptr->data, bptr->length); - } - BIO_free(b); - return s; - } - - static time_t XMLTOOL_DLLLOCAL getCRLTime(const ASN1_TIME *a) +namespace xmltooling { + // Adapter between TrustEngine and PathValidator + class XMLTOOL_DLLLOCAL PKIXParams : public PKIXPathValidatorParams { - struct tm t; - memset(&t, 0, sizeof(t)); - // RFC 5280, sections 5.1.2.4 and 5.1.2.5 require thisUpdate and nextUpdate - // to be encoded as UTCTime until 2049, and RFC 5280 section 4.1.2.5.1 - // further restricts the format to "YYMMDDHHMMSSZ" ("even where the number - // of seconds is zero"). - // As long as OpenSSL doesn't provide any API to convert ASN1_TIME values - // time_t, we therefore have to parse it ourselves, unfortunately. - if (sscanf((const char*)a->data, "%2d%2d%2d%2d%2d%2dZ", - &t.tm_year, &t.tm_mon, &t.tm_mday, - &t.tm_hour, &t.tm_min, &t.tm_sec) == 6) { - if (t.tm_year <= 50) { - // RFC 5280, section 4.1.2.5.1 - t.tm_year += 100; + const AbstractPKIXTrustEngine& m_trust; + const AbstractPKIXTrustEngine::PKIXValidationInfoIterator& m_pkixInfo; + vector m_crls; + public: + PKIXParams( + const AbstractPKIXTrustEngine& t, + const AbstractPKIXTrustEngine::PKIXValidationInfoIterator& pkixInfo, + const vector* inlineCRLs + ) : m_trust(t), m_pkixInfo(pkixInfo) { + if (inlineCRLs && !inlineCRLs->empty()) { + m_crls = *inlineCRLs; + m_crls.insert(m_crls.end(), pkixInfo.getCRLs().begin(), pkixInfo.getCRLs().end()); } - t.tm_mon--; -#if defined(HAVE_TIMEGM) - return timegm(&t); -#else - // Windows, and hopefully most others...? - return mktime(&t) - timezone; -#endif } - return (time_t)-1; - } - static bool XMLTOOL_DLLLOCAL isFreshCRL(XSECCryptoX509CRL *c, Category* log=nullptr) - { - // eventually, these should be made configurable - #define MIN_SECS_REMAINING 86400 - #define MIN_PERCENT_REMAINING 10 - if (c) { - const X509_CRL* crl = static_cast(c)->getOpenSSLX509CRL(); - time_t thisUpdate = getCRLTime(X509_CRL_get_lastUpdate(crl)); - time_t nextUpdate = getCRLTime(X509_CRL_get_nextUpdate(crl)); - time_t now = time(nullptr); - - if (thisUpdate < 0 || nextUpdate < 0) { - // we failed to parse at least one of the fields (they were not encoded - // as required by RFC 5280, actually) - time_t exp = now + MIN_SECS_REMAINING; - if (log) { - log->warn("isFreshCRL (issuer '%s'): improperly encoded thisUpdate or nextUpdate field - falling back to simple time comparison", - (X509_NAME_to_string(X509_CRL_get_issuer(crl))).c_str()); - } - return (X509_cmp_time(X509_CRL_get_nextUpdate(crl), &exp) > 0) ? true : false; - } - else { - if (log && log->isDebugEnabled()) { - log->debug("isFreshCRL (issuer '%s'): %.0f seconds until nextUpdate (%3.2f%% elapsed since thisUpdate)", - (X509_NAME_to_string(X509_CRL_get_issuer(crl))).c_str(), - difftime(nextUpdate, now), (difftime(now, thisUpdate) * 100) / difftime(nextUpdate, thisUpdate)); - } + virtual ~PKIXParams() {} - // consider it recent enough if there are at least MIN_SECS_REMAINING - // to the nextUpdate, and at least MIN_PERCENT_REMAINING of its - // overall "validity" are remaining to the nextUpdate - return (now + MIN_SECS_REMAINING < nextUpdate) && - ((difftime(nextUpdate, now) * 100) / difftime(nextUpdate, thisUpdate) > MIN_PERCENT_REMAINING); - } + int getVerificationDepth() const { + return m_pkixInfo.getVerificationDepth(); } - return false; - } - - static XSECCryptoX509CRL* XMLTOOL_DLLLOCAL getRemoteCRLs(const char* cdpuri, Category& log) { - // This is a temporary CRL cache implementation to avoid breaking binary compatibility - // for the library. Caching can't rely on any member objects within the TrustEngine, - // including locks, so we're using the global library lock for the time being. - // All other state is kept in the file system. - - // minimum number of seconds between re-attempting a download from one particular CRLDP - #define MIN_RETRY_WAIT 60 - - // The filenames for the CRL cache are based on a hash of the CRL location. - string cdpfile = SecurityHelper::doHash("SHA1", cdpuri, strlen(cdpuri)) + ".crl"; - XMLToolingConfig::getConfig().getPathResolver()->resolve(cdpfile, PathResolver::XMLTOOLING_RUN_FILE); - string cdpstaging = cdpfile + ".tmp"; - string tsfile = cdpfile + ".ts"; - - time_t now = time(nullptr); - vector crls; - - try { - // While holding the lock, check for a cached copy of the CRL, and remove "expired" ones. - Locker glock(&XMLToolingConfig::getConfig()); -#ifdef WIN32 - struct _stat stat_buf; - if (_stat(cdpfile.c_str(), &stat_buf) == 0) { -#else - struct stat stat_buf; - if (stat(cdpfile.c_str(), &stat_buf) == 0) { -#endif - SecurityHelper::loadCRLsFromFile(crls, cdpfile.c_str()); - if (crls.empty() || crls.front()->getProviderName() != DSIGConstants::s_unicodeStrPROVOpenSSL || - X509_cmp_time(X509_CRL_get_nextUpdate(static_cast(crls.front())->getOpenSSLX509CRL()), &now) < 0) { - for_each(crls.begin(), crls.end(), xmltooling::cleanup()); - crls.clear(); - remove(cdpfile.c_str()); // may as well delete the local copy - remove(tsfile.c_str()); - log.info("deleting cached CRL from %s with nextUpdate field in the past", cdpuri); - } - } + bool isAnyPolicyInhibited() const { + return m_trust.m_anyPolicyInhibit; } - catch (exception& ex) { - log.error("exception loading cached copy of CRL from %s: %s", cdpuri, ex.what()); + bool isPolicyMappingInhibited() const { + return m_trust.m_policyMappingInhibit; } - - if (crls.empty() || !isFreshCRL(crls.front(), &log)) { - bool updateTimestamp = true; - try { - // If we get here, the cached copy didn't exist yet, or it's time to refresh. - // To limit the rate of unsuccessful attempts when a CRLDP is unreachable, - // we remember the timestamp of the last attempt (both successful/unsuccessful). - // We store this in the file system because of the binary compatibility issue. - time_t ts = 0; - try { - Locker glock(&XMLToolingConfig::getConfig()); - ifstream tssrc(tsfile.c_str()); - if (tssrc) - tssrc >> ts; - } - catch (exception&) { - ts = 0; - } - - if (difftime(now, ts) > MIN_RETRY_WAIT) { - SOAPTransport::Address addr("AbstractPKIXTrustEngine", cdpuri, cdpuri); - string scheme(addr.m_endpoint, strchr(addr.m_endpoint,':') - addr.m_endpoint); - auto_ptr soap(XMLToolingConfig::getConfig().SOAPTransportManager.newPlugin(scheme.c_str(), addr)); - soap->send(); - istream& msg = soap->receive(); - Locker glock(&XMLToolingConfig::getConfig()); - ofstream out(cdpstaging.c_str(), fstream::trunc|fstream::binary); - out << msg.rdbuf(); - out.close(); - SecurityHelper::loadCRLsFromFile(crls, cdpstaging.c_str()); - if (crls.empty() || crls.front()->getProviderName() != DSIGConstants::s_unicodeStrPROVOpenSSL || - X509_cmp_time(X509_CRL_get_nextUpdate(static_cast(crls.front())->getOpenSSLX509CRL()), &now) < 0) { - // The "new" CRL wasn't usable, so get rid of it. - for_each(crls.begin(), crls.end(), xmltooling::cleanup()); - crls.clear(); - remove(cdpstaging.c_str()); - log.error("ignoring CRL retrieved from %s with nextUpdate field in the past", cdpuri); - } - else { - // "Commit" the new CRL. Note that we might add a CRL which doesn't pass - // isFreshCRL, but that's preferrable over adding none at all. - log.info("CRL refreshed from %s", cdpuri); - remove(cdpfile.c_str()); - if (rename(cdpstaging.c_str(), cdpfile.c_str()) != 0) - log.error("unable to rename CRL staging file"); - } - } - else { - updateTimestamp = false; // don't update if we're within the backoff window - } - } - catch (exception& ex) { - log.error("exception downloading/caching CRL from %s: %s", cdpuri, ex.what()); - } - - if (updateTimestamp) { - // update the timestamp file - Locker glock(&XMLToolingConfig::getConfig()); - ofstream tssink(tsfile.c_str(), fstream::trunc); - tssink << now; - tssink.close(); - } + const set& getPolicies() const { + return m_trust.m_policyOIDs; } - - if (crls.empty()) - return nullptr; - for_each(crls.begin() + 1, crls.end(), xmltooling::cleanup()); - return crls.front(); - } - - static bool XMLTOOL_DLLLOCAL validate( - X509* EE, - STACK_OF(X509)* untrusted, - AbstractPKIXTrustEngine::PKIXValidationInfoIterator* pkixInfo, - bool useCRL, - bool fullCRLChain, - const vector* inlineCRLs=nullptr - ) - { - Category& log=Category::getInstance(XMLTOOLING_LOGCAT".TrustEngine"); - - // First we build a stack of CA certs. These objects are all referenced in place. - log.debug("supplying PKIX Validation information"); - - // We need this for CRL support. - X509_STORE* store=X509_STORE_new(); - if (!store) { - log_openssl(); - return false; + const vector& getTrustAnchors() const { + return m_pkixInfo.getTrustAnchors(); } - - // This contains the state of the validate operation. - int count=0; - X509_STORE_CTX ctx; - - // AFAICT, EE and untrusted are passed in but not owned by the ctx. -#if (OPENSSL_VERSION_NUMBER >= 0x00907000L) - if (X509_STORE_CTX_init(&ctx,store,EE,untrusted)!=1) { - log_openssl(); - log.error("unable to initialize X509_STORE_CTX"); - X509_STORE_free(store); - return false; + PKIXPathValidatorParams::revocation_t getRevocationChecking() const { + if (m_trust.m_checkRevocation.empty() || m_trust.m_checkRevocation == "off") + return PKIXPathValidatorParams::REVOCATION_OFF; + else if (m_trust.m_checkRevocation == "entityOnly") + return PKIXPathValidatorParams::REVOCATION_ENTITYONLY; + else if (m_trust.m_checkRevocation == "fullChain") + return PKIXPathValidatorParams::REVOCATION_FULLCHAIN; + return PKIXPathValidatorParams::REVOCATION_OFF; } -#else - X509_STORE_CTX_init(&ctx,store,EE,untrusted); -#endif - - STACK_OF(X509)* CAstack = sk_X509_new_null(); - const vector& CAcerts = pkixInfo->getTrustAnchors(); - for (vector::const_iterator i=CAcerts.begin(); i!=CAcerts.end(); ++i) { - if ((*i)->getProviderName()==DSIGConstants::s_unicodeStrPROVOpenSSL) { - sk_X509_push(CAstack,static_cast(*i)->getOpenSSLX509()); - ++count; - } - } - log.debug("supplied (%d) CA certificate(s)", count); - - // Seems to be most efficient to just pass in the CA stack. - X509_STORE_CTX_trusted_stack(&ctx,CAstack); - X509_STORE_CTX_set_depth(&ctx,100); // we check the depth down below - X509_STORE_CTX_set_verify_cb(&ctx,error_callback); - - // Do a first pass verify. If CRLs aren't used, this is the only pass. - int ret=X509_verify_cert(&ctx); - if (ret==1) { - // Now see if the depth was acceptable by counting the number of intermediates. - int depth=sk_X509_num(ctx.chain)-2; - if (pkixInfo->getVerificationDepth() < depth) { - log.error( - "certificate chain was too long (%d intermediates, only %d allowed)", - (depth==-1) ? 0 : depth, - pkixInfo->getVerificationDepth() - ); - ret=0; - } - } - - if (useCRL) { -#if (OPENSSL_VERSION_NUMBER >= 0x00907000L) - // When we add CRLs, we have to be sure the nextUpdate hasn't passed, because OpenSSL won't accept - // the CRL in that case. If we end up not adding a CRL for a particular link in the chain, the - // validation will fail (if the fullChain option was set). - set crlissuers; - time_t now = time(nullptr); - if (inlineCRLs) { - for (vector::const_iterator j=inlineCRLs->begin(); j!=inlineCRLs->end(); ++j) { - if ((*j)->getProviderName()==DSIGConstants::s_unicodeStrPROVOpenSSL && - (X509_cmp_time(X509_CRL_get_nextUpdate(static_cast(*j)->getOpenSSLX509CRL()), &now) > 0)) { - // owned by store - X509_STORE_add_crl(store, X509_CRL_dup(static_cast(*j)->getOpenSSLX509CRL())); - string crlissuer(X509_NAME_to_string(X509_CRL_get_issuer(static_cast(*j)->getOpenSSLX509CRL()))); - if (!crlissuer.empty()) { - log.debug("added inline CRL issued by (%s)", crlissuer.c_str()); - crlissuers.insert(crlissuer); - } - } - } - } - const vector& crls = pkixInfo->getCRLs(); - for (vector::const_iterator j=crls.begin(); j!=crls.end(); ++j) { - if ((*j)->getProviderName()==DSIGConstants::s_unicodeStrPROVOpenSSL && - (X509_cmp_time(X509_CRL_get_nextUpdate(static_cast(*j)->getOpenSSLX509CRL()), &now) > 0)) { - // owned by store - X509_STORE_add_crl(store, X509_CRL_dup(static_cast(*j)->getOpenSSLX509CRL())); - string crlissuer(X509_NAME_to_string(X509_CRL_get_issuer(static_cast(*j)->getOpenSSLX509CRL()))); - if (!crlissuer.empty()) { - log.debug("added CRL issued by (%s)", crlissuer.c_str()); - crlissuers.insert(crlissuer); - } - } - } - - for (int i = 0; i < sk_X509_num(untrusted); ++i) { - X509 *cert = sk_X509_value(untrusted, i); - string crlissuer(X509_NAME_to_string(X509_get_issuer_name(cert))); - if (crlissuers.count(crlissuer)) { - // We already have a CRL for this cert, so skip CRLDP processing for this one. - continue; - } - - bool foundUsableCDP = false; - STACK_OF(DIST_POINT)* dps = (STACK_OF(DIST_POINT)*)X509_get_ext_d2i(cert, NID_crl_distribution_points, nullptr, nullptr); - for (int ii = 0; !foundUsableCDP && ii < sk_DIST_POINT_num(dps); ++ii) { - DIST_POINT* dp = sk_DIST_POINT_value(dps, ii); - if (!dp->distpoint || dp->distpoint->type != 0) - continue; - for (int iii = 0; !foundUsableCDP && iii < sk_GENERAL_NAME_num(dp->distpoint->name.fullname); ++iii) { - GENERAL_NAME* gen = sk_GENERAL_NAME_value(dp->distpoint->name.fullname, iii); - // Only consider HTTP URIs, and stop after the first one we find. -#ifdef HAVE_STRCASECMP - if (gen->type == GEN_URI && (!strncasecmp((const char*)gen->d.ia5->data, "http:", 5))) { -#else - if (gen->type == GEN_URI && (!strnicmp((const char*)gen->d.ia5->data, "http:", 5))) { -#endif - const char* cdpuri = (const char*)gen->d.ia5->data; - auto_ptr crl(getRemoteCRLs(cdpuri, log)); - if (crl.get() && crl->getProviderName()==DSIGConstants::s_unicodeStrPROVOpenSSL && - (isFreshCRL(crl.get()) || (ii == sk_DIST_POINT_num(dps)-1 && iii == sk_GENERAL_NAME_num(dp->distpoint->name.fullname)-1))) { - // owned by store - X509_STORE_add_crl(store, X509_CRL_dup(static_cast(crl.get())->getOpenSSLX509CRL())); - log.debug("added CRL issued by (%s)", crlissuer.c_str()); - crlissuers.insert(crlissuer); - foundUsableCDP = true; - } - } - } - } - sk_DIST_POINT_free(dps); - } - - // Do a second pass verify with CRLs in place. - X509_STORE_CTX_set_flags(&ctx, fullCRLChain ? (X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL) : (X509_V_FLAG_CRL_CHECK)); - ret=X509_verify_cert(&ctx); -#else - log.warn("CRL checking is enabled, but OpenSSL version is too old"); - ret = 0; -#endif + const vector& getCRLs() const { + return m_crls.empty() ? m_pkixInfo.getCRLs() : m_crls; } + }; - // Clean up... - X509_STORE_CTX_cleanup(&ctx); - X509_STORE_free(store); - sk_X509_free(CAstack); - - if (ret==1) { - log.debug("successfully validated certificate chain"); - return true; - } - - return false; - } - static XMLCh fullCRLChain[] = UNICODE_LITERAL_12(f,u,l,l,C,R,L,C,h,a,i,n); - static XMLCh checkRevocation[] = UNICODE_LITERAL_15(c,h,e,c,k,R,e,v,o,c,a,t,i,o,n); + static XMLCh fullCRLChain[] = UNICODE_LITERAL_12(f,u,l,l,C,R,L,C,h,a,i,n); + static XMLCh checkRevocation[] = UNICODE_LITERAL_15(c,h,e,c,k,R,e,v,o,c,a,t,i,o,n); + static XMLCh policyMappingInhibit[] = UNICODE_LITERAL_20(p,o,l,i,c,y,M,a,p,p,i,n,g,I,n,h,i,b,i,t); + static XMLCh anyPolicyInhibit[] = UNICODE_LITERAL_16(a,n,y,P,o,l,i,c,y,I,n,h,i,b,i,t); + static XMLCh _PathValidator[] = UNICODE_LITERAL_13(P,a,t,h,V,a,l,i,d,a,t,o,r); + static XMLCh PolicyOID[] = UNICODE_LITERAL_9(P,o,l,i,c,y,O,I,D); + static XMLCh TrustedName[] = UNICODE_LITERAL_11(T,r,u,s,t,e,d,N,a,m,e); + static XMLCh type[] = UNICODE_LITERAL_4(t,y,p,e); }; AbstractPKIXTrustEngine::PKIXValidationInfoIterator::PKIXValidationInfoIterator() @@ -425,8 +123,10 @@ AbstractPKIXTrustEngine::PKIXValidationInfoIterator::~PKIXValidationInfoIterator AbstractPKIXTrustEngine::AbstractPKIXTrustEngine(const xercesc::DOMElement* e) : TrustEngine(e), + m_checkRevocation(XMLHelper::getAttrString(e, nullptr, checkRevocation)), m_fullCRLChain(XMLHelper::getAttrBool(e, false, fullCRLChain)), - m_checkRevocation(XMLHelper::getAttrString(e, nullptr, checkRevocation)) + m_policyMappingInhibit(XMLHelper::getAttrBool(e, false, policyMappingInhibit)), + m_anyPolicyInhibit(XMLHelper::getAttrBool(e, false, anyPolicyInhibit)) { if (m_fullCRLChain) { Category::getInstance(XMLTOOLING_LOGCAT".TrustEngine.PKIX").warn( @@ -437,6 +137,50 @@ AbstractPKIXTrustEngine::AbstractPKIXTrustEngine(const xercesc::DOMElement* e) else if (m_checkRevocation == "fullChain") { m_fullCRLChain = true; // in case anything's using this } + + xercesc::DOMElement* c = XMLHelper::getFirstChildElement(e); + while (c) { + if (c->hasChildNodes()) { + auto_ptr_char v(c->getTextContent()); + if (v.get() && *v.get()) { + if (XMLString::equals(c->getLocalName(), PolicyOID)) + m_policyOIDs.insert(v.get()); + else if (XMLString::equals(c->getLocalName(), TrustedName)) + m_trustedNames.insert(v.get()); + } + } + else if (XMLString::equals(c->getLocalName(), _PathValidator)) { + try { + string t = XMLHelper::getAttrString(c, nullptr, type); + if (!t.empty()) { + Category::getInstance(XMLTOOLING_LOGCAT".TrustEngine.PKIX").info( + "building PathValidator of type %s", t.c_str() + ); + PathValidator* pv = XMLToolingConfig::getConfig().PathValidatorManager.newPlugin(t.c_str(), c); + OpenSSLPathValidator* ospv = dynamic_cast(pv); + if (!ospv) { + delete pv; + throw XMLSecurityException("PathValidator doesn't support OpenSSL interface."); + } + m_pathValidators.push_back(ospv); + } + } + catch (exception& ex) { + Category::getInstance(XMLTOOLING_LOGCAT".TrustEngine.PKIX").error( + "error building PathValidator: %s", ex.what() + ); + } + } + c = XMLHelper::getNextSiblingElement(c); + } + + if (m_pathValidators.empty()) { + m_pathValidators.push_back( + dynamic_cast( + XMLToolingConfig::getConfig().PathValidatorManager.newPlugin(PKIX_PATHVALIDATOR, e) + ) + ); + } } AbstractPKIXTrustEngine::~AbstractPKIXTrustEngine() @@ -454,10 +198,24 @@ bool AbstractPKIXTrustEngine::checkEntityNames( credResolver.resolve(creds,&criteria); // Build a list of acceptable names. - set trustednames; - trustednames.insert(criteria.getPeerName()); - for (vector::const_iterator cred = creds.begin(); cred!=creds.end(); ++cred) + set trustednames = m_trustedNames; + if (log.isDebugEnabled()) { + for (set::const_iterator n=m_trustedNames.begin(); n!=m_trustedNames.end(); n++) { + log.debug("adding to list of trusted names (%s)", n->c_str()); + } + } + if (criteria.getPeerName()) { + trustednames.insert(criteria.getPeerName()); + log.debug("adding to list of trusted names (%s)", criteria.getPeerName()); + } + for (vector::const_iterator cred = creds.begin(); cred!=creds.end(); ++cred) { trustednames.insert((*cred)->getKeyNames().begin(), (*cred)->getKeyNames().end()); + if (log.isDebugEnabled()) { + for (set::const_iterator n=(*cred)->getKeyNames().begin(); n!=(*cred)->getKeyNames().end(); n++) { + log.debug("adding to list of trusted names (%s)", n->c_str()); + } + } + } X509_NAME* subject=X509_get_subject_name(certEE); if (subject) { @@ -582,7 +340,7 @@ bool AbstractPKIXTrustEngine::validateWithCRLs( STACK_OF(X509)* certChain, const CredentialResolver& credResolver, CredentialCriteria* criteria, - const std::vector* inlineCRLs + const vector* inlineCRLs ) const { #ifdef _DEBUG @@ -597,27 +355,32 @@ bool AbstractPKIXTrustEngine::validateWithCRLs( if (criteria && criteria->getPeerName() && *(criteria->getPeerName())) { log.debug("checking that the certificate name is acceptable"); - if (criteria->getUsage()==Credential::UNSPECIFIED_CREDENTIAL) + if (criteria && criteria->getUsage()==Credential::UNSPECIFIED_CREDENTIAL) criteria->setUsage(Credential::SIGNING_CREDENTIAL); if (!checkEntityNames(certEE,credResolver,*criteria)) { log.error("certificate name was not acceptable"); return false; } } + else if (!m_trustedNames.empty()) { + log.debug("checking that the certificate name is acceptable"); + CredentialCriteria cc; + cc.setUsage(Credential::SIGNING_CREDENTIAL); + if (!checkEntityNames(certEE,credResolver,cc)) { + log.error("certificate name was not acceptable"); + return false; + } + } log.debug("performing certificate path validation..."); auto_ptr pkix(getPKIXValidationInfoIterator(credResolver, criteria)); while (pkix->next()) { - if (::validate( - certEE, - certChain, - pkix.get(), - (m_checkRevocation=="entityOnly" || m_checkRevocation=="fullChain"), - (m_checkRevocation=="fullChain"), - (m_checkRevocation=="entityOnly" || m_checkRevocation=="fullChain") ? inlineCRLs : nullptr - )) { - return true; + PKIXParams params(*this, *pkix.get(), inlineCRLs); + for (ptr_vector::const_iterator v = m_pathValidators.begin(); v != m_pathValidators.end(); ++v) { + if (v->validate(certEE, certChain, params)) { + return true; + } } } diff --git a/xmltooling/security/impl/BasicX509Credential.cpp b/xmltooling/security/impl/BasicX509Credential.cpp index 9fda0b0..93c99b2 100644 --- a/xmltooling/security/impl/BasicX509Credential.cpp +++ b/xmltooling/security/impl/BasicX509Credential.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/impl/ChainingCredentialResolver.cpp b/xmltooling/security/impl/ChainingCredentialResolver.cpp index 0a86d44..dd3c343 100644 --- a/xmltooling/security/impl/ChainingCredentialResolver.cpp +++ b/xmltooling/security/impl/ChainingCredentialResolver.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -28,10 +32,14 @@ #include "util/XMLHelper.h" #include +#include +#include +#include #include using namespace xmltooling::logging; using namespace xmltooling; +using namespace boost; using namespace std; using xercesc::DOMElement; @@ -41,35 +49,38 @@ namespace xmltooling { { public: ChainingCredentialResolver(const DOMElement* e); - virtual ~ChainingCredentialResolver() { - for_each(m_resolvers.begin(), m_resolvers.end(), xmltooling::cleanup()); - } + virtual ~ChainingCredentialResolver() {} Lockable* lock() { - for_each(m_resolvers.begin(), m_resolvers.end(), mem_fun(&Lockable::lock)); + for_each(m_resolvers.begin(), m_resolvers.end(), mem_fun_ref(&Lockable::lock)); return this; } void unlock() { - for_each(m_resolvers.begin(), m_resolvers.end(), mem_fun(&Lockable::unlock)); + for_each(m_resolvers.begin(), m_resolvers.end(), mem_fun_ref(&Lockable::unlock)); } const Credential* resolve(const CredentialCriteria* criteria=nullptr) const { const Credential* cred = nullptr; - for (vector::const_iterator cr = m_resolvers.begin(); !cred && cr!=m_resolvers.end(); ++cr) - cred = (*cr)->resolve(criteria); + for (ptr_vector::const_iterator cr = m_resolvers.begin(); !cred && cr!=m_resolvers.end(); ++cr) + cred = cr->resolve(criteria); return cred; } virtual vector::size_type resolve( vector& results, const CredentialCriteria* criteria=nullptr ) const { - for (vector::const_iterator cr = m_resolvers.begin(); cr!=m_resolvers.end(); ++cr) - (*cr)->resolve(results, criteria); + + // Member function pointer to method to call. + static vector::size_type (CredentialResolver::* fn) + (vector& results, const CredentialCriteria* criteria) const = &CredentialResolver::resolve; + + // ref() converts pass by copy to pass by reference for output parameter + for_each(m_resolvers.begin(), m_resolvers.end(), boost::bind(fn, _1, boost::ref(results), criteria)); return results.size(); } private: - vector m_resolvers; + ptr_vector m_resolvers; }; CredentialResolver* XMLTOOL_DLLLOCAL ChainingCredentialResolverFactory(const DOMElement* const & e) diff --git a/xmltooling/security/impl/ChainingTrustEngine.cpp b/xmltooling/security/impl/ChainingTrustEngine.cpp index 7b9c1ba..81fbd55 100644 --- a/xmltooling/security/impl/ChainingTrustEngine.cpp +++ b/xmltooling/security/impl/ChainingTrustEngine.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2011 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -28,11 +32,14 @@ #include "util/XMLHelper.h" #include +#include #include using namespace xmlsignature; using namespace xmltooling::logging; using namespace xmltooling; +using namespace boost::lambda; +using namespace boost; using namespace std; using xercesc::DOMElement; @@ -47,7 +54,8 @@ namespace xmltooling { static const XMLCh _TrustEngine[] = UNICODE_LITERAL_11(T,r,u,s,t,E,n,g,i,n,e); static const XMLCh type[] = UNICODE_LITERAL_4(t,y,p,e); -ChainingTrustEngine::ChainingTrustEngine(const DOMElement* e) : TrustEngine(e) { +ChainingTrustEngine::ChainingTrustEngine(const DOMElement* e) : TrustEngine(e) +{ Category& log=Category::getInstance(XMLTOOLING_LOGCAT".TrustEngine."CHAINING_TRUSTENGINE); e = e ? XMLHelper::getFirstChildElement(e, _TrustEngine) : nullptr; while (e) { @@ -65,8 +73,8 @@ ChainingTrustEngine::ChainingTrustEngine(const DOMElement* e) : TrustEngine(e) { } } -ChainingTrustEngine::~ChainingTrustEngine() { - for_each(m_engines.begin(), m_engines.end(), xmltooling::cleanup()); +ChainingTrustEngine::~ChainingTrustEngine() +{ } void ChainingTrustEngine::addTrustEngine(TrustEngine* newEngine) @@ -85,32 +93,34 @@ void ChainingTrustEngine::addTrustEngine(TrustEngine* newEngine) TrustEngine* ChainingTrustEngine::removeTrustEngine(TrustEngine* oldEngine) { - vector::iterator i = find(m_engines.begin(), m_engines.end(), oldEngine); + ptr_vector::iterator i = + find_if(m_engines.begin(), m_engines.end(), (&_1 == oldEngine)); if (i != m_engines.end()) { - m_engines.erase(i); - SignatureTrustEngine* sig = dynamic_cast(oldEngine); if (sig) { - vector::iterator s = find(m_sigEngines.begin(), m_sigEngines.end(), sig); + ptr_vector::iterator s = + find_if(m_sigEngines.begin(), m_sigEngines.end(), (&_1 == sig)); if (s != m_sigEngines.end()) m_sigEngines.erase(s); } X509TrustEngine* x509 = dynamic_cast(oldEngine); if (x509) { - vector::iterator x = find(m_x509Engines.begin(), m_x509Engines.end(), x509); + ptr_vector::iterator x = + find_if(m_x509Engines.begin(), m_x509Engines.end(), (&_1 == x509)); if (x != m_x509Engines.end()) m_x509Engines.erase(x); } OpenSSLTrustEngine* ossl = dynamic_cast(oldEngine); if (ossl) { - vector::iterator o = find(m_osslEngines.begin(), m_osslEngines.end(), ossl); + ptr_vector::iterator o = + find_if(m_osslEngines.begin(), m_osslEngines.end(), (&_1 == ossl)); if (o != m_osslEngines.end()) m_osslEngines.erase(o); } - return oldEngine; + return (m_engines.release(i)).release(); } return nullptr; } @@ -118,8 +128,8 @@ TrustEngine* ChainingTrustEngine::removeTrustEngine(TrustEngine* oldEngine) bool ChainingTrustEngine::validate(Signature& sig, const CredentialResolver& credResolver, CredentialCriteria* criteria) const { unsigned int usage = criteria ? criteria->getUsage() : 0; - for (vector::const_iterator i=m_sigEngines.begin(); i!=m_sigEngines.end(); ++i) { - if ((*i)->validate(sig,credResolver,criteria)) + for (ptr_vector::const_iterator i=m_sigEngines.begin(); i!=m_sigEngines.end(); ++i) { + if (i->validate(sig,credResolver,criteria)) return true; if (criteria) { criteria->reset(); @@ -140,8 +150,8 @@ bool ChainingTrustEngine::validate( ) const { unsigned int usage = criteria ? criteria->getUsage() : 0; - for (vector::const_iterator i=m_sigEngines.begin(); i!=m_sigEngines.end(); ++i) { - if ((*i)->validate(sigAlgorithm, sig, keyInfo, in, in_len, credResolver, criteria)) + for (ptr_vector::const_iterator i=m_sigEngines.begin(); i!=m_sigEngines.end(); ++i) { + if (i->validate(sigAlgorithm, sig, keyInfo, in, in_len, credResolver, criteria)) return true; if (criteria) { criteria->reset(); @@ -159,8 +169,8 @@ bool ChainingTrustEngine::validate( ) const { unsigned int usage = criteria ? criteria->getUsage() : 0; - for (vector::const_iterator i=m_x509Engines.begin(); i!=m_x509Engines.end(); ++i) { - if ((*i)->validate(certEE,certChain,credResolver,criteria)) + for (ptr_vector::const_iterator i=m_x509Engines.begin(); i!=m_x509Engines.end(); ++i) { + if (i->validate(certEE,certChain,credResolver,criteria)) return true; if (criteria) { criteria->reset(); @@ -178,8 +188,8 @@ bool ChainingTrustEngine::validate( ) const { unsigned int usage = criteria ? criteria->getUsage() : 0; - for (vector::const_iterator i=m_osslEngines.begin(); i!=m_osslEngines.end(); ++i) { - if ((*i)->validate(certEE,certChain,credResolver,criteria)) + for (ptr_vector::const_iterator i=m_osslEngines.begin(); i!=m_osslEngines.end(); ++i) { + if (i->validate(certEE,certChain,credResolver,criteria)) return true; if (criteria) { criteria->reset(); diff --git a/xmltooling/security/impl/CredentialCriteria.cpp b/xmltooling/security/impl/CredentialCriteria.cpp index b3b4ed2..8853bbf 100644 --- a/xmltooling/security/impl/CredentialCriteria.cpp +++ b/xmltooling/security/impl/CredentialCriteria.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/impl/CredentialResolver.cpp b/xmltooling/security/impl/CredentialResolver.cpp index 58c135c..e00b22c 100644 --- a/xmltooling/security/impl/CredentialResolver.cpp +++ b/xmltooling/security/impl/CredentialResolver.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -26,7 +30,8 @@ using namespace xmltooling; namespace xmltooling { - XMLTOOL_DLLLOCAL PluginManager::Factory FilesystemCredentialResolverFactory; + XMLTOOL_DLLLOCAL PluginManager::Factory FilesystemCredentialResolverFactory; + XMLTOOL_DLLLOCAL PluginManager::Factory DummyCredentialResolverFactory; XMLTOOL_DLLLOCAL PluginManager::Factory ChainingCredentialResolverFactory; }; @@ -34,6 +39,7 @@ void XMLTOOL_API xmltooling::registerCredentialResolvers() { XMLToolingConfig& conf=XMLToolingConfig::getConfig(); conf.CredentialResolverManager.registerFactory(FILESYSTEM_CREDENTIAL_RESOLVER, FilesystemCredentialResolverFactory); + conf.CredentialResolverManager.registerFactory(DUMMY_CREDENTIAL_RESOLVER, DummyCredentialResolverFactory); conf.CredentialResolverManager.registerFactory(CHAINING_CREDENTIAL_RESOLVER, ChainingCredentialResolverFactory); } diff --git a/xmltooling/security/impl/DummyCredentialResolver.cpp b/xmltooling/security/impl/DummyCredentialResolver.cpp new file mode 100644 index 0000000..8ce16bb --- /dev/null +++ b/xmltooling/security/impl/DummyCredentialResolver.cpp @@ -0,0 +1,63 @@ +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. + */ + +/** + * DummyCredentialResolver.cpp + * + * CredentialResolver that returns nothing. + */ + +#include "internal.h" +#include "XMLToolingConfig.h" +#include "security/CredentialResolver.h" +#include "util/NDC.h" + +using namespace xmltooling; +using namespace std; + +using xercesc::DOMElement; + +namespace xmltooling { + + class XMLTOOL_DLLLOCAL DummyCredentialResolver : public CredentialResolver + { + public: + DummyCredentialResolver(const DOMElement*) {} + virtual ~DummyCredentialResolver() {} + + Lockable* lock() {return this;} + void unlock() {} + + const Credential* resolve(const CredentialCriteria* criteria=nullptr) const { + return nullptr; + } + vector::size_type resolve( + vector& results, const CredentialCriteria* criteria=nullptr + ) const { + return 0; + } + }; + + CredentialResolver* XMLTOOL_DLLLOCAL DummyCredentialResolverFactory(const DOMElement* const & e) + { + return new DummyCredentialResolver(e); + } + +}; diff --git a/xmltooling/security/impl/ExplicitKeyTrustEngine.cpp b/xmltooling/security/impl/ExplicitKeyTrustEngine.cpp index 09ee002..5e9d4ac 100644 --- a/xmltooling/security/impl/ExplicitKeyTrustEngine.cpp +++ b/xmltooling/security/impl/ExplicitKeyTrustEngine.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/impl/FilesystemCredentialResolver.cpp b/xmltooling/security/impl/FilesystemCredentialResolver.cpp index 26d3dc3..5f1929d 100644 --- a/xmltooling/security/impl/FilesystemCredentialResolver.cpp +++ b/xmltooling/security/impl/FilesystemCredentialResolver.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2011 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/impl/InlineKeyResolver.cpp b/xmltooling/security/impl/InlineKeyResolver.cpp index 996de92..0246cb8 100644 --- a/xmltooling/security/impl/InlineKeyResolver.cpp +++ b/xmltooling/security/impl/InlineKeyResolver.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -34,6 +38,7 @@ #include "util/XMLConstants.h" #include "validation/ValidatorSuite.h" +#include #include #include #include @@ -50,6 +55,7 @@ using namespace xmlsignature; using namespace xmltooling::logging; using namespace xmltooling; using namespace xercesc; +using namespace boost; using namespace std; namespace xmltooling { @@ -57,15 +63,10 @@ namespace xmltooling { class XMLTOOL_DLLLOCAL InlineCredential : public BasicX509Credential { public: - InlineCredential(const KeyInfo* keyInfo=nullptr) : BasicX509Credential(keyInfo!=nullptr), m_credctx(new KeyInfoCredentialContext(keyInfo)) { - } - InlineCredential(DSIGKeyInfoList* keyInfo) : BasicX509Credential(false), m_credctx(new KeyInfoCredentialContext(keyInfo)) { - } - InlineCredential(KeyInfoCredentialContext* context) : BasicX509Credential(context->getKeyInfo()!=nullptr), m_credctx(nullptr) { - } - virtual ~InlineCredential() { - delete m_credctx; - } + InlineCredential(const KeyInfo* keyInfo=nullptr) : BasicX509Credential(keyInfo!=nullptr), m_credctx(new KeyInfoCredentialContext(keyInfo)) {} + InlineCredential(DSIGKeyInfoList* keyInfo) : BasicX509Credential(false), m_credctx(new KeyInfoCredentialContext(keyInfo)) {} + InlineCredential(KeyInfoCredentialContext* context) : BasicX509Credential(context->getKeyInfo()!=nullptr) {} + virtual ~InlineCredential() {} XSECCryptoKey* getPrivateKey() const { return nullptr; @@ -104,11 +105,11 @@ namespace xmltooling { } const CredentialContext* getCredentalContext() const { - return m_credctx; + return m_credctx.get(); } void setCredentialContext(KeyInfoCredentialContext* context) { - m_credctx = context; + m_credctx.reset(context); } void resolve(const KeyInfo* keyInfo, int types=0, bool followRefs=false); @@ -119,7 +120,7 @@ namespace xmltooling { bool resolveKey(const KeyInfo* keyInfo, bool followRefs=false); bool resolveCRLs(const KeyInfo* keyInfo, bool followRefs=false); - KeyInfoCredentialContext* m_credctx; + auto_ptr m_credctx; }; static const XMLCh keyInfoReferences[] = UNICODE_LITERAL_17(k,e,y,I,n,f,o,R,e,f,e,r,e,n,c,e,s); @@ -204,10 +205,11 @@ void InlineCredential::resolve(const KeyInfo* keyInfo, int types, bool followRef const XMLCh* n; char* kn; const vector& knames=keyInfo->getKeyNames(); - for (vector::const_iterator kn_i=knames.begin(); kn_i!=knames.end(); ++kn_i) { - n=(*kn_i)->getName(); + for (indirect_iterator::const_iterator> kn_i = make_indirect_iterator(knames.begin()); + kn_i != make_indirect_iterator(knames.end()); ++kn_i) { + n = kn_i->getName(); if (n && *n) { - kn=toUTF8(n); + kn = toUTF8(n); m_keyNames.insert(kn); delete[] kn; } @@ -250,10 +252,11 @@ bool InlineCredential::resolveKey(const KeyInfo* keyInfo, bool followRefs) // Check for ds:KeyValue const vector& keyValues = keyInfo->getKeyValues(); - for (vector::const_iterator i = keyValues.begin(); i != keyValues.end(); ++i) { + for (indirect_iterator::const_iterator> i = make_indirect_iterator(keyValues.begin()); + i != make_indirect_iterator(keyValues.end()); ++i) { try { - SchemaValidators.validate(*i); // see if it's a "valid" key - RSAKeyValue* rsakv = (*i)->getRSAKeyValue(); + SchemaValidators.validate(*(i.base())); // see if it's a "valid" key + RSAKeyValue* rsakv = i->getRSAKeyValue(); if (rsakv) { log.debug("resolving ds:RSAKeyValue"); auto_ptr_char mod(rsakv->getModulus()->getValue()); @@ -264,7 +267,7 @@ bool InlineCredential::resolveKey(const KeyInfo* keyInfo, bool followRefs) m_key = rsa.release(); return true; } - DSAKeyValue* dsakv = (*i)->getDSAKeyValue(); + DSAKeyValue* dsakv = i->getDSAKeyValue(); if (dsakv) { log.debug("resolving ds:DSAKeyValue"); auto_ptr dsa(XSECPlatformUtils::g_cryptoProvider->keyDSA()); @@ -286,7 +289,7 @@ bool InlineCredential::resolveKey(const KeyInfo* keyInfo, bool followRefs) return true; } #ifdef XMLTOOLING_XMLSEC_ECC - ECKeyValue* eckv = (*i)->getECKeyValue(); + ECKeyValue* eckv = i->getECKeyValue(); if (eckv && eckv->getNamedCurve() && eckv->getPublicKey()) { log.warn("resolving ds11:ECKeyValue"); auto_ptr ec(XSECPlatformUtils::g_cryptoProvider->keyEC()); @@ -314,9 +317,10 @@ bool InlineCredential::resolveKey(const KeyInfo* keyInfo, bool followRefs) // Check for ds11:DEREncodedKeyValue const vector& derValues = keyInfo->getDEREncodedKeyValues(); - for (vector::const_iterator j = derValues.begin(); j != derValues.end(); ++j) { + for (indirect_iterator::const_iterator> j = make_indirect_iterator(derValues.begin()); + j != make_indirect_iterator(derValues.end()); ++j) { log.debug("resolving ds11:DEREncodedKeyValue"); - m_key = SecurityHelper::fromDEREncoding((*j)->getValue()); + m_key = SecurityHelper::fromDEREncoding(j->getValue()); if (m_key) return true; log.warn("failed to resolve ds11:DEREncodedKeyValue"); @@ -328,8 +332,9 @@ bool InlineCredential::resolveKey(const KeyInfo* keyInfo, bool followRefs) const XMLCh* fragID=nullptr; const XMLObject* treeRoot=nullptr; const vector& refs = keyInfo->getKeyInfoReferences(); - for (vector::const_iterator ref = refs.begin(); ref != refs.end(); ++ref) { - fragID = (*ref)->getURI(); + for (indirect_iterator::const_iterator> ref = make_indirect_iterator(refs.begin()); + ref != make_indirect_iterator(refs.end()); ++ref) { + fragID = ref->getURI(); if (!fragID || *fragID != chPound || !*(fragID+1)) { log.warn("skipping ds11:KeyInfoReference with an empty or non-local reference"); continue; @@ -358,11 +363,12 @@ bool InlineCredential::resolveCerts(const KeyInfo* keyInfo, bool followRefs) // Check for ds:X509Data const vector& x509Datas=keyInfo->getX509Datas(); - for (vector::const_iterator j=x509Datas.begin(); m_xseccerts.empty() && j!=x509Datas.end(); ++j) { + for (vector::const_iterator j = x509Datas.begin(); m_xseccerts.empty() && j != x509Datas.end(); ++j) { const vector x509Certs=const_cast(*j)->getX509Certificates(); - for (vector::const_iterator k=x509Certs.begin(); k!=x509Certs.end(); ++k) { + for (indirect_iterator::const_iterator> k = make_indirect_iterator(x509Certs.begin()); + k != make_indirect_iterator(x509Certs.end()); ++k) { try { - auto_ptr_char x((*k)->getValue()); + auto_ptr_char x(k->getValue()); if (!x.get()) { log.warn("skipping empty ds:X509Certificate"); } @@ -388,8 +394,9 @@ bool InlineCredential::resolveCerts(const KeyInfo* keyInfo, bool followRefs) const XMLCh* fragID=NULL; const XMLObject* treeRoot=NULL; const vector& refs = keyInfo->getKeyInfoReferences(); - for (vector::const_iterator ref = refs.begin(); ref != refs.end(); ++ref) { - fragID = (*ref)->getURI(); + for (indirect_iterator::const_iterator> ref = make_indirect_iterator(refs.begin()); + ref != make_indirect_iterator(refs.end()); ++ref) { + fragID = ref->getURI(); if (!fragID || *fragID != chPound || !*(fragID+1)) { log.warn("skipping ds11:KeyInfoReference with an empty or non-local reference"); continue; @@ -422,9 +429,10 @@ bool InlineCredential::resolveCRLs(const KeyInfo* keyInfo, bool followRefs) const vector& x509Datas=keyInfo->getX509Datas(); for (vector::const_iterator j=x509Datas.begin(); j!=x509Datas.end(); ++j) { const vector x509CRLs=const_cast(*j)->getX509CRLs(); - for (vector::const_iterator k=x509CRLs.begin(); k!=x509CRLs.end(); ++k) { + for (indirect_iterator::const_iterator> k = make_indirect_iterator(x509CRLs.begin()); + k != make_indirect_iterator(x509CRLs.end()); ++k) { try { - auto_ptr_char x((*k)->getValue()); + auto_ptr_char x(k->getValue()); if (!x.get()) { log.warn("skipping empty ds:X509CRL"); } @@ -450,8 +458,9 @@ bool InlineCredential::resolveCRLs(const KeyInfo* keyInfo, bool followRefs) const XMLCh* fragID=NULL; const XMLObject* treeRoot=NULL; const vector& refs = keyInfo->getKeyInfoReferences(); - for (vector::const_iterator ref = refs.begin(); ref != refs.end(); ++ref) { - fragID = (*ref)->getURI(); + for (indirect_iterator::const_iterator> ref = make_indirect_iterator(refs.begin()); + ref != make_indirect_iterator(refs.end()); ++ref) { + fragID = ref->getURI(); if (!fragID || *fragID != chPound || !*(fragID+1)) { log.warn("skipping ds11:KeyInfoReference with an empty or non-local reference"); continue; diff --git a/xmltooling/security/impl/KeyInfoResolver.cpp b/xmltooling/security/impl/KeyInfoResolver.cpp index 649e3e0..869949f 100644 --- a/xmltooling/security/impl/KeyInfoResolver.cpp +++ b/xmltooling/security/impl/KeyInfoResolver.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/impl/OpenSSLCryptoX509CRL.cpp b/xmltooling/security/impl/OpenSSLCryptoX509CRL.cpp index bd95c60..9e1e821 100644 --- a/xmltooling/security/impl/OpenSSLCryptoX509CRL.cpp +++ b/xmltooling/security/impl/OpenSSLCryptoX509CRL.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 The Apache Software Foundation. +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/impl/PKIXPathValidator.cpp b/xmltooling/security/impl/PKIXPathValidator.cpp new file mode 100644 index 0000000..602d001 --- /dev/null +++ b/xmltooling/security/impl/PKIXPathValidator.cpp @@ -0,0 +1,555 @@ +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. + */ + +/** + * PKIXPathValidator.cpp + * + * A path validator based on PKIX support in OpenSSL. + */ + +#include "internal.h" +#include "logging.h" +#include "security/OpenSSLPathValidator.h" +#include "security/OpenSSLCryptoX509CRL.h" +#include "security/PKIXPathValidatorParams.h" +#include "security/SecurityHelper.h" +#include "util/NDC.h" +#include "util/PathResolver.h" +#include "util/Threads.h" +#include "util/XMLHelper.h" + +#include +#include +#include +#include +#include +#include +#include + +using namespace xmltooling::logging; +using namespace xmltooling; +using namespace std; + + +namespace { + static int XMLTOOL_DLLLOCAL error_callback(int ok, X509_STORE_CTX* ctx) + { + if (!ok) { + Category::getInstance("OpenSSL").error( + "path validation failure at depth(%d): %s", ctx->error_depth, X509_verify_cert_error_string(ctx->error) + ); + } + return ok; + } + + static string XMLTOOL_DLLLOCAL X509_NAME_to_string(X509_NAME* n) + { + string s; + BIO* b = BIO_new(BIO_s_mem()); + X509_NAME_print_ex(b,n,0,XN_FLAG_RFC2253); + BIO_flush(b); + BUF_MEM* bptr=nullptr; + BIO_get_mem_ptr(b, &bptr); + if (bptr && bptr->length > 0) { + s.append(bptr->data, bptr->length); + } + BIO_free(b); + return s; + } + + static time_t XMLTOOL_DLLLOCAL getCRLTime(const ASN1_TIME *a) + { + struct tm t; + memset(&t, 0, sizeof(t)); + // RFC 5280, sections 5.1.2.4 and 5.1.2.5 require thisUpdate and nextUpdate + // to be encoded as UTCTime until 2049, and RFC 5280 section 4.1.2.5.1 + // further restricts the format to "YYMMDDHHMMSSZ" ("even where the number + // of seconds is zero"). + // As long as OpenSSL doesn't provide any API to convert ASN1_TIME values + // time_t, we therefore have to parse it ourselves, unfortunately. + if (sscanf((const char*)a->data, "%2d%2d%2d%2d%2d%2dZ", + &t.tm_year, &t.tm_mon, &t.tm_mday, + &t.tm_hour, &t.tm_min, &t.tm_sec) == 6) { + if (t.tm_year <= 50) { + // RFC 5280, section 4.1.2.5.1 + t.tm_year += 100; + } + t.tm_mon--; +#if defined(HAVE_TIMEGM) + return timegm(&t); +#else + // Windows, and hopefully most others...? + return mktime(&t) - timezone; +#endif + } + return (time_t)-1; + } + + static const XMLCh minRefreshDelay[] = UNICODE_LITERAL_15(m,i,n,R,e,f,r,e,s,h,D,e,l,a,y); + static const XMLCh minSecondsRemaining[] = UNICODE_LITERAL_19(m,i,n,S,e,c,o,n,d,s,R,e,m,a,i,n,i,n,g); + static const XMLCh minPercentRemaining[] = UNICODE_LITERAL_19(m,i,n,P,e,r,c,e,n,t,R,e,m,a,i,n,i,n,g); +}; + +namespace xmltooling { + + class XMLTOOL_DLLLOCAL PKIXPathValidator : public OpenSSLPathValidator + { + public: + PKIXPathValidator(const xercesc::DOMElement* e) + : m_log(Category::getInstance(XMLTOOLING_LOGCAT".PathValidator.PKIX")), + m_lock(XMLToolingConfig::getConfig().getNamedMutex(XMLTOOLING_LOGCAT".PathValidator.PKIX")), + m_minRefreshDelay(XMLHelper::getAttrInt(e, 60, minRefreshDelay)), + m_minSecondsRemaining(XMLHelper::getAttrInt(e, 86400, minSecondsRemaining)), + m_minPercentRemaining(XMLHelper::getAttrInt(e, 10, minPercentRemaining)) { + } + + virtual ~PKIXPathValidator() {} + + bool validate( + XSECCryptoX509* certEE, const vector& certChain, const PathValidatorParams& params + ) const; + bool validate( + X509* certEE, STACK_OF(X509)* certChain, const PathValidatorParams& params + ) const; + + private: + XSECCryptoX509CRL* getRemoteCRLs(const char* cdpuri) const; + bool isFreshCRL(XSECCryptoX509CRL *c, Category* log=nullptr) const; + + Category& m_log; + Mutex& m_lock; + time_t m_minRefreshDelay,m_minSecondsRemaining; + unsigned short m_minPercentRemaining; + + static map m_crlUpdateMap; + }; + + PathValidator* XMLTOOL_DLLLOCAL PKIXPathValidatorFactory(const xercesc::DOMElement* const & e) + { + return new PKIXPathValidator(e); + } + +}; + +map PKIXPathValidator::m_crlUpdateMap; + +void XMLTOOL_API xmltooling::registerPathValidators() +{ + XMLToolingConfig& conf=XMLToolingConfig::getConfig(); + conf.PathValidatorManager.registerFactory(PKIX_PATHVALIDATOR, PKIXPathValidatorFactory); +} + +PathValidator::PathValidator() +{ +} + +PathValidator::~PathValidator() +{ +} + +PathValidator::PathValidatorParams::PathValidatorParams() +{ +} + +PathValidator::PathValidatorParams::~PathValidatorParams() +{ +} + +PKIXPathValidatorParams::PKIXPathValidatorParams() +{ +} + +PKIXPathValidatorParams::~PKIXPathValidatorParams() +{ +} + +OpenSSLPathValidator::OpenSSLPathValidator() +{ +} + +OpenSSLPathValidator::~OpenSSLPathValidator() +{ +} + +bool PKIXPathValidator::validate( + XSECCryptoX509* certEE, const vector& certChain, const PathValidatorParams& params + ) const +{ + if (certEE->getProviderName()!=DSIGConstants::s_unicodeStrPROVOpenSSL) { + m_log.error("only the OpenSSL XSEC provider is supported"); + return false; + } + + STACK_OF(X509)* untrusted=sk_X509_new_null(); + for (vector::const_iterator i=certChain.begin(); i!=certChain.end(); ++i) + sk_X509_push(untrusted,static_cast(*i)->getOpenSSLX509()); + + bool ret = validate(static_cast(certEE)->getOpenSSLX509(), untrusted, params); + sk_X509_free(untrusted); + return ret; +} + +bool PKIXPathValidator::validate(X509* EE, STACK_OF(X509)* untrusted, const PathValidatorParams& params) const +{ +#ifdef _DEBUG + NDC ndc("validate"); +#endif + + const PKIXPathValidatorParams* pkixParams = dynamic_cast(¶ms); + if (!pkixParams) { + m_log.error("input parameters were of incorrect type"); + return false; + } + + // First we build a stack of CA certs. These objects are all referenced in place. + m_log.debug("supplying PKIX Validation information"); + + // We need this for CRL support. + X509_STORE* store=X509_STORE_new(); + if (!store) { + log_openssl(); + return false; + } + + // PKIX policy checking (cf. RFCs 3280/5280 section 6) + if (pkixParams->isPolicyMappingInhibited() || pkixParams->isAnyPolicyInhibited() || (!pkixParams->getPolicies().empty())) { +#if (OPENSSL_VERSION_NUMBER < 0x00908000L) + m_log.error("PKIX policy checking option is configured, but OpenSSL version is less than 0.9.8"); + X509_STORE_free(store); + return false; +#else + unsigned long pflags = 0; + X509_VERIFY_PARAM *vpm = X509_VERIFY_PARAM_new(); + if (!vpm) { + log_openssl(); + X509_STORE_free(store); + return false; + } + + // populate the "user-initial-policy-set" input variable + const set& policies = pkixParams->getPolicies(); + if (!policies.empty()) { + for (set::const_iterator o=policies.begin(); o!=policies.end(); o++) { + ASN1_OBJECT *oid = OBJ_txt2obj(o->c_str(), 1); + if (oid && X509_VERIFY_PARAM_add0_policy(vpm, oid)) { + m_log.debug("OID (%s) added to set of acceptable policies", o->c_str()); + } + else { + log_openssl(); + m_log.error("unable to parse/configure policy OID value (%s)", o->c_str()); + if (oid) + ASN1_OBJECT_free(oid); + X509_VERIFY_PARAM_free(vpm); + X509_STORE_free(store); + return false; + } + } + // when the user has supplied at least one policy OID, he obviously wants to check + // for an explicit policy ("initial-explicit-policy") + pflags |= X509_V_FLAG_EXPLICIT_POLICY; + } + + // "initial-policy-mapping-inhibit" input variable + if (pkixParams->isPolicyMappingInhibited()) + pflags |= X509_V_FLAG_INHIBIT_MAP; + // "initial-any-policy-inhibit" input variable + if (pkixParams->isAnyPolicyInhibited()) + pflags |= X509_V_FLAG_INHIBIT_ANY; + + if (!X509_VERIFY_PARAM_set_flags(vpm, pflags) || !X509_STORE_set1_param(store, vpm)) { + log_openssl(); + m_log.error("unable to set PKIX policy checking parameters"); + X509_VERIFY_PARAM_free(vpm); + X509_STORE_free(store); + return false; + } + + X509_VERIFY_PARAM_free(vpm); +#endif + } + + // This contains the state of the validate operation. + int count=0; + X509_STORE_CTX ctx; + + // AFAICT, EE and untrusted are passed in but not owned by the ctx. +#if (OPENSSL_VERSION_NUMBER >= 0x00907000L) + if (X509_STORE_CTX_init(&ctx,store,EE,untrusted)!=1) { + log_openssl(); + m_log.error("unable to initialize X509_STORE_CTX"); + X509_STORE_free(store); + return false; + } +#else + X509_STORE_CTX_init(&ctx,store,EE,untrusted); +#endif + + STACK_OF(X509)* CAstack = sk_X509_new_null(); + const vector& CAcerts = pkixParams->getTrustAnchors(); + for (vector::const_iterator i=CAcerts.begin(); i!=CAcerts.end(); ++i) { + if ((*i)->getProviderName()==DSIGConstants::s_unicodeStrPROVOpenSSL) { + sk_X509_push(CAstack,static_cast(*i)->getOpenSSLX509()); + ++count; + } + } + m_log.debug("supplied (%d) CA certificate(s)", count); + + // Seems to be most efficient to just pass in the CA stack. + X509_STORE_CTX_trusted_stack(&ctx,CAstack); + X509_STORE_CTX_set_depth(&ctx,100); // we check the depth down below + X509_STORE_CTX_set_verify_cb(&ctx,error_callback); + + // Do a first pass verify. If CRLs aren't used, this is the only pass. + int ret=X509_verify_cert(&ctx); + if (ret==1) { + // Now see if the depth was acceptable by counting the number of intermediates. + int depth=sk_X509_num(ctx.chain)-2; + if (pkixParams->getVerificationDepth() < depth) { + m_log.error( + "certificate chain was too long (%d intermediates, only %d allowed)", + (depth==-1) ? 0 : depth, + pkixParams->getVerificationDepth() + ); + ret=0; + } + } + + if (pkixParams->getRevocationChecking() != PKIXPathValidatorParams::REVOCATION_OFF) { +#if (OPENSSL_VERSION_NUMBER >= 0x00907000L) + // When we add CRLs, we have to be sure the nextUpdate hasn't passed, because OpenSSL won't accept + // the CRL in that case. If we end up not adding a CRL for a particular link in the chain, the + // validation will fail (if the fullChain option was set). + set crlissuers; + time_t now = time(nullptr); + + const vector& crls = pkixParams->getCRLs(); + for (vector::const_iterator j=crls.begin(); j!=crls.end(); ++j) { + if ((*j)->getProviderName()==DSIGConstants::s_unicodeStrPROVOpenSSL && + (X509_cmp_time(X509_CRL_get_nextUpdate(static_cast(*j)->getOpenSSLX509CRL()), &now) > 0)) { + // owned by store + X509_STORE_add_crl(store, X509_CRL_dup(static_cast(*j)->getOpenSSLX509CRL())); + string crlissuer(X509_NAME_to_string(X509_CRL_get_issuer(static_cast(*j)->getOpenSSLX509CRL()))); + if (!crlissuer.empty()) { + m_log.debug("added CRL issued by (%s)", crlissuer.c_str()); + crlissuers.insert(crlissuer); + } + } + } + + for (int i = 0; i < sk_X509_num(untrusted); ++i) { + X509 *cert = sk_X509_value(untrusted, i); + string crlissuer(X509_NAME_to_string(X509_get_issuer_name(cert))); + if (crlissuers.count(crlissuer)) { + // We already have a CRL for this cert, so skip CRLDP processing for this one. + continue; + } + + bool foundUsableCDP = false; + STACK_OF(DIST_POINT)* dps = (STACK_OF(DIST_POINT)*)X509_get_ext_d2i(cert, NID_crl_distribution_points, nullptr, nullptr); + for (int ii = 0; !foundUsableCDP && ii < sk_DIST_POINT_num(dps); ++ii) { + DIST_POINT* dp = sk_DIST_POINT_value(dps, ii); + if (!dp->distpoint || dp->distpoint->type != 0) + continue; + for (int iii = 0; !foundUsableCDP && iii < sk_GENERAL_NAME_num(dp->distpoint->name.fullname); ++iii) { + GENERAL_NAME* gen = sk_GENERAL_NAME_value(dp->distpoint->name.fullname, iii); + // Only consider HTTP URIs, and stop after the first one we find. +#ifdef HAVE_STRCASECMP + if (gen->type == GEN_URI && (!strncasecmp((const char*)gen->d.ia5->data, "http:", 5))) { +#else + if (gen->type == GEN_URI && (!strnicmp((const char*)gen->d.ia5->data, "http:", 5))) { +#endif + const char* cdpuri = (const char*)gen->d.ia5->data; + auto_ptr crl(getRemoteCRLs(cdpuri)); + if (crl.get() && crl->getProviderName()==DSIGConstants::s_unicodeStrPROVOpenSSL && + (isFreshCRL(crl.get()) || (ii == sk_DIST_POINT_num(dps)-1 && iii == sk_GENERAL_NAME_num(dp->distpoint->name.fullname)-1))) { + // owned by store + X509_STORE_add_crl(store, X509_CRL_dup(static_cast(crl.get())->getOpenSSLX509CRL())); + m_log.debug("added CRL issued by (%s)", crlissuer.c_str()); + crlissuers.insert(crlissuer); + foundUsableCDP = true; + } + } + } + } + sk_DIST_POINT_free(dps); + } + + // Do a second pass verify with CRLs in place. + if (pkixParams->getRevocationChecking() == PKIXPathValidatorParams::REVOCATION_FULLCHAIN) + X509_STORE_CTX_set_flags(&ctx, X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL); + else + X509_STORE_CTX_set_flags(&ctx, X509_V_FLAG_CRL_CHECK); + ret=X509_verify_cert(&ctx); +#else + m_log.warn("CRL checking is enabled, but OpenSSL version is too old"); + ret = 0; +#endif + } + + if (ret == 1) { + m_log.debug("successfully validated certificate chain"); + } +#if (OPENSSL_VERSION_NUMBER < 0x10000000L) + else if (X509_STORE_CTX_get_error(&ctx) == X509_V_ERR_NO_EXPLICIT_POLICY && !pkixParams->isPolicyMappingInhibited()) { + m_log.warn("policy mapping requires OpenSSL 1.0.0 or later"); + } +#endif + + // Clean up... + X509_STORE_CTX_cleanup(&ctx); + X509_STORE_free(store); + sk_X509_free(CAstack); + + return (ret == 1); +} + +XSECCryptoX509CRL* PKIXPathValidator::getRemoteCRLs(const char* cdpuri) const +{ + // This is a filesystem-based CRL cache using a shared lock across all instances + // of this class. + + // The filenames for the CRL cache are based on a hash of the CRL location. + string cdpfile = SecurityHelper::doHash("SHA1", cdpuri, strlen(cdpuri)) + ".crl"; + XMLToolingConfig::getConfig().getPathResolver()->resolve(cdpfile, PathResolver::XMLTOOLING_RUN_FILE); + string cdpstaging = cdpfile + ".tmp"; + + time_t now = time(nullptr); + vector crls; + + try { + // While holding the lock, check for a cached copy of the CRL, and remove "expired" ones. + Lock glock(m_lock); +#ifdef WIN32 + struct _stat stat_buf; + if (_stat(cdpfile.c_str(), &stat_buf) == 0) { +#else + struct stat stat_buf; + if (stat(cdpfile.c_str(), &stat_buf) == 0) { +#endif + SecurityHelper::loadCRLsFromFile(crls, cdpfile.c_str()); + if (crls.empty() || crls.front()->getProviderName() != DSIGConstants::s_unicodeStrPROVOpenSSL || + X509_cmp_time(X509_CRL_get_nextUpdate(static_cast(crls.front())->getOpenSSLX509CRL()), &now) < 0) { + for_each(crls.begin(), crls.end(), xmltooling::cleanup()); + crls.clear(); + remove(cdpfile.c_str()); // may as well delete the local copy + m_crlUpdateMap.erase(cdpuri); + m_log.info("deleting cached CRL from %s with nextUpdate field in the past", cdpuri); + } + } + } + catch (exception& ex) { + m_log.error("exception loading cached copy of CRL from %s: %s", cdpuri, ex.what()); + } + + if (crls.empty() || !isFreshCRL(crls.front(), &m_log)) { + bool updateTimestamp = true; + try { + // If we get here, the cached copy didn't exist yet, or it's time to refresh. + // To limit the rate of unsuccessful attempts when a CRLDP is unreachable, + // we remember the timestamp of the last attempt (both successful/unsuccessful). + time_t ts = 0; + m_lock.lock(); + map::const_iterator tsit = m_crlUpdateMap.find(cdpuri); + if (tsit != m_crlUpdateMap.end()) + ts = tsit->second; + m_lock.unlock(); + + if (difftime(now, ts) > m_minRefreshDelay) { + SOAPTransport::Address addr("AbstractPKIXTrustEngine", cdpuri, cdpuri); + string scheme(addr.m_endpoint, strchr(addr.m_endpoint,':') - addr.m_endpoint); + auto_ptr soap(XMLToolingConfig::getConfig().SOAPTransportManager.newPlugin(scheme.c_str(), addr)); + soap->send(); + istream& msg = soap->receive(); + Lock glock(m_lock); + ofstream out(cdpstaging.c_str(), fstream::trunc|fstream::binary); + out << msg.rdbuf(); + out.close(); + SecurityHelper::loadCRLsFromFile(crls, cdpstaging.c_str()); + if (crls.empty() || crls.front()->getProviderName() != DSIGConstants::s_unicodeStrPROVOpenSSL || + X509_cmp_time(X509_CRL_get_nextUpdate(static_cast(crls.front())->getOpenSSLX509CRL()), &now) < 0) { + // The "new" CRL wasn't usable, so get rid of it. + for_each(crls.begin(), crls.end(), xmltooling::cleanup()); + crls.clear(); + remove(cdpstaging.c_str()); + m_log.error("ignoring CRL retrieved from %s with nextUpdate field in the past", cdpuri); + } + else { + // "Commit" the new CRL. Note that we might add a CRL which doesn't pass + // isFreshCRL, but that's preferrable over adding none at all. + m_log.info("CRL refreshed from %s", cdpuri); + remove(cdpfile.c_str()); + if (rename(cdpstaging.c_str(), cdpfile.c_str()) != 0) + m_log.error("unable to rename CRL staging file"); + } + } + else { + updateTimestamp = false; // don't update if we're within the backoff window + } + } + catch (exception& ex) { + m_log.error("exception downloading/caching CRL from %s: %s", cdpuri, ex.what()); + } + + if (updateTimestamp) { + Lock glock(m_lock); + m_crlUpdateMap[cdpuri] = now; + } + } + + if (crls.empty()) + return nullptr; + for_each(crls.begin() + 1, crls.end(), xmltooling::cleanup()); + return crls.front(); +} + +bool PKIXPathValidator::isFreshCRL(XSECCryptoX509CRL *c, Category* log) const +{ + if (c) { + const X509_CRL* crl = static_cast(c)->getOpenSSLX509CRL(); + time_t thisUpdate = getCRLTime(X509_CRL_get_lastUpdate(crl)); + time_t nextUpdate = getCRLTime(X509_CRL_get_nextUpdate(crl)); + time_t now = time(nullptr); + + if (thisUpdate < 0 || nextUpdate < 0) { + // we failed to parse at least one of the fields (they were not encoded + // as required by RFC 5280, actually) + time_t exp = now + m_minSecondsRemaining; + if (log) { + log->warn("isFreshCRL (issuer '%s'): improperly encoded thisUpdate or nextUpdate field - falling back to simple time comparison", + (X509_NAME_to_string(X509_CRL_get_issuer(crl))).c_str()); + } + return (X509_cmp_time(X509_CRL_get_nextUpdate(crl), &exp) > 0) ? true : false; + } + else { + if (log && log->isDebugEnabled()) { + log->debug("isFreshCRL (issuer '%s'): %.0f seconds until nextUpdate (%3.2f%% elapsed since thisUpdate)", + (X509_NAME_to_string(X509_CRL_get_issuer(crl))).c_str(), + difftime(nextUpdate, now), (difftime(now, thisUpdate) * 100) / difftime(nextUpdate, thisUpdate)); + } + + // consider it recent enough if there are at least MIN_SECS_REMAINING + // to the nextUpdate, and at least MIN_PERCENT_REMAINING of its + // overall "validity" are remaining to the nextUpdate + return (now + m_minSecondsRemaining < nextUpdate) && + ((difftime(nextUpdate, now) * 100) / difftime(nextUpdate, thisUpdate) > m_minPercentRemaining); + } + } + return false; +} diff --git a/xmltooling/security/impl/SecurityHelper.cpp b/xmltooling/security/impl/SecurityHelper.cpp index 54e90fb..e85306f 100644 --- a/xmltooling/security/impl/SecurityHelper.cpp +++ b/xmltooling/security/impl/SecurityHelper.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/impl/StaticPKIXTrustEngine.cpp b/xmltooling/security/impl/StaticPKIXTrustEngine.cpp index 06fde64..d64aaac 100644 --- a/xmltooling/security/impl/StaticPKIXTrustEngine.cpp +++ b/xmltooling/security/impl/StaticPKIXTrustEngine.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -50,9 +54,7 @@ namespace xmltooling { public: StaticPKIXTrustEngine(const DOMElement* e=nullptr); - virtual ~StaticPKIXTrustEngine() { - delete m_credResolver; - } + virtual ~StaticPKIXTrustEngine() {} AbstractPKIXTrustEngine::PKIXValidationInfoIterator* getPKIXValidationInfoIterator( const CredentialResolver& pkixSource, CredentialCriteria* criteria=nullptr @@ -64,7 +66,7 @@ namespace xmltooling { private: int m_depth; - CredentialResolver* m_credResolver; + auto_ptr m_credResolver; friend class XMLTOOL_DLLLOCAL StaticPKIXIterator; }; @@ -127,17 +129,17 @@ namespace xmltooling { }; StaticPKIXTrustEngine::StaticPKIXTrustEngine(const DOMElement* e) - : AbstractPKIXTrustEngine(e), m_depth(XMLHelper::getAttrInt(e, 1, verifyDepth)), m_credResolver(nullptr) + : AbstractPKIXTrustEngine(e), m_depth(XMLHelper::getAttrInt(e, 1, verifyDepth)) { if (e && e->hasAttributeNS(nullptr, certificate)) { // Simple File resolver config rooted here. - m_credResolver = XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin(FILESYSTEM_CREDENTIAL_RESOLVER, e); + m_credResolver.reset(XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin(FILESYSTEM_CREDENTIAL_RESOLVER, e)); } else { e = e ? XMLHelper::getFirstChildElement(e, _CredentialResolver) : nullptr; string t = XMLHelper::getAttrString(e, nullptr, type); if (!t.empty()) - m_credResolver = XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin(t.c_str(), e); + m_credResolver.reset(XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin(t.c_str(), e)); else throw XMLSecurityException("Missing element, or no type attribute found"); } diff --git a/xmltooling/security/impl/TrustEngine.cpp b/xmltooling/security/impl/TrustEngine.cpp index 05f2b15..64c8726 100644 --- a/xmltooling/security/impl/TrustEngine.cpp +++ b/xmltooling/security/impl/TrustEngine.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/security/impl/XSECCryptoX509CRL.cpp b/xmltooling/security/impl/XSECCryptoX509CRL.cpp index 7506a8b..2d2a280 100644 --- a/xmltooling/security/impl/XSECCryptoX509CRL.cpp +++ b/xmltooling/security/impl/XSECCryptoX509CRL.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 The Apache Software Foundation. +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/signature/ContentReference.h b/xmltooling/signature/ContentReference.h index f902ee4..fd03920 100644 --- a/xmltooling/signature/ContentReference.h +++ b/xmltooling/signature/ContentReference.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/signature/KeyInfo.h b/xmltooling/signature/KeyInfo.h index 70508b1..5c8d09e 100644 --- a/xmltooling/signature/KeyInfo.h +++ b/xmltooling/signature/KeyInfo.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2007 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/signature/Signature.h b/xmltooling/signature/Signature.h index eddf54b..3245b7e 100644 --- a/xmltooling/signature/Signature.h +++ b/xmltooling/signature/Signature.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/signature/SignatureValidator.h b/xmltooling/signature/SignatureValidator.h index b275c28..ce94637 100644 --- a/xmltooling/signature/SignatureValidator.h +++ b/xmltooling/signature/SignatureValidator.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/signature/impl/KeyInfoImpl.cpp b/xmltooling/signature/impl/KeyInfoImpl.cpp index 56d975b..ef7283b 100644 --- a/xmltooling/signature/impl/KeyInfoImpl.cpp +++ b/xmltooling/signature/impl/KeyInfoImpl.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -51,33 +55,6 @@ namespace xmlsignature { public AbstractXMLObjectMarshaller, public AbstractXMLObjectUnmarshaller { - public: - virtual ~DSAKeyValueImpl() {} - - DSAKeyValueImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType) - : AbstractXMLObject(nsURI, localName, prefix, schemaType) { - init(); - } - - DSAKeyValueImpl(const DSAKeyValueImpl& src) - : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) { - init(); - if (src.getP()) - setP(src.getP()->cloneP()); - if (src.getQ()) - setQ(src.getQ()->cloneQ()); - if (src.getG()) - setG(src.getG()->cloneG()); - if (src.getY()) - setY(src.getY()->cloneY()); - if (src.getJ()) - setJ(src.getJ()->cloneJ()); - if (src.getSeed()) - setSeed(src.getSeed()->cloneSeed()); - if (src.getPgenCounter()) - setPgenCounter(src.getPgenCounter()->clonePgenCounter()); - } - void init() { m_P=nullptr; m_Q=nullptr; @@ -107,7 +84,34 @@ namespace xmlsignature { m_pos_PgenCounter=m_pos_Seed; ++m_pos_PgenCounter; } - + + public: + virtual ~DSAKeyValueImpl() {} + + DSAKeyValueImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType) + : AbstractXMLObject(nsURI, localName, prefix, schemaType) { + init(); + } + + DSAKeyValueImpl(const DSAKeyValueImpl& src) + : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) { + init(); + if (src.getP()) + setP(src.getP()->cloneP()); + if (src.getQ()) + setQ(src.getQ()->cloneQ()); + if (src.getG()) + setG(src.getG()->cloneG()); + if (src.getY()) + setY(src.getY()->cloneY()); + if (src.getJ()) + setJ(src.getJ()->cloneJ()); + if (src.getSeed()) + setSeed(src.getSeed()->cloneSeed()); + if (src.getPgenCounter()) + setPgenCounter(src.getPgenCounter()->clonePgenCounter()); + } + IMPL_XMLOBJECT_CLONE(DSAKeyValue); IMPL_TYPED_CHILD(P); IMPL_TYPED_CHILD(Q); @@ -136,6 +140,16 @@ namespace xmlsignature { public AbstractXMLObjectMarshaller, public AbstractXMLObjectUnmarshaller { + void init() { + m_Modulus=nullptr; + m_Exponent=nullptr; + m_children.push_back(nullptr); + m_children.push_back(nullptr); + m_pos_Modulus=m_children.begin(); + m_pos_Exponent=m_pos_Modulus; + ++m_pos_Exponent; + } + public: virtual ~RSAKeyValueImpl() {} @@ -153,16 +167,6 @@ namespace xmlsignature { setExponent(src.getExponent()->cloneExponent()); } - void init() { - m_Modulus=nullptr; - m_Exponent=nullptr; - m_children.push_back(nullptr); - m_children.push_back(nullptr); - m_pos_Modulus=m_children.begin(); - m_pos_Exponent=m_pos_Modulus; - ++m_pos_Exponent; - } - IMPL_XMLOBJECT_CLONE(RSAKeyValue); IMPL_TYPED_CHILD(Modulus); IMPL_TYPED_CHILD(Exponent); @@ -187,14 +191,12 @@ namespace xmlsignature { } NamedCurveImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType) - : AbstractXMLObject(nsURI, localName, prefix, schemaType) { - m_URI=nullptr; + : AbstractXMLObject(nsURI, localName, prefix, schemaType), m_URI(nullptr) { } NamedCurveImpl(const NamedCurveImpl& src) - : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) { - m_URI=nullptr; - setURI(getURI()); + : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src), m_URI(nullptr) { + setURI(src.getURI()); } IMPL_XMLOBJECT_CLONE(NamedCurve); @@ -217,6 +219,21 @@ namespace xmlsignature { public AbstractXMLObjectMarshaller, public AbstractXMLObjectUnmarshaller { + void init() { + m_Id=nullptr; + m_ECParameters=nullptr; + m_NamedCurve=nullptr; + m_PublicKey=nullptr; + m_children.push_back(nullptr); + m_children.push_back(nullptr); + m_children.push_back(nullptr); + m_pos_ECParameters=m_children.begin(); + m_pos_NamedCurve=m_pos_ECParameters; + ++m_pos_NamedCurve; + m_pos_PublicKey=m_pos_NamedCurve; + ++m_pos_PublicKey; + } + public: virtual ~ECKeyValueImpl() { XMLString::release(&m_Id); @@ -230,7 +247,7 @@ namespace xmlsignature { ECKeyValueImpl(const ECKeyValueImpl& src) : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) { init(); - m_Id=XMLString::replicate(src.m_Id); + setId(src.getId()); if (src.getECParameters()) setECParameters(src.getECParameters()->clone()); if (src.getNamedCurve()) @@ -239,21 +256,6 @@ namespace xmlsignature { setPublicKey(src.getPublicKey()->clonePublicKey()); } - void init() { - m_Id=nullptr; - m_ECParameters=nullptr; - m_NamedCurve=nullptr; - m_PublicKey=nullptr; - m_children.push_back(nullptr); - m_children.push_back(nullptr); - m_children.push_back(nullptr); - m_pos_ECParameters=m_children.begin(); - m_pos_NamedCurve=m_pos_ECParameters; - ++m_pos_NamedCurve; - m_pos_PublicKey=m_pos_NamedCurve; - ++m_pos_PublicKey; - } - IMPL_XMLOBJECT_CLONE(ECKeyValue); IMPL_ID_ATTRIB_EX(Id,ID,nullptr); IMPL_XMLOBJECT_CHILD(ECParameters); @@ -291,6 +293,24 @@ namespace xmlsignature { public AbstractXMLObjectMarshaller, public AbstractXMLObjectUnmarshaller { + void init() { + m_DSAKeyValue=nullptr; + m_RSAKeyValue=nullptr; + m_ECKeyValue=nullptr; + m_UnknownXMLObject=nullptr; + m_children.push_back(nullptr); + m_children.push_back(nullptr); + m_children.push_back(nullptr); + m_children.push_back(nullptr); + m_pos_DSAKeyValue=m_children.begin(); + m_pos_RSAKeyValue=m_pos_DSAKeyValue; + ++m_pos_RSAKeyValue; + m_pos_ECKeyValue=m_pos_RSAKeyValue; + ++m_pos_ECKeyValue; + m_pos_UnknownXMLObject=m_pos_ECKeyValue; + ++m_pos_UnknownXMLObject; + } + public: virtual ~KeyValueImpl() {} @@ -311,25 +331,7 @@ namespace xmlsignature { if (src.getUnknownXMLObject()) setUnknownXMLObject(src.getUnknownXMLObject()->clone()); } - - void init() { - m_DSAKeyValue=nullptr; - m_RSAKeyValue=nullptr; - m_ECKeyValue=nullptr; - m_UnknownXMLObject=nullptr; - m_children.push_back(nullptr); - m_children.push_back(nullptr); - m_children.push_back(nullptr); - m_children.push_back(nullptr); - m_pos_DSAKeyValue=m_children.begin(); - m_pos_RSAKeyValue=m_pos_DSAKeyValue; - ++m_pos_RSAKeyValue; - m_pos_ECKeyValue=m_pos_RSAKeyValue; - ++m_pos_ECKeyValue; - m_pos_UnknownXMLObject=m_pos_ECKeyValue; - ++m_pos_UnknownXMLObject; - } - + IMPL_XMLOBJECT_CLONE(KeyValue); IMPL_TYPED_CHILD(DSAKeyValue); IMPL_TYPED_CHILD(RSAKeyValue); @@ -403,8 +405,8 @@ namespace xmlsignature { } TransformImpl(const TransformImpl& src) - : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src), - m_Algorithm(XMLString::replicate(src.m_Algorithm)) { + : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src), m_Algorithm(nullptr) { + setAlgorithm(src.getAlgorithm()); for (list::const_iterator i=src.m_children.begin(); i!=src.m_children.end(); i++) { if (*i) { XPath* x=dynamic_cast(*i); @@ -412,7 +414,10 @@ namespace xmlsignature { getXPaths().push_back(x->cloneXPath()); continue; } - getUnknownXMLObjects().push_back((*i)->clone()); + + if (*i) { + getUnknownXMLObjects().push_back((*i)->clone()); + } } } } @@ -461,10 +466,9 @@ namespace xmlsignature { TransformsImpl(const TransformsImpl& src) : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) { - VectorOf(Transform) v=getTransforms(); for (vector::const_iterator i=src.m_Transforms.begin(); i!=src.m_Transforms.end(); i++) { if (*i) { - v.push_back((*i)->cloneTransform()); + getTransforms().push_back((*i)->cloneTransform()); } } } @@ -485,6 +489,13 @@ namespace xmlsignature { public AbstractXMLObjectMarshaller, public AbstractXMLObjectUnmarshaller { + void init() { + m_URI=m_Type=nullptr; + m_Transforms=nullptr; + m_children.push_back(nullptr); + m_pos_Transforms=m_children.begin(); + } + public: virtual ~RetrievalMethodImpl() { XMLString::release(&m_URI); @@ -499,19 +510,12 @@ namespace xmlsignature { RetrievalMethodImpl(const RetrievalMethodImpl& src) : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) { init(); - setURI(getURI()); - setType(getType()); + setURI(src.getURI()); + setType(src.getType()); if (src.getTransforms()) setTransforms(src.getTransforms()->cloneTransforms()); } - void init() { - m_URI=m_Type=nullptr; - m_Transforms=nullptr; - m_children.push_back(nullptr); - m_pos_Transforms=m_children.begin(); - } - IMPL_XMLOBJECT_CLONE(RetrievalMethod); IMPL_STRING_ATTRIB(URI); IMPL_STRING_ATTRIB(Type); @@ -541,6 +545,16 @@ namespace xmlsignature { public AbstractXMLObjectMarshaller, public AbstractXMLObjectUnmarshaller { + void init() { + m_X509IssuerName=nullptr; + m_X509SerialNumber=nullptr; + m_children.push_back(nullptr); + m_children.push_back(nullptr); + m_pos_X509IssuerName=m_children.begin(); + m_pos_X509SerialNumber=m_pos_X509IssuerName; + ++m_pos_X509SerialNumber; + } + public: virtual ~X509IssuerSerialImpl() {} @@ -558,16 +572,6 @@ namespace xmlsignature { setX509SerialNumber(src.getX509SerialNumber()->cloneX509SerialNumber()); } - void init() { - m_X509IssuerName=nullptr; - m_X509SerialNumber=nullptr; - m_children.push_back(nullptr); - m_children.push_back(nullptr); - m_pos_X509IssuerName=m_children.begin(); - m_pos_X509SerialNumber=m_pos_X509IssuerName; - ++m_pos_X509SerialNumber; - } - IMPL_XMLOBJECT_CLONE(X509IssuerSerial); IMPL_TYPED_CHILD(X509IssuerName); IMPL_TYPED_CHILD(X509SerialNumber); @@ -674,7 +678,9 @@ namespace xmlsignature { continue; } - getUnknownXMLObjects().push_back((*i)->clone()); + if (*i) { + getUnknownXMLObjects().push_back((*i)->clone()); + } } } } @@ -716,6 +722,8 @@ namespace xmlsignature { public AbstractXMLObjectMarshaller, public AbstractXMLObjectUnmarshaller { + vector< pair > m_SPKISexps; + public: virtual ~SPKIDataImpl() {} @@ -725,19 +733,15 @@ namespace xmlsignature { SPKIDataImpl(const SPKIDataImpl& src) : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) { - VectorOfPairs(SPKISexp,XMLObject) v=getSPKISexps(); for (vector< pair >::const_iterator i=src.m_SPKISexps.begin(); i!=src.m_SPKISexps.end(); i++) { if (i->first) { - v.push_back(make_pair(i->first->cloneSPKISexp(),(i->second ? i->second->clone() : (XMLObject*)nullptr))); + getSPKISexps().push_back(make_pair(i->first->cloneSPKISexp(),(i->second ? i->second->clone() : (XMLObject*)nullptr))); } } } IMPL_XMLOBJECT_CLONE(SPKIData); - private: - vector< pair > m_SPKISexps; - public: VectorOfPairs(SPKISexp,XMLObject) getSPKISexps() { return VectorOfPairs(SPKISexp,XMLObject)(this, m_SPKISexps, &m_children, m_children.end()); @@ -780,6 +784,16 @@ namespace xmlsignature { public AbstractXMLObjectMarshaller, public AbstractXMLObjectUnmarshaller { + void init() { + m_PGPKeyID=nullptr; + m_PGPKeyPacket=nullptr; + m_children.push_back(nullptr); + m_children.push_back(nullptr); + m_pos_PGPKeyID=m_children.begin(); + m_pos_PGPKeyPacket=m_pos_PGPKeyID; + ++m_pos_PGPKeyPacket; + } + public: virtual ~PGPDataImpl() {} @@ -795,19 +809,11 @@ namespace xmlsignature { setPGPKeyID(src.getPGPKeyID()->clonePGPKeyID()); if (src.getPGPKeyPacket()) setPGPKeyPacket(src.getPGPKeyPacket()->clonePGPKeyPacket()); - VectorOf(XMLObject) v=getUnknownXMLObjects(); - for (vector::const_iterator i=src.m_UnknownXMLObjects.begin(); i!=src.m_UnknownXMLObjects.end(); ++i) - v.push_back((*i)->clone()); - } - - void init() { - m_PGPKeyID=nullptr; - m_PGPKeyPacket=nullptr; - m_children.push_back(nullptr); - m_children.push_back(nullptr); - m_pos_PGPKeyID=m_children.begin(); - m_pos_PGPKeyPacket=m_pos_PGPKeyID; - ++m_pos_PGPKeyPacket; + for (vector::const_iterator i=src.m_UnknownXMLObjects.begin(); i!=src.m_UnknownXMLObjects.end(); ++i) { + if (*i) { + getUnknownXMLObjects().push_back((*i)->clone()); + } + } } IMPL_XMLOBJECT_CLONE(PGPData); @@ -837,6 +843,10 @@ namespace xmlsignature { public AbstractXMLObjectMarshaller, public AbstractXMLObjectUnmarshaller { + void init() { + m_Id=m_URI=nullptr; + } + public: virtual ~KeyInfoReferenceImpl() { XMLString::release(&m_Id); @@ -851,12 +861,8 @@ namespace xmlsignature { KeyInfoReferenceImpl(const KeyInfoReferenceImpl& src) : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) { init(); - setId(getId()); - setURI(getURI()); - } - - void init() { - m_Id=m_URI=nullptr; + setId(src.getId()); + setURI(src.getURI()); } IMPL_XMLOBJECT_CLONE(KeyInfoReference); @@ -892,9 +898,8 @@ namespace xmlsignature { } KeyInfoImpl(const KeyInfoImpl& src) - : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src), - m_Id(XMLString::replicate(src.m_Id)) { - + : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src), m_Id(nullptr) { + setId(src.getId()); for (list::const_iterator i=src.m_children.begin(); i!=src.m_children.end(); i++) { if (*i) { X509Data* xd=dynamic_cast(*i); @@ -951,7 +956,9 @@ namespace xmlsignature { continue; } - getUnknownXMLObjects().push_back((*i)->clone()); + if (*i) { + getUnknownXMLObjects().push_back((*i)->clone()); + } } } } diff --git a/xmltooling/signature/impl/KeyInfoSchemaValidators.cpp b/xmltooling/signature/impl/KeyInfoSchemaValidators.cpp index e79a076..334173a 100644 --- a/xmltooling/signature/impl/KeyInfoSchemaValidators.cpp +++ b/xmltooling/signature/impl/KeyInfoSchemaValidators.cpp @@ -1,17 +1,21 @@ -/* -* Copyright 2001-2010 Internet2 - * -* Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/signature/impl/SignatureValidator.cpp b/xmltooling/signature/impl/SignatureValidator.cpp index 3dcddb1..f69d299 100644 --- a/xmltooling/signature/impl/SignatureValidator.cpp +++ b/xmltooling/signature/impl/SignatureValidator.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/signature/impl/XMLSecSignatureImpl.cpp b/xmltooling/signature/impl/XMLSecSignatureImpl.cpp index 4eaa15d..1d69463 100644 --- a/xmltooling/signature/impl/XMLSecSignatureImpl.cpp +++ b/xmltooling/signature/impl/XMLSecSignatureImpl.cpp @@ -1,17 +1,21 @@ -/* -* Copyright 2001-2010 Internet2 - * -* Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/soap/HTTPSOAPTransport.h b/xmltooling/soap/HTTPSOAPTransport.h index 81c0439..810b32c 100644 --- a/xmltooling/soap/HTTPSOAPTransport.h +++ b/xmltooling/soap/HTTPSOAPTransport.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/soap/OpenSSLSOAPTransport.h b/xmltooling/soap/OpenSSLSOAPTransport.h index eecb289..a5cd6c5 100644 --- a/xmltooling/soap/OpenSSLSOAPTransport.h +++ b/xmltooling/soap/OpenSSLSOAPTransport.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/soap/SOAP.h b/xmltooling/soap/SOAP.h index 01b7fe9..1879891 100644 --- a/xmltooling/soap/SOAP.h +++ b/xmltooling/soap/SOAP.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/soap/SOAPClient.h b/xmltooling/soap/SOAPClient.h index 27f2622..883fe26 100644 --- a/xmltooling/soap/SOAPClient.h +++ b/xmltooling/soap/SOAPClient.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/soap/SOAPTransport.h b/xmltooling/soap/SOAPTransport.h index dcfcf4a..8969808 100644 --- a/xmltooling/soap/SOAPTransport.h +++ b/xmltooling/soap/SOAPTransport.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -231,7 +235,6 @@ namespace xmltooling { virtual long getStatusCode() const; }; -#ifndef XMLTOOLING_NO_XMLSEC /** * Registers SOAPTransport classes into the runtime. */ @@ -246,7 +249,6 @@ namespace xmltooling { * Notifies transport infrastructure to shutdown. */ void XMLTOOL_API termSOAPTransports(); -#endif }; diff --git a/xmltooling/soap/impl/CURLSOAPTransport.cpp b/xmltooling/soap/impl/CURLSOAPTransport.cpp index 4f8a3c4..e6a2c66 100644 --- a/xmltooling/soap/impl/CURLSOAPTransport.cpp +++ b/xmltooling/soap/impl/CURLSOAPTransport.cpp @@ -1,18 +1,21 @@ -/* - * Licensed to UCAID under one or more contributor license agreements. - * See the NOTICE file distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may not use this - * file except in compliance with the License. You may obtain a copy of the +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -244,13 +247,6 @@ namespace xmltooling { } }; -void xmltooling::registerSOAPTransports() -{ - XMLToolingConfig& conf=XMLToolingConfig::getConfig(); - conf.SOAPTransportManager.registerFactory("http", CURLSOAPTransportFactory); - conf.SOAPTransportManager.registerFactory("https", CURLSOAPTransportFactory); -} - void xmltooling::initSOAPTransports() { g_CURLPool=new CURLPool(); @@ -262,14 +258,6 @@ void xmltooling::termSOAPTransports() g_CURLPool = nullptr; } -OpenSSLSOAPTransport::OpenSSLSOAPTransport() -{ -} - -OpenSSLSOAPTransport::~OpenSSLSOAPTransport() -{ -} - CURLPool::~CURLPool() { for (poolmap_t::iterator i=m_bindingMap.begin(); i!=m_bindingMap.end(); i++) { diff --git a/xmltooling/soap/impl/SOAPClient.cpp b/xmltooling/soap/impl/SOAPClient.cpp index 1e17c2d..01a1789 100644 --- a/xmltooling/soap/impl/SOAPClient.cpp +++ b/xmltooling/soap/impl/SOAPClient.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -24,6 +28,7 @@ #include "exceptions.h" #include "logging.h" #include "soap/HTTPSOAPTransport.h" +#include "soap/OpenSSLSOAPTransport.h" #include "soap/SOAP.h" #include "soap/SOAPClient.h" #include "util/XMLHelper.h" @@ -37,6 +42,32 @@ using namespace xmltooling; using namespace xercesc; using namespace std; +#if !defined(XMLTOOLING_NO_XMLSEC) && !defined(XMLTOOLING_LITE) +namespace xmltooling { + PluginManager::Factory CURLSOAPTransportFactory; +}; +#endif + +void xmltooling::registerSOAPTransports() +{ +#if !defined(XMLTOOLING_NO_XMLSEC) && !defined(XMLTOOLING_LITE) + XMLToolingConfig& conf=XMLToolingConfig::getConfig(); + conf.SOAPTransportManager.registerFactory("http", CURLSOAPTransportFactory); + conf.SOAPTransportManager.registerFactory("https", CURLSOAPTransportFactory); +#endif +} + + +#ifdef XMLTOOLING_NO_XMLSEC +void xmltooling::initSOAPTransports() +{ +} + +void xmltooling::termSOAPTransports() +{ +} +#endif + SOAPTransport::SOAPTransport() { } @@ -80,6 +111,16 @@ bool HTTPSOAPTransport::followRedirects(bool follow, unsigned int maxRedirs) return false; } +#ifndef XMLTOOLING_NO_XMLSEC +OpenSSLSOAPTransport::OpenSSLSOAPTransport() +{ +} + +OpenSSLSOAPTransport::~OpenSSLSOAPTransport() +{ +} +#endif + SOAPClient::SOAPClient(bool validate) : m_validate(validate), m_transport(nullptr) { } diff --git a/xmltooling/soap/impl/SOAPImpl.cpp b/xmltooling/soap/impl/SOAPImpl.cpp index d272fd2..866fbb8 100644 --- a/xmltooling/soap/impl/SOAPImpl.cpp +++ b/xmltooling/soap/impl/SOAPImpl.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -110,9 +114,11 @@ namespace { AbstractAttributeExtensibleXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) { - VectorOf(XMLObject) v=getUnknownXMLObjects(); - for (vector::const_iterator i=src.m_UnknownXMLObjects.begin(); i!=src.m_UnknownXMLObjects.end(); ++i) - v.push_back((*i)->clone()); + for (vector::const_iterator i=src.m_UnknownXMLObjects.begin(); i!=src.m_UnknownXMLObjects.end(); ++i) { + if (*i) { + getUnknownXMLObjects().push_back((*i)->clone()); + } + } } IMPL_XMLOBJECT_CLONE(Detail); @@ -155,6 +161,7 @@ namespace { m_pos_Detail=m_pos_Faultactor; ++m_pos_Detail; } + protected: FaultImpl() { init(); @@ -217,9 +224,11 @@ namespace { AbstractAttributeExtensibleXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) { - VectorOf(XMLObject) v=getUnknownXMLObjects(); - for (vector::const_iterator i=src.m_UnknownXMLObjects.begin(); i!=src.m_UnknownXMLObjects.end(); ++i) - v.push_back((*i)->clone()); + for (vector::const_iterator i=src.m_UnknownXMLObjects.begin(); i!=src.m_UnknownXMLObjects.end(); ++i) { + if (*i) { + getUnknownXMLObjects().push_back((*i)->clone()); + } + } } IMPL_XMLOBJECT_CLONE(Body); @@ -259,9 +268,11 @@ namespace { AbstractAttributeExtensibleXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) { - VectorOf(XMLObject) v=getUnknownXMLObjects(); - for (vector::const_iterator i=src.m_UnknownXMLObjects.begin(); i!=src.m_UnknownXMLObjects.end(); ++i) - v.push_back((*i)->clone()); + for (vector::const_iterator i=src.m_UnknownXMLObjects.begin(); i!=src.m_UnknownXMLObjects.end(); ++i) { + if (*i) { + getUnknownXMLObjects().push_back((*i)->clone()); + } + } } IMPL_XMLOBJECT_CLONE(Header); @@ -297,6 +308,7 @@ namespace { m_pos_Body=m_pos_Header; ++m_pos_Body; } + public: virtual ~EnvelopeImpl() {} @@ -306,8 +318,7 @@ namespace { } EnvelopeImpl(const EnvelopeImpl& src) - : AbstractXMLObject(src), AbstractAttributeExtensibleXMLObject(src), - AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) { + : AbstractXMLObject(src), AbstractAttributeExtensibleXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) { init(); if (src.getHeader()) setHeader(src.getHeader()->cloneHeader()); diff --git a/xmltooling/soap/impl/SOAPSchemaValidators.cpp b/xmltooling/soap/impl/SOAPSchemaValidators.cpp index 2ae9b54..32f58c0 100644 --- a/xmltooling/soap/impl/SOAPSchemaValidators.cpp +++ b/xmltooling/soap/impl/SOAPSchemaValidators.cpp @@ -1,17 +1,21 @@ -/* -* Copyright 2001-2010 Internet2 - * -* Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/unicode.cpp b/xmltooling/unicode.cpp index 1e50c9c..b54d1ed 100644 --- a/xmltooling/unicode.cpp +++ b/xmltooling/unicode.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2007 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/unicode.h b/xmltooling/unicode.h index 327cadc..a2db686 100644 --- a/xmltooling/unicode.h +++ b/xmltooling/unicode.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/util/CurlURLInputStream.cpp b/xmltooling/util/CurlURLInputStream.cpp index 6d54cf0..4d1e4b3 100644 --- a/xmltooling/util/CurlURLInputStream.cpp +++ b/xmltooling/util/CurlURLInputStream.cpp @@ -1,18 +1,21 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/util/CurlURLInputStream.h b/xmltooling/util/CurlURLInputStream.h index a8b72ba..c149951 100644 --- a/xmltooling/util/CurlURLInputStream.h +++ b/xmltooling/util/CurlURLInputStream.h @@ -1,18 +1,21 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/util/DateTime.cpp b/xmltooling/util/DateTime.cpp index 9183420..64fe2eb 100644 --- a/xmltooling/util/DateTime.cpp +++ b/xmltooling/util/DateTime.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -27,6 +31,7 @@ */ #include "internal.h" +#include "unicode.h" #include "util/DateTime.h" #ifndef WIN32 @@ -1311,18 +1316,17 @@ double DateTime::parseMiliSecond(const int start, const int end) const XMLString::copyNString(miliSecData, &(fBuffer[start-1]), miliSecLen); *(miliSecData + miliSecLen) = chNull; - char *nptr = XMLString::transcode(miliSecData); - ArrayJanitor jan(nptr); - size_t strLen = strlen(nptr); + auto_ptr_char nptr(miliSecData); + size_t strLen = strlen(nptr.get()); char *endptr = 0; errno = 0; //printf("milisec=<%s>\n", nptr); - double retVal = strtod(nptr, &endptr); + double retVal = strtod(nptr.get(), &endptr); // check if all chars are valid char - if ( (endptr - nptr) != strLen) + if ( (endptr - nptr.get()) != strLen) throw XMLParserException("Invalid non-numeric characters."); // we don't check underflow occurs since diff --git a/xmltooling/util/DateTime.h b/xmltooling/util/DateTime.h index b4347bd..bde44d3 100644 --- a/xmltooling/util/DateTime.h +++ b/xmltooling/util/DateTime.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/util/NDC.cpp b/xmltooling/util/NDC.cpp index ac23379..496e49f 100644 --- a/xmltooling/util/NDC.cpp +++ b/xmltooling/util/NDC.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2007 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/util/NDC.h b/xmltooling/util/NDC.h index 8363a34..6ad72a6 100644 --- a/xmltooling/util/NDC.h +++ b/xmltooling/util/NDC.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/util/PThreads.cpp b/xmltooling/util/PThreads.cpp index 43437e7..172c638 100644 --- a/xmltooling/util/PThreads.cpp +++ b/xmltooling/util/PThreads.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/util/ParserPool.cpp b/xmltooling/util/ParserPool.cpp index 73d3994..6a4700d 100644 --- a/xmltooling/util/ParserPool.cpp +++ b/xmltooling/util/ParserPool.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -29,10 +33,12 @@ #include "util/Threads.h" #include "util/XMLHelper.h" -#include -#include #include #include +#include +#include +#include +#include #include #include #include @@ -43,6 +49,7 @@ using namespace xmltooling::logging; using namespace xmltooling; using namespace xercesc; +using namespace boost; using namespace std; @@ -104,8 +111,6 @@ ParserPool::~ParserPool() m_pool.top()->release(); m_pool.pop(); } - delete m_lock; - delete m_security; } DOMDocument* ParserPool::newDocument() @@ -193,8 +198,7 @@ DOMDocument* ParserPool::parse(istream& is) } // Functor to double its argument separated by a character and append to a buffer -template class doubleit -{ +template class doubleit { public: doubleit(T& t, const typename T::value_type& s) : temp(t), sep(s) {} void operator() (const pair& s) { temp += s.first + sep + s.first + sep; } @@ -224,14 +228,20 @@ bool ParserPool::loadSchema(const XMLCh* nsURI, const XMLCh* pathname) return false; } - Lock lock(m_lock); + Lock lock(m_lock.get()); m_schemaLocMap[nsURI]=pathname; m_schemaLocations.erase(); - for_each(m_schemaLocMap.begin(),m_schemaLocMap.end(),doubleit(m_schemaLocations,chSpace)); + for_each(m_schemaLocMap.begin(), m_schemaLocMap.end(), doubleit(m_schemaLocations,chSpace)); return true; } +bool ParserPool::loadCatalog(const char* pathname) +{ + auto_ptr_XMLCh temp(pathname); + return loadCatalog(temp.get()); +} + bool ParserPool::loadCatalog(const XMLCh* pathname) { #if _DEBUG @@ -278,7 +288,7 @@ bool ParserPool::loadCatalog(const XMLCh* pathname) // Fetch all the elements. DOMNodeList* mappings=root->getElementsByTagNameNS(CATALOG_NS,system); - Lock lock(m_lock); + Lock lock(m_lock.get()); for (XMLSize_t i=0; igetLength(); i++) { root=static_cast(mappings->item(i)); const XMLCh* from=root->getAttributeNS(nullptr,systemId); @@ -286,9 +296,9 @@ bool ParserPool::loadCatalog(const XMLCh* pathname) m_schemaLocMap[from]=to; } m_schemaLocations.erase(); - for_each(m_schemaLocMap.begin(),m_schemaLocMap.end(),doubleit(m_schemaLocations,chSpace)); + for_each(m_schemaLocMap.begin(), m_schemaLocMap.end(), doubleit(m_schemaLocations,chSpace)); } - catch (exception& e) { + catch (std::exception& e) { log.error("catalog loader caught exception: %s", e.what()); return false; } @@ -324,25 +334,27 @@ DOMInputSource* ParserPool::resolveEntity( } // Find well-known schemas in the specified location. - map::const_iterator i=m_schemaLocMap.find(systemId); - if (i!=m_schemaLocMap.end()) - return new Wrapper4InputSource(new LocalFileInputSource(baseURI,i->second.c_str())); - - // Check for entity as a value in the map. - for (i=m_schemaLocMap.begin(); i!=m_schemaLocMap.end(); ++i) { - if (XMLString::endsWith(i->second.c_str(), systemId)) - return new Wrapper4InputSource(new LocalFileInputSource(baseURI,i->second.c_str())); - } + map::const_iterator i = m_schemaLocMap.find(systemId); + if (i != m_schemaLocMap.end()) + return new Wrapper4InputSource(new LocalFileInputSource(baseURI, i->second.c_str())); + + // Check for entity as a suffix of a value in the map. + i = find_if( + m_schemaLocMap.begin(), m_schemaLocMap.end(), + boost::bind(ends_with, boost::bind(&map::value_type::second, _1), systemId) + ); + if (i != m_schemaLocMap.end()) + return new Wrapper4InputSource(new LocalFileInputSource(baseURI, i->second.c_str())); // We'll allow anything without embedded slashes. - if (XMLString::indexOf(systemId, chForwardSlash)==-1) - return new Wrapper4InputSource(new LocalFileInputSource(baseURI,systemId)); + if (XMLString::indexOf(systemId, chForwardSlash) == -1 && XMLString::indexOf(systemId, chBackSlash) == -1) + return new Wrapper4InputSource(new LocalFileInputSource(baseURI, systemId)); // Shortcircuit the request. auto_ptr_char temp(systemId); log.debug("unauthorized entity request (%s), blocking it", temp.get()); static const XMLByte nullbuf[] = {0}; - return new Wrapper4InputSource(new MemBufInputSource(nullbuf,0,systemId)); + return new Wrapper4InputSource(new MemBufInputSource(nullbuf, 0, systemId)); } #ifdef XMLTOOLING_XERCESC_COMPLIANT_DOMLS @@ -366,13 +378,13 @@ DOMLSParser* ParserPool::createBuilder() parser->getDomConfig()->setParameter(XMLUni::fgXercesUserAdoptsDOMDocument, true); parser->getDomConfig()->setParameter(XMLUni::fgXercesDisableDefaultEntityResolution, true); parser->getDomConfig()->setParameter(XMLUni::fgDOMResourceResolver, dynamic_cast(this)); - parser->getDomConfig()->setParameter(XMLUni::fgXercesSecurityManager, m_security); + parser->getDomConfig()->setParameter(XMLUni::fgXercesSecurityManager, m_security.get()); return parser; } DOMLSParser* ParserPool::checkoutBuilder() { - Lock lock(m_lock); + Lock lock(m_lock.get()); if (m_pool.empty()) { DOMLSParser* builder=createBuilder(); return builder; @@ -387,7 +399,7 @@ DOMLSParser* ParserPool::checkoutBuilder() void ParserPool::checkinBuilder(DOMLSParser* builder) { if (builder) { - Lock lock(m_lock); + Lock lock(m_lock.get()); m_pool.push(builder); } } @@ -410,7 +422,7 @@ DOMBuilder* ParserPool::createBuilder() // This ensures the entity resolver will be given the namespace as a systemId it can check. parser->setProperty(XMLUni::fgXercesSchemaExternalSchemaLocation,const_cast(m_schemaLocations.c_str())); } - parser->setProperty(XMLUni::fgXercesSecurityManager, m_security); + parser->setProperty(XMLUni::fgXercesSecurityManager, m_security.get()); parser->setFeature(XMLUni::fgXercesUserAdoptsDOMDocument, true); parser->setFeature(XMLUni::fgXercesDisableDefaultEntityResolution, true); parser->setEntityResolver(this); @@ -419,7 +431,7 @@ DOMBuilder* ParserPool::createBuilder() DOMBuilder* ParserPool::checkoutBuilder() { - Lock lock(m_lock); + Lock lock(m_lock.get()); if (m_pool.empty()) { DOMBuilder* builder=createBuilder(); return builder; @@ -434,7 +446,7 @@ DOMBuilder* ParserPool::checkoutBuilder() void ParserPool::checkinBuilder(DOMBuilder* builder) { if (builder) { - Lock lock(m_lock); + Lock lock(m_lock.get()); m_pool.push(builder); } } diff --git a/xmltooling/util/ParserPool.h b/xmltooling/util/ParserPool.h index fabe1e5..6561329 100644 --- a/xmltooling/util/ParserPool.h +++ b/xmltooling/util/ParserPool.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -110,6 +114,17 @@ namespace xmltooling { * @param pathname path to a catalog file * @return true iff the catalog was successfully processed */ + bool loadCatalog(const char* pathname); + + /** + * Load an OASIS catalog file to map schema namespace URIs to filenames. + * + * This does not provide real catalog support; only the <uri> element + * is supported to map from a namespace URI to a relative path or file:// URI. + * + * @param pathname path to a catalog file + * @return true iff the catalog was successfully processed + */ bool loadCatalog(const XMLCh* pathname); /** @@ -161,8 +176,8 @@ namespace xmltooling { #else std::stack m_pool; #endif - Mutex* m_lock; - xercesc::SecurityManager* m_security; + std::auto_ptr m_lock; + std::auto_ptr m_security; }; /** diff --git a/xmltooling/util/PathResolver.cpp b/xmltooling/util/PathResolver.cpp index 95a1eea..e241b14 100644 --- a/xmltooling/util/PathResolver.cpp +++ b/xmltooling/util/PathResolver.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/util/PathResolver.h b/xmltooling/util/PathResolver.h index a19cc89..afafb80 100644 --- a/xmltooling/util/PathResolver.h +++ b/xmltooling/util/PathResolver.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/util/Predicates.h b/xmltooling/util/Predicates.h index 3269231..b63c4c9 100644 --- a/xmltooling/util/Predicates.h +++ b/xmltooling/util/Predicates.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/util/ReloadableXMLFile.cpp b/xmltooling/util/ReloadableXMLFile.cpp index b6be0fe..1d73a14 100644 --- a/xmltooling/util/ReloadableXMLFile.cpp +++ b/xmltooling/util/ReloadableXMLFile.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -63,25 +67,6 @@ using namespace xmltooling; using namespace xercesc; using namespace std; -#ifndef XMLTOOLING_LITE -namespace { - class XMLTOOL_DLLLOCAL DummyCredentialResolver : public CredentialResolver - { - public: - DummyCredentialResolver() {} - ~DummyCredentialResolver() {} - - Lockable* lock() {return this;} - void unlock() {} - - const Credential* resolve(const CredentialCriteria* criteria=nullptr) const {return nullptr;} - vector::size_type resolve( - vector& results, const CredentialCriteria* criteria=nullptr - ) const {return 0;} - }; -}; -#endif - static const XMLCh id[] = UNICODE_LITERAL_2(i,d); static const XMLCh uri[] = UNICODE_LITERAL_3(u,r,i); static const XMLCh url[] = UNICODE_LITERAL_3(u,r,l); @@ -610,8 +595,10 @@ void ReloadableXMLFile::validateSignature(Signature& sigObj) const } } else if (m_trust) { - DummyCredentialResolver dummy; - if (m_trust->validate(sigObj, dummy, &cc)) + auto_ptr dummy( + XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin(DUMMY_CREDENTIAL_RESOLVER, nullptr) + ); + if (m_trust->validate(sigObj, *(dummy.get()), &cc)) return; throw XMLSecurityException("TrustEngine unable to verify signature."); } diff --git a/xmltooling/util/ReloadableXMLFile.h b/xmltooling/util/ReloadableXMLFile.h index 4f21177..d7cf55e 100644 --- a/xmltooling/util/ReloadableXMLFile.h +++ b/xmltooling/util/ReloadableXMLFile.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/util/ReplayCache.cpp b/xmltooling/util/ReplayCache.cpp index a4db58d..a457cb4 100644 --- a/xmltooling/util/ReplayCache.cpp +++ b/xmltooling/util/ReplayCache.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -21,16 +25,19 @@ */ #include "internal.h" +#include "logging.h" +#include "security/SecurityHelper.h" #include "util/ReplayCache.h" -#include "util/StorageService.h" +using namespace xmltooling::logging; using namespace xmltooling; using namespace std; -ReplayCache::ReplayCache(StorageService* storage) : m_owned(storage==nullptr), m_storage(storage) +ReplayCache::ReplayCache(StorageService* storage) + : m_owned(storage==nullptr), + m_storage(storage ? storage : XMLToolingConfig::getConfig().StorageServiceManager.newPlugin(MEMORY_STORAGE_SERVICE, nullptr)), + m_storageCaps(m_storage->getCapabilities()) { - if (!m_storage) - m_storage = XMLToolingConfig::getConfig().StorageServiceManager.newPlugin(MEMORY_STORAGE_SERVICE, nullptr); } ReplayCache::~ReplayCache() @@ -41,6 +48,30 @@ ReplayCache::~ReplayCache() bool ReplayCache::check(const char* context, const char* s, time_t expires) { + if (strlen(context) > m_storageCaps.getContextSize()) { + // This is a design/coding failure. + Category::getInstance(XMLTOOLING_LOGCAT".ReplayCache").error( + "context (%s) too long for StorageService (limit %u)", context, m_storageCaps.getContextSize() + ); + return false; + } + else if (strlen(s) > m_storageCaps.getKeySize()) { + // This is something to work around with a hash. +#ifndef XMLTOOLING_NO_XMLSEC + string h = SecurityHelper::doHash("SHA1", s, strlen(s)); + // In storage already? + if (m_storage->readString(context, h.c_str())) + return false; + m_storage->createString(context, h.c_str(), "x", expires); + return true; +#else + Category::getInstance(XMLTOOLING_LOGCAT".ReplayCache").error( + "key (%s) too long for StorageService (limit %u)", s, m_storageCaps.getKeySize() + ); + return false; +#endif + } + // In storage already? if (m_storage->readString(context, s)) return false; diff --git a/xmltooling/util/ReplayCache.h b/xmltooling/util/ReplayCache.h index a95514d..c0fdf29 100644 --- a/xmltooling/util/ReplayCache.h +++ b/xmltooling/util/ReplayCache.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -24,6 +28,7 @@ #define __xmltooling_replay_h__ #include +#include namespace xmltooling { @@ -70,6 +75,7 @@ namespace xmltooling { private: bool m_owned; StorageService* m_storage; + const StorageService::Capabilities& m_storageCaps; }; }; diff --git a/xmltooling/util/StorageService.cpp b/xmltooling/util/StorageService.cpp index 6c563b2..a9f3f36 100644 --- a/xmltooling/util/StorageService.cpp +++ b/xmltooling/util/StorageService.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -26,6 +30,10 @@ using namespace xmltooling; using namespace std; +namespace { + static const XMLTOOL_DLLLOCAL StorageService::Capabilities g_ssCaps(255, 255, 255); +}; + namespace xmltooling { XMLTOOL_DLLLOCAL PluginManager::Factory MemoryStorageServiceFactory; }; @@ -43,3 +51,32 @@ StorageService::StorageService() StorageService::~StorageService() { } + +const StorageService::Capabilities& StorageService::getCapabilities() const +{ + return g_ssCaps; +} + +StorageService::Capabilities::Capabilities(unsigned int contextSize, unsigned int keySize, unsigned int stringSize) + : m_contextSize(contextSize), m_keySize(keySize), m_stringSize(stringSize) +{ +} + +StorageService::Capabilities::~Capabilities() +{ +} + +unsigned int StorageService::Capabilities::getContextSize() const +{ + return m_contextSize; +} + +unsigned int StorageService::Capabilities::getKeySize() const +{ + return m_keySize; +} + +unsigned int StorageService::Capabilities::getStringSize() const +{ + return m_stringSize; +} diff --git a/xmltooling/util/StorageService.h b/xmltooling/util/StorageService.h index 7d5440c..01c17f2 100644 --- a/xmltooling/util/StorageService.h +++ b/xmltooling/util/StorageService.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -38,19 +42,65 @@ namespace xmltooling { * Keys need to be unique only within a given context, so multiple * components can share a single storage service safely as long as they * use different labels. + * + *

The allowable sizes for contexts, keys, and short values can vary + * and be reported by the implementation to callers, but MUST be at least + * 255 bytes. */ class XMLTOOL_API StorageService { MAKE_NONCOPYABLE(StorageService); public: virtual ~StorageService(); + + class XMLTOOL_API Capabilities { + MAKE_NONCOPYABLE(Capabilities); + unsigned int m_contextSize, m_keySize, m_stringSize; + public: + /** + * Constructor. + * + * @param contextSize max size of context labels in characters + * @param keysize max size of keys in characters + * @param stringSize max size of string values in characters + */ + Capabilities(unsigned int contextSize, unsigned int keySize, unsigned int stringSize); + ~Capabilities(); + + /** + * Returns max size of context labels in characters + * @return max size of context labels in characters + */ + unsigned int getContextSize() const; + + /** + * Returns max size of keys in characters + * @return max size of keys in characters + */ + unsigned int getKeySize() const; + + /** + * Returns max size of string values in characters + * @return max size of string values in characters + */ + unsigned int getStringSize() const; + }; /** + * Returns the capabilities of the underlying service. + *

If implementations support only the 255 character minimum, the default + * implementation of this method will suffice. + * + * @return a reference to an interface to access the service's capabilities + */ + virtual const Capabilities& getCapabilities() const; + + /** * Creates a new "short" record in the storage service. * * @param context a storage context label - * @param key null-terminated unique key of up to 255 bytes - * @param value null-terminated value of up to 255 bytes to store + * @param key null-terminated unique key + * @param value null-terminated value * @param expiration an expiration timestamp, after which the record can be purged * @return true iff record was inserted, false iff a duplicate was found * @@ -64,7 +114,7 @@ namespace xmltooling { *

The version parameter can be set for "If-Modified-Since" semantics. * * @param context a storage context label - * @param key null-terminated unique key of up to 255 bytes + * @param key null-terminated unique key * @param pvalue location in which to return the record value * @param pexpiration location in which to return the expiration timestamp * @param version if > 0, only copy back data if newer than supplied version @@ -80,8 +130,8 @@ namespace xmltooling { * Updates an existing "short" record in the storage service. * * @param context a storage context label - * @param key null-terminated unique key of up to 255 bytes - * @param value null-terminated value of up to 255 bytes to store, or nullptr to leave alone + * @param key null-terminated unique key + * @param value null-terminated value to store, or nullptr to leave alone * @param expiration a new expiration timestamp, or 0 to leave alone * @param version if > 0, only update if the current version matches this value * @return the version of the record after update, 0 if no record exists, or -1 if the version @@ -97,7 +147,7 @@ namespace xmltooling { * Deletes an existing "short" record from the storage service. * * @param context a storage context label - * @param key null-terminated unique key of up to 255 bytes + * @param key null-terminated unique key * @return true iff the record existed and was deleted * * @throws IOException raised if errors occur in the deletion process @@ -108,7 +158,7 @@ namespace xmltooling { * Creates a new "long" record in the storage service. * * @param context a storage context label - * @param key null-terminated unique key of up to 255 bytes + * @param key null-terminated unique key * @param value null-terminated value of arbitrary length * @param expiration an expiration timestamp, after which the record can be purged * @return true iff record was inserted, false iff a duplicate was found @@ -123,7 +173,7 @@ namespace xmltooling { *

The version parameter can be set for "If-Modified-Since" semantics. * * @param context a storage context label - * @param key null-terminated unique key of up to 255 bytes + * @param key null-terminated unique key * @param pvalue location in which to return the record value * @param pexpiration location in which to return the expiration timestamp * @param version if > 0, only copy back data if newer than supplied version @@ -139,7 +189,7 @@ namespace xmltooling { * Updates an existing "long" record in the storage service. * * @param context a storage context label - * @param key null-terminated unique key of up to 255 bytes + * @param key null-terminated unique key * @param value null-terminated value of arbitrary length to store, or nullptr to leave alone * @param expiration a new expiration timestamp, or 0 to leave alone * @param version if > 0, only update if the current version matches this value @@ -156,7 +206,7 @@ namespace xmltooling { * Deletes an existing "long" record from the storage service. * * @param context a storage context label - * @param key null-terminated unique key of up to 255 bytes + * @param key null-terminated unique key * @return true iff the record existed and was deleted * * @throws IOException raised if errors occur in the deletion process diff --git a/xmltooling/util/TemplateEngine.cpp b/xmltooling/util/TemplateEngine.cpp index 48e90a9..ca9ca71 100644 --- a/xmltooling/util/TemplateEngine.cpp +++ b/xmltooling/util/TemplateEngine.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -24,8 +28,11 @@ #include "io/GenericRequest.h" #include "util/TemplateEngine.h" +#include + using namespace xmltooling; using namespace std; +using boost::trim; namespace { static const pair emptyPair; @@ -108,27 +115,13 @@ void TemplateEngine::html_encode(ostream& os, const char* start) const } } -void TemplateEngine::trimspace(string& s) const -{ - string::size_type end = s.size() - 1, start = 0; - - // Trim stuff on right. - while (end > 0 && !isgraph(s[end])) end--; - - // Trim stuff on left. - while (start < end && !isgraph(s[start])) start++; - - // Modify the string. - s = s.substr(start, end - start + 1); -} - void TemplateEngine::process( bool visible, const string& buf, const char*& lastpos, ostream& os, const TemplateParameters& parameters, - const std::pair& loopentry, + const pair& loopentry, const XMLToolingException* e ) const { @@ -153,7 +146,7 @@ void TemplateEngine::process( // search for the end-tag if ((thispos = strstr(lastpos, "/>")) != nullptr) { string key = buf.substr(lastpos-line, thispos-lastpos); - trimspace(key); + trim(key); if (key == "$name" && !loopentry.first.empty()) html_encode(os,loopentry.first.c_str()); @@ -181,7 +174,7 @@ void TemplateEngine::process( // search for the end of this tag if ((thispos = strchr(lastpos, '>')) != nullptr) { string key = buf.substr(lastpos-line, thispos-lastpos); - trimspace(key); + trim(key); bool cond=false; if (visible) cond = parameters.getParameter(key.c_str()) || (e && e->getProperty(key.c_str())); @@ -211,7 +204,7 @@ void TemplateEngine::process( // search for the end of this tag if ((thispos = strchr(lastpos, '>')) != nullptr) { string key = buf.substr(lastpos-line, thispos-lastpos); - trimspace(key); + trim(key); bool cond=visible; if (visible) cond = !(parameters.getParameter(key.c_str()) || (e && e->getProperty(key.c_str()))); @@ -244,7 +237,7 @@ void TemplateEngine::process( // search for the end of this tag if ((thispos = strchr(lastpos, '>')) != nullptr) { key = buf.substr(lastpos-line, thispos-lastpos); - trimspace(key); + trim(key); lastpos = thispos + 1; // strlen(">") } diff --git a/xmltooling/util/TemplateEngine.h b/xmltooling/util/TemplateEngine.h index 157c912..4a86c86 100644 --- a/xmltooling/util/TemplateEngine.h +++ b/xmltooling/util/TemplateEngine.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -127,7 +131,6 @@ namespace xmltooling { static std::string unsafe_chars; private: - void trimspace(std::string& s) const; void html_encode(std::ostream& os, const char* start) const; void process( bool visible, diff --git a/xmltooling/util/Threads.h b/xmltooling/util/Threads.h index aae15ed..959031d 100644 --- a/xmltooling/util/Threads.h +++ b/xmltooling/util/Threads.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -292,6 +296,15 @@ namespace xmltooling } /** + * Locks and wraps the designated mutex. + * + * @param mtx mutex to lock + */ + Lock(Mutex& mtx) : mutex(&mtx) { + mtx.lock(); + } + + /** * Unlocks the wrapped mutex. */ ~Lock() { diff --git a/xmltooling/util/URLEncoder.cpp b/xmltooling/util/URLEncoder.cpp index 0196f2b..e0c5431 100644 --- a/xmltooling/util/URLEncoder.cpp +++ b/xmltooling/util/URLEncoder.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/util/URLEncoder.h b/xmltooling/util/URLEncoder.h index 1ba61b6..e8ebd6e 100644 --- a/xmltooling/util/URLEncoder.h +++ b/xmltooling/util/URLEncoder.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/util/Win32Threads.cpp b/xmltooling/util/Win32Threads.cpp index 222603a..3f64975 100644 --- a/xmltooling/util/Win32Threads.cpp +++ b/xmltooling/util/Win32Threads.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/util/XMLConstants.cpp b/xmltooling/util/XMLConstants.cpp index 77210c3..66d5de9 100644 --- a/xmltooling/util/XMLConstants.cpp +++ b/xmltooling/util/XMLConstants.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2007 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/util/XMLConstants.h b/xmltooling/util/XMLConstants.h index 0712209..961f0de 100644 --- a/xmltooling/util/XMLConstants.h +++ b/xmltooling/util/XMLConstants.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/util/XMLHelper.cpp b/xmltooling/util/XMLHelper.cpp index 4d4b8e2..be7401d 100644 --- a/xmltooling/util/XMLHelper.cpp +++ b/xmltooling/util/XMLHelper.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -27,11 +31,16 @@ #include "util/XMLHelper.h" #include "util/XMLConstants.h" +#include +#include +#include #include #include using namespace xmltooling; using namespace xercesc; +using namespace boost::lambda; +using namespace boost; using namespace std; static const XMLCh type[]={chLatin_t, chLatin_y, chLatin_p, chLatin_e, chNull }; @@ -73,7 +82,7 @@ DOMAttr* XMLHelper::getIdAttribute(const DOMElement* domElement) DOMNamedNodeMap* attributes = domElement->getAttributes(); DOMAttr* attribute; - for(XMLSize_t i = 0; i < attributes->getLength(); i++) { + for(XMLSize_t i = 0; i < attributes->getLength(); ++i) { attribute = static_cast(attributes->item(i)); if(attribute->isId()) { return attribute; @@ -90,7 +99,7 @@ const XMLObject* XMLHelper::getXMLObjectById(const XMLObject& tree, const XMLCh* const XMLObject* ret; const list& children = tree.getOrderedChildren(); - for (list::const_iterator i=children.begin(); i!=children.end(); ++i) { + for (list::const_iterator i = children.begin(); i != children.end(); ++i) { if (*i) { ret = getXMLObjectById(*(*i), id); if (ret) @@ -105,10 +114,10 @@ XMLObject* XMLHelper::getXMLObjectById(XMLObject& tree, const XMLCh* id) { if (XMLString::equals(id, tree.getXMLID())) return &tree; - + XMLObject* ret; const list& children = tree.getOrderedChildren(); - for (list::const_iterator i=children.begin(); i!=children.end(); ++i) { + for (list::const_iterator i = children.begin(); i != children.end(); ++i) { if (*i) { ret = getXMLObjectById(*(*i), id); if (ret) @@ -122,11 +131,10 @@ XMLObject* XMLHelper::getXMLObjectById(XMLObject& tree, const XMLCh* id) void XMLHelper::getNonVisiblyUsedPrefixes(const XMLObject& tree, map& prefixes) { map child_prefixes; - const list& children = tree.getOrderedChildren(); - for (list::const_iterator i = children.begin(); i != children.end(); ++i) { - if (*i) - getNonVisiblyUsedPrefixes(*(*i), child_prefixes); - } + for_each( + tree.getOrderedChildren().begin(), tree.getOrderedChildren().end(), + if_(_1 != nullptr)[lambda::bind(&getNonVisiblyUsedPrefixes, boost::ref(*_1), boost::ref(child_prefixes))] + ); const set& nsset = tree.getNamespaces(); for (set::const_iterator ns = nsset.begin(); ns != nsset.end(); ++ns) { // Check for xmlns:xml. diff --git a/xmltooling/util/XMLHelper.h b/xmltooling/util/XMLHelper.h index 198d5ce..2fbbb3d 100644 --- a/xmltooling/util/XMLHelper.h +++ b/xmltooling/util/XMLHelper.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2011 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -100,6 +104,7 @@ namespace xmltooling { /** * Gets the XSI type for a given element if it has one. + *

The caller is responsible for freeing the result. * * @param e the element * @return the type or null @@ -154,6 +159,7 @@ namespace xmltooling { /** * @deprecated * Constructs a QName from an attribute's value. + *

The caller is responsible for freeing the result. * * @param attribute the attribute with a QName value * @return a QName from an attribute's value, or null if the given attribute is null @@ -162,6 +168,7 @@ namespace xmltooling { /** * Constructs a QName from a node's value. + *

The caller is responsible for freeing the result. * * @param domNode the DOM node with a QName value * @return a QName from a node's value, or null if the given node has no value diff --git a/xmltooling/util/XMLObjectChildrenList.h b/xmltooling/util/XMLObjectChildrenList.h index c9955fb..837d83e 100644 --- a/xmltooling/util/XMLObjectChildrenList.h +++ b/xmltooling/util/XMLObjectChildrenList.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/validation/Validator.h b/xmltooling/validation/Validator.h index afb7605..c2649de 100644 --- a/xmltooling/validation/Validator.h +++ b/xmltooling/validation/Validator.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/validation/ValidatorSuite.cpp b/xmltooling/validation/ValidatorSuite.cpp index 766418d..9c25046 100644 --- a/xmltooling/validation/ValidatorSuite.cpp +++ b/xmltooling/validation/ValidatorSuite.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/validation/ValidatorSuite.h b/xmltooling/validation/ValidatorSuite.h index a7d4ff1..8cd3e51 100644 --- a/xmltooling/validation/ValidatorSuite.h +++ b/xmltooling/validation/ValidatorSuite.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/version.cpp b/xmltooling/version.cpp index f200f85..05619f2 100644 --- a/xmltooling/version.cpp +++ b/xmltooling/version.cpp @@ -1,32 +1,35 @@ -/* - * Licensed to UCAID under one or more contributor license agreements. - * See the NOTICE file distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may not use this - * file except in compliance with the License. You may obtain a copy of the - * License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/** - * version.cpp - * - * Library version macros and constants. - */ - -#include "internal.h" -#include "version.h" - -XMLTOOL_API const char* const gXMLToolingVersionStr = XMLTOOLING_VERSIONSTR; -XMLTOOL_API const char* const gXMLToolingFullVersionStr = XMLTOOLING_FULLVERSIONSTR; -XMLTOOL_API const char* const gXMLToolingDotVersionStr = XMLTOOLING_FULLVERSIONDOT; -XMLTOOL_API const unsigned int gXMLToolingMajVersion = XMLTOOLING_VERSION_MAJOR; -XMLTOOL_API const unsigned int gXMLToolingMinVersion = XMLTOOLING_VERSION_MINOR; -XMLTOOL_API const unsigned int gXMLToolingRevision = XMLTOOLING_VERSION_REVISION; +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. + */ + +/** + * version.cpp + * + * Library version macros and constants. + */ + +#include "internal.h" +#include "version.h" + +XMLTOOL_API const char* const gXMLToolingVersionStr = XMLTOOLING_VERSIONSTR; +XMLTOOL_API const char* const gXMLToolingFullVersionStr = XMLTOOLING_FULLVERSIONSTR; +XMLTOOL_API const char* const gXMLToolingDotVersionStr = XMLTOOLING_FULLVERSIONDOT; +XMLTOOL_API const unsigned int gXMLToolingMajVersion = XMLTOOLING_VERSION_MAJOR; +XMLTOOL_API const unsigned int gXMLToolingMinVersion = XMLTOOLING_VERSION_MINOR; +XMLTOOL_API const unsigned int gXMLToolingRevision = XMLTOOLING_VERSION_REVISION; diff --git a/xmltooling/version.h b/xmltooling/version.h index d7d00e3..6261811 100644 --- a/xmltooling/version.h +++ b/xmltooling/version.h @@ -1,18 +1,21 @@ -/* - * Licensed to UCAID under one or more contributor license agreements. - * See the NOTICE file distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may not use this - * file except in compliance with the License. You may obtain a copy of the +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** diff --git a/xmltooling/xmltooling.vcxproj b/xmltooling/xmltooling.vcxproj index 9f352f9..b508703 100644 --- a/xmltooling/xmltooling.vcxproj +++ b/xmltooling/xmltooling.vcxproj @@ -190,6 +190,7 @@ + @@ -230,6 +231,7 @@ + @@ -263,6 +265,9 @@ + + + diff --git a/xmltooling/xmltooling.vcxproj.filters b/xmltooling/xmltooling.vcxproj.filters index 987c007..99d1289 100644 --- a/xmltooling/xmltooling.vcxproj.filters +++ b/xmltooling/xmltooling.vcxproj.filters @@ -219,6 +219,9 @@ Source Files\security\impl + + Source Files\security\impl + Source Files\security\impl @@ -261,6 +264,9 @@ Source Files + + Source Files\security\impl + @@ -500,6 +506,15 @@ Header Files\soap + + Header Files\security + + + Header Files\security + + + Header Files\security + diff --git a/xmltoolingtest/ComplexXMLObjectTest.h b/xmltoolingtest/ComplexXMLObjectTest.h index 8068e3b..351289d 100644 --- a/xmltoolingtest/ComplexXMLObjectTest.h +++ b/xmltoolingtest/ComplexXMLObjectTest.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ #include "XMLObjectBaseTestCase.h" diff --git a/xmltoolingtest/DateTimeTest.h b/xmltoolingtest/DateTimeTest.h index a0eb255..70196ae 100644 --- a/xmltoolingtest/DateTimeTest.h +++ b/xmltoolingtest/DateTimeTest.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2007 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ #include "XMLObjectBaseTestCase.h" diff --git a/xmltoolingtest/EncryptionTest.h b/xmltoolingtest/EncryptionTest.h index 6573d4c..e93d1cf 100644 --- a/xmltoolingtest/EncryptionTest.h +++ b/xmltoolingtest/EncryptionTest.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ #include "XMLObjectBaseTestCase.h" diff --git a/xmltoolingtest/ExceptionTest.h b/xmltoolingtest/ExceptionTest.h index 8b0f1bb..a3bd6ae 100644 --- a/xmltoolingtest/ExceptionTest.h +++ b/xmltoolingtest/ExceptionTest.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2007 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ #include "XMLObjectBaseTestCase.h" diff --git a/xmltoolingtest/FilesystemCredentialResolverTest.h b/xmltoolingtest/FilesystemCredentialResolverTest.h index 7eb6949..66f07e4 100644 --- a/xmltoolingtest/FilesystemCredentialResolverTest.h +++ b/xmltoolingtest/FilesystemCredentialResolverTest.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ #include "XMLObjectBaseTestCase.h" diff --git a/xmltoolingtest/InlineKeyResolverTest.h b/xmltoolingtest/InlineKeyResolverTest.h index d8e88d2..a499d6a 100644 --- a/xmltoolingtest/InlineKeyResolverTest.h +++ b/xmltoolingtest/InlineKeyResolverTest.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ #include "XMLObjectBaseTestCase.h" diff --git a/xmltoolingtest/KeyInfoTest.h b/xmltoolingtest/KeyInfoTest.h index 26b8579..f5cb63e 100644 --- a/xmltoolingtest/KeyInfoTest.h +++ b/xmltoolingtest/KeyInfoTest.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ #include "XMLObjectBaseTestCase.h" diff --git a/xmltoolingtest/Makefile.am b/xmltoolingtest/Makefile.am index a60d78a..9ad2b45 100644 --- a/xmltoolingtest/Makefile.am +++ b/xmltoolingtest/Makefile.am @@ -23,6 +23,7 @@ xmlsec_sources = \ FilesystemCredentialResolverTest.h \ InlineKeyResolverTest.h \ MemoryStorageServiceTest.h \ + PKIXEngineTest.h \ SecurityHelperTest.h \ SignatureTest.h else @@ -43,14 +44,18 @@ xmltoolingtest_h = \ ${xmlsec_sources} noinst_HEADERS = \ - XMLObjectBaseTestCase.h + XMLObjectBaseTestCase.h \ + $(xmltoolingtest_h) nodist_xmltoolingtest_SOURCES = $(xmltoolingtest_h:.h=.cpp) +if BUILD_UNITTEST +BUILT_SOURCES = $(nodist_xmltoolingtest_SOURCES) CLEANFILES = $(nodist_xmltoolingtest_SOURCES) +endif do-cxxtestgen: - if test $(HFILE) = "xmltoolingtest.h"; then \ + if test "$(CPPFILE)" = "xmltoolingtest.cpp"; then \ $(CXXTEST) --error-printer --have-eh --have-std --abort-on-fail -o $(CPPFILE) $(HFILE); \ else \ $(CXXTEST) --part --have-eh --have-std --abort-on-fail -o $(CPPFILE) $(HFILE); \ @@ -59,4 +64,4 @@ do-cxxtestgen: $(nodist_xmltoolingtest_SOURCES): %.cpp: %.h $(MAKE) do-cxxtestgen HFILE=$< CPPFILE=$@ -EXTRA_DIST = xmltoolingtest.vcxproj xmltoolingtest.vcxproj.filters $(xmltoolingtest_h) data +EXTRA_DIST = xmltoolingtest.vcxproj xmltoolingtest.vcxproj.filters data diff --git a/xmltoolingtest/MarshallingTest.h b/xmltoolingtest/MarshallingTest.h index 1981093..a5ee426 100644 --- a/xmltoolingtest/MarshallingTest.h +++ b/xmltoolingtest/MarshallingTest.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ #include "XMLObjectBaseTestCase.h" diff --git a/xmltoolingtest/MemoryStorageServiceTest.h b/xmltoolingtest/MemoryStorageServiceTest.h index 509ac6d..6c9608d 100644 --- a/xmltoolingtest/MemoryStorageServiceTest.h +++ b/xmltoolingtest/MemoryStorageServiceTest.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ #include "XMLObjectBaseTestCase.h" diff --git a/xmltoolingtest/NonVisibleNamespaceTest.h b/xmltoolingtest/NonVisibleNamespaceTest.h index e50fdf3..ec7d7a3 100644 --- a/xmltoolingtest/NonVisibleNamespaceTest.h +++ b/xmltoolingtest/NonVisibleNamespaceTest.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ #include "XMLObjectBaseTestCase.h" diff --git a/xmltoolingtest/PKIXEngineTest.h b/xmltoolingtest/PKIXEngineTest.h new file mode 100644 index 0000000..11fb21b --- /dev/null +++ b/xmltoolingtest/PKIXEngineTest.h @@ -0,0 +1,133 @@ +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. + */ + +#include "XMLObjectBaseTestCase.h" + +#include +#include +#include + +#include +#include +#include + +class PKIXEngineTest : public CxxTest::TestSuite { + + X509TrustEngine* buildTrustEngine(const char* filename) { + string config = data_path + "x509/" + filename + ".xml"; + ifstream in(config.c_str()); + DOMDocument* doc=XMLToolingConfig::getConfig().getParser().parse(in); + XercesJanitor janitor(doc); + return dynamic_cast( + XMLToolingConfig::getConfig().TrustEngineManager.newPlugin( + STATIC_PKIX_TRUSTENGINE, doc->getDocumentElement() + ) + ); + } + + CredentialResolver* m_dummy; + ChainingTrustEngine* m_chain; + XSECCryptoX509* m_ee; // end entity + XSECCryptoX509* m_int1; // any policy + XSECCryptoX509* m_int2; // explicit policy + XSECCryptoX509* m_int3; // policy mapping + +public: + void setUp() { + m_dummy = XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin(DUMMY_CREDENTIAL_RESOLVER, nullptr); + m_chain = dynamic_cast(XMLToolingConfig::getConfig().TrustEngineManager.newPlugin(CHAINING_TRUSTENGINE, nullptr)); + + m_ee = m_int1 = m_int2 = m_int3 = nullptr; + vector certs; + string pathname = data_path + "x509/mdt-signer.crt.pem"; + SecurityHelper::loadCertificatesFromFile(certs, pathname.c_str()); + pathname = data_path + "x509/mdt-ica.1.crt.pem"; + SecurityHelper::loadCertificatesFromFile(certs, pathname.c_str()); + pathname = data_path + "x509/mdt-ica.2.crt.pem"; + SecurityHelper::loadCertificatesFromFile(certs, pathname.c_str()); + pathname = data_path + "x509/mdt-ica.3.crt.pem"; + SecurityHelper::loadCertificatesFromFile(certs, pathname.c_str()); + m_ee = certs[0]; + m_int1 = certs[1]; + m_int2 = certs[2]; + m_int3 = certs[3]; + } + + void tearDown() { + delete m_chain; + delete m_dummy; + delete m_ee; + delete m_int1; + delete m_int2; + delete m_int3; + } + + + void testAnyPolicy() { + TrustEngine* trust = buildTrustEngine("AnyPolicy"); + m_chain->addTrustEngine(trust); + + vector untrusted(1, m_int1); + TSM_ASSERT("PKIX validation failed", m_chain->validate(m_ee, untrusted, *m_dummy)); + + TSM_ASSERT_EQUALS("Trust engine removal failed", m_chain->removeTrustEngine(trust), trust); + delete trust; + } + + void testExplicitPolicy() { + TrustEngine* trust = buildTrustEngine("ExplicitPolicy"); + m_chain->addTrustEngine(trust); + + vector untrusted(1, m_int1); + TSM_ASSERT("PKIX validation succeeded despite anyPolicyInhibit", !m_chain->validate(m_ee, untrusted, *m_dummy)); + + untrusted[0] = m_int2; + TSM_ASSERT("PKIX validation failed", m_chain->validate(m_ee, untrusted, *m_dummy)); + + untrusted[0] = m_int3; + TSM_ASSERT("PKIX validation failed", m_chain->validate(m_ee, untrusted, *m_dummy)); + + TSM_ASSERT_EQUALS("Trust engine removal failed", m_chain->removeTrustEngine(trust), trust); + delete trust; + } + + void testExplicitPolicyMap() { + TrustEngine* trust = buildTrustEngine("ExplicitPolicyMap"); + m_chain->addTrustEngine(trust); + + vector untrusted(1, m_int3); + TSM_ASSERT("PKIX validation failed", m_chain->validate(m_ee, untrusted, *m_dummy)); + + TSM_ASSERT_EQUALS("Trust engine removal failed", m_chain->removeTrustEngine(trust), trust); + delete trust; + } + + void testExplicitPolicyNoMap() { + TrustEngine* trust = buildTrustEngine("ExplicitPolicyNoMap"); + m_chain->addTrustEngine(trust); + + vector untrusted(1, m_int3); + TSM_ASSERT("PKIX validation succeeded despite policyMappingInhibit", !m_chain->validate(m_ee, untrusted, *m_dummy)); + + TSM_ASSERT_EQUALS("Trust engine removal failed", m_chain->removeTrustEngine(trust), trust); + delete trust; + } + +}; diff --git a/xmltoolingtest/SOAPTest.h b/xmltoolingtest/SOAPTest.h index 0a064f1..a7ed68a 100644 --- a/xmltoolingtest/SOAPTest.h +++ b/xmltoolingtest/SOAPTest.h @@ -1,18 +1,21 @@ -/* - * Licensed to Internet2 under one or more contributor license agreements. - * See the NOTICE file distributed with this work for additional information - * regarding copyright ownership. Internet2 licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may not use this - * file except in compliance with the License. You may obtain a copy of the - * License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ #include "XMLObjectBaseTestCase.h" diff --git a/xmltoolingtest/SecurityHelperTest.h b/xmltoolingtest/SecurityHelperTest.h index 1f43779..545ca48 100644 --- a/xmltoolingtest/SecurityHelperTest.h +++ b/xmltoolingtest/SecurityHelperTest.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ #include "XMLObjectBaseTestCase.h" diff --git a/xmltoolingtest/SignatureTest.h b/xmltoolingtest/SignatureTest.h index 4e4f232..60a639b 100644 --- a/xmltoolingtest/SignatureTest.h +++ b/xmltoolingtest/SignatureTest.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ #include "XMLObjectBaseTestCase.h" diff --git a/xmltoolingtest/TemplateEngineTest.h b/xmltoolingtest/TemplateEngineTest.h index 919a025..9d8f76b 100644 --- a/xmltoolingtest/TemplateEngineTest.h +++ b/xmltoolingtest/TemplateEngineTest.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ #include "XMLObjectBaseTestCase.h" diff --git a/xmltoolingtest/UnmarshallingTest.h b/xmltoolingtest/UnmarshallingTest.h index b29eea7..a7c6816 100644 --- a/xmltoolingtest/UnmarshallingTest.h +++ b/xmltoolingtest/UnmarshallingTest.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ #include "XMLObjectBaseTestCase.h" diff --git a/xmltoolingtest/XMLObjectBaseTestCase.h b/xmltoolingtest/XMLObjectBaseTestCase.h index f6d6f1e..c51a4ff 100644 --- a/xmltoolingtest/XMLObjectBaseTestCase.h +++ b/xmltoolingtest/XMLObjectBaseTestCase.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ #include diff --git a/xmltoolingtest/data/x509/AnyPolicy.xml b/xmltoolingtest/data/x509/AnyPolicy.xml new file mode 100644 index 0000000..88cbc78 --- /dev/null +++ b/xmltoolingtest/data/x509/AnyPolicy.xml @@ -0,0 +1,4 @@ + + Snakeoil Metadata Signer + 1.3.6.1.4.1.32473.2011.6.20 + diff --git a/xmltoolingtest/data/x509/ExplicitPolicy.xml b/xmltoolingtest/data/x509/ExplicitPolicy.xml new file mode 100644 index 0000000..549b808 --- /dev/null +++ b/xmltoolingtest/data/x509/ExplicitPolicy.xml @@ -0,0 +1,4 @@ + + Snakeoil Metadata Signer + 1.3.6.1.4.1.32473.2011.6.20 + diff --git a/xmltoolingtest/data/x509/ExplicitPolicyMap.xml b/xmltoolingtest/data/x509/ExplicitPolicyMap.xml new file mode 100644 index 0000000..2a47d30 --- /dev/null +++ b/xmltoolingtest/data/x509/ExplicitPolicyMap.xml @@ -0,0 +1,4 @@ + + Snakeoil Metadata Signer + 1.3.6.1.4.1.32473.2011.6.21 + diff --git a/xmltoolingtest/data/x509/ExplicitPolicyNoMap.xml b/xmltoolingtest/data/x509/ExplicitPolicyNoMap.xml new file mode 100644 index 0000000..5d2174b --- /dev/null +++ b/xmltoolingtest/data/x509/ExplicitPolicyNoMap.xml @@ -0,0 +1,4 @@ + + Snakeoil Metadata Signer + 1.3.6.1.4.1.32473.2011.6.21 + diff --git a/xmltoolingtest/data/x509/mdt-ica.1.crt.pem b/xmltoolingtest/data/x509/mdt-ica.1.crt.pem new file mode 100644 index 0000000..dc3dc9d --- /dev/null +++ b/xmltoolingtest/data/x509/mdt-ica.1.crt.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDRjCCAi6gAwIBAgIUSnakeoilMetadataIssuingCA1wwDQYJKoZIhvcNAQEF +BQAwGzEZMBcGA1UEAxMQU25ha2VvaWwgUm9vdCBDQTAeFw0xMTA2MjAwMDAwMDBa +Fw0zODAxMTkwMzE0MDhaMCcxJTAjBgNVBAMTHFNuYWtlb2lsIE1ldGFkYXRhIElz +c3VpbmcgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6DFQZPSPr +yTWmV+i0UFl9d9AOGjH6nHTU35faoOh0alsLKJAxCRlU3WT+EySFOpYoOwNLWtid +M8Fvxz0/cXtXQ6ivGKWEFtvzVock6jtRz/yUd6Oo/qo/TKlyrO+CtNxAexCgshLj +xXkeyOv1JtSIvsCQ19dnGwOaSS7sWmPsUEEiJ24Iby2A+BtubQbAWI4M1gb+bbhi +OVRA2f8Km2qqM2ijsEqfzYZbDFd1xoULR+iglagvtK4xfjZ+k/Qorax/MSSKg0cf +nHz2LKMRMqXvKVPK6M9xCgqZxYwogUSlAXBc0vpP8FUU6B3minhpbAlrxXL9Frsz +asEFaMQLsHiBAgMBAAGjdjB0MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD +AgEGMB0GA1UdDgQWBBQET29bgHGiIaw/RdgWWTALQ2PH4DAfBgNVHSMEGDAWgBQz +2TQJ+Wbq9e8hujPnpCUJO79r6DARBgNVHSAECjAIMAYGBFUdIAAwDQYJKoZIhvcN +AQEFBQADggEBACN6yB+JUZHNgkA9aSe4EDxgrpBrmG9SmZSiZmwYVXykWiw5m1OB +3wLvtqusFxK1ohegKGzu36yGBCGv5q4mumbI8ejTrJ0n2qSyfgLZrqVb46CO2s6p +5xKZZcVSAZD8xno9RiSDZrYucsOxxlDwjVeJkw+6sEJeWNMvN3NEzd7xZC1qilQl +VJZQUmY5pzu2qxaGrmJrIWr8yxcKjbmzG3UvHPpv1NxR3F69sTz4e+dGZYclASIR +2nwHLRuU/LH0oNrMy8+s5d9a5jg5u0Ew9pXdlpguQERNT5lJJ1z9S1Z7KQEX0rFt +peZZ8oY/LKHVbU3ykmSnh5n3VgB6FxBgdfM= +-----END CERTIFICATE----- diff --git a/xmltoolingtest/data/x509/mdt-ica.2.crt.pem b/xmltoolingtest/data/x509/mdt-ica.2.crt.pem new file mode 100644 index 0000000..8ccb4af --- /dev/null +++ b/xmltoolingtest/data/x509/mdt-ica.2.crt.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDTjCCAjagAwIBAgIUSnakeoilMetadataIssuingCA2wwDQYJKoZIhvcNAQEF +BQAwGzEZMBcGA1UEAxMQU25ha2VvaWwgUm9vdCBDQTAeFw0xMTA2MjAwMDAwMDBa +Fw0zODAxMTkwMzE0MDhaMCcxJTAjBgNVBAMTHFNuYWtlb2lsIE1ldGFkYXRhIElz +c3VpbmcgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6DFQZPSPr +yTWmV+i0UFl9d9AOGjH6nHTU35faoOh0alsLKJAxCRlU3WT+EySFOpYoOwNLWtid +M8Fvxz0/cXtXQ6ivGKWEFtvzVock6jtRz/yUd6Oo/qo/TKlyrO+CtNxAexCgshLj +xXkeyOv1JtSIvsCQ19dnGwOaSS7sWmPsUEEiJ24Iby2A+BtubQbAWI4M1gb+bbhi +OVRA2f8Km2qqM2ijsEqfzYZbDFd1xoULR+iglagvtK4xfjZ+k/Qorax/MSSKg0cf +nHz2LKMRMqXvKVPK6M9xCgqZxYwogUSlAXBc0vpP8FUU6B3minhpbAlrxXL9Frsz +asEFaMQLsHiBAgMBAAGjfjB8MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD +AgEGMB0GA1UdDgQWBBQET29bgHGiIaw/RdgWWTALQ2PH4DAfBgNVHSMEGDAWgBQz +2TQJ+Wbq9e8hujPnpCUJO79r6DAZBgNVHSAEEjAQMA4GDCsGAQQBgf1Zj1sGFDAN +BgkqhkiG9w0BAQUFAAOCAQEACfLO1Mfw6/QHH7PVwGOUWgLYr87x5tRuFMoG8IAr +HU02fF+0hEAQdw113Z8LZjuKWH3jZhLpGt3kkEDiGcbRxSjru/fYz6IhRExMnZAA +udM8V7LCBmdoZJRUWKF0pXYooVRHuVkYt4VTzhoq1uvdN1VheKLTDzhkp+NMj3Zb +Yc90ifQViWGWx2Aia9HzSo1oj4iu2M2RUblGbuUAola7i2kjCmZJBHTzqNbwf0FM +2syAHqQdXUmqpm4R3ex9EKSIjOHuaafUWDEi2y4i3ZD3lzMKlRIlpgz69drBLPBF +CFBlnENG5Hfkc44XerMTp0b4+Ch6PEUGtZOepyNkkGS/iA== +-----END CERTIFICATE----- diff --git a/xmltoolingtest/data/x509/mdt-ica.3.crt.pem b/xmltoolingtest/data/x509/mdt-ica.3.crt.pem new file mode 100644 index 0000000..2ca9ada --- /dev/null +++ b/xmltoolingtest/data/x509/mdt-ica.3.crt.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDiTCCAnGgAwIBAgIUSnakeoilMetadataIssuingCA3wwDQYJKoZIhvcNAQEF +BQAwGzEZMBcGA1UEAxMQU25ha2VvaWwgUm9vdCBDQTAeFw0xMTA2MjAwMDAwMDBa +Fw0zODAxMTkwMzE0MDhaMCcxJTAjBgNVBAMTHFNuYWtlb2lsIE1ldGFkYXRhIElz +c3VpbmcgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6DFQZPSPr +yTWmV+i0UFl9d9AOGjH6nHTU35faoOh0alsLKJAxCRlU3WT+EySFOpYoOwNLWtid +M8Fvxz0/cXtXQ6ivGKWEFtvzVock6jtRz/yUd6Oo/qo/TKlyrO+CtNxAexCgshLj +xXkeyOv1JtSIvsCQ19dnGwOaSS7sWmPsUEEiJ24Iby2A+BtubQbAWI4M1gb+bbhi +OVRA2f8Km2qqM2ijsEqfzYZbDFd1xoULR+iglagvtK4xfjZ+k/Qorax/MSSKg0cf +nHz2LKMRMqXvKVPK6M9xCgqZxYwogUSlAXBc0vpP8FUU6B3minhpbAlrxXL9Frsz +asEFaMQLsHiBAgMBAAGjgbgwgbUwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E +BAMCAQYwHQYDVR0OBBYEFARPb1uAcaIhrD9F2BZZMAtDY8fgMB8GA1UdIwQYMBaA +FDPZNAn5Zur17yG6M+ekJQk7v2voMCkGA1UdIAQiMCAwDgYMKwYBBAGB/VmPWwYU +MA4GDCsGAQQBgf1Zj1sGFTAnBgNVHSEEIDAeMBwGDCsGAQQBgf1Zj1sGFQYMKwYB +BAGB/VmPWwYUMA0GCSqGSIb3DQEBBQUAA4IBAQCv0yZiKSpIYcSNWQbAi0Rbh8oj +AGQZafYQWlMahy0ulw8FrFx4VFw8cEQsoFGwoyl4r8WQQ3swIjPVqvyQCwvn6mDi +t2vrMwcPTzVy3ToHyK50qXQ0eoqlOM+NVWygs5oPhqAQDBPBrQKRr9CN9VdaByBv +tXDS3zQCi/10E3tCL/YGjDG5s9rSAUkbEk5USZDJ5BSu0cmj85ykEyx5TqpUwEVs +H99BVU8a80oPf+mpI3gE6hZwK+l9dMElHIqygS4JT1FZUUZ95hzBzZLCj6mjq7R/ +hHuqtUqMd9myRdAe/9pOTGikDr7JYeZblzcqRvl5PCiYXYAnDyv1lIOKKbDb +-----END CERTIFICATE----- diff --git a/xmltoolingtest/data/x509/mdt-root.crt.pem b/xmltoolingtest/data/x509/mdt-root.crt.pem new file mode 100644 index 0000000..81c4e06 --- /dev/null +++ b/xmltoolingtest/data/x509/mdt-root.crt.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIC/TCCAeWgAwIBAgILSnakeoilRootCA0wDQYJKoZIhvcNAQEFBQAwGzEZMBcG +A1UEAxMQU25ha2VvaWwgUm9vdCBDQTAeFw0xMTA2MjAwMDAwMDBaFw0zODAxMTkw +MzE0MDhaMBsxGTAXBgNVBAMTEFNuYWtlb2lsIFJvb3QgQ0EwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQDthRs8czq6e7n74lDBJqe1Qpd51jO6NjHcHQZJ +cZgW7II+EY7MJ5+kDDFoTo0v2O3J2rI5DojH6mhcT4BX/NUDVtwu2PgQNlHtLfBk +sT4FHSritu78Q7Y1r+XlcawAIcbTtF2jnDCumyZUT/wMjdyM8ACchmKssQks2NXB +f2bhHfZfsVaO7aO6qwA9q3Lpm8VxjmGLfCuKrM1PDEMLzAKWGpRgtUm+LKW++11T +PZxP0z8X02j01qOXTDhDCP84HY0jWMk6P4H5DH/z0JIIaEG2Ph+SpMAuIs5YmDs8 +xBgtgAqsXjSJoCPnECTH6m2/SEqINyJuuWHd1XuoKAOOhq1RAgMBAAGjQjBAMA8G +A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQz2TQJ+Wbq +9e8hujPnpCUJO79r6DANBgkqhkiG9w0BAQUFAAOCAQEADV3g7LGZGFiK5MYPAzRP +GBuhJKoYN8+6UVvt0WLSNC/MNWtLpF74r54CD5OGVFua7c8aIDEPKGXuyKGgz9r6 +WLPTjtZjBg0E3TZu9Pwpta+dC0kVF7ossDxXHPOHiDMFZ60EVI7dZR2NboFDirL9 +jHCvwlKLP8NWjB17aw7m0SM3g8krVj2Cxxdc99CmfYKsvWpvI06sP2O69K06Modi +5aQZ37EJEpp8x/lFaRubAymWrM6azpRz9av1BbeFgVAP16yWGV1wl8HMhu69ULL4 +tmlA85snFNnlVZ6rI6goJhcc0yeurCQIpCKTwRnpcLDBo74lSjyOXMo0ppsDl7Jy +DA== +-----END CERTIFICATE----- diff --git a/xmltoolingtest/data/x509/mdt-signer.crt.pem b/xmltoolingtest/data/x509/mdt-signer.crt.pem new file mode 100644 index 0000000..ff1bb56 --- /dev/null +++ b/xmltoolingtest/data/x509/mdt-signer.crt.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQjCCAiqgAwIBAgIRSnakeoilMetadataSignerAwDQYJKoZIhvcNAQEFBQAw +JzElMCMGA1UEAxMcU25ha2VvaWwgTWV0YWRhdGEgSXNzdWluZyBDQTAeFw0xMTA2 +MjAwMDAwMDBaFw0zODAxMTkwMzE0MDhaMCMxITAfBgNVBAMTGFNuYWtlb2lsIE1l +dGFkYXRhIFNpZ25lcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALOx +RpswhModNQdyDyFG7SISavkJCSi77OaBM/M6ZvqW+bg2BE1Ituzi8fnhDnV4HB2z +hsKWK0FGoeHuuDVHJDJLQzPIadZMIJE7BzXb1Vy6PdAmMvb4fgqV7WAUfidKf15M +Y9zMYLknnkb792or1I49SdJpTxpiFeju+wzauGC5g5DdXJfaBSBFnmQCIaPZpx2e +VKK5XDWgw/6QYC1XQuHSHluEB4JwsDyz2BrtYpUKrw0d7Bef+cYbEjOYtuvgZPEn +8mGirZxaztB7IYOqaTOvyMwtu8cH/N5d2xAZAzlrY9ODOZBCglqKoeOkhAnqvDaz +AxjmiFgYLbWxPKUIH1UCAwEAAaNtMGswDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQW +BBS6UY1qJSWaNYsl/AMTl7jLqkQbmDAfBgNVHSMEGDAWgBQET29bgHGiIaw/RdgW +WTALQ2PH4DAZBgNVHSAEEjAQMA4GDCsGAQQBgf1Zj1sGFDANBgkqhkiG9w0BAQUF +AAOCAQEAO2e6CJK0fhzF6MFMAt7rjYt+Y/AuOP4VD14uCVG4TEGQ7aNsvaFGwbQ9 +Pnc/wxdh2tLp4ZU5N0oFKZeeHDoYNXsjBWKXEhtegQndKm56EpN0YjlLGqeeY5de +D0qoQnXHl5SZhoXUCh09yLK4sNctJm1Fz74KzStg/nQK4E/QbvVXQduWv8hdKEMG +mLNb01y5xXqXCMIKKZj4wtTOwXhTOmGo8oJbz9OKy/PkhF1M+V/BzwZizhpV6imO +2EBL59C8fkkT416J5kYx+FgGEV0vU8wCyE8mkg1/Hi6VnU2ZTYJgM2TW0rjkKNRw +fWwwrfK4x3a8hkKaLZmTgHnGL6J2VA== +-----END CERTIFICATE----- diff --git a/xmltoolingtest/data/x509/mdt-signer.key b/xmltoolingtest/data/x509/mdt-signer.key new file mode 100644 index 0000000..4b8e466 --- /dev/null +++ b/xmltoolingtest/data/x509/mdt-signer.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAs7FGmzCEyh01B3IPIUbtIhJq+QkJKLvs5oEz8zpm+pb5uDYE +TUi27OLx+eEOdXgcHbOGwpYrQUah4e64NUckMktDM8hp1kwgkTsHNdvVXLo90CYy +9vh+CpXtYBR+J0p/Xkxj3MxguSeeRvv3aivUjj1J0mlPGmIV6O77DNq4YLmDkN1c +l9oFIEWeZAIho9mnHZ5UorlcNaDD/pBgLVdC4dIeW4QHgnCwPLPYGu1ilQqvDR3s +F5/5xhsSM5i26+Bk8SfyYaKtnFrO0Hshg6ppM6/IzC27xwf83l3bEBkDOWtj04M5 +kEKCWoqh46SECeq8NrMDGOaIWBgttbE8pQgfVQIDAQABAoIBABdds/q2Im5NwfmH +4WPIX0mQ74wWmrRLS5DluCWmsIFhZHOJwqFyFSdUk3aUx1aLGcza7WkcMd+5GY/R +hO6Yo6JOmxx+sRSGra106YkdXu9B4IvSi8oFog4qVMWrpIPjchCHCm1JvkIVXsWI +OjH6JReh7JmJzBl4K7UwbkDLqDIbdZdTgmCWndAXSGJKRS1XNC/S35A1UWg3zW3T +uS60skBI1L5JH051ioSXJ5ngr4/wS86Q+QpXZiScvGZt0gYu1xo0OzjdUk3m1gk7 +Adf7278QC5WGfVGDFVXc7GtoZVD+fHI8JLY/Gw6g00tpSJ2l7FTX9JZwATB5u+Rl +2ymHlwECgYEA5CiyCP7yeAq/LRCTQXPzE++Os21wa3+DsWcl2lZeX0HPnEOBd94/ +R+9Bf/A8FdxUzT/6kjqOB3Lq1ouTyNu/OQmTgBSTuYR5sOkL6uMSDTsYYG+zfvqZ +dhHQUry+b5THj0Pidgt3vbgu6NQ0gq7aIzhec6WbZzHR4os+hJXqjPUCgYEAyZ6R +h/vi2lNQegzhOTyvrRqA1qWMLl4AEI9UrvtDmYRmkfs8Xr++gWl0JBtNtEfDxKL/ +rOoYHsieNW7gcqi0zxwrcbo1AkuiRnS19IKBDnDB3Vl4pms15+ttFLjdOoDHO+/M +SwwJgye9LLTwoqRYkucCv67BMo7n5a/klVnzzOECgYB5lWYqfRHg/nkaHrcaLhvf +B83Xt/4sius24my9iUEJKhzkfOTFZ935C3qwHukmDR/zsKBqxGFjfs2+PusmIlQo +pP3BRzXhqsLej5IWPaMlAdTfrybMB+c3kA6fyI0DERm3Msm/diT9KOV2lX7WFS+R +jTxoDFxgBaB/RQyvwuQW8QKBgHZb8SE8PINgj4jm0LzyJEthmKrpim6Z3j3adqM2 +fAu+Txx5uYoB1EtSZczgfnBMBOAFtESFNF219jJ2Aast4N8IsXRVFNNhJUVpNHvy +tOKOTTCtWoePvpiEe4fDspOqj8tezbZsvZTSGlsJaY6BHkI2/UUbyOzuObJ73JvU +r6vhAoGBAKAb4tG2mJYi9FeYxaMKjkPx+/HAysYlCrMK8ZJyqk2ATzC0N+b6t88+ +dSXlcLwuI/iVXRAHXqU7m/Va8hQ0s1glUOtnQj13jOlElID2Lw7W7Ar3B1SxPLba +3LgndcfbhNpdZjjrQC+i+c6DPiNDNEWUDJujEk0Ge+QyFV9UnPxJ +-----END RSA PRIVATE KEY----- diff --git a/xmltoolingtest/xmltoolingtest.h b/xmltoolingtest/xmltoolingtest.h index 49f73e3..c67423b 100644 --- a/xmltoolingtest/xmltoolingtest.h +++ b/xmltoolingtest/xmltoolingtest.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * http://www.apache.org/licenses/LICENSE-2.0 + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ #include "XMLObjectBaseTestCase.h" @@ -37,11 +41,15 @@ public: if (!XMLToolingConfig::getConfig().init()) return false; + if (!XMLToolingConfig::getConfig().init()) // should be a no-op + return false; return true; } bool tearDownWorld() { + XMLToolingConfig::getConfig().term(); // should be a no-op XMLToolingConfig::getConfig().term(); + XMLToolingConfig::getConfig().term(); // shouldn't break anything #if defined(_MSC_VER ) && defined(XMLTOOLINGTEST_LEAKCHECK) _CrtSetReportMode( _CRT_WARN, _CRTDBG_MODE_FILE ); _CrtSetReportFile( _CRT_WARN, _CRTDBG_FILE_STDOUT ); diff --git a/xmltoolingtest/xmltoolingtest.vcxproj b/xmltoolingtest/xmltoolingtest.vcxproj index bc455d3..7957fb0 100644 --- a/xmltoolingtest/xmltoolingtest.vcxproj +++ b/xmltoolingtest/xmltoolingtest.vcxproj @@ -1,4 +1,4 @@ - + @@ -21,6 +21,7 @@ {3E34CDCC-FCBA-490D-A165-1CB6F4559799} xmltoolingtest + ..\..\..\..\cxxtest\ Win32Proj @@ -174,6 +175,7 @@ + @@ -183,224 +185,236 @@ - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + %(Filename).cpp;%(Outputs) + %(Filename).cpp;%(Outputs) + + + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + + %(Filename).cpp;%(Outputs) + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + + %(Filename).cpp;%(Outputs) + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --error-printer --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --error-printer --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --error-printer --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --error-printer --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --error-printer --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --error-printer --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) - perl.exe -w ..\..\..\..\cxxtest\cxxtestgen.pl --error-printer --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" + perl.exe -w $(CxxTestRoot)\cxxtestgen.pl --error-printer --have-eh --have-std --abort-on-fail -o "%(Filename)".cpp "%(FullPath)" %(Filename).cpp;%(Outputs) @@ -418,4 +432,4 @@ - \ No newline at end of file + diff --git a/xmltoolingtest/xmltoolingtest.vcxproj.filters b/xmltoolingtest/xmltoolingtest.vcxproj.filters index 4b0094b..cc2f1cf 100644 --- a/xmltoolingtest/xmltoolingtest.vcxproj.filters +++ b/xmltoolingtest/xmltoolingtest.vcxproj.filters @@ -41,6 +41,9 @@ Generated Code + + Generated Code + Generated Code @@ -99,6 +102,9 @@ Unit Tests + + Unit Tests + Unit Tests