From: Scott Cantor Date: Sun, 25 Jul 2010 22:23:51 +0000 (+0000) Subject: Switch plugin ctors to shortcut methods, and default the Listener in config. X-Git-Tag: 2.4RC1~96 X-Git-Url: http://www.project-moonshot.org/gitweb/?p=shibboleth%2Fcpp-sp.git;a=commitdiff_plain;h=44efbaf72f94cbaa256fb044aa2a10d47736721b Switch plugin ctors to shortcut methods, and default the Listener in config. --- diff --git a/.gitignore b/.gitignore index a1bf387..7c3149d 100644 --- a/.gitignore +++ b/.gitignore @@ -44,3 +44,4 @@ /*.gz /*.sdf /*.opensdf +/ipch diff --git a/configs/shibboleth2.xml b/configs/shibboleth2.xml index f64d1a4..39eee7d 100644 --- a/configs/shibboleth2.xml +++ b/configs/shibboleth2.xml @@ -33,10 +33,6 @@ --> - - - - diff --git a/msi/scripts/shib_edit_config_files.vbs b/msi/scripts/shib_edit_config_files.vbs index d9d3816..87ffc2d 100644 --- a/msi/scripts/shib_edit_config_files.vbs +++ b/msi/scripts/shib_edit_config_files.vbs @@ -117,15 +117,12 @@ if (Err = 0) then End If FileSystemObj.MoveFile ConfigFile, DistDir & "apache22.config" - ConfigFile = DistDir & "shibboleth2.xml" - ReplaceInFile ConfigFile, " ", "" - ReplaceInFile ConfigFile, "", "" + 'Now just copy the other non-edited files over as well (if possible) + If (NOT FileSystemObj.FileExists(ConfigDir & "shibboleth2.xml")) then - FileSystemObj.CopyFile ConfigFile, ConfigDir & "shibboleth2.xml", false + FileSystemObj.CopyFile DistDir & "shibboleth2.xml", ConfigDir, false End If - 'Now just copy the other non-edited files over as well (if possible) - If (NOT FileSystemObj.FileExists(ConfigDir & "accessError.html")) then FileSystemObj.CopyFile DistDir & "accessError.html", ConfigDir, false End If diff --git a/shibsp/attribute/Attribute.cpp b/shibsp/attribute/Attribute.cpp index ceedaef..6a7da4b 100644 --- a/shibsp/attribute/Attribute.cpp +++ b/shibsp/attribute/Attribute.cpp @@ -35,6 +35,7 @@ #include #include +#include using namespace shibsp; using namespace xmltooling; @@ -92,17 +93,10 @@ void shibsp::registerAttributeDecoders() } AttributeDecoder::AttributeDecoder(const DOMElement *e) - : m_caseSensitive(true), m_internal(false), m_hashAlg(e ? e->getAttributeNS(nullptr, hashAlg) : nullptr) + : m_caseSensitive(XMLHelper::getAttrBool(e, true, caseSensitive)), + m_internal(XMLHelper::getAttrBool(e, false, internal)), + m_hashAlg(XMLHelper::getAttrString(e, nullptr, hashAlg)) { - if (e) { - const XMLCh* flag = e->getAttributeNS(nullptr, caseSensitive); - if (flag && (*flag == chLatin_f || *flag == chDigit_0)) - m_caseSensitive = false; - - flag = e->getAttributeNS(nullptr, internal); - if (flag && (*flag == chLatin_t || *flag == chDigit_1)) - m_internal = true; - } } AttributeDecoder::~AttributeDecoder() @@ -115,7 +109,7 @@ Attribute* AttributeDecoder::_decode(Attribute* attr) const attr->setCaseSensitive(m_caseSensitive); attr->setInternal(m_internal); - if (m_hashAlg.get() && *m_hashAlg.get()) { + if (!m_hashAlg.empty()) { // We turn the values into strings using the supplied hash algorithm and return a SimpleAttribute instead. auto_ptr simple(new SimpleAttribute(attr->getAliases())); simple->setCaseSensitive(false); @@ -123,7 +117,7 @@ Attribute* AttributeDecoder::_decode(Attribute* attr) const vector& newdest = simple->getValues(); const vector& serialized = attr->getSerializedValues(); for (vector::const_iterator ser = serialized.begin(); ser != serialized.end(); ++ser) { - newdest.push_back(SecurityHelper::doHash(m_hashAlg.get(), ser->data(), ser->length())); + newdest.push_back(SecurityHelper::doHash(m_hashAlg.c_str(), ser->data(), ser->length())); if (newdest.back().empty()) newdest.pop_back(); } diff --git a/shibsp/attribute/AttributeDecoder.h b/shibsp/attribute/AttributeDecoder.h index c5c9764..24054f2 100644 --- a/shibsp/attribute/AttributeDecoder.h +++ b/shibsp/attribute/AttributeDecoder.h @@ -58,7 +58,7 @@ namespace shibsp { bool m_internal; /** Hash algorithm to apply to decoded values. */ - xmltooling::auto_ptr_char m_hashAlg; + std::string m_hashAlg; /** * Helper method to handle base class decoding housekeeping. diff --git a/shibsp/attribute/DOMAttributeDecoder.cpp b/shibsp/attribute/DOMAttributeDecoder.cpp index 33509e3..7c75c5c 100644 --- a/shibsp/attribute/DOMAttributeDecoder.cpp +++ b/shibsp/attribute/DOMAttributeDecoder.cpp @@ -46,7 +46,7 @@ namespace shibsp { private: DDF convert(DOMElement* e, bool nameit=true) const; - auto_ptr_char m_formatter; + string m_formatter; map,string> m_tagMap; }; @@ -58,15 +58,15 @@ namespace shibsp { static const XMLCh Mapping[] = UNICODE_LITERAL_7(M,a,p,p,i,n,g); static const XMLCh _from[] = UNICODE_LITERAL_4(f,r,o,m); static const XMLCh _to[] = UNICODE_LITERAL_2(t,o); - static const XMLCh formatter[] = UNICODE_LITERAL_9(f,o,r,m,a,t,t,e,r); + static const XMLCh formatter[] =UNICODE_LITERAL_9(f,o,r,m,a,t,t,e,r); }; DOMAttributeDecoder::DOMAttributeDecoder(const DOMElement* e) - : AttributeDecoder(e), m_formatter(e ? e->getAttributeNS(nullptr,formatter) : nullptr) + : AttributeDecoder(e), m_formatter(XMLHelper::getAttrString(e, nullptr, formatter)) { Category& log = Category::getInstance(SHIBSP_LOGCAT".AttributeDecoder.DOM"); - e = e ? XMLHelper::getFirstChildElement(e, Mapping) : nullptr; + e = XMLHelper::getFirstChildElement(e, Mapping); while (e) { if (e->hasAttributeNS(nullptr, _from) && e->hasAttributeNS(nullptr, _to)) { auto_ptr f(XMLHelper::getNodeValueAsQName(e->getAttributeNodeNS(nullptr, _from))); @@ -97,7 +97,7 @@ Attribute* DOMAttributeDecoder::decode( return nullptr; } - auto_ptr attr(new ExtensibleAttribute(ids, m_formatter.get())); + auto_ptr attr(new ExtensibleAttribute(ids, m_formatter.c_str())); DDF dest = attr->getValues(); vector::const_iterator v,stop; diff --git a/shibsp/attribute/KeyInfoAttributeDecoder.cpp b/shibsp/attribute/KeyInfoAttributeDecoder.cpp index c9e966e..96957be 100644 --- a/shibsp/attribute/KeyInfoAttributeDecoder.cpp +++ b/shibsp/attribute/KeyInfoAttributeDecoder.cpp @@ -55,11 +55,8 @@ namespace shibsp { void extract(const KeyInfo* k, vector& dest) const { auto_ptr cred (getKeyInfoResolver()->resolve(k, Credential::RESOLVE_KEYS)); if (cred.get()) { - const char* alg = m_keyInfoHashAlg.get(); - if (!alg || !*alg) - alg = "SHA1"; dest.push_back(string()); - dest.back() = SecurityHelper::getDEREncoding(*cred.get(), m_hash ? alg : nullptr); + dest.back() = SecurityHelper::getDEREncoding(*cred.get(), m_hash ? m_keyInfoHashAlg.c_str() : nullptr); if (dest.back().empty()) dest.pop_back(); } @@ -70,7 +67,7 @@ namespace shibsp { } bool m_hash; - auto_ptr_char m_keyInfoHashAlg; + string m_keyInfoHashAlg; KeyInfoResolver* m_keyInfoResolver; }; @@ -86,19 +83,16 @@ namespace shibsp { }; KeyInfoAttributeDecoder::KeyInfoAttributeDecoder(const DOMElement* e) - : AttributeDecoder(e), - m_hash(false), - m_keyInfoHashAlg(e ? e->getAttributeNS(nullptr, keyInfoHashAlg) : nullptr), - m_keyInfoResolver(nullptr) { - const XMLCh* flag = e ? e->getAttributeNS(nullptr, _hash) : nullptr; - m_hash = (flag && (*flag == chLatin_t || *flag == chDigit_1)); - e = e ? XMLHelper::getFirstChildElement(e,_KeyInfoResolver) : nullptr; + : AttributeDecoder(e), + m_hash(XMLHelper::getAttrBool(e, false, _hash)), + m_keyInfoHashAlg(XMLHelper::getAttrString(e, "SHA1", keyInfoHashAlg)), + m_keyInfoResolver(nullptr) { + e = XMLHelper::getFirstChildElement(e,_KeyInfoResolver); if (e) { - auto_ptr_char t(e->getAttributeNS(nullptr, _type)); - if (t.get() && *t.get()) - m_keyInfoResolver = XMLToolingConfig::getConfig().KeyInfoResolverManager.newPlugin(t.get(), e); - else + string t(XMLHelper::getAttrString(e, nullptr, _type)); + if (t.empty()) throw UnknownExtensionException(" element found with no type attribute"); + m_keyInfoResolver = XMLToolingConfig::getConfig().KeyInfoResolverManager.newPlugin(t.c_str(), e); } } diff --git a/shibsp/attribute/NameIDAttributeDecoder.cpp b/shibsp/attribute/NameIDAttributeDecoder.cpp index f9ff33f..71cce1b 100644 --- a/shibsp/attribute/NameIDAttributeDecoder.cpp +++ b/shibsp/attribute/NameIDAttributeDecoder.cpp @@ -41,10 +41,9 @@ namespace shibsp { { public: NameIDAttributeDecoder(const DOMElement* e) - : AttributeDecoder(e), m_formatter(e ? e->getAttributeNS(nullptr, formatter) : nullptr), m_defaultQualifiers(false) { - const XMLCh* flag = e ? e->getAttributeNS(nullptr, defaultQualifiers) : nullptr; - if (flag && (*flag == chLatin_t || *flag == chDigit_1)) - m_defaultQualifiers = true; + : AttributeDecoder(e), + m_formatter(XMLHelper::getAttrString(e, nullptr, formatter)), + m_defaultQualifiers(XMLHelper::getAttrBool(e, false, defaultQualifiers)) { } ~NameIDAttributeDecoder() {} @@ -59,7 +58,7 @@ namespace shibsp { void extract( const NameIdentifier* n, vector& dest, const char* assertingParty, const char* relyingParty ) const; - auto_ptr_char m_formatter; + string m_formatter; bool m_defaultQualifiers; }; @@ -74,7 +73,7 @@ shibsp::Attribute* NameIDAttributeDecoder::decode( ) const { auto_ptr nameid( - new NameIDAttribute(ids, (m_formatter.get() && *m_formatter.get()) ? m_formatter.get() : DEFAULT_NAMEID_FORMATTER) + new NameIDAttribute(ids, (!m_formatter.empty()) ? m_formatter.c_str() : DEFAULT_NAMEID_FORMATTER) ); vector& dest = nameid->getValues(); vector::const_iterator v,stop; diff --git a/shibsp/attribute/NameIDFromScopedAttributeDecoder.cpp b/shibsp/attribute/NameIDFromScopedAttributeDecoder.cpp index 1751341..39de049 100644 --- a/shibsp/attribute/NameIDFromScopedAttributeDecoder.cpp +++ b/shibsp/attribute/NameIDFromScopedAttributeDecoder.cpp @@ -46,16 +46,13 @@ namespace shibsp { NameIDFromScopedAttributeDecoder(const DOMElement* e) : AttributeDecoder(e), m_delimeter('@'), - m_format(e ? e->getAttributeNS(nullptr,format) : nullptr), - m_formatter(e ? e->getAttributeNS(nullptr,formatter) : nullptr), - m_defaultQualifiers(false) { + m_format(XMLHelper::getAttrString(e, nullptr, format)), + m_formatter(XMLHelper::getAttrString(e, nullptr, formatter)), + m_defaultQualifiers(XMLHelper::getAttrBool(e, false, defaultQualifiers)) { if (e && e->hasAttributeNS(nullptr,scopeDelimeter)) { auto_ptr_char d(e->getAttributeNS(nullptr,scopeDelimeter)); m_delimeter = *(d.get()); } - const XMLCh* flag = e ? e->getAttributeNS(nullptr, defaultQualifiers) : nullptr; - if (flag && (*flag == chLatin_t || *flag == chDigit_1)) - m_defaultQualifiers = true; } ~NameIDFromScopedAttributeDecoder() {} @@ -65,8 +62,7 @@ namespace shibsp { private: char m_delimeter; - auto_ptr_char m_format; - auto_ptr_char m_formatter; + string m_format,m_formatter; bool m_defaultQualifiers; }; @@ -86,7 +82,7 @@ shibsp::Attribute* NameIDFromScopedAttributeDecoder::decode( const XMLCh* xmlscope; xmltooling::QName scopeqname(nullptr,Scope); auto_ptr nameid( - new NameIDAttribute(ids, (m_formatter.get() && *m_formatter.get()) ? m_formatter.get() : DEFAULT_NAMEID_FORMATTER) + new NameIDAttribute(ids, (!m_formatter.empty()) ? m_formatter.c_str() : DEFAULT_NAMEID_FORMATTER) ); vector& dest = nameid->getValues(); vector::const_iterator v,stop; @@ -141,8 +137,7 @@ shibsp::Attribute* NameIDFromScopedAttributeDecoder::decode( *scope++ = 0; } destval.m_Name = val; - if (m_format.get() && *m_format.get()) - destval.m_Format = m_format.get(); + destval.m_Format = m_format; if (m_defaultQualifiers && assertingParty) destval.m_NameQualifier = assertingParty; if (m_defaultQualifiers && relyingParty) diff --git a/shibsp/attribute/filtering/impl/AndMatchFunctor.cpp b/shibsp/attribute/filtering/impl/AndMatchFunctor.cpp index fc84e25..d9587d2 100644 --- a/shibsp/attribute/filtering/impl/AndMatchFunctor.cpp +++ b/shibsp/attribute/filtering/impl/AndMatchFunctor.cpp @@ -88,9 +88,9 @@ AndMatchFunctor::AndMatchFunctor(const pairgetAttributeNS(nullptr, _ref)); - if (ref.get() && *ref.get()) { - multimap::const_iterator rule = p.first->getMatchFunctors().find(ref.get()); + string ref = XMLHelper::getAttrString(e, nullptr, _ref); + if (!ref.empty()) { + multimap::const_iterator rule = p.first->getMatchFunctors().find(ref); func = (rule!=p.first->getMatchFunctors().end()) ? rule->second : nullptr; } } @@ -105,10 +105,9 @@ AndMatchFunctor::AndMatchFunctor(const pairgetAttributeNS(nullptr,_id)); - const char* id = (temp.get() && *temp.get()) ? temp.get() : ""; - if (*id && functorMap->getMatchFunctors().count(id)) - id = ""; + string id = XMLHelper::getAttrString(e, nullptr, _id); + if (!id.empty() && functorMap->getMatchFunctors().count(id)) + id.clear(); auto_ptr type(XMLHelper::getXSIType(e)); if (!type.get()) diff --git a/shibsp/attribute/filtering/impl/AttributeIssuerRegexFunctor.cpp b/shibsp/attribute/filtering/impl/AttributeIssuerRegexFunctor.cpp index fa1d029..f66a289 100644 --- a/shibsp/attribute/filtering/impl/AttributeIssuerRegexFunctor.cpp +++ b/shibsp/attribute/filtering/impl/AttributeIssuerRegexFunctor.cpp @@ -42,7 +42,7 @@ namespace shibsp { { RegularExpression* m_regex; public: - AttributeIssuerRegexFunctor(const DOMElement* e) { + AttributeIssuerRegexFunctor(const DOMElement* e) : m_regex(nullptr) { const XMLCh* r = e ? e->getAttributeNS(nullptr,regex) : nullptr; if (!r || !*r) throw ConfigurationException("AttributeIssuerRegex MatchFunctor requires non-empty regex attribute."); diff --git a/shibsp/attribute/filtering/impl/AttributeIssuerStringFunctor.cpp b/shibsp/attribute/filtering/impl/AttributeIssuerStringFunctor.cpp index 220ac8a..a3a2b26 100644 --- a/shibsp/attribute/filtering/impl/AttributeIssuerStringFunctor.cpp +++ b/shibsp/attribute/filtering/impl/AttributeIssuerStringFunctor.cpp @@ -26,6 +26,9 @@ #include "attribute/filtering/FilterPolicyContext.h" #include "attribute/filtering/MatchFunctor.h" +#include +using xmltooling::XMLHelper; + namespace shibsp { static const XMLCh value[] = UNICODE_LITERAL_5(v,a,l,u,e); @@ -39,12 +42,10 @@ namespace shibsp { const XMLCh* m_value; bool m_ignoreCase; public: - AttributeIssuerStringFunctor(const DOMElement* e) { + AttributeIssuerStringFunctor(const DOMElement* e) : m_value(nullptr), m_ignoreCase(XMLHelper::getAttrBool(e, false, ignoreCase)) { m_value = e ? e->getAttributeNS(nullptr,value) : nullptr; if (!m_value || !*m_value) throw ConfigurationException("AttributeIssuerString MatchFunctor requires non-empty value attribute."); - const XMLCh* flag = e ? e->getAttributeNS(nullptr,ignoreCase) : nullptr; - m_ignoreCase = (flag && (*flag == chLatin_t || *flag == chDigit_1)); } bool evaluatePolicyRequirement(const FilteringContext& filterContext) const { diff --git a/shibsp/attribute/filtering/impl/AttributeRequesterRegexFunctor.cpp b/shibsp/attribute/filtering/impl/AttributeRequesterRegexFunctor.cpp index b169394..4ba1a9a 100644 --- a/shibsp/attribute/filtering/impl/AttributeRequesterRegexFunctor.cpp +++ b/shibsp/attribute/filtering/impl/AttributeRequesterRegexFunctor.cpp @@ -42,7 +42,7 @@ namespace shibsp { { RegularExpression* m_regex; public: - AttributeRequesterRegexFunctor(const DOMElement* e) { + AttributeRequesterRegexFunctor(const DOMElement* e) : m_regex(nullptr) { const XMLCh* r = e ? e->getAttributeNS(nullptr,regex) : nullptr; if (!r || !*r) throw ConfigurationException("AttributeRequesterRegex MatchFunctor requires non-empty regex attribute."); diff --git a/shibsp/attribute/filtering/impl/AttributeRequesterStringFunctor.cpp b/shibsp/attribute/filtering/impl/AttributeRequesterStringFunctor.cpp index ee7a481..486b3ac 100644 --- a/shibsp/attribute/filtering/impl/AttributeRequesterStringFunctor.cpp +++ b/shibsp/attribute/filtering/impl/AttributeRequesterStringFunctor.cpp @@ -26,6 +26,9 @@ #include "attribute/filtering/FilterPolicyContext.h" #include "attribute/filtering/MatchFunctor.h" +#include +using xmltooling::XMLHelper; + namespace shibsp { static const XMLCh value[] = UNICODE_LITERAL_5(v,a,l,u,e); @@ -39,12 +42,10 @@ namespace shibsp { const XMLCh* m_value; bool m_ignoreCase; public: - AttributeRequesterStringFunctor(const DOMElement* e) { + AttributeRequesterStringFunctor(const DOMElement* e) : m_value(nullptr), m_ignoreCase(XMLHelper::getAttrBool(e, false, ignoreCase)) { m_value = e ? e->getAttributeNS(nullptr,value) : nullptr; if (!m_value || !*m_value) throw ConfigurationException("AttributeRequesterString MatchFunctor requires non-empty value attribute."); - const XMLCh* flag = e ? e->getAttributeNS(nullptr,ignoreCase) : nullptr; - m_ignoreCase = (flag && (*flag == chLatin_t || *flag == chDigit_1)); } bool evaluatePolicyRequirement(const FilteringContext& filterContext) const { diff --git a/shibsp/attribute/filtering/impl/AttributeScopeRegexFunctor.cpp b/shibsp/attribute/filtering/impl/AttributeScopeRegexFunctor.cpp index b4470b0..f27e848 100644 --- a/shibsp/attribute/filtering/impl/AttributeScopeRegexFunctor.cpp +++ b/shibsp/attribute/filtering/impl/AttributeScopeRegexFunctor.cpp @@ -28,10 +28,12 @@ #include "attribute/filtering/FilterPolicyContext.h" #include "attribute/filtering/MatchFunctor.h" +#include #include using namespace shibsp; using namespace std; +using xmltooling::XMLHelper; namespace shibsp { @@ -44,15 +46,14 @@ namespace shibsp { */ class SHIBSP_DLLLOCAL AttributeScopeRegexFunctor : public MatchFunctor { - xmltooling::auto_ptr_char m_attributeID; + string m_attributeID; RegularExpression* m_regex; bool hasScope(const FilteringContext& filterContext) const; bool matches(const Attribute& attribute, size_t index) const; public: - AttributeScopeRegexFunctor(const DOMElement* e) - : m_attributeID(e ? e->getAttributeNS(nullptr,attributeID) : nullptr) { + AttributeScopeRegexFunctor(const DOMElement* e) : m_regex(nullptr), m_attributeID(XMLHelper::getAttrString(e, nullptr, attributeID)) { const XMLCh* r = e ? e->getAttributeNS(nullptr,regex) : nullptr; if (!r || !*r) throw ConfigurationException("AttributeScopeRegex MatchFunctor requires non-empty regex attribute."); @@ -66,13 +67,13 @@ namespace shibsp { } bool evaluatePolicyRequirement(const FilteringContext& filterContext) const { - if (!m_attributeID.get() || !*m_attributeID.get()) + if (m_attributeID.empty()) throw AttributeFilteringException("No attributeID specified."); return hasScope(filterContext); } bool evaluatePermitValue(const FilteringContext& filterContext, const Attribute& attribute, size_t index) const { - if (!m_attributeID.get() || !*m_attributeID.get() || XMLString::equals(m_attributeID.get(), attribute.getId())) + if (m_attributeID.empty() || m_attributeID == attribute.getId()) return matches(attribute, index); return hasScope(filterContext); } @@ -89,7 +90,7 @@ bool AttributeScopeRegexFunctor::hasScope(const FilteringContext& filterContext) { size_t count; pair::const_iterator,multimap::const_iterator> attrs = - filterContext.getAttributes().equal_range(m_attributeID.get()); + filterContext.getAttributes().equal_range(m_attributeID); for (; attrs.first != attrs.second; ++attrs.first) { count = attrs.first->second->valueCount(); for (size_t index = 0; index < count; ++index) { diff --git a/shibsp/attribute/filtering/impl/AttributeScopeStringFunctor.cpp b/shibsp/attribute/filtering/impl/AttributeScopeStringFunctor.cpp index a62121d..e27eb5a 100644 --- a/shibsp/attribute/filtering/impl/AttributeScopeStringFunctor.cpp +++ b/shibsp/attribute/filtering/impl/AttributeScopeStringFunctor.cpp @@ -28,8 +28,11 @@ #include "attribute/filtering/FilterPolicyContext.h" #include "attribute/filtering/MatchFunctor.h" +#include + using namespace shibsp; using namespace std; +using xmltooling::XMLHelper; namespace shibsp { @@ -42,7 +45,7 @@ namespace shibsp { */ class SHIBSP_DLLLOCAL AttributeScopeStringFunctor : public MatchFunctor { - xmltooling::auto_ptr_char m_attributeID; + string m_attributeID; char* m_value; bool m_ignoreCase; @@ -50,13 +53,13 @@ namespace shibsp { public: AttributeScopeStringFunctor(const DOMElement* e) - : m_value(e ? xmltooling::toUTF8(e->getAttributeNS(nullptr,value)) : nullptr), m_attributeID(e ? e->getAttributeNS(nullptr,attributeID) : nullptr) { + : m_attributeID(XMLHelper::getAttrString(e, nullptr, attributeID)), + m_value(e ? xmltooling::toUTF8(e->getAttributeNS(nullptr,value)) : nullptr), + m_ignoreCase(XMLHelper::getAttrBool(e, false, ignoreCase)) { if (!m_value || !*m_value) { delete[] m_value; throw ConfigurationException("AttributeScopeString MatchFunctor requires non-empty value attribute."); } - const XMLCh* flag = e ? e->getAttributeNS(nullptr,ignoreCase) : nullptr; - m_ignoreCase = (flag && (*flag == chLatin_t || *flag == chDigit_1)); } virtual ~AttributeScopeStringFunctor() { @@ -64,13 +67,13 @@ namespace shibsp { } bool evaluatePolicyRequirement(const FilteringContext& filterContext) const { - if (!m_attributeID.get() || !*m_attributeID.get()) + if (m_attributeID.empty()) throw AttributeFilteringException("No attributeID specified."); return hasScope(filterContext); } bool evaluatePermitValue(const FilteringContext& filterContext, const Attribute& attribute, size_t index) const { - if (!m_attributeID.get() || !*m_attributeID.get() || XMLString::equals(m_attributeID.get(), attribute.getId())) { + if (m_attributeID.empty() || m_attributeID == attribute.getId()) { if (m_ignoreCase) { #ifdef HAVE_STRCASECMP return !strcasecmp(attribute.getScope(index), m_value); @@ -96,7 +99,7 @@ bool AttributeScopeStringFunctor::hasScope(const FilteringContext& filterContext { size_t count; pair::const_iterator,multimap::const_iterator> attrs = - filterContext.getAttributes().equal_range(m_attributeID.get()); + filterContext.getAttributes().equal_range(m_attributeID); for (; attrs.first != attrs.second; ++attrs.first) { count = attrs.first->second->valueCount(); for (size_t index = 0; index < count; ++index) { diff --git a/shibsp/attribute/filtering/impl/AttributeValueRegexFunctor.cpp b/shibsp/attribute/filtering/impl/AttributeValueRegexFunctor.cpp index d49ff7e..1a20986 100644 --- a/shibsp/attribute/filtering/impl/AttributeValueRegexFunctor.cpp +++ b/shibsp/attribute/filtering/impl/AttributeValueRegexFunctor.cpp @@ -28,10 +28,13 @@ #include "attribute/filtering/FilterPolicyContext.h" #include "attribute/filtering/MatchFunctor.h" +#include + #include using namespace shibsp; using namespace std; +using xmltooling::XMLHelper; namespace shibsp { @@ -44,7 +47,7 @@ namespace shibsp { */ class SHIBSP_DLLLOCAL AttributeValueRegexFunctor : public MatchFunctor { - xmltooling::auto_ptr_char m_attributeID; + string m_attributeID; RegularExpression* m_regex; bool hasValue(const FilteringContext& filterContext) const; @@ -52,7 +55,7 @@ namespace shibsp { public: AttributeValueRegexFunctor(const DOMElement* e) - : m_attributeID(e ? e->getAttributeNS(nullptr,attributeID) : nullptr) { + : m_attributeID(XMLHelper::getAttrString(e, nullptr, attributeID)), m_regex(nullptr) { const XMLCh* r = e ? e->getAttributeNS(nullptr,regex) : nullptr; if (!r || !*r) throw ConfigurationException("AttributeValueRegex MatchFunctor requires non-empty regex attribute."); @@ -66,13 +69,13 @@ namespace shibsp { } bool evaluatePolicyRequirement(const FilteringContext& filterContext) const { - if (!m_attributeID.get() || !*m_attributeID.get()) + if (m_attributeID.empty()) throw AttributeFilteringException("No attributeID specified."); return hasValue(filterContext); } bool evaluatePermitValue(const FilteringContext& filterContext, const Attribute& attribute, size_t index) const { - if (!m_attributeID.get() || !*m_attributeID.get() || XMLString::equals(m_attributeID.get(), attribute.getId())) + if (m_attributeID.empty() || m_attributeID == attribute.getId()) return matches(attribute, index); return hasValue(filterContext); } @@ -89,7 +92,7 @@ bool AttributeValueRegexFunctor::hasValue(const FilteringContext& filterContext) { size_t count; pair::const_iterator,multimap::const_iterator> attrs = - filterContext.getAttributes().equal_range(m_attributeID.get()); + filterContext.getAttributes().equal_range(m_attributeID); for (; attrs.first != attrs.second; ++attrs.first) { count = attrs.first->second->valueCount(); for (size_t index = 0; index < count; ++index) { diff --git a/shibsp/attribute/filtering/impl/AttributeValueStringFunctor.cpp b/shibsp/attribute/filtering/impl/AttributeValueStringFunctor.cpp index 16b2725..b7ac084 100644 --- a/shibsp/attribute/filtering/impl/AttributeValueStringFunctor.cpp +++ b/shibsp/attribute/filtering/impl/AttributeValueStringFunctor.cpp @@ -28,8 +28,11 @@ #include "attribute/filtering/FilterPolicyContext.h" #include "attribute/filtering/MatchFunctor.h" +#include + using namespace shibsp; using namespace std; +using xmltooling::XMLHelper; namespace shibsp { @@ -42,7 +45,7 @@ namespace shibsp { */ class SHIBSP_DLLLOCAL AttributeValueStringFunctor : public MatchFunctor { - xmltooling::auto_ptr_char m_attributeID; + string m_attributeID; char* m_value; bool hasValue(const FilteringContext& filterContext) const; @@ -50,7 +53,8 @@ namespace shibsp { public: AttributeValueStringFunctor(const DOMElement* e) - : m_value(e ? xmltooling::toUTF8(e->getAttributeNS(nullptr,value)) : nullptr), m_attributeID(e ? e->getAttributeNS(nullptr,attributeID) : nullptr) { + : m_value(e ? xmltooling::toUTF8(e->getAttributeNS(nullptr,value)) : nullptr), + m_attributeID(XMLHelper::getAttrString(e, nullptr, attributeID)) { if (!m_value || !*m_value) { delete[] m_value; throw ConfigurationException("AttributeValueString MatchFunctor requires non-empty value attribute."); @@ -67,13 +71,13 @@ namespace shibsp { } bool evaluatePolicyRequirement(const FilteringContext& filterContext) const { - if (!m_attributeID.get() || !*m_attributeID.get()) + if (m_attributeID.empty()) throw AttributeFilteringException("No attributeID specified."); return hasValue(filterContext); } bool evaluatePermitValue(const FilteringContext& filterContext, const Attribute& attribute, size_t index) const { - if (!m_attributeID.get() || !*m_attributeID.get() || XMLString::equals(m_attributeID.get(), attribute.getId())) + if (m_attributeID.empty() || m_attributeID == attribute.getId()) return matches(attribute, index); return hasValue(filterContext); } @@ -90,7 +94,7 @@ bool AttributeValueStringFunctor::hasValue(const FilteringContext& filterContext { size_t count; pair::const_iterator,multimap::const_iterator> attrs = - filterContext.getAttributes().equal_range(m_attributeID.get()); + filterContext.getAttributes().equal_range(m_attributeID); for (; attrs.first != attrs.second; ++attrs.first) { count = attrs.first->second->valueCount(); for (size_t index = 0; index < count; ++index) { diff --git a/shibsp/attribute/filtering/impl/AuthenticationMethodRegexFunctor.cpp b/shibsp/attribute/filtering/impl/AuthenticationMethodRegexFunctor.cpp index fc3e365..a0603a6 100644 --- a/shibsp/attribute/filtering/impl/AuthenticationMethodRegexFunctor.cpp +++ b/shibsp/attribute/filtering/impl/AuthenticationMethodRegexFunctor.cpp @@ -42,7 +42,7 @@ namespace shibsp { { RegularExpression* m_regex; public: - AuthenticationMethodRegexFunctor(const DOMElement* e) { + AuthenticationMethodRegexFunctor(const DOMElement* e) : m_regex(nullptr) { const XMLCh* r = e ? e->getAttributeNS(nullptr,regex) : nullptr; if (!r || !*r) throw ConfigurationException("AuthenticationMethodRegex MatchFunctor requires non-empty regex attribute."); diff --git a/shibsp/attribute/filtering/impl/AuthenticationMethodStringFunctor.cpp b/shibsp/attribute/filtering/impl/AuthenticationMethodStringFunctor.cpp index 27b89ae..fd78363 100644 --- a/shibsp/attribute/filtering/impl/AuthenticationMethodStringFunctor.cpp +++ b/shibsp/attribute/filtering/impl/AuthenticationMethodStringFunctor.cpp @@ -27,6 +27,10 @@ #include "attribute/filtering/FilterPolicyContext.h" #include "attribute/filtering/MatchFunctor.h" +#include + +using xmltooling::XMLHelper; + namespace shibsp { static const XMLCh value[] = UNICODE_LITERAL_5(v,a,l,u,e); @@ -40,11 +44,10 @@ namespace shibsp { const XMLCh* m_value; bool m_ignoreCase; public: - AuthenticationMethodStringFunctor(const DOMElement* e) : m_value(e ? e->getAttributeNS(nullptr,value) : nullptr) { + AuthenticationMethodStringFunctor(const DOMElement* e) + : m_value(e ? e->getAttributeNS(nullptr,value) : nullptr), m_ignoreCase(XMLHelper::getAttrBool(e, false, ignoreCase)) { if (!m_value || !*m_value) throw ConfigurationException("AuthenticationMethodString MatchFunctor requires non-empty value attribute."); - const XMLCh* flag = e ? e->getAttributeNS(nullptr,ignoreCase) : nullptr; - m_ignoreCase = (flag && (*flag == chLatin_t || *flag == chDigit_1)); } bool evaluatePolicyRequirement(const FilteringContext& filterContext) const { diff --git a/shibsp/attribute/filtering/impl/ChainingAttributeFilter.cpp b/shibsp/attribute/filtering/impl/ChainingAttributeFilter.cpp index ca5dbef..d0023b7 100644 --- a/shibsp/attribute/filtering/impl/ChainingAttributeFilter.cpp +++ b/shibsp/attribute/filtering/impl/ChainingAttributeFilter.cpp @@ -72,12 +72,12 @@ ChainingAttributeFilter::ChainingAttributeFilter(const DOMElement* e) SPConfig& conf = SPConfig::getConfig(); // Load up the chain of handlers. - e = e ? XMLHelper::getFirstChildElement(e, _AttributeFilter) : nullptr; + e = XMLHelper::getFirstChildElement(e, _AttributeFilter); while (e) { - auto_ptr_char type(e->getAttributeNS(nullptr,_type)); - if (type.get() && *(type.get())) { + string t(XMLHelper::getAttrString(e, nullptr, _type)); + if (!t.empty()) { try { - m_filters.push_back(conf.AttributeFilterManager.newPlugin(type.get(),e)); + m_filters.push_back(conf.AttributeFilterManager.newPlugin(t.c_str(), e)); } catch (exception& ex) { Category::getInstance(SHIBSP_LOGCAT".AttributeFilter").error( diff --git a/shibsp/attribute/filtering/impl/NotMatchFunctor.cpp b/shibsp/attribute/filtering/impl/NotMatchFunctor.cpp index 142041c..63f6b50 100644 --- a/shibsp/attribute/filtering/impl/NotMatchFunctor.cpp +++ b/shibsp/attribute/filtering/impl/NotMatchFunctor.cpp @@ -80,9 +80,9 @@ NotMatchFunctor::NotMatchFunctor(const pairgetAttributeNS(nullptr, _ref)); - if (ref.get() && *ref.get()) { - multimap::const_iterator rule = p.first->getMatchFunctors().find(ref.get()); + string ref = XMLHelper::getAttrString(e, nullptr, _ref); + if (!ref.empty()) { + multimap::const_iterator rule = p.first->getMatchFunctors().find(ref); m_functor = (rule!=p.first->getMatchFunctors().end()) ? rule->second : nullptr; } } @@ -95,10 +95,9 @@ NotMatchFunctor::NotMatchFunctor(const pairgetAttributeNS(nullptr,_id)); - const char* id = (temp.get() && *temp.get()) ? temp.get() : ""; - if (*id && functorMap->getMatchFunctors().count(id)) - id = ""; + string id = XMLHelper::getAttrString(e, nullptr, _id); + if (!id.empty() && functorMap->getMatchFunctors().count(id)) + id.clear(); auto_ptr type(XMLHelper::getXSIType(e)); if (!type.get()) diff --git a/shibsp/attribute/filtering/impl/NumberOfAttributeValuesFunctor.cpp b/shibsp/attribute/filtering/impl/NumberOfAttributeValuesFunctor.cpp index c2baf67..bf45384 100644 --- a/shibsp/attribute/filtering/impl/NumberOfAttributeValuesFunctor.cpp +++ b/shibsp/attribute/filtering/impl/NumberOfAttributeValuesFunctor.cpp @@ -28,8 +28,11 @@ #include "attribute/filtering/FilterPolicyContext.h" #include "attribute/filtering/MatchFunctor.h" +#include + using namespace shibsp; using namespace std; +using xmltooling::XMLHelper; namespace shibsp { @@ -44,21 +47,17 @@ namespace shibsp { class SHIBSP_DLLLOCAL NumberOfAttributeValuesFunctor : public MatchFunctor { unsigned int m_min,m_max; - xmltooling::auto_ptr_char m_attributeID; + string m_attributeID; size_t count(const FilteringContext& filterContext) const; public: NumberOfAttributeValuesFunctor(const DOMElement* e) - : m_min(0), m_max(INT_MAX), m_attributeID(e ? e->getAttributeNS(nullptr,attributeID) : nullptr) { - if (!m_attributeID.get() || !*m_attributeID.get()) + : m_min(XMLHelper::getAttrInt(e, 0, minimum)), + m_max(XMLHelper::getAttrInt(e, INT_MAX, maximum)), + m_attributeID(XMLHelper::getAttrString(e, nullptr, attributeID)) { + if (m_attributeID.empty()) throw ConfigurationException("No attributeID specified."); - const XMLCh* num = e->getAttributeNS(nullptr, minimum); - if (num && *num) - m_min = XMLString::parseInt(num); - num = e->getAttributeNS(nullptr, maximum); - if (num && *num) - m_max = XMLString::parseInt(num); } bool evaluatePolicyRequirement(const FilteringContext& filterContext) const { @@ -83,7 +82,7 @@ size_t NumberOfAttributeValuesFunctor::count(const FilteringContext& filterConte { size_t count = 0; pair::const_iterator,multimap::const_iterator> attrs = - filterContext.getAttributes().equal_range(m_attributeID.get()); + filterContext.getAttributes().equal_range(m_attributeID); for (; attrs.first != attrs.second; ++attrs.first) count += attrs.first->second->valueCount(); return count; diff --git a/shibsp/attribute/filtering/impl/OrMatchFunctor.cpp b/shibsp/attribute/filtering/impl/OrMatchFunctor.cpp index 4abe24f..82714cc 100644 --- a/shibsp/attribute/filtering/impl/OrMatchFunctor.cpp +++ b/shibsp/attribute/filtering/impl/OrMatchFunctor.cpp @@ -84,9 +84,9 @@ OrMatchFunctor::OrMatchFunctor(const pairgetAttributeNS(nullptr, _ref)); - if (ref.get() && *ref.get()) { - multimap::const_iterator rule = p.first->getMatchFunctors().find(ref.get()); + string ref = XMLHelper::getAttrString(e, nullptr, _ref); + if (!ref.empty()) { + multimap::const_iterator rule = p.first->getMatchFunctors().find(ref); func = (rule!=p.first->getMatchFunctors().end()) ? rule->second : nullptr; } } @@ -101,10 +101,9 @@ OrMatchFunctor::OrMatchFunctor(const pairgetAttributeNS(nullptr,_id)); - const char* id = (temp.get() && *temp.get()) ? temp.get() : ""; - if (*id && functorMap->getMatchFunctors().count(id)) - id = ""; + string id = XMLHelper::getAttrString(e, nullptr, _id); + if (!id.empty() && functorMap->getMatchFunctors().count(id)) + id.clear(); auto_ptr type(XMLHelper::getXSIType(e)); if (!type.get()) diff --git a/shibsp/attribute/filtering/impl/XMLAttributeFilter.cpp b/shibsp/attribute/filtering/impl/XMLAttributeFilter.cpp index c522f48..18bda2f 100644 --- a/shibsp/attribute/filtering/impl/XMLAttributeFilter.cpp +++ b/shibsp/attribute/filtering/impl/XMLAttributeFilter.cpp @@ -176,9 +176,9 @@ XMLFilterImpl::XMLFilterImpl(const DOMElement* e, Category& log) : m_log(log), m func = buildFunctor(e, reqFunctors, "PolicyRequirementRule", false); } else if (e && XMLHelper::isNodeNamed(e, SHIB2ATTRIBUTEFILTER_NS, PolicyRequirementRuleReference)) { - auto_ptr_char ref(e->getAttributeNS(nullptr, _ref)); - if (ref.get() && *ref.get()) { - multimap::const_iterator prr = m_policyReqRules.find(ref.get()); + string ref(XMLHelper::getAttrString(e, nullptr, _ref)); + if (!ref.empty()) { + multimap::const_iterator prr = m_policyReqRules.find(ref); func = (prr!=m_policyReqRules.end()) ? prr->second : nullptr; } } @@ -193,13 +193,13 @@ XMLFilterImpl::XMLFilterImpl(const DOMElement* e, Category& log) : m_log(log), m m_policies.back().m_rules.insert(Policy::rules_t::value_type(rule.first, rule.second)); } else if (e && XMLHelper::isNodeNamed(e, SHIB2ATTRIBUTEFILTER_NS, AttributeRuleReference)) { - auto_ptr_char ref(e->getAttributeNS(nullptr, _ref)); - if (ref.get() && *ref.get()) { - map< string,pair< string,pair< const MatchFunctor*,const MatchFunctor*> > >::const_iterator ar = m_attrRules.find(ref.get()); + string ref(XMLHelper::getAttrString(e, nullptr, _ref)); + if (!ref.empty()) { + map< string,pair< string,pair< const MatchFunctor*,const MatchFunctor*> > >::const_iterator ar = m_attrRules.find(ref); if (ar != m_attrRules.end()) m_policies.back().m_rules.insert(Policy::rules_t::value_type(ar->second.first, ar->second.second)); else - m_log.warn("skipping invalid AttributeRuleReference (%s)", ref.get()); + m_log.warn("skipping invalid AttributeRuleReference (%s)", ref.c_str()); } } e = XMLHelper::getNextSiblingElement(e); @@ -217,20 +217,19 @@ MatchFunctor* XMLFilterImpl::buildFunctor( const DOMElement* e, const FilterPolicyContext& functorMap, const char* logname, bool standalone ) { - auto_ptr_char temp(e->getAttributeNS(nullptr,_id)); - const char* id = (temp.get() && *temp.get()) ? temp.get() : ""; + string id(XMLHelper::getAttrString(e, nullptr, _id)); - if (standalone && !*id) { + if (standalone && id.empty()) { m_log.warn("skipping stand-alone %s with no id", logname); return nullptr; } - else if (*id && functorMap.getMatchFunctors().count(id)) { + else if (!id.empty() && functorMap.getMatchFunctors().count(id)) { if (standalone) { - m_log.warn("skipping duplicate stand-alone %s with id (%s)", logname, id); + m_log.warn("skipping duplicate stand-alone %s with id (%s)", logname, id.c_str()); return nullptr; } else - id = ""; + id.clear(); } auto_ptr type(XMLHelper::getXSIType(e)); @@ -256,24 +255,23 @@ pair< string,pair > XMLFilterImpl::buil const DOMElement* e, const FilterPolicyContext& permMap, const FilterPolicyContext& denyMap, bool standalone ) { - auto_ptr_char temp(e->getAttributeNS(nullptr,_id)); - const char* id = (temp.get() && *temp.get()) ? temp.get() : ""; + string id(XMLHelper::getAttrString(e, nullptr, _id)); - if (standalone && !*id) { + if (standalone && id.empty()) { m_log.warn("skipping stand-alone AttributeRule with no id"); return make_pair(string(),pair(nullptr,nullptr)); } - else if (*id && m_attrRules.count(id)) { + else if (!id.empty() && m_attrRules.count(id)) { if (standalone) { - m_log.warn("skipping duplicate stand-alone AttributeRule with id (%s)", id); + m_log.warn("skipping duplicate stand-alone AttributeRule with id (%s)", id.c_str()); return make_pair(string(),pair(nullptr,nullptr)); } else - id = ""; + id.clear(); } - auto_ptr_char attrID(e->getAttributeNS(nullptr,attributeID)); - if (!attrID.get() || !*attrID.get()) + string attrID(XMLHelper::getAttrString(e, nullptr, attributeID)); + if (attrID.empty()) m_log.warn("skipping AttributeRule with no attributeID"); MatchFunctor* perm=nullptr; @@ -285,9 +283,9 @@ pair< string,pair > XMLFilterImpl::buil e = XMLHelper::getNextSiblingElement(e); } else if (e && XMLHelper::isNodeNamed(e, SHIB2ATTRIBUTEFILTER_NS, PermitValueRuleReference)) { - auto_ptr_char ref(e->getAttributeNS(nullptr, _ref)); - if (ref.get() && *ref.get()) { - multimap::const_iterator pvr = m_permitValRules.find(ref.get()); + string ref(XMLHelper::getAttrString(e, nullptr, _ref)); + if (!ref.empty()) { + multimap::const_iterator pvr = m_permitValRules.find(ref); perm = (pvr!=m_permitValRules.end()) ? pvr->second : nullptr; } e = XMLHelper::getNextSiblingElement(e); @@ -297,25 +295,26 @@ pair< string,pair > XMLFilterImpl::buil deny = buildFunctor(e, denyMap, "DenyValueRule", false); } else if (e && XMLHelper::isNodeNamed(e, SHIB2ATTRIBUTEFILTER_NS, DenyValueRuleReference)) { - auto_ptr_char ref(e->getAttributeNS(nullptr, _ref)); - if (ref.get() && *ref.get()) { - multimap::const_iterator pvr = m_denyValRules.find(ref.get()); + string ref(XMLHelper::getAttrString(e, nullptr, _ref)); + if (!ref.empty()) { + multimap::const_iterator pvr = m_denyValRules.find(ref); deny = (pvr!=m_denyValRules.end()) ? pvr->second : nullptr; } } if (perm || deny) { - if (*id) { - m_attrRules[id] = pair< string,pair >(attrID.get(), pair(perm,deny)); + if (!id.empty()) { + m_attrRules[id] = + pair< string,pair >(attrID, pair(perm,deny)); return m_attrRules[id]; } else { - return pair< string,pair >(attrID.get(), pair(perm,deny)); + return pair< string,pair >(attrID, pair(perm,deny)); } } - if (*id) - m_log.warn("skipping AttributeRule (%s), permit and denial rule(s) invalid or missing", id); + if (!id.empty()) + m_log.warn("skipping AttributeRule (%s), permit and denial rule(s) invalid or missing", id.c_str()); else m_log.warn("skipping AttributeRule, permit and denial rule(s) invalid or missing"); return pair< string,pair >(string(),pair(nullptr,nullptr)); diff --git a/shibsp/attribute/resolver/impl/ChainingAttributeExtractor.cpp b/shibsp/attribute/resolver/impl/ChainingAttributeExtractor.cpp index e80543b..986bf39 100644 --- a/shibsp/attribute/resolver/impl/ChainingAttributeExtractor.cpp +++ b/shibsp/attribute/resolver/impl/ChainingAttributeExtractor.cpp @@ -101,12 +101,12 @@ ChainingAttributeExtractor::ChainingAttributeExtractor(const DOMElement* e) SPConfig& conf = SPConfig::getConfig(); // Load up the chain of handlers. - e = e ? XMLHelper::getFirstChildElement(e, _AttributeExtractor) : nullptr; + e = XMLHelper::getFirstChildElement(e, _AttributeExtractor); while (e) { - auto_ptr_char type(e->getAttributeNS(nullptr,_type)); - if (type.get() && *(type.get())) { + string t(XMLHelper::getAttrString(e, nullptr, _type)); + if (!t.empty()) { try { - m_extractors.push_back(conf.AttributeExtractorManager.newPlugin(type.get(),e)); + m_extractors.push_back(conf.AttributeExtractorManager.newPlugin(t.c_str(), e)); } catch (exception& ex) { Category::getInstance(SHIBSP_LOGCAT".AttributeExtractor.Chaining").error( diff --git a/shibsp/attribute/resolver/impl/ChainingAttributeResolver.cpp b/shibsp/attribute/resolver/impl/ChainingAttributeResolver.cpp index 0cb6b07..6718113 100644 --- a/shibsp/attribute/resolver/impl/ChainingAttributeResolver.cpp +++ b/shibsp/attribute/resolver/impl/ChainingAttributeResolver.cpp @@ -171,12 +171,12 @@ ChainingAttributeResolver::ChainingAttributeResolver(const DOMElement* e) SPConfig& conf = SPConfig::getConfig(); // Load up the chain of handlers. - e = e ? XMLHelper::getFirstChildElement(e, _AttributeResolver) : nullptr; + e = XMLHelper::getFirstChildElement(e, _AttributeResolver); while (e) { - auto_ptr_char type(e->getAttributeNS(nullptr,_type)); - if (type.get() && *(type.get())) { + string t(XMLHelper::getAttrString(e, nullptr, _type)); + if (!t.empty()) { try { - m_resolvers.push_back(conf.AttributeResolverManager.newPlugin(type.get(),e)); + m_resolvers.push_back(conf.AttributeResolverManager.newPlugin(t.c_str(), e)); } catch (exception& ex) { Category::getInstance(SHIBSP_LOGCAT".AttributeResolver.Chaining").error( diff --git a/shibsp/attribute/resolver/impl/DelegationAttributeExtractor.cpp b/shibsp/attribute/resolver/impl/DelegationAttributeExtractor.cpp index ba9b642..3f410cd 100644 --- a/shibsp/attribute/resolver/impl/DelegationAttributeExtractor.cpp +++ b/shibsp/attribute/resolver/impl/DelegationAttributeExtractor.cpp @@ -86,20 +86,10 @@ namespace shibsp { static const XMLCh formatter[] = UNICODE_LITERAL_9(f,o,r,m,a,t,t,e,r); }; -DelegationExtractor::DelegationExtractor(const DOMElement* e) : m_attributeId("delegate"), m_formatter("$Name") +DelegationExtractor::DelegationExtractor(const DOMElement* e) + : m_attributeId(XMLHelper::getAttrString(e, "delegate", attributeId)), + m_formatter(XMLHelper::getAttrString(e, "$Name", formatter)) { - if (e) { - const XMLCh* a = e->getAttributeNS(nullptr, attributeId); - if (a && *a) { - auto_ptr_char temp(a); - m_attributeId = temp.get(); - } - a = e->getAttributeNS(nullptr, formatter); - if (a && *a) { - auto_ptr_char temp(a); - m_formatter = temp.get(); - } - } } void DelegationExtractor::extractAttributes( diff --git a/shibsp/attribute/resolver/impl/KeyDescriptorAttributeExtractor.cpp b/shibsp/attribute/resolver/impl/KeyDescriptorAttributeExtractor.cpp index bb397f3..3cdac01 100644 --- a/shibsp/attribute/resolver/impl/KeyDescriptorAttributeExtractor.cpp +++ b/shibsp/attribute/resolver/impl/KeyDescriptorAttributeExtractor.cpp @@ -75,7 +75,7 @@ namespace shibsp { } private: - auto_ptr_char m_hashAlg; + string m_hashAlg; vector m_hashId; vector m_signingId; vector m_encryptionId; @@ -96,24 +96,18 @@ namespace shibsp { static const XMLCh signingId[] = UNICODE_LITERAL_9(s,i,g,n,i,n,g,I,d); }; -KeyDescriptorExtractor::KeyDescriptorExtractor(const DOMElement* e) : m_hashAlg(e ? e->getAttributeNS(nullptr, hashAlg) : nullptr) +KeyDescriptorExtractor::KeyDescriptorExtractor(const DOMElement* e) : m_hashAlg(XMLHelper::getAttrString(e, "SHA1", hashAlg)) { if (e) { - const XMLCh* a = e->getAttributeNS(nullptr, hashId); - if (a && *a) { - auto_ptr_char temp(a); - m_hashId.push_back(temp.get()); - } - a = e->getAttributeNS(nullptr, signingId); - if (a && *a) { - auto_ptr_char temp(a); - m_signingId.push_back(temp.get()); - } - a = e->getAttributeNS(nullptr, encryptionId); - if (a && *a) { - auto_ptr_char temp(a); - m_encryptionId.push_back(temp.get()); - } + string a(XMLHelper::getAttrString(e, nullptr, hashId)); + if (!a.empty()) + m_hashId.push_back(a); + a = XMLHelper::getAttrString(e, nullptr, signingId); + if (!a.empty()) + m_signingId.push_back(a); + a = XMLHelper::getAttrString(e, nullptr, encryptionId); + if (!a.empty()) + m_encryptionId.push_back(a); } if (m_hashId.empty() && m_signingId.empty() && m_encryptionId.empty()) throw ConfigurationException("KeyDescriptor AttributeExtractor requires hashId, signingId, or encryptionId property."); @@ -134,15 +128,12 @@ void KeyDescriptorExtractor::extractAttributes( mcc.setUsage(Credential::SIGNING_CREDENTIAL); if (application.getMetadataProvider()->resolve(creds, &mcc)) { if (!m_hashId.empty()) { - const char* alg = m_hashAlg.get(); - if (!alg || !*alg) - alg = "SHA1"; auto_ptr attr(new SimpleAttribute(m_hashId)); vector& vals = attr->getValues(); for (vector::const_iterator c = creds.begin(); c != creds.end(); ++c) { if (vals.empty() || !vals.back().empty()) vals.push_back(string()); - vals.back() = SecurityHelper::getDEREncoding(*(*c), alg); + vals.back() = SecurityHelper::getDEREncoding(*(*c), m_hashAlg.c_str()); } if (vals.back().empty()) vals.pop_back(); diff --git a/shibsp/attribute/resolver/impl/QueryAttributeResolver.cpp b/shibsp/attribute/resolver/impl/QueryAttributeResolver.cpp index 838cec0..0c6a453 100644 --- a/shibsp/attribute/resolver/impl/QueryAttributeResolver.cpp +++ b/shibsp/attribute/resolver/impl/QueryAttributeResolver.cpp @@ -220,21 +220,15 @@ namespace shibsp { static const XMLCh subjectMatch[] = UNICODE_LITERAL_12(s,u,b,j,e,c,t,M,a,t,c,h); }; -QueryResolver::QueryResolver(const DOMElement* e) : m_log(Category::getInstance(SHIBSP_LOGCAT".AttributeResolver.Query")), m_subjectMatch(false) +QueryResolver::QueryResolver(const DOMElement* e) + : m_log(Category::getInstance(SHIBSP_LOGCAT".AttributeResolver.Query")), + m_policyId(XMLHelper::getAttrString(e, nullptr, policyId)), + m_subjectMatch(XMLHelper::getAttrBool(e, false, subjectMatch)) { #ifdef _DEBUG xmltooling::NDC ndc("QueryResolver"); #endif - const XMLCh* pid = e ? e->getAttributeNS(nullptr, policyId) : nullptr; - if (pid && *pid) { - auto_ptr_char temp(pid); - m_policyId = temp.get(); - } - pid = e ? e->getAttributeNS(nullptr, subjectMatch) : nullptr; - if (pid && (*pid == chLatin_t || *pid == chDigit_1)) - m_subjectMatch = true; - DOMElement* child = XMLHelper::getFirstChildElement(e); while (child) { try { diff --git a/shibsp/attribute/resolver/impl/SimpleAggregationAttributeResolver.cpp b/shibsp/attribute/resolver/impl/SimpleAggregationAttributeResolver.cpp index fe28825..2d27a30 100644 --- a/shibsp/attribute/resolver/impl/SimpleAggregationAttributeResolver.cpp +++ b/shibsp/attribute/resolver/impl/SimpleAggregationAttributeResolver.cpp @@ -215,25 +215,18 @@ namespace shibsp { }; SimpleAggregationResolver::SimpleAggregationResolver(const DOMElement* e) - : m_log(Category::getInstance(SHIBSP_LOGCAT".AttributeResolver.SimpleAggregation")), m_subjectMatch(false), m_metadata(nullptr), m_trust(nullptr) + : m_log(Category::getInstance(SHIBSP_LOGCAT".AttributeResolver.SimpleAggregation")), + m_policyId(XMLHelper::getAttrString(e, nullptr, policyId)), + m_subjectMatch(XMLHelper::getAttrBool(e, false, subjectMatch)), + m_metadata(nullptr), m_trust(nullptr) { #ifdef _DEBUG xmltooling::NDC ndc("SimpleAggregationResolver"); #endif - const XMLCh* pid = e ? e->getAttributeNS(nullptr, policyId) : nullptr; - if (pid && *pid) { - auto_ptr_char temp(pid); - m_policyId = temp.get(); - } - - pid = e ? e->getAttributeNS(nullptr, subjectMatch) : nullptr; - if (pid && (*pid == chLatin_t || *pid == chDigit_1)) - m_subjectMatch = true; - - pid = e ? e->getAttributeNS(nullptr, attributeId) : nullptr; - if (pid && *pid) { - char* dup = XMLString::transcode(pid); + const XMLCh* aid = e ? e->getAttributeNS(nullptr, attributeId) : nullptr; + if (aid && *aid) { + char* dup = XMLString::transcode(aid); char* pos; char* start = dup; while (start && *start) { @@ -249,18 +242,18 @@ SimpleAggregationResolver::SimpleAggregationResolver(const DOMElement* e) } XMLString::release(&dup); - pid = e->getAttributeNS(nullptr, format); - if (pid && *pid) - m_format = pid; + aid = e->getAttributeNS(nullptr, format); + if (aid && *aid) + m_format = aid; } DOMElement* child = XMLHelper::getFirstChildElement(e, _MetadataProvider); if (child) { - auto_ptr_char type(child->getAttributeNS(nullptr, _type)); - if (!type.get() || !*type.get()) + string t(XMLHelper::getAttrString(child, nullptr, _type)); + if (t.empty()) throw ConfigurationException("MetadataProvider element missing type attribute."); - m_log.info("building MetadataProvider of type %s...", type.get()); - auto_ptr mp(SAMLConfig::getConfig().MetadataProviderManager.newPlugin(type.get(), child)); + m_log.info("building MetadataProvider of type %s...", t.c_str()); + auto_ptr mp(SAMLConfig::getConfig().MetadataProviderManager.newPlugin(t.c_str(), child)); mp->init(); m_metadata = mp.release(); } @@ -268,11 +261,11 @@ SimpleAggregationResolver::SimpleAggregationResolver(const DOMElement* e) child = XMLHelper::getFirstChildElement(e, _TrustEngine); if (child) { try { - auto_ptr_char type(child->getAttributeNS(nullptr, _type)); - if (!type.get() || !*type.get()) + string t(XMLHelper::getAttrString(child, nullptr, _type)); + if (t.empty()) throw ConfigurationException("TrustEngine element missing type attribute."); - m_log.info("building TrustEngine of type %s...", type.get()); - m_trust = XMLToolingConfig::getConfig().TrustEngineManager.newPlugin(type.get(), child); + m_log.info("building TrustEngine of type %s...", t.c_str()); + m_trust = XMLToolingConfig::getConfig().TrustEngineManager.newPlugin(t.c_str(), child); } catch (exception&) { delete m_metadata; @@ -283,17 +276,17 @@ SimpleAggregationResolver::SimpleAggregationResolver(const DOMElement* e) child = XMLHelper::getFirstChildElement(e); while (child) { if (child->hasChildNodes() && XMLString::equals(child->getLocalName(), Entity)) { - pid = child->getFirstChild()->getNodeValue(); - if (pid && *pid) { - auto_ptr_char tpid(pid); - m_sources.push_back(pair(tpid.get(),true)); + aid = child->getFirstChild()->getNodeValue(); + if (aid && *aid) { + auto_ptr_char taid(aid); + m_sources.push_back(pair(taid.get(),true)); } } else if (child->hasChildNodes() && XMLString::equals(child->getLocalName(), EntityReference)) { - pid = child->getFirstChild()->getNodeValue(); - if (pid && *pid) { - auto_ptr_char tpid(pid); - m_sources.push_back(pair(tpid.get(),false)); + aid = child->getFirstChild()->getNodeValue(); + if (aid && *aid) { + auto_ptr_char taid(aid); + m_sources.push_back(pair(taid.get(),false)); } } else if (XMLHelper::isNodeNamed(child, samlconstants::SAML20_NS, saml2::Attribute::LOCAL_NAME)) { diff --git a/shibsp/attribute/resolver/impl/XMLAttributeExtractor.cpp b/shibsp/attribute/resolver/impl/XMLAttributeExtractor.cpp index 5746cbb..4c49473 100644 --- a/shibsp/attribute/resolver/impl/XMLAttributeExtractor.cpp +++ b/shibsp/attribute/resolver/impl/XMLAttributeExtractor.cpp @@ -164,7 +164,7 @@ namespace shibsp { vector m_attributeIds; // settings for embedded assertions in metadata - auto_ptr_char m_policyId; + string m_policyId; MetadataProvider* m_metadata; TrustEngine* m_trust; AttributeFilter* m_filter; @@ -228,7 +228,7 @@ namespace shibsp { XMLExtractorImpl::XMLExtractorImpl(const DOMElement* e, Category& log) : m_log(log), m_document(nullptr), - m_policyId(e ? e->getAttributeNS(nullptr, metadataPolicyId) : nullptr), + m_policyId(XMLHelper::getAttrString(e, nullptr, metadataPolicyId)), m_metadata(nullptr), m_trust(nullptr), m_filter(nullptr), @@ -245,11 +245,11 @@ XMLExtractorImpl::XMLExtractorImpl(const DOMElement* e, Category& log) DOMElement* child = XMLHelper::getFirstChildElement(e, shibspconstants::SHIB2ATTRIBUTEMAP_NS, _MetadataProvider); if (child) { try { - auto_ptr_char type(child->getAttributeNS(nullptr, _type)); - if (!type.get() || !*type.get()) + string t(XMLHelper::getAttrString(child, nullptr, _type)); + if (t.empty()) throw ConfigurationException("MetadataProvider element missing type attribute."); - m_log.info("building MetadataProvider of type %s...", type.get()); - auto_ptr mp(SAMLConfig::getConfig().MetadataProviderManager.newPlugin(type.get(), child)); + m_log.info("building MetadataProvider of type %s...", t.c_str()); + auto_ptr mp(SAMLConfig::getConfig().MetadataProviderManager.newPlugin(t.c_str(), child)); mp->init(); m_metadata = mp.release(); } @@ -264,11 +264,11 @@ XMLExtractorImpl::XMLExtractorImpl(const DOMElement* e, Category& log) child = XMLHelper::getFirstChildElement(e, shibspconstants::SHIB2ATTRIBUTEMAP_NS, _TrustEngine); if (child) { try { - auto_ptr_char type(child->getAttributeNS(nullptr, _type)); - if (!type.get() || !*type.get()) + string t(XMLHelper::getAttrString(child, nullptr, _type)); + if (t.empty()) throw ConfigurationException("TrustEngine element missing type attribute."); - m_log.info("building TrustEngine of type %s...", type.get()); - m_trust = XMLToolingConfig::getConfig().TrustEngineManager.newPlugin(type.get(), child); + m_log.info("building TrustEngine of type %s...", t.c_str()); + m_trust = XMLToolingConfig::getConfig().TrustEngineManager.newPlugin(t.c_str(), child); } catch (exception& ex) { m_entityAssertions = false; @@ -282,11 +282,11 @@ XMLExtractorImpl::XMLExtractorImpl(const DOMElement* e, Category& log) child = XMLHelper::getFirstChildElement(e, shibspconstants::SHIB2ATTRIBUTEMAP_NS, _AttributeFilter); if (child) { try { - auto_ptr_char type(child->getAttributeNS(nullptr, _type)); - if (!type.get() || !*type.get()) + string t(XMLHelper::getAttrString(child, nullptr, _type)); + if (t.empty()) throw ConfigurationException("AttributeFilter element missing type attribute."); - m_log.info("building AttributeFilter of type %s...", type.get()); - m_filter = SPConfig::getConfig().AttributeFilterManager.newPlugin(type.get(), child); + m_log.info("building AttributeFilter of type %s...", t.c_str()); + m_filter = SPConfig::getConfig().AttributeFilterManager.newPlugin(t.c_str(), child); } catch (exception& ex) { m_entityAssertions = false; @@ -689,7 +689,7 @@ void XMLExtractorImpl::extractAttributes( try { // Set up and evaluate a policy for an AA asserting attributes to us. - shibsp::SecurityPolicy policy(application, &AttributeAuthorityDescriptor::ELEMENT_QNAME, false, m_policyId.get()); + shibsp::SecurityPolicy policy(application, &AttributeAuthorityDescriptor::ELEMENT_QNAME, false, m_policyId.c_str()); Locker locker(m_metadata); if (m_metadata) policy.setMetadataProvider(m_metadata); diff --git a/shibsp/impl/ChainingAccessControl.cpp b/shibsp/impl/ChainingAccessControl.cpp index 60c1429..c3eacc8 100644 --- a/shibsp/impl/ChainingAccessControl.cpp +++ b/shibsp/impl/ChainingAccessControl.cpp @@ -102,12 +102,12 @@ ChainingAccessControl::ChainingAccessControl(const DOMElement* e) throw ConfigurationException("Missing or unrecognized operator in Chaining AccessControl configuration."); try { - e = e ? XMLHelper::getFirstChildElement(e, _AccessControl) : nullptr; + e = XMLHelper::getFirstChildElement(e, _AccessControl); while (e) { - auto_ptr_char type(e->getAttributeNS(nullptr, _type)); - if (type.get() && *type.get()) { - Category::getInstance(SHIBSP_LOGCAT".AccessControl.Chaining").info("building AccessControl provider of type (%s)...", type.get()); - m_ac.push_back(SPConfig::getConfig().AccessControlManager.newPlugin(type.get(), e)); + string t(XMLHelper::getAttrString(e, nullptr, _type)); + if (!t.empty()) { + Category::getInstance(SHIBSP_LOGCAT".AccessControl.Chaining").info("building AccessControl provider of type (%s)...", t.c_str()); + m_ac.push_back(SPConfig::getConfig().AccessControlManager.newPlugin(t.c_str(), e)); } e = XMLHelper::getNextSiblingElement(e, _AccessControl); } diff --git a/shibsp/impl/StorageServiceSessionCache.cpp b/shibsp/impl/StorageServiceSessionCache.cpp index 6b2fd45..af7e5f0 100644 --- a/shibsp/impl/StorageServiceSessionCache.cpp +++ b/shibsp/impl/StorageServiceSessionCache.cpp @@ -752,63 +752,47 @@ SSCache::SSCache(const DOMElement* e) #endif m_root(e), m_inprocTimeout(900), m_lock(nullptr), shutdown(false), shutdown_wait(nullptr), cleanup_thread(nullptr) { + SPConfig& conf = SPConfig::getConfig(); + inproc = conf.isEnabled(SPConfig::InProcess); + static const XMLCh cacheAssertions[] = UNICODE_LITERAL_15(c,a,c,h,e,A,s,s,e,r,t,i,o,n,s); static const XMLCh cacheTimeout[] = UNICODE_LITERAL_12(c,a,c,h,e,T,i,m,e,o,u,t); static const XMLCh inprocTimeout[] = UNICODE_LITERAL_13(i,n,p,r,o,c,T,i,m,e,o,u,t); static const XMLCh _StorageService[] = UNICODE_LITERAL_14(S,t,o,r,a,g,e,S,e,r,v,i,c,e); static const XMLCh _StorageServiceLite[] = UNICODE_LITERAL_18(S,t,o,r,a,g,e,S,e,r,v,i,c,e,L,i,t,e); - SPConfig& conf = SPConfig::getConfig(); - inproc = conf.isEnabled(SPConfig::InProcess); - - if (e) { - const XMLCh* tag=e->getAttributeNS(nullptr,cacheTimeout); - if (tag && *tag) { - m_cacheTimeout = XMLString::parseInt(tag); - if (!m_cacheTimeout) - m_cacheTimeout=28800; - } - if (inproc) { - const XMLCh* tag=e->getAttributeNS(nullptr,inprocTimeout); - if (tag && *tag) { - m_inprocTimeout = XMLString::parseInt(tag); - if (!m_inprocTimeout) - m_inprocTimeout=900; - } - } - } + m_cacheTimeout = XMLHelper::getAttrInt(e, 28800, cacheTimeout); + if (inproc) + m_inprocTimeout = XMLHelper::getAttrInt(e, 900, inprocTimeout); #ifndef SHIBSP_LITE if (conf.isEnabled(SPConfig::OutOfProcess)) { - const XMLCh* tag = e ? e->getAttributeNS(nullptr,_StorageService) : nullptr; - if (tag && *tag) { - auto_ptr_char ssid(tag); - m_storage = conf.getServiceProvider()->getStorageService(ssid.get()); + string ssid = XMLHelper::getAttrString(e, nullptr, _StorageService); + if (!ssid.empty()) { + m_storage = conf.getServiceProvider()->getStorageService(ssid.c_str()); if (m_storage) - m_log.info("bound to StorageService (%s)", ssid.get()); + m_log.info("bound to StorageService (%s)", ssid.c_str()); } if (!m_storage) throw ConfigurationException("SessionCache unable to locate StorageService, check configuration."); - tag = e ? e->getAttributeNS(nullptr,_StorageServiceLite) : nullptr; - if (tag && *tag) { - auto_ptr_char ssid(tag); - m_storage_lite = conf.getServiceProvider()->getStorageService(ssid.get()); + ssid = XMLHelper::getAttrString(e, nullptr, _StorageServiceLite); + if (!ssid.empty()) { + m_storage_lite = conf.getServiceProvider()->getStorageService(ssid.c_str()); if (m_storage_lite) - m_log.info("bound to StorageServiceLite (%s)", ssid.get()); + m_log.info("bound to StorageServiceLite (%s)", ssid.c_str()); } if (!m_storage_lite) { m_log.info("No StorageServiceLite specified. Using standard StorageService."); m_storage_lite = m_storage; } - tag = e ? e->getAttributeNS(nullptr, cacheAssertions) : nullptr; - if (tag && (*tag == chLatin_f || *tag == chDigit_0)) - m_cacheAssertions = false; + + m_cacheAssertions = XMLHelper::getAttrBool(e, true, cacheAssertions); } #endif ListenerService* listener=conf.getServiceProvider()->getListenerService(false); - if (inproc ) { + if (inproc) { if (!conf.isEnabled(SPConfig::OutOfProcess) && !listener) throw ConfigurationException("SessionCache requires a ListenerService, but none available."); m_lock = RWLock::create(); diff --git a/shibsp/impl/XMLAccessControl.cpp b/shibsp/impl/XMLAccessControl.cpp index 6eecf78..30f22e5 100644 --- a/shibsp/impl/XMLAccessControl.cpp +++ b/shibsp/impl/XMLAccessControl.cpp @@ -144,19 +144,17 @@ namespace shibsp { static const XMLCh _RuleRegex[] = UNICODE_LITERAL_9(R,u,l,e,R,e,g,e,x); } -Rule::Rule(const DOMElement* e) +Rule::Rule(const DOMElement* e) : m_alias(XMLHelper::getAttrString(e, nullptr, require)) { - auto_ptr_char req(e->getAttributeNS(nullptr,require)); - if (!req.get() || !*req.get()) + if (m_alias.empty()) throw ConfigurationException("Access control rule missing require attribute"); - m_alias=req.get(); auto_arrayptr vals(toUTF8(e->hasChildNodes() ? e->getFirstChild()->getNodeValue() : nullptr)); if (!vals.get()) return; - const XMLCh* flag = e->getAttributeNS(nullptr,_list); - if (flag && (*flag == chLatin_f || *flag == chDigit_0)) { + bool listflag = XMLHelper::getAttrBool(e, true, _list); + if (!listflag) { if (*vals.get()) m_vals.push_back(vals.get()); return; @@ -252,15 +250,14 @@ AccessControl::aclresult_t Rule::authorized(const SPRequest& request, const Sess return shib_acl_false; } -RuleRegex::RuleRegex(const DOMElement* e) : m_exp(toUTF8(e->hasChildNodes() ? e->getFirstChild()->getNodeValue() : nullptr)) +RuleRegex::RuleRegex(const DOMElement* e) + : m_alias(XMLHelper::getAttrString(e, nullptr, require)), + m_exp(toUTF8(e->hasChildNodes() ? e->getFirstChild()->getNodeValue() : nullptr)) { - auto_ptr_char req(e->getAttributeNS(nullptr,require)); - if (!req.get() || !*req.get() || !m_exp.get() || !*m_exp.get()) + if (m_alias.empty() || !m_exp.get() || !*m_exp.get()) throw ConfigurationException("Access control rule missing require attribute or element content."); - m_alias=req.get(); - const XMLCh* flag = e->getAttributeNS(nullptr,ignoreCase); - bool ignore = (flag && (*flag == chLatin_t || *flag == chDigit_1)); + bool ignore = XMLHelper::getAttrBool(e, false, ignoreCase); try { m_re = new RegularExpression(e->getFirstChild()->getNodeValue(), (ignore ? ignoreOption : &chNull)); } diff --git a/shibsp/impl/XMLRequestMapper.cpp b/shibsp/impl/XMLRequestMapper.cpp index 8f03a88..fbef292 100644 --- a/shibsp/impl/XMLRequestMapper.cpp +++ b/shibsp/impl/XMLRequestMapper.cpp @@ -190,9 +190,14 @@ void Override::loadACL(const DOMElement* e, Category& log) else { acl=XMLHelper::getFirstChildElement(e,AccessControlProvider); if (acl) { - auto_ptr_char type(acl->getAttributeNS(nullptr,_type)); - log.info("building AccessControl provider of type %s...",type.get()); - m_acl=SPConfig::getConfig().AccessControlManager.newPlugin(type.get(),acl); + string t(XMLHelper::getAttrString(acl, nullptr, _type)); + if (!t.empty()) { + log.info("building AccessControl provider of type %s...", t.c_str()); + m_acl = SPConfig::getConfig().AccessControlManager.newPlugin(t.c_str(), acl); + } + else { + throw ConfigurationException(" missing type attribute."); + } } } } diff --git a/shibsp/impl/XMLSecurityPolicyProvider.cpp b/shibsp/impl/XMLSecurityPolicyProvider.cpp index e0eedc9..75e39c5 100644 --- a/shibsp/impl/XMLSecurityPolicyProvider.cpp +++ b/shibsp/impl/XMLSecurityPolicyProvider.cpp @@ -207,8 +207,8 @@ XMLSecurityPolicyProviderImpl::XMLSecurityPolicyProviderImpl(const DOMElement* e SAMLConfig& samlConf = SAMLConfig::getConfig(); e = XMLHelper::getFirstChildElement(e, Policy); while (e) { - auto_ptr_char id(e->getAttributeNS(nullptr, _id)); - pair< PropertySet*,vector >& rules = m_policyMap[id.get()]; + string id(XMLHelper::getAttrString(e, nullptr, _id)); + pair< PropertySet*,vector >& rules = m_policyMap[id]; rules.first = nullptr; auto_ptr settings(new DOMPropertySet()); settings->load(e, nullptr, &filter); @@ -217,12 +217,14 @@ XMLSecurityPolicyProviderImpl::XMLSecurityPolicyProviderImpl(const DOMElement* e // Process PolicyRule elements. const DOMElement* rule = XMLHelper::getFirstChildElement(e, PolicyRule); while (rule) { - auto_ptr_char type(rule->getAttributeNS(nullptr, _type)); - try { - rules.second.push_back(samlConf.SecurityPolicyRuleManager.newPlugin(type.get(), rule)); - } - catch (exception& ex) { - log.crit("error instantiating policy rule (%s) in policy (%s): %s", type.get(), id.get(), ex.what()); + string t(XMLHelper::getAttrString(rule, nullptr, _type)); + if (!t.empty()) { + try { + rules.second.push_back(samlConf.SecurityPolicyRuleManager.newPlugin(t.c_str(), rule)); + } + catch (exception& ex) { + log.crit("error instantiating policy rule (%s) in policy (%s): %s", t.c_str(), id.c_str(), ex.what()); + } } rule = XMLHelper::getNextSiblingElement(rule, PolicyRule); } @@ -232,18 +234,20 @@ XMLSecurityPolicyProviderImpl::XMLSecurityPolicyProviderImpl(const DOMElement* e log.warn("detected legacy Policy configuration, please convert to new PolicyRule syntax"); rule = XMLHelper::getFirstChildElement(e, Rule); while (rule) { - auto_ptr_char type(rule->getAttributeNS(nullptr, _type)); - try { - rules.second.push_back(samlConf.SecurityPolicyRuleManager.newPlugin(type.get(), rule)); - } - catch (exception& ex) { - log.crit("error instantiating policy rule (%s) in policy (%s): %s", type.get(), id.get(), ex.what()); + string t(XMLHelper::getAttrString(rule, nullptr, _type)); + if (!t.empty()) { + try { + rules.second.push_back(samlConf.SecurityPolicyRuleManager.newPlugin(t.c_str(), rule)); + } + catch (exception& ex) { + log.crit("error instantiating policy rule (%s) in policy (%s): %s", t.c_str(), id.c_str(), ex.what()); + } } rule = XMLHelper::getNextSiblingElement(rule, Rule); } // Manually add a basic Conditions rule. - log.info("installing a default Conditions rule in policy (%s) for compatibility with legacy configuration", id.get()); + log.info("installing a default Conditions rule in policy (%s) for compatibility with legacy configuration", id.c_str()); rules.second.push_back(samlConf.SecurityPolicyRuleManager.newPlugin(CONDITIONS_POLICY_RULE, nullptr)); } diff --git a/shibsp/impl/XMLServiceProvider.cpp b/shibsp/impl/XMLServiceProvider.cpp index 231039f..0d1e50d 100644 --- a/shibsp/impl/XMLServiceProvider.cpp +++ b/shibsp/impl/XMLServiceProvider.cpp @@ -1321,7 +1321,6 @@ XMLConfigImpl::XMLConfigImpl(const DOMElement* e, bool first, const XMLConfig* o load(e,nullptr,this); DOMElement* child; - string plugtype; // Much of the processing can only occur on the first instantiation. if (first) { @@ -1358,30 +1357,30 @@ XMLConfigImpl::XMLConfigImpl(const DOMElement* e, bool first, const XMLConfig* o // Instantiate the ListenerService and SessionCache objects. if (conf.isEnabled(SPConfig::Listener)) { - child=XMLHelper::getFirstChildElement(e,UnixListener); +#ifdef WIN32 + string plugtype(TCP_LISTENER_SERVICE); +#else + string plugtype(UNIX_LISTENER_SERVICE); +#endif + child = XMLHelper::getFirstChildElement(e, UnixListener); if (child) - plugtype=UNIX_LISTENER_SERVICE; + plugtype = UNIX_LISTENER_SERVICE; else { - child=XMLHelper::getFirstChildElement(e,TCPListener); + child = XMLHelper::getFirstChildElement(e, TCPListener); if (child) - plugtype=TCP_LISTENER_SERVICE; + plugtype = TCP_LISTENER_SERVICE; else { - child=XMLHelper::getFirstChildElement(e,Listener); + child = XMLHelper::getFirstChildElement(e, Listener); if (child) { - auto_ptr_char type(child->getAttributeNS(nullptr,_type)); - if (type.get()) - plugtype=type.get(); + auto_ptr_char type(child->getAttributeNS(nullptr, _type)); + if (type.get() && *type.get()) + plugtype = type.get(); } } } - if (child) { - log.info("building ListenerService of type %s...", plugtype.c_str()); - m_outer->m_listener = conf.ListenerServiceManager.newPlugin(plugtype.c_str(), child); - } - else { - log.fatal("can't build ListenerService, missing conf:Listener element?"); - throw ConfigurationException("Can't build ListenerService, missing conf:Listener element?"); - } + + log.info("building ListenerService of type %s...", plugtype.c_str()); + m_outer->m_listener = conf.ListenerServiceManager.newPlugin(plugtype.c_str(), child); } #ifndef SHIBSP_LITE diff --git a/shibsp/metadata/DynamicMetadataProvider.cpp b/shibsp/metadata/DynamicMetadataProvider.cpp index 8b346f0..25bc2e7 100644 --- a/shibsp/metadata/DynamicMetadataProvider.cpp +++ b/shibsp/metadata/DynamicMetadataProvider.cpp @@ -102,52 +102,44 @@ namespace shibsp { }; DynamicMetadataProvider::DynamicMetadataProvider(const DOMElement* e) - : saml2md::DynamicMetadataProvider(e), m_verifyHost(true), m_ignoreTransport(false), m_encoded(true), m_trust(nullptr) + : saml2md::DynamicMetadataProvider(e), + m_verifyHost(XMLHelper::getAttrBool(e, true, verifyHost)), + m_ignoreTransport(XMLHelper::getAttrBool(e, false, ignoreTransport)), + m_encoded(true), m_trust(nullptr) { - const XMLCh* flag = e ? e->getAttributeNS(nullptr, verifyHost) : nullptr; - if (flag && (*flag == chLatin_f || *flag == chDigit_0)) - m_verifyHost = false; - flag = e ? e->getAttributeNS(nullptr, ignoreTransport) : nullptr; - if (flag && (*flag == chLatin_t || *flag == chDigit_1)) { - m_ignoreTransport = true; - return; - } - - const DOMElement* child = e ? XMLHelper::getFirstChildElement(e, Subst) : nullptr; + const DOMElement* child = XMLHelper::getFirstChildElement(e, Subst); if (child && child->hasChildNodes()) { auto_ptr_char s(child->getFirstChild()->getNodeValue()); if (s.get() && *s.get()) { m_subst = s.get(); - flag = child->getAttributeNS(nullptr, encoded); - if (flag && (*flag == chLatin_f || *flag == chDigit_0)) - m_encoded = false; + m_encoded = XMLHelper::getAttrBool(child, true, encoded); } } if (m_subst.empty()) { - child = e ? XMLHelper::getFirstChildElement(e, Regex) : nullptr; + child = XMLHelper::getFirstChildElement(e, Regex); if (child && child->hasChildNodes() && child->hasAttributeNS(nullptr, match)) { - auto_ptr_char m(child->getAttributeNS(nullptr, match)); + m_match = XMLHelper::getAttrString(child, nullptr, match); auto_ptr_char repl(child->getFirstChild()->getNodeValue()); - if (m.get() && *m.get() && repl.get() && *repl.get()) { - m_match = m.get(); + if (repl.get() && *repl.get()) m_regex = repl.get(); - } } } - child = e ? XMLHelper::getFirstChildElement(e, _TrustEngine) : nullptr; - auto_ptr_char t2(child ? child->getAttributeNS(nullptr,type) : nullptr); - if (t2.get()) { - TrustEngine* trust = XMLToolingConfig::getConfig().TrustEngineManager.newPlugin(t2.get(), child); - if (!(m_trust = dynamic_cast(trust))) { - delete trust; - throw ConfigurationException("DynamicMetadataProvider requires an X509TrustEngine plugin."); + if (!ignoreTransport) { + child = XMLHelper::getFirstChildElement(e, _TrustEngine); + string t = XMLHelper::getAttrString(child, nullptr, type); + if (!t.empty()) { + TrustEngine* trust = XMLToolingConfig::getConfig().TrustEngineManager.newPlugin(t.c_str(), child); + if (!(m_trust = dynamic_cast(trust))) { + delete trust; + throw ConfigurationException("DynamicMetadataProvider requires an X509TrustEngine plugin."); + } } - return; - } - throw ConfigurationException("DynamicMetadataProvider requires an X509TrustEngine plugin unless ignoreTransport is true."); + if (!m_trust) + throw ConfigurationException("DynamicMetadataProvider requires an X509TrustEngine plugin unless ignoreTransport is true."); + } } saml2md::EntityDescriptor* DynamicMetadataProvider::resolve(const saml2md::MetadataProvider::Criteria& criteria) const diff --git a/shibsp/remoting/impl/SocketListener.cpp b/shibsp/remoting/impl/SocketListener.cpp index 41383f1..e848afa 100644 --- a/shibsp/remoting/impl/SocketListener.cpp +++ b/shibsp/remoting/impl/SocketListener.cpp @@ -23,13 +23,15 @@ #include "internal.h" #include "exceptions.h" #include "ServiceProvider.h" +#include "SPConfig.h" #include "remoting/impl/SocketListener.h" #include #include #include -#include + #include +#include #ifndef WIN32 # include @@ -172,9 +174,7 @@ SocketListener::SocketListener(const DOMElement* e) m_child_wait = CondWait::create(); static const XMLCh stackSize[] = UNICODE_LITERAL_9(s,t,a,c,k,S,i,z,e); - const XMLCh* attr = e ? e->getAttributeNS(nullptr, stackSize) : nullptr; - if (attr && *attr) - m_stackSize = XMLString::parseInt(attr) * 1024; + m_stackSize = XMLHelper::getAttrInt(e, 0, stackSize) * 1024; } } diff --git a/shibsp/remoting/impl/TCPListener.cpp b/shibsp/remoting/impl/TCPListener.cpp index 4630ef3..65e4ec7 100644 --- a/shibsp/remoting/impl/TCPListener.cpp +++ b/shibsp/remoting/impl/TCPListener.cpp @@ -25,6 +25,7 @@ #include #include +#include #ifdef HAVE_UNISTD_H # include @@ -46,10 +47,6 @@ using namespace xercesc; using namespace std; namespace shibsp { - static const XMLCh address[] = UNICODE_LITERAL_7(a,d,d,r,e,s,s); - static const XMLCh port[] = UNICODE_LITERAL_4(p,o,r,t); - static const XMLCh acl[] = UNICODE_LITERAL_3(a,c,l); - class TCPListener : virtual public SocketListener { public: @@ -82,41 +79,24 @@ namespace shibsp { { return new TCPListener(e); } + + static const XMLCh address[] = UNICODE_LITERAL_7(a,d,d,r,e,s,s); + static const XMLCh port[] = UNICODE_LITERAL_4(p,o,r,t); + static const XMLCh acl[] = UNICODE_LITERAL_3(a,c,l); }; -TCPListener::TCPListener(const DOMElement* e) : SocketListener(e), m_address("127.0.0.1"), m_port(12345) +TCPListener::TCPListener(const DOMElement* e) + : SocketListener(e), m_address(XMLHelper::getAttrString(e, "127.0.0.1", address)), m_port(XMLHelper::getAttrInt(e, 1600, port)) { - // We're stateless, but we need to load the configuration. - const XMLCh* tag=e->getAttributeNS(nullptr,address); - if (tag && *tag) { - auto_ptr_char a(tag); - m_address=a.get(); - } - - tag=e->getAttributeNS(nullptr,port); - if (tag && *tag) { - m_port=XMLString::parseInt(tag); - if (m_port==0) - m_port=12345; - } - - tag=e->getAttributeNS(nullptr,acl); - if (tag && *tag) { - auto_ptr_char temp(tag); - string sockacl=temp.get(); - if (sockacl.length()) { - int j = 0; - for (unsigned int i=0; i < sockacl.length(); i++) { - if (sockacl.at(i)==' ') { - m_acl.insert(sockacl.substr(j, i-j)); - j = i+1; - } - } - m_acl.insert(sockacl.substr(j, sockacl.length()-j)); + int j = 0; + string sockacl = XMLHelper::getAttrString(e, "127.0.0.1", acl); + for (unsigned int i = 0; i < sockacl.length(); i++) { + if (sockacl.at(i) == ' ') { + m_acl.insert(sockacl.substr(j, i-j)); + j = i+1; } } - else - m_acl.insert("127.0.0.1"); + m_acl.insert(sockacl.substr(j, sockacl.length()-j)); } void TCPListener::setup_tcp_sockaddr(struct sockaddr_in* addr) const diff --git a/shibsp/remoting/impl/UnixListener.cpp b/shibsp/remoting/impl/UnixListener.cpp index 19777a8..795a2cf 100644 --- a/shibsp/remoting/impl/UnixListener.cpp +++ b/shibsp/remoting/impl/UnixListener.cpp @@ -27,6 +27,7 @@ #include #include #include +#include #ifdef HAVE_UNISTD_H # include @@ -48,8 +49,6 @@ using namespace std; namespace shibsp { - static const XMLCh address[] = UNICODE_LITERAL_7(a,d,d,r,e,s,s); - class UnixListener : virtual public SocketListener { public: @@ -79,16 +78,14 @@ namespace shibsp { { return new UnixListener(e); } + + static const XMLCh address[] = UNICODE_LITERAL_7(a,d,d,r,e,s,s); }; -UnixListener::UnixListener(const DOMElement* e) : SocketListener(e), m_address("/var/run/shar-socket"), m_bound(false) +UnixListener::UnixListener(const DOMElement* e) + : SocketListener(e), m_address(XMLHelper::getAttrString(e, "shibd.sock", address)), m_bound(false) { - const XMLCh* tag=e->getAttributeNS(nullptr,address); - if (tag && *tag) { - auto_ptr_char a(tag); - m_address=a.get(); - XMLToolingConfig::getConfig().getPathResolver()->resolve(m_address, PathResolver::XMLTOOLING_RUN_FILE); - } + XMLToolingConfig::getConfig().getPathResolver()->resolve(m_address, PathResolver::XMLTOOLING_RUN_FILE); } #ifndef UNIX_PATH_MAX