xmltooling/XMLToolingConfig.cpp

   1 /*
   2  *  Copyright 2001-2009 Internet2
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *     http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16
  17 /**
  18  * XMLToolingConfig.cpp
  19  *
  20  * Library configuration
  21  */
  22
  23 #include "internal.h"
  24 #include "exceptions.h"
  25 #include "logging.h"
  26 #include "XMLToolingConfig.h"
  27 #include "encryption/Encryption.h"
  28 #include "encryption/Encrypter.h"
  29 #include "io/HTTPRequest.h"
  30 #include "io/HTTPResponse.h"
  31 #include "impl/UnknownElement.h"
  32 #include "security/TrustEngine.h"
  33 #include "security/OpenSSLCryptoX509CRL.h"
  34 #include "security/CredentialResolver.h"
  35 #include "security/KeyInfoResolver.h"
  36 #include "signature/Signature.h"
  37 #include "soap/SOAP.h"
  38 #include "soap/SOAPTransport.h"
  39 #include "util/NDC.h"
  40 #include "util/PathResolver.h"
  41 #include "util/ReplayCache.h"
  42 #include "util/StorageService.h"
  43 #include "util/TemplateEngine.h"
  44 #include "util/URLEncoder.h"
  45 #include "util/XMLConstants.h"
  46 #include "validation/ValidatorSuite.h"
  47
  48 #ifdef HAVE_DLFCN_H
  49 # include <dlfcn.h>
  50 #endif
  51
  52 #include <stdexcept>
  53 #if defined(XMLTOOLING_LOG4SHIB)
  54 # include <log4shib/PropertyConfigurator.hh>
  55 # include <log4shib/OstreamAppender.hh>
  56 #elif defined(XMLTOOLING_LOG4CPP)
  57 # include <log4cpp/PropertyConfigurator.hh>
  58 # include <log4cpp/OstreamAppender.hh>
  59 #endif
  60 #include <xercesc/util/PlatformUtils.hpp>
  61 #ifndef XMLTOOLING_NO_XMLSEC
  62 # include <curl/curl.h>
  63 # include <openssl/err.h>
  64 # include <xsec/framework/XSECProvider.hpp>
  65 #endif
  66
  67 using namespace soap11;
  68 using namespace xmltooling::logging;
  69 using namespace xmltooling;
  70 using namespace std;
  71
  72 using xercesc::XMLPlatformUtils;
  73
  74 DECL_XMLTOOLING_EXCEPTION_FACTORY(XMLParserException,xmltooling);
  75 DECL_XMLTOOLING_EXCEPTION_FACTORY(XMLObjectException,xmltooling);
  76 DECL_XMLTOOLING_EXCEPTION_FACTORY(MarshallingException,xmltooling);
  77 DECL_XMLTOOLING_EXCEPTION_FACTORY(UnmarshallingException,xmltooling);
  78 DECL_XMLTOOLING_EXCEPTION_FACTORY(UnknownElementException,xmltooling);
  79 DECL_XMLTOOLING_EXCEPTION_FACTORY(UnknownAttributeException,xmltooling);
  80 DECL_XMLTOOLING_EXCEPTION_FACTORY(UnknownExtensionException,xmltooling);
  81 DECL_XMLTOOLING_EXCEPTION_FACTORY(ValidationException,xmltooling);
  82 DECL_XMLTOOLING_EXCEPTION_FACTORY(IOException,xmltooling);
  83
  84 #ifndef XMLTOOLING_NO_XMLSEC
  85 using namespace xmlencryption;
  86 using namespace xmlsignature;
  87     DECL_XMLTOOLING_EXCEPTION_FACTORY(XMLSecurityException,xmltooling);
  88     DECL_XMLTOOLING_EXCEPTION_FACTORY(SignatureException,xmlsignature);
  89     DECL_XMLTOOLING_EXCEPTION_FACTORY(EncryptionException,xmlencryption);
  90 #endif
  91
  92 namespace xmltooling {
  93     static XMLToolingInternalConfig g_config;
  94 #ifndef XMLTOOLING_NO_XMLSEC
  95     static vector<Mutex*> g_openssl_locks;
  96
  97     extern "C" void openssl_locking_callback(int mode,int n,const char *file,int line)
  98     {
  99         if (mode & CRYPTO_LOCK)
 100             g_openssl_locks[n]->lock();
 101         else
 102             g_openssl_locks[n]->unlock();
 103     }
 104
 105 # ifndef WIN32
 106     extern "C" unsigned long openssl_thread_id(void)
 107     {
 108         return (unsigned long)(pthread_self());
 109     }
 110 # endif
 111 #endif
 112 }
 113
 114 XMLToolingConfig& XMLToolingConfig::getConfig()
 115 {
 116     return g_config;
 117 }
 118
 119 XMLToolingInternalConfig& XMLToolingInternalConfig::getInternalConfig()
 120 {
 121     return g_config;
 122 }
 123
 124 bool XMLToolingInternalConfig::log_config(const char* config)
 125 {
 126     try {
 127         if (!config || !*config)
 128             config=getenv("XMLTOOLING_LOG_CONFIG");
 129         if (!config || !*config)
 130             config="WARN";
 131
 132         bool level=false;
 133         Category& root = Category::getRoot();
 134         if (!strcmp(config,"DEBUG")) {
 135             root.setPriority(Priority::DEBUG);
 136             level=true;
 137         }
 138         else if (!strcmp(config,"INFO")) {
 139             root.setPriority(Priority::INFO);
 140             level=true;
 141         }
 142         else if (!strcmp(config,"NOTICE")) {
 143             root.setPriority(Priority::NOTICE);
 144             level=true;
 145         }
 146         else if (!strcmp(config,"WARN")) {
 147             root.setPriority(Priority::WARN);
 148             level=true;
 149         }
 150         else if (!strcmp(config,"ERROR")) {
 151             root.setPriority(Priority::ERROR);
 152             level=true;
 153         }
 154         else if (!strcmp(config,"CRIT")) {
 155             root.setPriority(Priority::CRIT);
 156             level=true;
 157         }
 158         else if (!strcmp(config,"ALERT")) {
 159             root.setPriority(Priority::ALERT);
 160             level=true;
 161         }
 162         else if (!strcmp(config,"EMERG")) {
 163             root.setPriority(Priority::EMERG);
 164             level=true;
 165         }
 166         else if (!strcmp(config,"FATAL")) {
 167             root.setPriority(Priority::FATAL);
 168             level=true;
 169         }
 170         if (level) {
 171             root.setAppender(new OstreamAppender("default",&cerr));
 172         }
 173         else {
 174             string path(config);
 175             PropertyConfigurator::configure(m_pathResolver ? m_pathResolver->resolve(path, PathResolver::XMLTOOLING_CFG_FILE) : path);
 176         }
 177     }
 178     catch (const ConfigureFailure& e) {
 179         Category::getInstance(XMLTOOLING_LOGCAT".Logging").crit("failed to initialize log4cpp: %s", e.what());
 180         return false;
 181     }
 182
 183     return true;
 184 }
 185
 186 #ifndef XMLTOOLING_LITE
 187 void XMLToolingConfig::setReplayCache(ReplayCache* replayCache)
 188 {
 189     delete m_replayCache;
 190     m_replayCache = replayCache;
 191 }
 192 #endif
 193
 194 void XMLToolingConfig::setPathResolver(PathResolver* pathResolver)
 195 {
 196     delete m_pathResolver;
 197     m_pathResolver = pathResolver;
 198 }
 199
 200 void XMLToolingConfig::setTemplateEngine(TemplateEngine* templateEngine)
 201 {
 202     delete m_templateEngine;
 203     m_templateEngine = templateEngine;
 204 }
 205
 206 void XMLToolingConfig::setURLEncoder(URLEncoder* urlEncoder)
 207 {
 208     delete m_urlEncoder;
 209     m_urlEncoder = urlEncoder;
 210 }
 211
 212 bool XMLToolingInternalConfig::init()
 213 {
 214 #ifdef _DEBUG
 215     xmltooling::NDC ndc("init");
 216 #endif
 217     Category& log=Category::getInstance(XMLTOOLING_LOGCAT".XMLToolingConfig");
 218     try {
 219         log.debug("library initialization started");
 220
 221 #ifndef XMLTOOLING_NO_XMLSEC
 222         if (curl_global_init(CURL_GLOBAL_ALL)) {
 223             log.fatal("failed to initialize libcurl, OpenSSL, or Winsock");
 224             return false;
 225         }
 226         log.debug("libcurl %s initialization complete", LIBCURL_VERSION);
 227 #endif
 228
 229         XMLPlatformUtils::Initialize();
 230         log.debug("Xerces %s initialization complete", XERCES_FULLVERSIONDOT);
 231
 232 #ifndef XMLTOOLING_NO_XMLSEC
 233         XSECPlatformUtils::Initialise();
 234         m_xsecProvider=new XSECProvider();
 235         log.debug("XML-Security %s initialization complete", XSEC_FULLVERSIONDOT);
 236 #endif
 237
 238         m_parserPool=new ParserPool();
 239         m_validatingPool=new ParserPool(true,true);
 240         m_lock=XMLPlatformUtils::makeMutex();
 241
 242         // Load catalogs from path.
 243         if (!catalog_path.empty()) {
 244             char* catpath=strdup(catalog_path.c_str());
 245             char* sep=NULL;
 246             char* start=catpath;
 247             while (start && *start) {
 248                 sep=strchr(start,PATH_SEPARATOR_CHAR);
 249                 if (sep)
 250                     *sep=0;
 251                 auto_ptr_XMLCh temp(start);
 252                 m_validatingPool->loadCatalog(temp.get());
 253                 start = sep ? sep + 1 : NULL;
 254             }
 255             free(catpath);
 256         }
 257
 258         // default registrations
 259         XMLObjectBuilder::registerDefaultBuilder(new UnknownElementBuilder());
 260
 261         registerSOAPClasses();
 262
 263         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(XMLParserException,xmltooling);
 264         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(XMLObjectException,xmltooling);
 265         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(MarshallingException,xmltooling);
 266         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(UnmarshallingException,xmltooling);
 267         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(UnknownElementException,xmltooling);
 268         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(UnknownAttributeException,xmltooling);
 269         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(ValidationException,xmltooling);
 270         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(IOException,xmltooling);
 271
 272 #ifndef XMLTOOLING_NO_XMLSEC
 273         XMLObjectBuilder::registerBuilder(QName(xmlconstants::XMLSIG_NS,Signature::LOCAL_NAME),new SignatureBuilder());
 274         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(XMLSecurityException,xmltooling);
 275         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(SignatureException,xmlsignature);
 276         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(EncryptionException,xmlencryption);
 277         registerKeyInfoClasses();
 278         registerEncryptionClasses();
 279         registerKeyInfoResolvers();
 280         registerCredentialResolvers();
 281         registerTrustEngines();
 282         registerXMLAlgorithms();
 283         registerSOAPTransports();
 284         initSOAPTransports();
 285         registerStorageServices();
 286         m_keyInfoResolver = KeyInfoResolverManager.newPlugin(INLINE_KEYINFO_RESOLVER,NULL);
 287 #endif
 288
 289         m_pathResolver = new PathResolver();
 290         m_urlEncoder = new URLEncoder();
 291
 292         // Register xml:id as an ID attribute.
 293         static const XMLCh xmlid[] = UNICODE_LITERAL_2(i,d);
 294         AttributeExtensibleXMLObject::registerIDAttribute(QName(xmlconstants::XML_NS, xmlid));
 295     }
 296     catch (const xercesc::XMLException&) {
 297         log.fatal("caught exception while initializing Xerces");
 298 #ifndef XMLTOOLING_NO_XMLSEC
 299         curl_global_cleanup();
 300 #endif
 301         return false;
 302     }
 303
 304 #ifndef XMLTOOLING_NO_XMLSEC
 305     // Set up OpenSSL locking.
 306     for (int i=0; i<CRYPTO_num_locks(); i++)
 307         g_openssl_locks.push_back(Mutex::create());
 308     CRYPTO_set_locking_callback(openssl_locking_callback);
 309 # ifndef WIN32
 310     CRYPTO_set_id_callback(openssl_thread_id);
 311 # endif
 312 #endif
 313
 314     log.info("%s library initialization complete", PACKAGE_STRING);
 315     return true;
 316 }
 317
 318 void XMLToolingInternalConfig::term()
 319 {
 320 #ifndef XMLTOOLING_NO_XMLSEC
 321     CRYPTO_set_locking_callback(NULL);
 322     for_each(g_openssl_locks.begin(), g_openssl_locks.end(), xmltooling::cleanup<Mutex>());
 323     g_openssl_locks.clear();
 324 #endif
 325
 326     SchemaValidators.destroyValidators();
 327     XMLObjectBuilder::destroyBuilders();
 328     XMLToolingException::deregisterFactories();
 329     AttributeExtensibleXMLObject::deregisterIDAttributes();
 330
 331 #ifndef XMLTOOLING_NO_XMLSEC
 332     StorageServiceManager.deregisterFactories();
 333     termSOAPTransports();
 334     SOAPTransportManager.deregisterFactories();
 335     TrustEngineManager.deregisterFactories();
 336     CredentialResolverManager.deregisterFactories();
 337     KeyInfoResolverManager.deregisterFactories();
 338     m_algorithmMap.clear();
 339
 340     delete m_keyInfoResolver;
 341     m_keyInfoResolver = NULL;
 342
 343     delete m_replayCache;
 344     m_replayCache = NULL;
 345 #endif
 346
 347     delete m_pathResolver;
 348     m_pathResolver = NULL;
 349
 350     delete m_templateEngine;
 351     m_templateEngine = NULL;
 352
 353     delete m_urlEncoder;
 354     m_urlEncoder = NULL;
 355
 356     for (vector<void*>::reverse_iterator i=m_libhandles.rbegin(); i!=m_libhandles.rend(); i++) {
 357 #if defined(WIN32)
 358         FARPROC fn=GetProcAddress(static_cast<HMODULE>(*i),"xmltooling_extension_term");
 359         if (fn)
 360             fn();
 361         FreeLibrary(static_cast<HMODULE>(*i));
 362 #elif defined(HAVE_DLFCN_H)
 363         void (*fn)()=(void (*)())dlsym(*i,"xmltooling_extension_term");
 364         if (fn)
 365             fn();
 366         dlclose(*i);
 367 #else
 368 # error "Don't know about dynamic loading on this platform!"
 369 #endif
 370     }
 371     m_libhandles.clear();
 372
 373     delete m_parserPool;
 374     m_parserPool=NULL;
 375     delete m_validatingPool;
 376     m_validatingPool=NULL;
 377
 378 #ifndef XMLTOOLING_NO_XMLSEC
 379     delete m_xsecProvider;
 380     m_xsecProvider=NULL;
 381     XSECPlatformUtils::Terminate();
 382 #endif
 383
 384     XMLPlatformUtils::closeMutex(m_lock);
 385     m_lock=NULL;
 386     XMLPlatformUtils::Terminate();
 387
 388 #ifndef XMLTOOLING_NO_XMLSEC
 389     curl_global_cleanup();
 390 #endif
 391 #ifdef _DEBUG
 392     xmltooling::NDC ndc("term");
 393 #endif
 394    Category::getInstance(XMLTOOLING_LOGCAT".XMLToolingConfig").info("%s library shutdown complete", PACKAGE_STRING);
 395 }
 396
 397 Lockable* XMLToolingInternalConfig::lock()
 398 {
 399     xercesc::XMLPlatformUtils::lockMutex(m_lock);
 400     return this;
 401 }
 402
 403 void XMLToolingInternalConfig::unlock()
 404 {
 405     xercesc::XMLPlatformUtils::unlockMutex(m_lock);
 406 }
 407
 408 bool XMLToolingInternalConfig::load_library(const char* path, void* context)
 409 {
 410 #ifdef _DEBUG
 411     xmltooling::NDC ndc("LoadLibrary");
 412 #endif
 413     Category& log=Category::getInstance(XMLTOOLING_LOGCAT".XMLToolingConfig");
 414     log.info("loading extension: %s", path);
 415
 416     Locker locker(this);
 417
 418     string resolved(path);
 419     m_pathResolver->resolve(resolved, PathResolver::XMLTOOLING_LIB_FILE);
 420
 421 #if defined(WIN32)
 422     HMODULE handle=NULL;
 423     for (string::iterator i = resolved.begin(); i != resolved.end(); ++i)
 424         if (*i == '/')
 425             *i = '\\';
 426
 427     UINT em=SetErrorMode(SEM_FAILCRITICALERRORS);
 428     try {
 429         handle=LoadLibraryEx(resolved.c_str(),NULL,LOAD_WITH_ALTERED_SEARCH_PATH);
 430         if (!handle)
 431              handle=LoadLibraryEx(resolved.c_str(),NULL,0);
 432         if (!handle)
 433             throw runtime_error(string("unable to load extension library: ") + resolved);
 434         FARPROC fn=GetProcAddress(handle,"xmltooling_extension_init");
 435         if (!fn)
 436             throw runtime_error(string("unable to locate xmltooling_extension_init entry point: ") + resolved);
 437         if (reinterpret_cast<int(*)(void*)>(fn)(context)!=0)
 438             throw runtime_error(string("detected error in xmltooling_extension_init: ") + resolved);
 439         SetErrorMode(em);
 440     }
 441     catch(exception&) {
 442         if (handle)
 443             FreeLibrary(handle);
 444         SetErrorMode(em);
 445         throw;
 446     }
 447
 448 #elif defined(HAVE_DLFCN_H)
 449     void* handle=dlopen(resolved.c_str(),RTLD_LAZY);
 450     if (!handle)
 451         throw runtime_error(string("unable to load extension library '") + resolved + "': " + dlerror());
 452     int (*fn)(void*)=(int (*)(void*))(dlsym(handle,"xmltooling_extension_init"));
 453     if (!fn) {
 454         dlclose(handle);
 455         throw runtime_error(
 456             string("unable to locate xmltooling_extension_init entry point in '") + resolved + "': " +
 457                 (dlerror() ? dlerror() : "unknown error")
 458             );
 459     }
 460     try {
 461         if (fn(context)!=0)
 462             throw runtime_error(string("detected error in xmltooling_extension_init in ") + resolved);
 463     }
 464     catch(exception&) {
 465         if (handle)
 466             dlclose(handle);
 467         throw;
 468     }
 469 #else
 470 # error "Don't know about dynamic loading on this platform!"
 471 #endif
 472     m_libhandles.push_back(handle);
 473     log.info("loaded extension: %s", resolved.c_str());
 474     return true;
 475 }
 476
 477 #ifndef XMLTOOLING_NO_XMLSEC
 478 void xmltooling::log_openssl()
 479 {
 480     const char* file;
 481     const char* data;
 482     int flags,line;
 483
 484     unsigned long code=ERR_get_error_line_data(&file,&line,&data,&flags);
 485     while (code) {
 486         Category& log=Category::getInstance("OpenSSL");
 487         log.errorStream() << "error code: " << code << " in " << file << ", line " << line << logging::eol;
 488         if (data && (flags & ERR_TXT_STRING))
 489             log.errorStream() << "error data: " << data << logging::eol;
 490         code=ERR_get_error_line_data(&file,&line,&data,&flags);
 491     }
 492 }
 493
 494 XSECCryptoX509CRL* XMLToolingInternalConfig::X509CRL() const
 495 {
 496     return new OpenSSLCryptoX509CRL();
 497 }
 498
 499 void XMLToolingInternalConfig::registerXMLAlgorithms()
 500 {
 501     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_MD5, "RSA", 0);
 502     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA1, "RSA", 0);
 503     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA224, "RSA", 0);
 504     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA256, "RSA", 0);
 505     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA384, "RSA", 0);
 506     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA512, "RSA", 0);
 507
 508     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_1_5, "RSA", 0);
 509     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_OAEP_MGFP1, "RSA", 0);
 510
 511     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIDSA_SHA1, "DSA", 0);
 512
 513     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA1, "HMAC", 0);
 514     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA224, "HMAC", 0);
 515     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA256, "HMAC", 0);
 516     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA384, "HMAC", 0);
 517     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA512, "HMAC", 0);
 518
 519     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURI3DES_CBC, "DESede", 192);
 520     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_3DES, "DESede", 192);
 521
 522     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES128_CBC, "AES", 128);
 523     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES128, "AES", 128);
 524
 525     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES192_CBC, "AES", 192);
 526     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES192, "AES", 192);
 527
 528     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES256_CBC, "AES", 256);
 529     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES256, "AES", 256);
 530 }
 531 #endif
 532
 533 #ifdef WIN32
 534
 535 extern "C" __declspec(dllexport) BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID)
 536 {
 537     if (fdwReason == DLL_THREAD_DETACH || fdwReason == DLL_PROCESS_DETACH)
 538         ThreadKey::onDetach();
 539     return TRUE;
 540 }
 541
 542 #endif