xmltooling/XMLToolingConfig.cpp

   1 /*
   2  *  Copyright 2001-2007 Internet2
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *     http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16
  17 /**
  18  * XMLToolingConfig.cpp
  19  *
  20  * Library configuration
  21  */
  22
  23 #include "internal.h"
  24 #include "exceptions.h"
  25 #include "XMLToolingConfig.h"
  26 #include "encryption/Encryption.h"
  27 #include "encryption/Encrypter.h"
  28 #include "io/HTTPRequest.h"
  29 #include "io/HTTPResponse.h"
  30 #include "impl/UnknownElement.h"
  31 #include "security/TrustEngine.h"
  32 #include "security/OpenSSLCryptoX509CRL.h"
  33 #include "security/CredentialResolver.h"
  34 #include "security/KeyInfoResolver.h"
  35 #include "signature/Signature.h"
  36 #include "soap/SOAP.h"
  37 #include "soap/SOAPTransport.h"
  38 #include "util/NDC.h"
  39 #include "util/ReplayCache.h"
  40 #include "util/StorageService.h"
  41 #include "util/TemplateEngine.h"
  42 #include "util/URLEncoder.h"
  43 #include "util/XMLConstants.h"
  44 #include "validation/ValidatorSuite.h"
  45
  46 #ifdef HAVE_DLFCN_H
  47 # include <dlfcn.h>
  48 #endif
  49
  50 #include <stdexcept>
  51 #include <log4cpp/Category.hh>
  52 #include <log4cpp/PropertyConfigurator.hh>
  53 #include <log4cpp/OstreamAppender.hh>
  54 #include <xercesc/util/PlatformUtils.hpp>
  55 #ifndef XMLTOOLING_NO_XMLSEC
  56 # include <curl/curl.h>
  57 # include <openssl/err.h>
  58 # include <xsec/framework/XSECProvider.hpp>
  59 #endif
  60
  61 using namespace soap11;
  62 using namespace xmlencryption;
  63 using namespace xmlsignature;
  64 using namespace xmltooling;
  65 using namespace log4cpp;
  66 using namespace std;
  67
  68 DECL_XMLTOOLING_EXCEPTION_FACTORY(XMLParserException,xmltooling);
  69 DECL_XMLTOOLING_EXCEPTION_FACTORY(XMLObjectException,xmltooling);
  70 DECL_XMLTOOLING_EXCEPTION_FACTORY(MarshallingException,xmltooling);
  71 DECL_XMLTOOLING_EXCEPTION_FACTORY(UnmarshallingException,xmltooling);
  72 DECL_XMLTOOLING_EXCEPTION_FACTORY(UnknownElementException,xmltooling);
  73 DECL_XMLTOOLING_EXCEPTION_FACTORY(UnknownAttributeException,xmltooling);
  74 DECL_XMLTOOLING_EXCEPTION_FACTORY(UnknownExtensionException,xmltooling);
  75 DECL_XMLTOOLING_EXCEPTION_FACTORY(ValidationException,xmltooling);
  76 DECL_XMLTOOLING_EXCEPTION_FACTORY(IOException,xmltooling);
  77
  78 #ifndef XMLTOOLING_NO_XMLSEC
  79     DECL_XMLTOOLING_EXCEPTION_FACTORY(XMLSecurityException,xmltooling);
  80     DECL_XMLTOOLING_EXCEPTION_FACTORY(SignatureException,xmlsignature);
  81     DECL_XMLTOOLING_EXCEPTION_FACTORY(EncryptionException,xmlencryption);
  82 #endif
  83
  84 namespace xmltooling {
  85     static XMLToolingInternalConfig g_config;
  86 #ifndef XMLTOOLING_NO_XMLSEC
  87     static vector<Mutex*> g_openssl_locks;
  88
  89     extern "C" void openssl_locking_callback(int mode,int n,const char *file,int line)
  90     {
  91         if (mode & CRYPTO_LOCK)
  92             g_openssl_locks[n]->lock();
  93         else
  94             g_openssl_locks[n]->unlock();
  95     }
  96
  97 # ifndef WIN32
  98     extern "C" unsigned long openssl_thread_id(void)
  99     {
 100         return (unsigned long)(pthread_self());
 101     }
 102 # endif
 103 #endif
 104 }
 105
 106 XMLToolingConfig& XMLToolingConfig::getConfig()
 107 {
 108     return g_config;
 109 }
 110
 111 XMLToolingInternalConfig& XMLToolingInternalConfig::getInternalConfig()
 112 {
 113     return g_config;
 114 }
 115
 116 bool XMLToolingInternalConfig::log_config(const char* config)
 117 {
 118     try {
 119         if (!config || !*config)
 120             config=getenv("XMLTOOLING_LOG_CONFIG");
 121         if (!config || !*config)
 122             config="WARN";
 123
 124         bool level=false;
 125         Category& root = Category::getRoot();
 126         if (!strcmp(config,"DEBUG")) {
 127             root.setPriority(Priority::DEBUG);
 128             level=true;
 129         }
 130         else if (!strcmp(config,"INFO")) {
 131             root.setPriority(Priority::INFO);
 132             level=true;
 133         }
 134         else if (!strcmp(config,"NOTICE")) {
 135             root.setPriority(Priority::NOTICE);
 136             level=true;
 137         }
 138         else if (!strcmp(config,"WARN")) {
 139             root.setPriority(Priority::WARN);
 140             level=true;
 141         }
 142         else if (!strcmp(config,"ERROR")) {
 143             root.setPriority(Priority::ERROR);
 144             level=true;
 145         }
 146         else if (!strcmp(config,"CRIT")) {
 147             root.setPriority(Priority::CRIT);
 148             level=true;
 149         }
 150         else if (!strcmp(config,"ALERT")) {
 151             root.setPriority(Priority::ALERT);
 152             level=true;
 153         }
 154         else if (!strcmp(config,"EMERG")) {
 155             root.setPriority(Priority::EMERG);
 156             level=true;
 157         }
 158         else if (!strcmp(config,"FATAL")) {
 159             root.setPriority(Priority::FATAL);
 160             level=true;
 161         }
 162         if (level)
 163             root.setAppender(new OstreamAppender("default",&cerr));
 164         else
 165             PropertyConfigurator::configure(config);
 166     }
 167     catch (const ConfigureFailure& e) {
 168         Category::getInstance(XMLTOOLING_LOGCAT".Logging").crit("failed to initialize log4cpp: %s", e.what());
 169         return false;
 170     }
 171
 172     return true;
 173 }
 174
 175 #ifndef XMLTOOLING_LITE
 176 void XMLToolingConfig::setReplayCache(ReplayCache* replayCache)
 177 {
 178     delete m_replayCache;
 179     m_replayCache = replayCache;
 180 }
 181 #endif
 182
 183 void XMLToolingConfig::setTemplateEngine(TemplateEngine* templateEngine)
 184 {
 185     delete m_templateEngine;
 186     m_templateEngine = templateEngine;
 187 }
 188
 189 void XMLToolingConfig::setURLEncoder(URLEncoder* urlEncoder)
 190 {
 191     delete m_urlEncoder;
 192     m_urlEncoder = urlEncoder;
 193 }
 194
 195 bool XMLToolingInternalConfig::init()
 196 {
 197 #ifdef _DEBUG
 198     xmltooling::NDC ndc("init");
 199 #endif
 200     Category& log=Category::getInstance(XMLTOOLING_LOGCAT".XMLToolingConfig");
 201     try {
 202         log.debug("library initialization started");
 203
 204 #ifndef XMLTOOLING_NO_XMLSEC
 205         if (curl_global_init(CURL_GLOBAL_ALL)) {
 206             log.fatal("failed to initialize libcurl, OpenSSL, or Winsock");
 207             return false;
 208         }
 209         log.debug("libcurl %s initialization complete", LIBCURL_VERSION);
 210 #endif
 211
 212         XMLPlatformUtils::Initialize();
 213         log.debug("Xerces initialization complete");
 214
 215 #ifndef XMLTOOLING_NO_XMLSEC
 216         XSECPlatformUtils::Initialise();
 217         m_xsecProvider=new XSECProvider();
 218         log.debug("XMLSec initialization complete");
 219 #endif
 220
 221         m_parserPool=new ParserPool();
 222         m_validatingPool=new ParserPool(true,true);
 223         m_lock=XMLPlatformUtils::makeMutex();
 224
 225         // Load catalogs from path.
 226         if (!catalog_path.empty()) {
 227             char* catpath=strdup(catalog_path.c_str());
 228             char* sep=NULL;
 229             char* start=catpath;
 230             while (start && *start) {
 231                 sep=strchr(start,PATH_SEPARATOR_CHAR);
 232                 if (sep)
 233                     *sep=0;
 234                 auto_ptr_XMLCh temp(start);
 235                 m_validatingPool->loadCatalog(temp.get());
 236                 start = sep ? sep + 1 : NULL;
 237             }
 238             free(catpath);
 239         }
 240
 241         // default registrations
 242         XMLObjectBuilder::registerDefaultBuilder(new UnknownElementBuilder());
 243
 244         registerKeyInfoClasses();
 245         registerEncryptionClasses();
 246         registerSOAPClasses();
 247
 248         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(XMLParserException,xmltooling);
 249         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(XMLObjectException,xmltooling);
 250         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(MarshallingException,xmltooling);
 251         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(UnmarshallingException,xmltooling);
 252         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(UnknownElementException,xmltooling);
 253         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(UnknownAttributeException,xmltooling);
 254         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(ValidationException,xmltooling);
 255         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(IOException,xmltooling);
 256
 257 #ifndef XMLTOOLING_NO_XMLSEC
 258         XMLObjectBuilder::registerBuilder(QName(xmlconstants::XMLSIG_NS,Signature::LOCAL_NAME),new SignatureBuilder());
 259         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(XMLSecurityException,xmltooling);
 260         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(SignatureException,xmlsignature);
 261         REGISTER_XMLTOOLING_EXCEPTION_FACTORY(EncryptionException,xmlencryption);
 262         registerKeyInfoResolvers();
 263         registerCredentialResolvers();
 264         registerTrustEngines();
 265         registerXMLAlgorithms();
 266         registerSOAPTransports();
 267         initSOAPTransports();
 268         registerStorageServices();
 269         m_keyInfoResolver = KeyInfoResolverManager.newPlugin(INLINE_KEYINFO_RESOLVER,NULL);
 270 #endif
 271
 272         m_urlEncoder = new URLEncoder();
 273
 274         // Register xml:id as an ID attribute.
 275         static const XMLCh xmlid[] = UNICODE_LITERAL_2(i,d);
 276         AttributeExtensibleXMLObject::registerIDAttribute(QName(xmlconstants::XML_NS, xmlid));
 277     }
 278     catch (const xercesc::XMLException&) {
 279         log.fatal("caught exception while initializing Xerces");
 280 #ifndef XMLTOOLING_NO_XMLSEC
 281         curl_global_cleanup();
 282 #endif
 283         return false;
 284     }
 285
 286 #ifndef XMLTOOLING_NO_XMLSEC
 287     // Set up OpenSSL locking.
 288     for (int i=0; i<CRYPTO_num_locks(); i++)
 289         g_openssl_locks.push_back(Mutex::create());
 290     CRYPTO_set_locking_callback(openssl_locking_callback);
 291 # ifndef WIN32
 292     CRYPTO_set_id_callback(openssl_thread_id);
 293 # endif
 294 #endif
 295
 296     log.info("library initialization complete");
 297     return true;
 298 }
 299
 300 void XMLToolingInternalConfig::term()
 301 {
 302 #ifndef XMLTOOLING_NO_XMLSEC
 303     CRYPTO_set_locking_callback(NULL);
 304     for_each(g_openssl_locks.begin(), g_openssl_locks.end(), xmltooling::cleanup<Mutex>());
 305     g_openssl_locks.clear();
 306 #endif
 307
 308     SchemaValidators.destroyValidators();
 309     XMLObjectBuilder::destroyBuilders();
 310     XMLToolingException::deregisterFactories();
 311     AttributeExtensibleXMLObject::deregisterIDAttributes();
 312
 313 #ifndef XMLTOOLING_NO_XMLSEC
 314     StorageServiceManager.deregisterFactories();
 315     termSOAPTransports();
 316     SOAPTransportManager.deregisterFactories();
 317     TrustEngineManager.deregisterFactories();
 318     CredentialResolverManager.deregisterFactories();
 319     KeyInfoResolverManager.deregisterFactories();
 320     m_algorithmMap.clear();
 321
 322     delete m_keyInfoResolver;
 323     m_keyInfoResolver = NULL;
 324
 325     delete m_replayCache;
 326     m_replayCache = NULL;
 327 #endif
 328
 329     delete m_templateEngine;
 330     m_templateEngine = NULL;
 331
 332     delete m_urlEncoder;
 333     m_urlEncoder = NULL;
 334
 335     for (vector<void*>::reverse_iterator i=m_libhandles.rbegin(); i!=m_libhandles.rend(); i++) {
 336 #if defined(WIN32)
 337         FARPROC fn=GetProcAddress(static_cast<HMODULE>(*i),"xmltooling_extension_term");
 338         if (fn)
 339             fn();
 340         FreeLibrary(static_cast<HMODULE>(*i));
 341 #elif defined(HAVE_DLFCN_H)
 342         void (*fn)()=(void (*)())dlsym(*i,"xmltooling_extension_term");
 343         if (fn)
 344             fn();
 345         dlclose(*i);
 346 #else
 347 # error "Don't know about dynamic loading on this platform!"
 348 #endif
 349     }
 350     m_libhandles.clear();
 351
 352     delete m_parserPool;
 353     m_parserPool=NULL;
 354     delete m_validatingPool;
 355     m_validatingPool=NULL;
 356
 357 #ifndef XMLTOOLING_NO_XMLSEC
 358     delete m_xsecProvider;
 359     m_xsecProvider=NULL;
 360     XSECPlatformUtils::Terminate();
 361 #endif
 362
 363     XMLPlatformUtils::closeMutex(m_lock);
 364     m_lock=NULL;
 365     XMLPlatformUtils::Terminate();
 366
 367 #ifndef XMLTOOLING_NO_XMLSEC
 368     curl_global_cleanup();
 369 #endif
 370 #ifdef _DEBUG
 371     xmltooling::NDC ndc("term");
 372 #endif
 373    Category::getInstance(XMLTOOLING_LOGCAT".XMLToolingConfig").info("library shutdown complete");
 374 }
 375
 376 Lockable* XMLToolingInternalConfig::lock()
 377 {
 378     xercesc::XMLPlatformUtils::lockMutex(m_lock);
 379     return this;
 380 }
 381
 382 void XMLToolingInternalConfig::unlock()
 383 {
 384     xercesc::XMLPlatformUtils::unlockMutex(m_lock);
 385 }
 386
 387 bool XMLToolingInternalConfig::load_library(const char* path, void* context)
 388 {
 389 #ifdef _DEBUG
 390     xmltooling::NDC ndc("LoadLibrary");
 391 #endif
 392     Category& log=Category::getInstance(XMLTOOLING_LOGCAT".XMLToolingConfig");
 393     log.info("loading extension: %s", path);
 394
 395     Locker locker(this);
 396
 397 #if defined(WIN32)
 398     HMODULE handle=NULL;
 399     char* fixed=const_cast<char*>(path);
 400     if (strchr(fixed,'/')) {
 401         fixed=strdup(path);
 402         char* p=fixed;
 403         while (p=strchr(p,'/'))
 404             *p='\\';
 405     }
 406
 407     UINT em=SetErrorMode(SEM_FAILCRITICALERRORS);
 408     try {
 409         handle=LoadLibraryEx(fixed,NULL,LOAD_WITH_ALTERED_SEARCH_PATH);
 410         if (!handle)
 411              handle=LoadLibraryEx(fixed,NULL,0);
 412         if (!handle)
 413             throw runtime_error(string("unable to load extension library: ") + fixed);
 414         FARPROC fn=GetProcAddress(handle,"xmltooling_extension_init");
 415         if (!fn)
 416             throw runtime_error(string("unable to locate xmltooling_extension_init entry point: ") + fixed);
 417         if (reinterpret_cast<int(*)(void*)>(fn)(context)!=0)
 418             throw runtime_error(string("detected error in xmltooling_extension_init: ") + fixed);
 419         if (fixed!=path)
 420             free(fixed);
 421         SetErrorMode(em);
 422     }
 423     catch(runtime_error& e) {
 424         log.error(e.what());
 425         if (handle)
 426             FreeLibrary(handle);
 427         SetErrorMode(em);
 428         if (fixed!=path)
 429             free(fixed);
 430         return false;
 431     }
 432
 433 #elif defined(HAVE_DLFCN_H)
 434     void* handle=dlopen(path,RTLD_LAZY);
 435     if (!handle)
 436         throw runtime_error(string("unable to load extension library '") + path + "': " + dlerror());
 437     int (*fn)(void*)=(int (*)(void*))(dlsym(handle,"xmltooling_extension_init"));
 438     if (!fn) {
 439         dlclose(handle);
 440         throw runtime_error(
 441             string("unable to locate xmltooling_extension_init entry point in '") + path + "': " +
 442                 (dlerror() ? dlerror() : "unknown error")
 443             );
 444     }
 445     try {
 446         if (fn(context)!=0)
 447             throw runtime_error(string("detected error in xmltooling_extension_init in ") + path);
 448     }
 449     catch(runtime_error& e) {
 450         log.error(e.what());
 451         if (handle)
 452             dlclose(handle);
 453         return false;
 454     }
 455 #else
 456 # error "Don't know about dynamic loading on this platform!"
 457 #endif
 458     m_libhandles.push_back(handle);
 459     log.info("loaded extension: %s", path);
 460     return true;
 461 }
 462
 463 #ifndef XMLTOOLING_NO_XMLSEC
 464 void xmltooling::log_openssl()
 465 {
 466     const char* file;
 467     const char* data;
 468     int flags,line;
 469
 470     unsigned long code=ERR_get_error_line_data(&file,&line,&data,&flags);
 471     while (code) {
 472         Category& log=Category::getInstance("OpenSSL");
 473         log.errorStream() << "error code: " << code << " in " << file << ", line " << line << CategoryStream::ENDLINE;
 474         if (data && (flags & ERR_TXT_STRING))
 475             log.errorStream() << "error data: " << data << CategoryStream::ENDLINE;
 476         code=ERR_get_error_line_data(&file,&line,&data,&flags);
 477     }
 478 }
 479
 480 XSECCryptoX509CRL* XMLToolingInternalConfig::X509CRL() const
 481 {
 482     return new OpenSSLCryptoX509CRL();
 483 }
 484
 485 void XMLToolingInternalConfig::registerXMLAlgorithms()
 486 {
 487     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_MD5, "RSA", 0);
 488     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA1, "RSA", 0);
 489     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA224, "RSA", 0);
 490     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA256, "RSA", 0);
 491     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA384, "RSA", 0);
 492     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA512, "RSA", 0);
 493
 494     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_1_5, "RSA", 0);
 495     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_OAEP_MGFP1, "RSA", 0);
 496
 497     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIDSA_SHA1, "DSA", 0);
 498
 499     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA1, "HMAC", 0);
 500     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA224, "HMAC", 0);
 501     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA256, "HMAC", 0);
 502     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA384, "HMAC", 0);
 503     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA512, "HMAC", 0);
 504
 505     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURI3DES_CBC, "DESede", 192);
 506     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_3DES, "DESede", 192);
 507
 508     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES128_CBC, "AES", 128);
 509     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES128, "AES", 128);
 510
 511     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES192_CBC, "AES", 192);
 512     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES192, "AES", 192);
 513
 514     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES256_CBC, "AES", 256);
 515     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES256, "AES", 256);
 516 }
 517 #endif