2 * Copyright 2001-2009 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * XMLToolingConfig.cpp
20 * Library configuration.
24 #include "exceptions.h"
26 #include "XMLToolingConfig.h"
27 #include "encryption/Encryption.h"
28 #include "encryption/Encrypter.h"
29 #include "impl/UnknownElement.h"
30 #include "security/TrustEngine.h"
31 #include "security/OpenSSLCryptoX509CRL.h"
32 #include "security/CredentialResolver.h"
33 #include "security/KeyInfoResolver.h"
34 #include "signature/KeyInfo.h"
35 #include "signature/Signature.h"
36 #include "soap/SOAP.h"
38 #include "util/PathResolver.h"
39 #include "util/ReplayCache.h"
40 #include "util/StorageService.h"
41 #include "util/TemplateEngine.h"
42 #include "util/Threads.h"
43 #include "util/URLEncoder.h"
44 #include "validation/ValidatorSuite.h"
51 #if defined(XMLTOOLING_LOG4SHIB)
52 # include <log4shib/PropertyConfigurator.hh>
53 # include <log4shib/OstreamAppender.hh>
54 #elif defined(XMLTOOLING_LOG4CPP)
55 # include <log4cpp/PropertyConfigurator.hh>
56 # include <log4cpp/OstreamAppender.hh>
58 #include <xercesc/util/PlatformUtils.hpp>
59 #ifndef XMLTOOLING_NO_XMLSEC
60 # include <curl/curl.h>
61 # include <openssl/err.h>
62 # include <xsec/framework/XSECProvider.hpp>
65 using namespace soap11;
66 using namespace xmltooling::logging;
67 using namespace xmltooling;
70 using xercesc::XMLPlatformUtils;
72 DECL_XMLTOOLING_EXCEPTION_FACTORY(XMLParserException,xmltooling);
73 DECL_XMLTOOLING_EXCEPTION_FACTORY(XMLObjectException,xmltooling);
74 DECL_XMLTOOLING_EXCEPTION_FACTORY(MarshallingException,xmltooling);
75 DECL_XMLTOOLING_EXCEPTION_FACTORY(UnmarshallingException,xmltooling);
76 DECL_XMLTOOLING_EXCEPTION_FACTORY(UnknownElementException,xmltooling);
77 DECL_XMLTOOLING_EXCEPTION_FACTORY(UnknownAttributeException,xmltooling);
78 DECL_XMLTOOLING_EXCEPTION_FACTORY(UnknownExtensionException,xmltooling);
79 DECL_XMLTOOLING_EXCEPTION_FACTORY(ValidationException,xmltooling);
80 DECL_XMLTOOLING_EXCEPTION_FACTORY(IOException,xmltooling);
82 #ifndef XMLTOOLING_NO_XMLSEC
83 using namespace xmlencryption;
84 using namespace xmlsignature;
85 DECL_XMLTOOLING_EXCEPTION_FACTORY(XMLSecurityException,xmltooling);
86 DECL_XMLTOOLING_EXCEPTION_FACTORY(SignatureException,xmlsignature);
87 DECL_XMLTOOLING_EXCEPTION_FACTORY(EncryptionException,xmlencryption);
90 namespace xmltooling {
91 static XMLToolingInternalConfig g_config;
92 #ifndef XMLTOOLING_NO_XMLSEC
93 static vector<Mutex*> g_openssl_locks;
95 extern "C" void openssl_locking_callback(int mode,int n,const char *file,int line)
97 if (mode & CRYPTO_LOCK)
98 g_openssl_locks[n]->lock();
100 g_openssl_locks[n]->unlock();
104 extern "C" unsigned long openssl_thread_id(void)
106 return (unsigned long)(pthread_self());
113 LPCSTR lpUNCServerName,
119 LPCSTR messages[] = {message, NULL};
121 HANDLE hElog = RegisterEventSource(lpUNCServerName, "OpenSAML XMLTooling Library");
122 BOOL res = ReportEvent(hElog, wType, 0, dwEventID, lpUserSid, 1, 0, messages, NULL);
123 return (DeregisterEventSource(hElog) && res);
128 XMLToolingConfig& XMLToolingConfig::getConfig()
133 XMLToolingInternalConfig& XMLToolingInternalConfig::getInternalConfig()
138 #ifndef XMLTOOLING_NO_XMLSEC
139 XMLToolingConfig::XMLToolingConfig()
140 : m_keyInfoResolver(NULL), m_replayCache(NULL), m_pathResolver(NULL), m_templateEngine(NULL), m_urlEncoder(NULL), clock_skew_secs(180)
142 XMLToolingConfig::XMLToolingConfig()
143 : m_pathResolver(NULL), m_templateEngine(NULL), m_urlEncoder(NULL), clock_skew_secs(180)
148 XMLToolingConfig::~XMLToolingConfig()
152 bool XMLToolingInternalConfig::log_config(const char* config)
155 if (!config || !*config)
156 config=getenv("XMLTOOLING_LOG_CONFIG");
157 if (!config || !*config)
161 Category& root = Category::getRoot();
162 if (!strcmp(config,"DEBUG")) {
163 root.setPriority(Priority::DEBUG);
166 else if (!strcmp(config,"INFO")) {
167 root.setPriority(Priority::INFO);
170 else if (!strcmp(config,"NOTICE")) {
171 root.setPriority(Priority::NOTICE);
174 else if (!strcmp(config,"WARN")) {
175 root.setPriority(Priority::WARN);
178 else if (!strcmp(config,"ERROR")) {
179 root.setPriority(Priority::ERROR);
182 else if (!strcmp(config,"CRIT")) {
183 root.setPriority(Priority::CRIT);
186 else if (!strcmp(config,"ALERT")) {
187 root.setPriority(Priority::ALERT);
190 else if (!strcmp(config,"EMERG")) {
191 root.setPriority(Priority::EMERG);
194 else if (!strcmp(config,"FATAL")) {
195 root.setPriority(Priority::FATAL);
199 root.setAppender(new OstreamAppender("default",&cerr));
203 PropertyConfigurator::configure(m_pathResolver ? m_pathResolver->resolve(path, PathResolver::XMLTOOLING_CFG_FILE) : path);
206 catch (const ConfigureFailure& e) {
207 string msg = string("failed to configure logging: ") + e.what();
208 Category::getInstance(XMLTOOLING_LOGCAT".Logging").crit(msg);
210 LogEvent(NULL, EVENTLOG_ERROR_TYPE, 2100, NULL, msg.c_str());
218 #ifndef XMLTOOLING_LITE
219 const KeyInfoResolver* XMLToolingConfig::getKeyInfoResolver() const
221 return m_keyInfoResolver;
224 ReplayCache* XMLToolingConfig::getReplayCache() const
226 return m_replayCache;
229 void XMLToolingConfig::setKeyInfoResolver(xmltooling::KeyInfoResolver *keyInfoResolver)
231 delete m_keyInfoResolver;
232 m_keyInfoResolver = keyInfoResolver;
235 void XMLToolingConfig::setReplayCache(ReplayCache* replayCache)
237 delete m_replayCache;
238 m_replayCache = replayCache;
242 PathResolver* XMLToolingConfig::getPathResolver() const
244 return m_pathResolver;
247 TemplateEngine* XMLToolingConfig::getTemplateEngine() const
249 return m_templateEngine;
252 const URLEncoder* XMLToolingConfig::getURLEncoder() const
257 void XMLToolingConfig::setPathResolver(PathResolver* pathResolver)
259 delete m_pathResolver;
260 m_pathResolver = pathResolver;
263 void XMLToolingConfig::setTemplateEngine(TemplateEngine* templateEngine)
265 delete m_templateEngine;
266 m_templateEngine = templateEngine;
269 void XMLToolingConfig::setURLEncoder(URLEncoder* urlEncoder)
272 m_urlEncoder = urlEncoder;
275 bool XMLToolingInternalConfig::init()
278 xmltooling::NDC ndc("init");
280 Category& log=Category::getInstance(XMLTOOLING_LOGCAT".XMLToolingConfig");
282 log.debug("library initialization started");
284 #ifndef XMLTOOLING_NO_XMLSEC
285 if (curl_global_init(CURL_GLOBAL_ALL)) {
286 log.fatal("failed to initialize libcurl, OpenSSL, or Winsock");
289 log.debug("libcurl %s initialization complete", LIBCURL_VERSION);
292 XMLPlatformUtils::Initialize();
293 log.debug("Xerces %s initialization complete", XERCES_FULLVERSIONDOT);
295 #ifndef XMLTOOLING_NO_XMLSEC
296 XSECPlatformUtils::Initialise();
297 m_xsecProvider=new XSECProvider();
298 log.debug("XML-Security %s initialization complete", XSEC_FULLVERSIONDOT);
301 m_parserPool=new ParserPool();
302 m_validatingPool=new ParserPool(true,true);
303 m_lock=XMLPlatformUtils::makeMutex();
305 // Load catalogs from path.
306 if (!catalog_path.empty()) {
307 char* catpath=strdup(catalog_path.c_str());
310 while (start && *start) {
311 sep=strchr(start,PATH_SEPARATOR_CHAR);
314 auto_ptr_XMLCh temp(start);
315 m_validatingPool->loadCatalog(temp.get());
316 start = sep ? sep + 1 : NULL;
321 // default registrations
322 XMLObjectBuilder::registerDefaultBuilder(new UnknownElementBuilder());
324 registerSOAPClasses();
326 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(XMLParserException,xmltooling);
327 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(XMLObjectException,xmltooling);
328 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(MarshallingException,xmltooling);
329 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(UnmarshallingException,xmltooling);
330 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(UnknownElementException,xmltooling);
331 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(UnknownAttributeException,xmltooling);
332 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(ValidationException,xmltooling);
333 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(IOException,xmltooling);
335 #ifndef XMLTOOLING_NO_XMLSEC
336 XMLObjectBuilder::registerBuilder(QName(xmlconstants::XMLSIG_NS,Signature::LOCAL_NAME),new SignatureBuilder());
337 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(XMLSecurityException,xmltooling);
338 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(SignatureException,xmlsignature);
339 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(EncryptionException,xmlencryption);
340 registerKeyInfoClasses();
341 registerEncryptionClasses();
342 registerKeyInfoResolvers();
343 registerCredentialResolvers();
344 registerTrustEngines();
345 registerXMLAlgorithms();
346 registerSOAPTransports();
347 initSOAPTransports();
348 registerStorageServices();
349 m_keyInfoResolver = KeyInfoResolverManager.newPlugin(INLINE_KEYINFO_RESOLVER,NULL);
352 m_pathResolver = new PathResolver();
353 m_urlEncoder = new URLEncoder();
355 // Register xml:id as an ID attribute.
356 static const XMLCh xmlid[] = UNICODE_LITERAL_2(i,d);
357 AttributeExtensibleXMLObject::registerIDAttribute(QName(xmlconstants::XML_NS, xmlid));
359 catch (const xercesc::XMLException&) {
360 log.fatal("caught exception while initializing Xerces");
361 #ifndef XMLTOOLING_NO_XMLSEC
362 curl_global_cleanup();
367 #ifndef XMLTOOLING_NO_XMLSEC
368 // Set up OpenSSL locking.
369 for (int i=0; i<CRYPTO_num_locks(); i++)
370 g_openssl_locks.push_back(Mutex::create());
371 CRYPTO_set_locking_callback(openssl_locking_callback);
373 CRYPTO_set_id_callback(openssl_thread_id);
377 log.info("%s library initialization complete", PACKAGE_STRING);
381 void XMLToolingInternalConfig::term()
383 #ifndef XMLTOOLING_NO_XMLSEC
384 CRYPTO_set_locking_callback(NULL);
385 for_each(g_openssl_locks.begin(), g_openssl_locks.end(), xmltooling::cleanup<Mutex>());
386 g_openssl_locks.clear();
389 SchemaValidators.destroyValidators();
390 XMLObjectBuilder::destroyBuilders();
391 XMLToolingException::deregisterFactories();
392 AttributeExtensibleXMLObject::deregisterIDAttributes();
394 #ifndef XMLTOOLING_NO_XMLSEC
395 StorageServiceManager.deregisterFactories();
396 termSOAPTransports();
397 SOAPTransportManager.deregisterFactories();
398 TrustEngineManager.deregisterFactories();
399 CredentialResolverManager.deregisterFactories();
400 KeyInfoResolverManager.deregisterFactories();
401 m_algorithmMap.clear();
403 delete m_keyInfoResolver;
404 m_keyInfoResolver = NULL;
406 delete m_replayCache;
407 m_replayCache = NULL;
410 delete m_pathResolver;
411 m_pathResolver = NULL;
413 delete m_templateEngine;
414 m_templateEngine = NULL;
419 for (vector<void*>::reverse_iterator i=m_libhandles.rbegin(); i!=m_libhandles.rend(); i++) {
421 FARPROC fn=GetProcAddress(static_cast<HMODULE>(*i),"xmltooling_extension_term");
424 FreeLibrary(static_cast<HMODULE>(*i));
425 #elif defined(HAVE_DLFCN_H)
426 void (*fn)()=(void (*)())dlsym(*i,"xmltooling_extension_term");
431 # error "Don't know about dynamic loading on this platform!"
434 m_libhandles.clear();
438 delete m_validatingPool;
439 m_validatingPool=NULL;
441 #ifndef XMLTOOLING_NO_XMLSEC
442 delete m_xsecProvider;
444 XSECPlatformUtils::Terminate();
447 XMLPlatformUtils::closeMutex(m_lock);
449 XMLPlatformUtils::Terminate();
451 #ifndef XMLTOOLING_NO_XMLSEC
452 curl_global_cleanup();
455 xmltooling::NDC ndc("term");
457 Category::getInstance(XMLTOOLING_LOGCAT".XMLToolingConfig").info("%s library shutdown complete", PACKAGE_STRING);
460 Lockable* XMLToolingInternalConfig::lock()
462 xercesc::XMLPlatformUtils::lockMutex(m_lock);
466 void XMLToolingInternalConfig::unlock()
468 xercesc::XMLPlatformUtils::unlockMutex(m_lock);
471 bool XMLToolingInternalConfig::load_library(const char* path, void* context)
474 xmltooling::NDC ndc("LoadLibrary");
476 Category& log=Category::getInstance(XMLTOOLING_LOGCAT".XMLToolingConfig");
477 log.info("loading extension: %s", path);
481 string resolved(path);
482 m_pathResolver->resolve(resolved, PathResolver::XMLTOOLING_LIB_FILE);
486 for (string::iterator i = resolved.begin(); i != resolved.end(); ++i)
490 UINT em=SetErrorMode(SEM_FAILCRITICALERRORS);
492 handle=LoadLibraryEx(resolved.c_str(),NULL,LOAD_WITH_ALTERED_SEARCH_PATH);
494 handle=LoadLibraryEx(resolved.c_str(),NULL,0);
496 throw runtime_error(string("unable to load extension library: ") + resolved);
497 FARPROC fn=GetProcAddress(handle,"xmltooling_extension_init");
499 throw runtime_error(string("unable to locate xmltooling_extension_init entry point: ") + resolved);
500 if (reinterpret_cast<int(*)(void*)>(fn)(context)!=0)
501 throw runtime_error(string("detected error in xmltooling_extension_init: ") + resolved);
511 #elif defined(HAVE_DLFCN_H)
512 void* handle=dlopen(resolved.c_str(),RTLD_LAZY);
514 throw runtime_error(string("unable to load extension library '") + resolved + "': " + dlerror());
515 int (*fn)(void*)=(int (*)(void*))(dlsym(handle,"xmltooling_extension_init"));
519 string("unable to locate xmltooling_extension_init entry point in '") + resolved + "': " +
520 (dlerror() ? dlerror() : "unknown error")
525 throw runtime_error(string("detected error in xmltooling_extension_init in ") + resolved);
533 # error "Don't know about dynamic loading on this platform!"
535 m_libhandles.push_back(handle);
536 log.info("loaded extension: %s", resolved.c_str());
540 #ifndef XMLTOOLING_NO_XMLSEC
541 void xmltooling::log_openssl()
547 unsigned long code=ERR_get_error_line_data(&file,&line,&data,&flags);
549 Category& log=Category::getInstance("OpenSSL");
550 log.errorStream() << "error code: " << code << " in " << file << ", line " << line << logging::eol;
551 if (data && (flags & ERR_TXT_STRING))
552 log.errorStream() << "error data: " << data << logging::eol;
553 code=ERR_get_error_line_data(&file,&line,&data,&flags);
557 XSECCryptoX509CRL* XMLToolingInternalConfig::X509CRL() const
559 return new OpenSSLCryptoX509CRL();
562 void XMLToolingInternalConfig::registerXMLAlgorithms()
564 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_MD5, "RSA", 0);
565 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA1, "RSA", 0);
566 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA224, "RSA", 0);
567 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA256, "RSA", 0);
568 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA384, "RSA", 0);
569 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA512, "RSA", 0);
571 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_1_5, "RSA", 0);
572 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_OAEP_MGFP1, "RSA", 0);
574 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIDSA_SHA1, "DSA", 0);
576 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA1, "HMAC", 0);
577 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA224, "HMAC", 0);
578 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA256, "HMAC", 0);
579 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA384, "HMAC", 0);
580 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA512, "HMAC", 0);
582 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURI3DES_CBC, "DESede", 192);
583 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_3DES, "DESede", 192);
585 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES128_CBC, "AES", 128);
586 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES128, "AES", 128);
588 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES192_CBC, "AES", 192);
589 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES192, "AES", 192);
591 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES256_CBC, "AES", 256);
592 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES256, "AES", 256);
598 extern "C" __declspec(dllexport) BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID)
600 if (fdwReason == DLL_THREAD_DETACH || fdwReason == DLL_PROCESS_DETACH)
601 ThreadKey::onDetach();