https://bugs.internet2.edu/jira/browse/CPPOST-17

[shibboleth/xmltooling.git] / xmltooling / security / impl / StaticPKIXTrustEngine.cpp

diff --git a/xmltooling/security/impl/StaticPKIXTrustEngine.cpp b/xmltooling/security/impl/StaticPKIXTrustEngine.cpp
index 8df6c68..43699e3 100644 (file)
--- a/xmltooling/security/impl/StaticPKIXTrustEngine.cpp
+++ b/xmltooling/security/impl/StaticPKIXTrustEngine.cpp
@@ -38,13 +38,13 @@ using namespace std;
 
 namespace xmltooling {
 
-    static const XMLCh _CredentialResolver[] =  UNICODE_LITERAL_18(C,r,e,d,e,n,t,i,a,l,R,e,s,o,l,v,e,r);\r
-    static const XMLCh type[] =                 UNICODE_LITERAL_4(t,y,p,e);\r
-    static const XMLCh certificate[] =          UNICODE_LITERAL_11(c,e,r,t,i,f,i,c,a,t,e);\r
-    static const XMLCh Certificate[] =          UNICODE_LITERAL_11(C,e,r,t,i,f,i,c,a,t,e);\r
-    static const XMLCh Path[] =                 UNICODE_LITERAL_4(P,a,t,h);\r
+    static const XMLCh _CredentialResolver[] =  UNICODE_LITERAL_18(C,r,e,d,e,n,t,i,a,l,R,e,s,o,l,v,e,r);
+    static const XMLCh type[] =                 UNICODE_LITERAL_4(t,y,p,e);
+    static const XMLCh certificate[] =          UNICODE_LITERAL_11(c,e,r,t,i,f,i,c,a,t,e);
+    static const XMLCh Certificate[] =          UNICODE_LITERAL_11(C,e,r,t,i,f,i,c,a,t,e);
+    static const XMLCh Path[] =                 UNICODE_LITERAL_4(P,a,t,h);
     static const XMLCh verifyDepth[] =          UNICODE_LITERAL_11(v,e,r,i,f,y,D,e,p,t,h);
-\r
+
     class XMLTOOL_DLLLOCAL StaticPKIXTrustEngine : public AbstractPKIXTrustEngine
     {
     public:
@@ -120,21 +120,21 @@ StaticPKIXTrustEngine::StaticPKIXTrustEngine(const DOMElement* e) : AbstractPKIX
     else
         m_depth = 1;
 
-    if (e && e->hasAttributeNS(NULL,certificate)) {\r
-        // Simple File resolver config rooted here.\r
-        m_credResolver = XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin(FILESYSTEM_CREDENTIAL_RESOLVER,e);\r
-    }\r
-    else {\r
-        e = e ? XMLHelper::getFirstChildElement(e, _CredentialResolver) : NULL;\r
-        auto_ptr_char t(e ? e->getAttributeNS(NULL,type) : NULL);\r
-        if (t.get()) {\r
-            m_credResolver = XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin(t.get(),e);\r
-        }\r
-        else\r
-            throw XMLSecurityException("Missing <CredentialResolver> element, or no type attribute found");\r
-    }\r
-\r
-    m_credResolver->lock();\r
+    if (e && e->hasAttributeNS(NULL,certificate)) {
+        // Simple File resolver config rooted here.
+        m_credResolver = XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin(FILESYSTEM_CREDENTIAL_RESOLVER,e);
+    }
+    else {
+        e = e ? XMLHelper::getFirstChildElement(e, _CredentialResolver) : NULL;
+        auto_ptr_char t(e ? e->getAttributeNS(NULL,type) : NULL);
+        if (t.get()) {
+            m_credResolver = XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin(t.get(),e);
+        }
+        else
+            throw XMLSecurityException("Missing <CredentialResolver> element, or no type attribute found");
+    }
+
+    m_credResolver->lock();
 
     // Merge together all X509Credentials we can resolve.
     try {
@@ -144,8 +144,7 @@ StaticPKIXTrustEngine::StaticPKIXTrustEngine(const DOMElement* e) : AbstractPKIX
             const X509Credential* xcred = dynamic_cast<const X509Credential*>(*i);
             if (xcred) {
                 m_certs.insert(m_certs.end(), xcred->getEntityCertificateChain().begin(), xcred->getEntityCertificateChain().end());
-                if (xcred->getCRL())
-                    m_crls.push_back(xcred->getCRL());
+                m_crls.insert(m_crls.end(), xcred->getCRLs().begin(), xcred->getCRLs().end());
             }
         }
     }