#include "security/OpenSSLCredential.h"
#include "security/OpenSSLCryptoX509CRL.h"
#include "util/NDC.h"
+#include "util/PathResolver.h"
#include "util/XMLHelper.h"
#include <sys/types.h>
string formatToString(format_t format) const;
format_t xmlFormatToFormat(const XMLCh* format_xml) const;
- format_t m_keyformat,m_certformat,m_crlformat;
- string m_keypath,m_keypass,m_certpath,m_certpass,m_crlpath;
+ format_t m_keyformat,m_crlformat;
+ string m_keypath,m_keypass,m_crlpath;
vector<X509*> m_certs;
FilesystemCredential* m_credential;
};
if (e && e->hasChildNodes()) {
const XMLCh* s=e->getFirstChild()->getNodeValue();
auto_ptr_char kpath(s);
+ m_keypath = kpath.get();
+ XMLToolingConfig::getConfig().getPathResolver()->resolve(m_keypath, PathResolver::XMLTOOLING_CFG_FILE);
#ifdef WIN32
struct _stat stat_buf;
if (_stat(kpath.get(), &stat_buf) != 0)
log.error("key file (%s) can't be opened", kpath.get());
throw XMLSecurityException("FilesystemCredentialResolver can't access key file ($1)",params(1,kpath.get()));
}
- m_keypath=kpath.get();
}
else {
log.error("Path element missing inside Key element");
if (e && e->hasChildNodes()) {
const XMLCh* s=e->getFirstChild()->getNodeValue();
auto_ptr_char kpath(s);
+ m_crlpath=kpath.get();
+ XMLToolingConfig::getConfig().getPathResolver()->resolve(m_crlpath, PathResolver::XMLTOOLING_CFG_FILE);
#ifdef WIN32
struct _stat stat_buf;
if (_stat(kpath.get(), &stat_buf) != 0)
log.error("CRL file (%s) can't be opened", kpath.get());
throw XMLSecurityException("FilesystemCredentialResolver can't access CRL file ($1)",params(1,kpath.get()));
}
- m_crlpath=kpath.get();
}
else {
log.error("Path element missing inside CRL element");
throw XMLSecurityException("FilesystemCredentialResolver can't access certificate file, missing or empty Path element.");
}
- auto_ptr_char certpath(ep->getFirstChild()->getNodeValue());
+ auto_ptr_char certpath2(ep->getFirstChild()->getNodeValue());
+ string certpath(certpath2.get());
+ XMLToolingConfig::getConfig().getPathResolver()->resolve(certpath, PathResolver::XMLTOOLING_CFG_FILE);
+
format_xml=e->getAttributeNS(NULL,format);
if (format_xml && *format_xml) {
fformat = xmlFormatToFormat(format_xml);
X509* x=NULL;
PKCS12* p12=NULL;
in=BIO_new(BIO_s_file_internal());
- if (in && BIO_read_filename(in,certpath.get())>0) {
+ if (in && BIO_read_filename(in,certpath.c_str())>0) {
if (!format_xml || !*format_xml) {
// Determine the cert encoding format dynamically, if not explicitly specified
fformat = getEncodingFormat(in);
- log.debug("certificate encoding format for (%s) dynamically resolved as (%s)", certpath.get(), formatToString(fformat).c_str());
+ log.debug("certificate encoding format for (%s) dynamically resolved as (%s)", certpath.c_str(), formatToString(fformat).c_str());
}
switch(fformat) {
else {
log_openssl();
BIO_free(in);
- throw XMLSecurityException("FilesystemCredentialResolver unable to load DER certificate from file ($1)",params(1,certpath.get()));
+ throw XMLSecurityException("FilesystemCredentialResolver unable to load DER certificate from file ($1)",params(1,certpath.c_str()));
}
break;
} else {
log_openssl();
BIO_free(in);
- throw XMLSecurityException("FilesystemCredentialResolver unable to load PKCS12 certificate from file ($1)",params(1,certpath.get()));
+ throw XMLSecurityException("FilesystemCredentialResolver unable to load PKCS12 certificate from file ($1)",params(1,certpath.c_str()));
}
break;
} // end switch
BIO_free(in);
in=NULL;
}
- throw XMLSecurityException("FilesystemCredentialResolver unable to load certificate(s) from file ($1)",params(1,certpath.get()));
+ throw XMLSecurityException("FilesystemCredentialResolver unable to load certificate(s) from file ($1)",params(1,certpath.c_str()));
}
if (in) {
BIO_free(in);
extra = XMLHelper::getNextSiblingElement(extra,CAPath);
continue;
}
- auto_ptr_char capath(extra->getFirstChild()->getNodeValue());
+ auto_ptr_char capath2(extra->getFirstChild()->getNodeValue());
+ string capath(capath2.get());
+ XMLToolingConfig::getConfig().getPathResolver()->resolve(capath, PathResolver::XMLTOOLING_CFG_FILE);
x=NULL;
p12=NULL;
in=BIO_new(BIO_s_file_internal());
- if (in && BIO_read_filename(in,capath.get())>0) {
+ if (in && BIO_read_filename(in,capath.c_str())>0) {
if (!format_xml || !*format_xml) {
// Determine the cert encoding format dynamically, if not explicitly specified
fformat = getEncodingFormat(in);
- log.debug("CA certificate encoding format for (%s) dynamically resolved as (%s)", certpath.get(), formatToString(fformat).c_str());
+ log.debug("CA certificate encoding format for (%s) dynamically resolved as (%s)", capath.c_str(), formatToString(fformat).c_str());
}
switch (fformat) {
case PEM:
- while (x=PEM_read_bio_X509(in,NULL,passwd_callback,const_cast<char*>(certpass.get())))
+ while (x=PEM_read_bio_X509(in,NULL,NULL,NULL))
m_certs.push_back(x);
break;
else {
log_openssl();
BIO_free(in);
- throw XMLSecurityException("FilesystemCredentialResolver unable to load DER CA certificate from file ($1)",params(1,capath.get()));
+ throw XMLSecurityException("FilesystemCredentialResolver unable to load DER CA certificate from file ($1)",params(1,capath.c_str()));
}
break;
case _PKCS12:
p12 = d2i_PKCS12_bio(in, NULL);
if (p12) {
- PKCS12_parse(p12, certpass.get(), NULL, &x, NULL);
+ PKCS12_parse(p12, NULL, NULL, &x, NULL);
PKCS12_free(p12);
}
if (x) {
else {
log_openssl();
BIO_free(in);
- throw XMLSecurityException("FilesystemCredentialResolver unable to load PKCS12 CA certificate from file ($1)",params(1,capath.get()));
+ throw XMLSecurityException("FilesystemCredentialResolver unable to load PKCS12 CA certificate from file ($1)",params(1,capath.c_str()));
}
break;
} //end switch
if (in)
BIO_free(in);
log_openssl();
- log.error("CA file (%s) can't be opened", capath.get());
- throw XMLSecurityException("FilesystemCredentialResolver can't open CA file ($1)",params(1,capath.get()));
+ log.error("CA file (%s) can't be opened", capath.c_str());
+ throw XMLSecurityException("FilesystemCredentialResolver can't open CA file ($1)",params(1,capath.c_str()));
}
extra = XMLHelper::getNextSiblingElement(extra,CAPath);
const string& PathResolver::resolve(string& s, file_type_t filetype, const char* pkgname, const char* prefix) const
{
-#ifdef WIN32
- static const char sep = '\\';
-#else
- static const char sep = '/';
-#endif
if (!isAbsolute(s.c_str())) {
switch (filetype) {
case XMLTOOLING_LIB_FILE:
- s = string(prefix ? prefix : m_defaultPrefix) + sep + "lib" + sep + (pkgname ? pkgname : m_defaultPackage) + sep + s;
+ s = string(prefix ? prefix : m_defaultPrefix) + "/lib/" + (pkgname ? pkgname : m_defaultPackage) + '/' + s;
break;
case XMLTOOLING_LOG_FILE:
if (prefix || m_defaultPrefix != "/usr")
- s = string(prefix ? prefix : m_defaultPrefix) + sep + "var" + sep + "log" + sep + (pkgname ? pkgname : m_defaultPackage) + sep + s;
+ s = string(prefix ? prefix : m_defaultPrefix) + "/var/log/" + (pkgname ? pkgname : m_defaultPackage) + '/' + s;
else
- s = string(sep,1) + "var" + sep + "log" + sep + (pkgname ? pkgname : m_defaultPackage) + sep + s;
+ s = string("/var/log/") + (pkgname ? pkgname : m_defaultPackage) + '/' + s;
break;
case XMLTOOLING_XML_FILE:
- s = string(prefix ? prefix : m_defaultPrefix) + sep + "share" + sep + "xml" + (pkgname ? pkgname : m_defaultPackage) + sep + s;
+ s = string(prefix ? prefix : m_defaultPrefix) + "/share/xml/" + (pkgname ? pkgname : m_defaultPackage) + '/' + s;
break;
case XMLTOOLING_RUN_FILE:
if (prefix || m_defaultPrefix != "/usr")
- s = string(prefix ? prefix : m_defaultPrefix) + sep + "var" + sep + "run" + sep + (pkgname ? pkgname : m_defaultPackage) + sep + s;
+ s = string(prefix ? prefix : m_defaultPrefix) + "/var/run/" + (pkgname ? pkgname : m_defaultPackage) + '/' + s;
else
- s = string(sep,1) + "var" + sep + "run" + sep + (pkgname ? pkgname : m_defaultPackage) + sep + s;
+ s = string("/var/run/") + (pkgname ? pkgname : m_defaultPackage) + '/' + s;
break;
case XMLTOOLING_CFG_FILE:
if (prefix || m_defaultPrefix != "/usr")
- s = string(prefix ? prefix : m_defaultPrefix) + sep + "etc" + sep + (pkgname ? pkgname : m_defaultPackage) + sep + s;
+ s = string(prefix ? prefix : m_defaultPrefix) + "/etc/" + (pkgname ? pkgname : m_defaultPackage) + '/' + s;
else
- s = string(sep,1) + "etc" + sep + (pkgname ? pkgname : m_defaultPackage) + sep + s;
+ s = string("/etc/") + (pkgname ? pkgname : m_defaultPackage) + '/' + s;
break;
default: