rpms/lasso
6
0
Fork 0
Code Issues Pull Requests Releases Activity
8a955c845b
lasso/xmlSecSoap.patch
John Dennis 8a955c845b Resolves: rhbz#1542126, rhbz#1556016 
xmlsec removed SOAP support, reimplement missing xmlSecSoap* in Lasso
2018-04-03 20:37:45 -04:00

266 lines
7.8 KiB
Diff
Raw Blame History

commit bb8722b1c0e097bde8fd0a54190b13dd5bb8c0a8
Author: John Dennis <jdennis@redhat.com>
Date: Tue Apr 3 19:49:31 2018 -0400
Replace xmlSecSoap functions with lasso implementations
xmlsec has removed support for SOAP. The missing xmlSecSoap* functions
and their dependent utiliity functions were added to Lasso following
the model of the existing xmlSec implmentations.
Note: Lasso tried to accommodate both SOAP 1.1 and SOAP 1.2 but SAML2
*only* uses SOAP 1.1 thus the SOAP 1.2 support was superfluous and
confused matters. Therefire the SOAP 1.2 support was removed.
The following new functions were added to Lasso to support SOAP:
* lasso_xml_next_element_node
* lasso_xml_get_node_ns_href
* lasso_xml_is_element_node
* lasso_xml_soap11_get_header
* lasso_xml_soap11_get_body
The following is the mapping from the deprecated xmlSecSoap symbols
to the new Lasso symbols:
xmlSecSoap11Ns -> LASSO_SOAP_ENV_HREF
xmlSecGetNextElementNode -> lasso_xml_next_element_node
xmlSecGetNodeNsHref -> lasso_xml_get_node_ns_href
xmlSecCheckNodeName -> lasso_xml_is_element_node
xmlSecSoap11GetHeader -> lasso_xml_soap11_get_header
xmlSecSoap11GetBody -> lasso_xml_soap11_get_body
diff --git a/lasso/id-wsf/wsf_profile.c b/lasso/id-wsf/wsf_profile.c
index 8cfe5a27..112dfeeb 100644
--- a/lasso/id-wsf/wsf_profile.c
+++ b/lasso/id-wsf/wsf_profile.c
@@ -29,7 +29,6 @@
#include <xmlsec/xmldsig.h>
#include <xmlsec/templates.h>
#include <xmlsec/crypto.h>
-#include <xmlsec/soap.h>
#include "../utils.h"
@@ -1369,7 +1368,7 @@ lasso_wsf_profile_add_saml_signature(LassoWsfProfile *wsf_profile, xmlDoc *doc)
/* Lookup all referenced node and their Ids */
envelope = xmlDocGetRootElement(doc);
- header = xmlSecSoap11GetHeader(envelope);
+ header = lasso_xml_soap11_get_header(envelope);
provider = xmlSecFindNode(header, (xmlChar*) "Provider",
(xmlChar*) LASSO_SOAP_BINDING_HREF);
@@ -1377,7 +1376,7 @@ lasso_wsf_profile_add_saml_signature(LassoWsfProfile *wsf_profile, xmlDoc *doc)
(xmlChar*) LASSO_SOAP_BINDING_HREF);
interaction = xmlSecFindNode(header, (xmlChar*) "UserInteraction",
(xmlChar*) LASSO_IS_HREF);
- body = xmlSecSoap11GetBody(envelope);
+ body = lasso_xml_soap11_get_body(envelope);
xmlSecAddIDs(doc, envelope, ids);
goto_cleanup_if_fail_with_rc(header != NULL, LASSO_XML_ERROR_NODE_NOT_FOUND);
goto_cleanup_if_fail_with_rc(provider != NULL, LASSO_XML_ERROR_NODE_NOT_FOUND);
diff --git a/lasso/xml/private.h b/lasso/xml/private.h
index 6f7d911d..94acd0ed 100644
--- a/lasso/xml/private.h
+++ b/lasso/xml/private.h
@@ -265,8 +265,19 @@ xmlDocPtr lasso_xml_parse_memory(const char *buffer, int size);
xmlNode* lasso_xml_get_soap_content(xmlNode *root);
+xmlNodePtr lasso_xml_next_element_node(xmlNodePtr node);
+
+const xmlChar* lasso_xml_get_node_ns_href(const xmlNodePtr node);
+
+gboolean lasso_xml_is_element_node(const xmlNodePtr node,
+ const xmlChar *name, const xmlChar *ns);
+
gboolean lasso_xml_is_soap(xmlNode *root);
+xmlNodePtr lasso_xml_soap11_get_header(xmlNodePtr envelope_node);
+
+xmlNodePtr lasso_xml_soap11_get_body(xmlNodePtr envelope_node);
+
gboolean lasso_eval_xpath_expression(xmlXPathContextPtr xpath_ctx, const char *expression,
xmlXPathObjectPtr *xpath_object_ptr, int *xpath_error_code);
diff --git a/lasso/xml/tools.c b/lasso/xml/tools.c
index ade6d660..c6d4de4b 100644
--- a/lasso/xml/tools.c
+++ b/lasso/xml/tools.c
@@ -57,7 +57,6 @@
#include <xmlsec/errors.h>
#include <xmlsec/openssl/x509.h>
#include <xmlsec/openssl/crypto.h>
-#include <xmlsec/soap.h>
#include <zlib.h>
@@ -1666,30 +1665,156 @@ cleanup:
return rc;
}
+/**
+ * lasso_xml_next_element_node:
+ * @node: the pointer to an XML node.
+ *
+ * Seraches for the next element node.
+ *
+ * Returns: the pointer to next element node or NULL if it is not found.
+ */
+xmlNodePtr
+lasso_xml_next_element_node(xmlNodePtr node)
+{
+
+ for (; node != NULL && node->type != XML_ELEMENT_NODE; node = node->next);
+ return node;
+}
+
+/**
+ * lasso_xml_get_node_ns_href:
+ * @node: the pointer to node.
+ *
+ * Get's node's namespace href.
+ *
+ * Returns: node's namespace href.
+ */
+const xmlChar*
+lasso_xml_get_node_ns_href(const xmlNodePtr node)
+{
+ xmlNsPtr ns;
+
+ if (node == NULL) {
+ return NULL;
+ }
+
+ /* do we have a namespace in the node? */
+ if (node->ns != NULL) {
+ return node->ns->href;
+ }
+
+ /* search for default namespace */
+ ns = xmlSearchNs(node->doc, node, NULL);
+ if (ns != NULL) {
+ return ns->href;
+ }
+
+ return NULL;
+}
+
+/**
+ * lasso_xml_is_element_node:
+ * @node: the pointer to an XML node.
+ * @name: the name,
+ * @ns: the namespace href.
+ *
+ * Checks that the node has a given name and a given namespace href.
+ *
+ * Returns: true if the node matches false otherwise.
+ */
+gboolean
+lasso_xml_is_element_node(const xmlNodePtr node,
+ const xmlChar *name, const xmlChar *ns)
+{
+ if (node == NULL) {
+ return FALSE;
+ }
+
+ return (node->type == XML_ELEMENT_NODE &&
+ xmlStrEqual(node->name, name) &&
+ xmlStrEqual(lasso_xml_get_node_ns_href(node), ns));
+}
+
gboolean
lasso_xml_is_soap(xmlNode *root)
{
- return xmlSecCheckNodeName(root, xmlSecNodeEnvelope, xmlSecSoap11Ns) ||
- xmlSecCheckNodeName(root, xmlSecNodeEnvelope, xmlSecSoap12Ns);
+ return lasso_xml_is_element_node(root, BAD_CAST "Envelope",
+ BAD_CAST LASSO_SOAP_ENV_HREF);
+}
+
+/**
+ * lasso_xml_soap11_get_header:
+ * @envelope_node: the pointer to <soap:Envelope> node.
+ *
+ * Gets pointer to the <soap:Header> node.
+ *
+ * Returns: pointer to <soap:Header> node or NULL if an error occurs.
+ */
+xmlNodePtr
+lasso_xml_soap11_get_header(xmlNodePtr envelope_node)
+{
+ xmlNodePtr node;
+
+ if (envelope_node == NULL) {
+ return NULL;
+ }
+
+ /* optional Header node is first */
+ node = lasso_xml_next_element_node(envelope_node->children);
+ if (lasso_xml_is_element_node(node, BAD_CAST "Header",
+ BAD_CAST LASSO_SOAP_ENV_HREF)) {
+ return node;
+ }
+
+ return NULL;
+}
+
+/**
+ * lasso_xml_soap11_get_body:
+ * @envelope_node: the pointer to <soap:Envelope> node.
+ *
+ * Gets pointer to the <soap:Body> node.
+ *
+ * Returns: pointer to <soap:Body> node or NULL if an error occurs.
+ */
+xmlNodePtr
+lasso_xml_soap11_get_body(xmlNodePtr envelope_node)
+{
+ xmlNodePtr node;
+
+ if (envelope_node == NULL) {
+ return NULL;
+ }
+
+ /* optional Header node first */
+ node = lasso_xml_next_element_node(envelope_node->children);
+ if (lasso_xml_is_element_node(node, BAD_CAST "Header",
+ BAD_CAST LASSO_SOAP_ENV_HREF)) {
+ node = lasso_xml_next_element_node(node->next);
+ }
+
+ /* Body node is next */
+ if (!lasso_xml_is_element_node(node, BAD_CAST "Body",
+ BAD_CAST LASSO_SOAP_ENV_HREF)) {
+ return NULL;
+ }
+
+ return node;
}
xmlNode*
lasso_xml_get_soap_content(xmlNode *root)
{
gboolean is_soap11 = FALSE;
- gboolean is_soap12 = FALSE;
xmlNode *content = NULL;
- is_soap11 = xmlSecCheckNodeName(root, xmlSecNodeEnvelope, xmlSecSoap11Ns);
- is_soap12 = xmlSecCheckNodeName(root, xmlSecNodeEnvelope, xmlSecSoap12Ns);
-
- if (is_soap11 || is_soap12) {
+ is_soap11 = lasso_xml_is_element_node(root, BAD_CAST "Envelope",
+ BAD_CAST LASSO_SOAP_ENV_HREF);
+ if (is_soap11) {
xmlNode *body;
if (is_soap11) {
- body = xmlSecSoap11GetBody(root);
- } else {
- body = xmlSecSoap12GetBody(root);
+ body = lasso_xml_soap11_get_body(root);
}
if (body) {
content = xmlSecGetNextElementNode(body->children);
Reference in New Issue View Git Blame Copy Permalink