diff options
author | sangwan.kwon <sangwan.kwon@samsung.com> | 2016-09-27 21:02:42 +0900 |
---|---|---|
committer | sangwan.kwon <sangwan.kwon@samsung.com> | 2016-11-09 13:26:47 +0900 |
commit | d58685dc63da77fbe88da9df7f7ec13575640263 (patch) | |
tree | 3b0d23a1196b0b4560f7efdf3f0b8984c12d7d43 | |
parent | daf2259d9baccb7027b2037175f6e85badc1e426 (diff) | |
download | xmlsec1-d58685dc63da77fbe88da9df7f7ec13575640263.tar.gz xmlsec1-d58685dc63da77fbe88da9df7f7ec13575640263.tar.bz2 xmlsec1-d58685dc63da77fbe88da9df7f7ec13575640263.zip |
Add flag and logic on xmldsig for proxy-validator
* Added flag : XMLSEC_DSIG_FLAGS_SKIP_PROXY
Change-Id: I868067b163c83acfa52e5ad9486f73dd781f0cbc
Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
-rw-r--r-- | include/xmlsec/xmldsig.h | 7 | ||||
-rw-r--r-- | src/xmldsig.c | 73 |
2 files changed, 46 insertions, 34 deletions
diff --git a/include/xmlsec/xmldsig.h b/include/xmlsec/xmldsig.h index 886bba98..21f629a4 100644 --- a/include/xmlsec/xmldsig.h +++ b/include/xmlsec/xmldsig.h @@ -109,6 +109,13 @@ typedef enum { #define XMLSEC_DSIG_FLAGS_CHECK_PROXY 0x00000040 /** TIZEN CUSTUMIZED + * XMLSEC_DSIG_FLAGS_SKIP_PROXY: + * + * If this flag is set then xmlSecProxyCtx will not be processed. + */ +#define XMLSEC_DSIG_FLAGS_SKIP_PROXY 0x00000080 + +/** TIZEN CUSTUMIZED * @cache: the cache include reference uri for supporting partial mode. * cache represented uri will be check on processing references. * @next: the pointer to indicate linked node (xmlSecProxyCtx). diff --git a/src/xmldsig.c b/src/xmldsig.c index db33058e..61b3024a 100644 --- a/src/xmldsig.c +++ b/src/xmldsig.c @@ -965,53 +965,59 @@ xmlSecDSigCtxProcessReferences(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr firstReferen return(-1); } - /* TIZEN CUTUMIZED : check proxy caches for partial mode */ - if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_CHECK_PROXY) != 0) { - int isInProxy = 0; - if(dsigCtx->proxyCtxPtr != NULL) { - xmlChar* refUri = xmlGetProp(cur, xmlSecAttrURI); - if(refUri == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - NULL, - XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE, - "node=%s", - xmlSecErrorsSafeString(xmlSecNodeGetName(cur))); - return(-1); - } - + /* TIZEN CUTUMIZED : check proxy context */ + int isInProxy = 0; + if(dsigCtx->proxyCtxPtr != NULL) { + xmlChar* refUri = xmlGetProp(cur, xmlSecAttrURI); + if(refUri == NULL) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, NULL, - XMLSEC_ERRORS_MAX_NUMBER, - "Start to search reference on proxy : %s.", - refUri); - - xmlSecProxyCtxPtr pc = dsigCtx->proxyCtxPtr; - while(pc != NULL) { - if(xmlSecDecodeCmp(refUri, pc->cache) == 0) { - isInProxy = 1; - break; - } - pc = pc->next; + XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE, + "node=%s", + xmlSecErrorsSafeString(xmlSecNodeGetName(cur))); + return(-1); + } + + xmlSecProxyCtxPtr pc = dsigCtx->proxyCtxPtr; + while(pc != NULL) { + if(xmlSecDecodeCmp(refUri, pc->cache) == 0) { + isInProxy = 1; + break; } - } else { - /* if proxy is not exist, process references */ + pc = pc->next; + } + } else { + /* if proxy is not exist, process references */ + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + NULL, + XMLSEC_ERRORS_MAX_NUMBER, + "Proxy doesn't exist."); + } + + /* TIZEN CUTUMIZED : check uri only in proxy caches for partial mode */ + if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_CHECK_PROXY) != 0) { + /* if not exist on proxy, skip on processing references */ + if(isInProxy == 0) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER, - "Proxy doesn't exist."); - isInProxy = 1; + "Skip %s on processing references.", + xmlGetProp(cur, xmlSecAttrURI)); + continue; } + } - /* if not exist on proxy, skip on processing references */ - if(isInProxy == 0) { + /* TIZEN CUTUMIZED : skip uri proxy caches for proxy-validator */ + if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_SKIP_PROXY) != 0) { + if(isInProxy) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER, - "Skip %s on processing references.", + "Already checked refs by proxy-validator : %s", xmlGetProp(cur, xmlSecAttrURI)); continue; } @@ -1063,7 +1069,6 @@ xmlSecDSigCtxProcessReferences(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr firstReferen return(0); } - static int xmlSecDSigCtxProcessKeyInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) { int ret; |