Projet

Général

Profil

0001-saml-review-logging-calls-in-common.py-for-unicode-c.patch

Benjamin Dauvergne, 11 juin 2015 11:30

Télécharger (7,15 ko)

Voir les différences: 

Subject: [PATCH] saml: review logging calls in common.py for unicode
 correctness (fixes #7527)

Rule: pass only unicode or ASCII byte string to logging calls.

 src/authentic2/saml/common.py | 50 +++++++++++++++++++++----------------------
 1 file changed, 24 insertions(+), 26 deletions(-)
src/authentic2/saml/common.py
115 115 
    '''Extract the SAMLRequest field from the POST'''
116 116 
    msg = request.POST.get(lasso.SAML2_FIELD_RESPONSE, '')
117 117 
    assert msg is not None, 'no message received'
118 
    logger.debug('%r: %r', lasso.SAML2_FIELD_RESPONSE, msg)
118 
    logger.debug('%s: %s', lasso.SAML2_FIELD_RESPONSE, msg)
119 119 
    return msg
120 120 

  		




  121
  121
  
    
def get_saml2_post_request(request):

  		




  ......




  168
  168
  
    
    logger.debug('profile.msgBody: %r', profile.msgBody)

  		




  169
  169
  
    
    logger.debug('profile.msgUrl: %r', profile.msgUrl)

  		




  170
  170
  
    
    logger.debug('profile.msgRelayState: %r', profile.msgRelayState)

  		




  171
  
  
    
    logger.debug('field_name: %r', field_name)

  		




  
  171
  
    
    logger.debug('field_name: %s', field_name)

  		




  172
  172
  
    
    if profile.msgBody:

  		




  173
  173
  
    
        if profile.msgUrl:

  		




  174
  174
  
    
            return render_to_response('saml/post_form.html',{

  		




  ......




  284
  284
  
    
    try:

  		




  285
  285
  
    
        q = LibertySessionDump.objects.get(django_session_key=session_key,

  		




  286
  286
  
    
                kind=kind)

  		




  287
  
  
    
        logger.debug('load_session: session dump found %s' %q.session_dump.encode('utf8'))

  		




  
  287
  
    
        logger.debug('load_session: session dump found %s', q.session_dump)

  		




  288
  288
  
    
        login.setSessionFromDump(q.session_dump.encode('utf8'))

  		




  289
  
  
    
        logger.debug('load_session: set session from dump done %s' %login.session.dump())

  		




  290
  289
  
    
    except ObjectDoesNotExist:

  		




  291
  290
  
    
        pass

  		




  292
  291
  
    

  		




  ......




  308
  307
  
    
    '''Delete all liberty sessions for a django session'''

  		




  309
  308
  
    
    if not session_key:

  		




  310
  309
  
    
        session_key = request.session.session_key

  		




  311
  
  
    
    try:

  		




  312
  
  
    
        LibertySessionDump.objects.\

  		




  313
  
  
    
            filter(django_session_key = session_key).delete()

  		




  314
  
  
    
    except Exception, e:

  		




  315
  
  
    
        logger.error('delete_session: Exception %s' % str(e))

  		




  
  310
  
    
    sessions = LibertySessionDump.objects.filter(

  		




  
  311
  
    
        django_session_key=session_key)

  		




  
  312
  
    
    sessions..delete()

  		




  316
  313
  
    

  		




  317
  314
  
    
def save_manage(request, manage):

  		




  318
  315
  
    
    if not request or not manage:

  		




  ......




  327
  324
  
    
    return d

  		




  328
  325
  
    

  		




  329
  326
  
    
def retrieve_metadata_and_create(request, provider_id, sp_or_idp):

  		




  330
  
  
    
    logger.debug('trying to load %s from wkl' % provider_id)

  		




  
  327
  
    
    logger.debug('trying to load %s from wkl', provider_id)

  		




  331
  328
  
    
    if not provider_id.startswith('http'):

  		




  332
  329
  
    
        logger.debug('not an http url, failing')

  		




  333
  330
  
    
        return None

  		




  ......




  336
  333
  
    
        metadata = get_url(provider_id)

  		




  337
  334
  
    
    except Exception, e:

  		




  338
  335
  
    
        logging.error('SAML metadata autoload: failure to retrieve metadata '

  		




  339
  
  
    
                'for entity id %r: %s' % (provider_id, e))

  		




  
  336
  
    
                      'for entity id %s: %s', provider_id, e)

  		




  340
  337
  
    
        return None

  		




  341
  
  
    
    logger.debug('loaded %d bytes' % len(metadata))

  		




  
  338
  
    
    logger.debug('loaded %d bytes', len(metadata))

  		




  342
  339
  
    
    try:

  		




  343
  340
  
    
        metadata = unicode(metadata, 'utf8')

  		




  344
  341
  
    
    except:

  		




  345
  
  
    
        logging.error('SAML metadata autoload: retrieved metadata \

  		




  346
  
  
    
for entity id %r is not UTF-8' % provider_id)

  		




  
  342
  
    
        logging.error('SAML metadata autoload: retrieved metadata for entity '

  		




  
  343
  
    
                      'id %s is not UTF-8', provider_id)

  		




  347
  344
  
    
        return None

  		




  348
  345
  
    
    p = LibertyProvider(metadata=metadata)

  		




  349
  346
  
    
    try:

  		




  350
  347
  
    
        p.full_clean(exclude=['entity_id','protocol_conformance'])

  		




  351
  348
  
    
    except ValidationError, e:

  		




  352
  
  
    
        logging.error('SAML metadata autoload: retrieved metadata \

  		




  353
  
  
    
for entity id %r are invalid, %s' % (provider_id, e.args))

  		




  
  349
  
    
        logging.error('SAML metadata autoload: retrieved metadata for entity '

  		




  
  350
  
    
                      'id %s are invalid, %s', provider_id, e.args)

  		




  354
  351
  
    
        return None

  		




  355
  352
  
    
    except:

  		




  356
  
  
    
        logging.exception('SAML metadata autoload: retrieved metadata validation raised an unknown exception')

  		




  
  353
  
    
        logging.exception('SAML metadata autoload: retrieved metadata '

  		




  
  354
  
    
                          'validation raised an unknown exception')

  		




  357
  355
  
    
        return None

  		




  358
  356
  
    
    p.save()

  		




  359
  
  
    
    logger.debug('%s saved' % p)

  		




  
  357
  
    
    logger.debug('%s saved', p)

  		




  360
  358
  
    
    if sp_or_idp == 'sp':

  		




  361
  359
  
    
        s = LibertyServiceProvider(liberty_provider=p, enabled=True)

  		




  362
  360
  
    
        s.save()

  		




  ......




  410
  408
  
    
                    liberty_provider.metadata.encode('utf8'))

  		




  411
  409
  
    
    else:

  		




  412
  410
  
    
        raise Exception('unsupported option sp_or_idp = %r' % sp_or_idp)

  		




  413
  
  
    
    logger.debug('loaded provider %r', entity_id)

  		




  
  411
  
    
    logger.debug('loaded provider %s', entity_id)

  		




  414
  412
  
    
    return liberty_provider

  		




  415
  413
  
    

  		




  416
  414
  
    
# Federation management

  		




  ......




  422
  420
  
    
        kwargs['idp'] = LibertyProvider.objects.get(entity_id=provider_id).identity_provider

  		




  423
  421
  
    
    fed = LibertyFederation(user=user, **kwargs)

  		




  424
  422
  
    
    fed.save()

  		




  425
  
  
    
    logger.debug('federation %r linked to user %r', fed.name_id_content, user)

  		




  
  423
  
    
    logger.debug('federation %s linked to user %s', fed.name_id_content, user)

  		




  426
  424
  
    
    return fed

  		




  427
  425
  
    

  		




  428
  426
  
    
def lookup_federation_by_name_identifier(name_id=None, profile=None):

  		




  ......




  530
  528
  
    
        LibertySessionSP.objects.\

  		




  531
  529
  
    
            filter(django_session_key=session_key).delete()

  		




  532
  530
  
    
    except Exception, e:

  		




  533
  
  
    
        logger.error('remove_liberty_session_sp: Exception %s' % str(e))

  		




  
  531
  
    
        logger.error('remove_liberty_session_sp: Exception %s', e)

  		




  534
  532
  
    

  		




  535
  533
  
    
def get_provider_of_active_session(request):

  		




  536
  534
  
    
    if not request:

  		




  ......




  567
  565
  
    
        host, query = urllib.splithost(url[6:])

  		




  568
  566
  
    
        conn = httplib.HTTPSConnection(host,

  		




  569
  567
  
    
                key_file = client_cert, cert_file = client_cert)

  		




  570
  
  
    
    logger.debug('host %s' % host)

  		




  571
  
  
    
    logger.debug('query %s' % query)

  		




  572
  
  
    
    logger.debug('msg %s' % msg)

  		




  
  568
  
    
    logger.debug('host %r', host)

  		




  
  569
  
    
    logger.debug('query %r', query)

  		




  
  570
  
    
    logger.debug('msg %r', msg)

  		




  573
  571
  
    
    try:

  		




  574
  572
  
    
        conn.request('POST', query, msg, {'Content-Type': 'text/xml'})

  		




  575
  573
  
    
        response = conn.getresponse()

  		




  576
  574
  
    
    except Exception, err:

  		




  577
  575
  
    
        logging.error('SOAP error (on %s): %s' % (url, err))

  		




  578
  576
  
    
        raise SOAPException(url, err)

  		




  579
  
  
    
    logger.debug('response %s' % str(response))

  		




  
  577
  
    
    logger.debug('response %r', response)

  		




  580
  578
  
    
    try:

  		




  581
  579
  
    
        data = response.read()

  		




  582
  580
  
    
    except Exception, err:

  		




  583
  581
  
    
        logging.error('SOAP error (on %s): %s' % (url, err))

  		




  584
  582
  
    
        raise SOAPException(url, err)

  		




  585
  
  
    
    logger.debug('data %s' % str(data))

  		




  
  583
  
    
    logger.debug('data %r', data)

  		




  586
  584
  
    
    conn.close()

  		




  587
  585
  
    
    if response.status not in (200, 204): # 204 ok for federation termination

  		




  588
  586
  
    
        logging.warning('SOAP error (%s) (on %s)' % (response.status, url))

  		




  589
  
  
    
-