0005-Replace-all-use-of-xmlSecBase64Decode-by-lasso_base6.patch
lasso/id-ff/login.c | ||
---|---|---|
1652 | 1652 |
int i; |
1653 | 1653 |
char *artifact_b64 = NULL, *provider_succinct_id_b64; |
1654 | 1654 |
char provider_succinct_id[21]; |
1655 |
char artifact[43]; |
|
1655 |
char *artifact = NULL; |
|
1656 |
int artifact_len = 0; |
|
1656 | 1657 |
LassoSamlpRequestAbstract *request; |
1657 | 1658 |
LassoProfile *profile; |
1658 | 1659 | |
... | ... | |
1689 | 1690 |
lasso_assign_string(artifact_b64, response_msg); |
1690 | 1691 |
} |
1691 | 1692 | |
1692 |
i = xmlSecBase64Decode((xmlChar*)artifact_b64, (xmlChar*)artifact, 43); |
|
1693 |
if (i < 0 || i > 42) { |
|
1693 |
if (! lasso_base64_decode(artifact_b64, &artifact, &artifact_len)) { |
|
1694 |
return LASSO_PROFILE_ERROR_INVALID_ARTIFACT; |
|
1695 |
} |
|
1696 |
if (artifact_len != 42) { |
|
1694 | 1697 |
lasso_release_string(artifact_b64); |
1698 |
lasso_release_string(artifact); |
|
1695 | 1699 |
return LASSO_PROFILE_ERROR_INVALID_ARTIFACT; |
1696 | 1700 |
} |
1697 | 1701 | |
1698 | 1702 |
if (artifact[0] != 0 || artifact[1] != 3) { /* wrong type code */ |
1699 | 1703 |
lasso_release_string(artifact_b64); |
1704 |
lasso_release_string(artifact); |
|
1700 | 1705 |
return LASSO_PROFILE_ERROR_INVALID_ARTIFACT; |
1701 | 1706 |
} |
1702 | 1707 | |
1703 | 1708 |
memcpy(provider_succinct_id, artifact+2, 20); |
1709 |
lasso_release_string(artifact); |
|
1704 | 1710 |
provider_succinct_id[20] = 0; |
1705 | 1711 | |
1706 | 1712 |
provider_succinct_id_b64 = (char*)xmlSecBase64Encode((xmlChar*)provider_succinct_id, 20, 0); |
lasso/id-ff/provider.c | ||
---|---|---|
1434 | 1434 | |
1435 | 1435 |
if (format == LASSO_MESSAGE_FORMAT_BASE64) { |
1436 | 1436 |
int len; |
1437 |
char *msg = g_malloc(strlen(message));
|
|
1438 |
len = xmlSecBase64Decode((xmlChar*)message, (xmlChar*)msg, strlen(message)); |
|
1439 |
if (len < 0) {
|
|
1437 |
char *msg = NULL;
|
|
1438 | ||
1439 |
if (! lasso_base64_decode(message, &msg, &len)) {
|
|
1440 | 1440 |
goto_cleanup_with_rc(LASSO_PROFILE_ERROR_INVALID_MSG); |
1441 | 1441 |
} |
1442 |
doc = lasso_xml_parse_memory(msg, strlen(msg));
|
|
1442 |
doc = lasso_xml_parse_memory(msg, len);
|
|
1443 | 1443 |
lasso_release_string(msg); |
1444 | 1444 |
} else { |
1445 | 1445 |
doc = lasso_xml_parse_memory(message, strlen(message)); |
lasso/id-ff/session.c | ||
---|---|---|
797 | 797 | |
798 | 798 |
xmlNode* |
799 | 799 |
base64_to_xmlNode(xmlChar *buffer) { |
800 |
xmlChar *decoded = NULL; |
|
800 |
char *decoded = NULL; |
|
801 |
int decoded_len = 0; |
|
801 | 802 |
xmlDoc *doc = NULL; |
802 | 803 |
xmlNode *ret = NULL; |
803 |
int l1,l2; |
|
804 | 804 | |
805 |
l1 = 4*strlen((char*)buffer)+2; |
|
806 |
decoded = g_malloc(l1); |
|
807 |
l2 = xmlSecBase64Decode(buffer, decoded, l1); |
|
808 |
if (l2 < 0) |
|
805 |
if (! lasso_base64_decode((char*)buffer, &decoded, &decoded_len)) |
|
809 | 806 |
goto cleanup; |
810 |
doc = xmlParseMemory((char*)decoded, l2);
|
|
807 |
doc = xmlParseMemory(decoded, decoded_len);
|
|
811 | 808 |
if (doc == NULL) |
812 | 809 |
goto cleanup; |
813 | 810 |
ret = xmlDocGetRootElement(doc); |
814 | 811 |
if (ret) { |
815 |
ret = xmlCopyNode(ret, 1); |
|
812 |
ret = xmlCopyNode(ret, 1);
|
|
816 | 813 |
} |
817 | 814 |
cleanup: |
818 |
lasso_release(decoded); |
|
815 |
lasso_release_string(decoded);
|
|
819 | 816 |
lasso_release_doc(doc); |
820 | 817 | |
821 | 818 |
return ret; |
lasso/saml-2.0/profile.c | ||
---|---|---|
288 | 288 |
char *artifact_b64 = NULL; |
289 | 289 |
xmlChar *provider_succinct_id_b64 = NULL; |
290 | 290 |
char *provider_succinct_id[21]; |
291 |
char artifact[45]; |
|
291 |
char *artifact = NULL; |
|
292 |
int artifact_len = 0; |
|
292 | 293 |
LassoSamlp2RequestAbstract *request = NULL; |
293 | 294 |
LassoProvider *remote_provider = NULL; |
294 | 295 |
int i = 0; |
... | ... | |
307 | 308 |
return LASSO_PROFILE_ERROR_MISSING_ARTIFACT; |
308 | 309 |
} |
309 | 310 |
} else if (method == LASSO_HTTP_METHOD_ARTIFACT_POST) { |
310 |
artifact_b64 = g_strdup(msg);
|
|
311 |
lasso_assign_string(artifact_b64, msg);
|
|
311 | 312 |
} else { |
312 | 313 |
return critical_error(LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD); |
313 | 314 |
} |
314 | 315 | |
315 |
i = xmlSecBase64Decode((xmlChar*)artifact_b64, (xmlChar*)artifact, 45); |
|
316 |
if (i < 0 || i > 44) { |
|
317 |
lasso_release_string(artifact_b64); |
|
318 |
return LASSO_PROFILE_ERROR_INVALID_ARTIFACT; |
|
319 |
} |
|
316 |
goto_cleanup_if_fail_with_rc(lasso_base64_decode(artifact_b64, &artifact, &artifact_len), LASSO_PROFILE_ERROR_INVALID_ARTIFACT); |
|
320 | 317 | |
321 |
if (artifact[0] != 0 || artifact[1] != 4) { /* wrong type code */
|
|
322 |
lasso_release_string(artifact_b64); |
|
323 |
return LASSO_PROFILE_ERROR_INVALID_ARTIFACT;
|
|
324 |
}
|
|
318 |
goto_cleanup_if_fail_with_rc(artifact_len == 44, LASSO_PROFILE_ERROR_INVALID_ARTIFACT);
|
|
319 | ||
320 |
/* wrong type code */
|
|
321 |
goto_cleanup_if_fail_with_rc(artifact[0] == 0 && artifact[1] == 4, LASSO_PROFILE_ERROR_INVALID_ARTIFACT);
|
|
325 | 322 | |
326 | 323 |
memcpy(provider_succinct_id, artifact+4, 20); |
327 | 324 |
provider_succinct_id[20] = 0; |
... | ... | |
330 | 327 | |
331 | 328 |
lasso_assign_new_string(profile->remote_providerID, lasso_server_get_providerID_from_hash( |
332 | 329 |
profile->server, (char*)provider_succinct_id_b64)); |
333 |
lasso_release_xml_string(provider_succinct_id_b64); |
|
334 |
if (profile->remote_providerID == NULL) { |
|
335 |
return LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND; |
|
336 |
} |
|
330 |
goto_cleanup_if_fail_with_rc(profile->remote_providerID, LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND); |
|
337 | 331 | |
338 | 332 |
/* resolve the resolver url using the endpoint index in the artifact string */ |
339 | 333 |
remote_provider = lasso_server_get_provider(profile->server, profile->remote_providerID); |
... | ... | |
342 | 336 |
remote_provider_role, |
343 | 337 |
LASSO_SAML2_METADATA_ELEMENT_ARTIFACT_RESOLUTION_SERVICE, NULL, FALSE, |
344 | 338 |
FALSE, index_endpoint)); |
345 |
if (! profile->msg_url) { |
|
346 |
debug("looking for index endpoint %d", index_endpoint); |
|
347 |
return LASSO_PROFILE_ERROR_ENDPOINT_INDEX_NOT_FOUND; |
|
348 |
} |
|
349 | ||
339 |
goto_cleanup_if_fail_with_rc(profile->msg_url, LASSO_PROFILE_ERROR_ENDPOINT_INDEX_NOT_FOUND); |
|
350 | 340 | |
351 | 341 |
lasso_assign_new_gobject(profile->request, lasso_samlp2_artifact_resolve_new()); |
352 | 342 |
request = LASSO_SAMLP2_REQUEST_ABSTRACT(profile->request); |
353 |
lasso_assign_new_string(LASSO_SAMLP2_ARTIFACT_RESOLVE(request)->Artifact, artifact_b64);
|
|
343 |
lasso_transfer_string(LASSO_SAMLP2_ARTIFACT_RESOLVE(request)->Artifact, artifact_b64);
|
|
354 | 344 |
request->ID = lasso_build_unique_id(32); |
355 | 345 |
lasso_assign_string(request->Version, "2.0"); |
356 | 346 |
request->Issuer = LASSO_SAML2_NAME_ID(lasso_saml2_name_id_new_with_string( |
... | ... | |
361 | 351 |
(LassoNode*)request)); |
362 | 352 | |
363 | 353 |
cleanup: |
354 |
lasso_release_string(artifact_b64); |
|
355 |
lasso_release_string(artifact); |
|
356 |
lasso_release_xml_string(provider_succinct_id_b64); |
|
364 | 357 |
return rc; |
365 | 358 |
} |
366 | 359 |
lasso/xml/tools.c | ||
---|---|---|
1402 | 1402 |
gboolean |
1403 | 1403 |
lasso_node_init_from_deflated_query_part(LassoNode *node, char *deflate_string) |
1404 | 1404 |
{ |
1405 |
int len; |
|
1406 |
xmlChar *b64_zre, *zre, *re; |
|
1407 |
xmlDoc *doc; |
|
1408 |
xmlNode *root; |
|
1409 | ||
1410 |
b64_zre = (xmlChar*)xmlURIUnescapeString(deflate_string, 0, NULL); |
|
1411 |
len = strlen((char*)b64_zre); |
|
1412 |
zre = xmlMalloc(len*4); |
|
1413 |
len = xmlSecBase64Decode(b64_zre, zre, len*4); |
|
1414 |
xmlFree(b64_zre); |
|
1415 |
if (len == -1) { |
|
1416 |
message(G_LOG_LEVEL_CRITICAL, "Failed to base64-decode query"); |
|
1417 |
xmlFree(zre); |
|
1418 |
return FALSE; |
|
1419 |
} |
|
1405 |
xmlChar *buffer= NULL; |
|
1406 |
char *decoded = NULL; |
|
1407 |
int decoded_len = 0; |
|
1408 |
xmlChar *re = NULL; |
|
1409 |
size_t re_len = 0; |
|
1410 |
xmlDoc *doc = NULL; |
|
1411 |
xmlNode *root = NULL; |
|
1412 |
gboolean rc = TRUE; |
|
1420 | 1413 | |
1421 |
re = lasso_inflate(zre, len);
|
|
1422 |
xmlFree(zre);
|
|
1414 |
buffer = (xmlChar*)xmlURIUnescapeString(deflate_string, 0, NULL);
|
|
1415 |
goto_cleanup_if_fail_with_rc(lasso_base64_decode((char*)buffer, &decoded, &decoded_len), FALSE);
|
|
1423 | 1416 | |
1424 |
if (! re)
|
|
1425 |
return FALSE;
|
|
1417 |
re = lasso_inflate((unsigned char*)decoded, decoded_len, &re_len);
|
|
1418 |
goto_cleanup_if_fail_with_rc_with_warning(re != NULL, FALSE);
|
|
1426 | 1419 | |
1427 | 1420 |
doc = lasso_xml_parse_memory((char*)re, strlen((char*)re)); |
1428 |
lasso_release_string(re);
|
|
1421 |
goto_cleanup_if_fail_with_rc_with_warning(doc != NULL, FALSE);
|
|
1429 | 1422 | |
1430 | 1423 |
root = xmlDocGetRootElement(doc); |
1431 | 1424 |
lasso_node_init_from_xml(node, root); |
1425 |
cleanup: |
|
1426 |
lasso_release_xml_string(buffer); |
|
1427 |
lasso_release_string(decoded); |
|
1428 |
lasso_release_string(re); |
|
1432 | 1429 |
lasso_release_doc(doc); |
1433 | ||
1434 |
return TRUE; |
|
1430 |
return rc; |
|
1435 | 1431 |
} |
1436 | 1432 | |
1437 | 1433 |
char* |
... | ... | |
1892 | 1888 |
LassoMessageFormat |
1893 | 1889 |
lasso_xml_parse_message(const char *message, LassoMessageFormat constraint, xmlDoc **doc_out, xmlNode **root_out) |
1894 | 1890 |
{ |
1895 |
char *msg = NULL; |
|
1896 |
gboolean b64 = FALSE; |
|
1891 |
const char *msg = NULL; |
|
1892 |
int msg_len = 0; |
|
1893 |
char *base64_decoded_message = NULL; |
|
1897 | 1894 |
LassoMessageFormat rc = LASSO_MESSAGE_FORMAT_UNKNOWN; |
1898 | 1895 |
xmlDoc *doc = NULL; |
1899 | 1896 |
xmlNode *root = NULL; |
1900 | 1897 |
gboolean any = constraint == LASSO_MESSAGE_FORMAT_UNKNOWN; |
1901 | 1898 | |
1902 |
msg = (char*)message; |
|
1903 | ||
1904 | 1899 |
/* BASE64 case */ |
1905 | 1900 |
if (any || constraint == LASSO_MESSAGE_FORMAT_BASE64) { |
1906 | 1901 |
if (message[0] != 0 && is_base64(message)) { |
1907 |
msg = g_malloc(strlen(message)); |
|
1908 |
rc = xmlSecBase64Decode((xmlChar*)message, (xmlChar*)msg, strlen(message)); |
|
1909 |
if (rc >= 0) { |
|
1910 |
b64 = TRUE; |
|
1911 |
} else { |
|
1912 |
lasso_release(msg); |
|
1913 |
msg = (char*)message; |
|
1902 |
if (lasso_base64_decode(message, &base64_decoded_message, &msg_len)) { |
|
1903 |
rc = LASSO_MESSAGE_FORMAT_BASE64; |
|
1904 |
msg = base64_decoded_message; |
|
1914 | 1905 |
} |
1915 | 1906 |
} |
1916 | 1907 |
} |
1917 | 1908 | |
1909 |
if (! msg) { |
|
1910 |
msg = message; |
|
1911 |
msg_len = strlen(message); |
|
1912 |
} |
|
1913 | ||
1918 | 1914 |
/* XML case */ |
1919 | 1915 |
if (any || constraint == LASSO_MESSAGE_FORMAT_BASE64 || |
1920 | 1916 |
constraint == LASSO_MESSAGE_FORMAT_XML || |
1921 | 1917 |
constraint == LASSO_MESSAGE_FORMAT_SOAP) { |
1922 | 1918 |
if (strchr(msg, '<')) { |
1923 |
doc = lasso_xml_parse_memory(msg, strlen(msg));
|
|
1919 |
doc = lasso_xml_parse_memory(msg, msg_len);
|
|
1924 | 1920 |
if (doc == NULL) { |
1925 | 1921 |
rc = LASSO_MESSAGE_FORMAT_UNKNOWN; |
1926 | 1922 |
goto cleanup; |
1927 | 1923 |
} |
1928 | 1924 |
root = xmlDocGetRootElement(doc); |
1925 |
if (! root) { |
|
1926 |
rc = LASSO_MESSAGE_FORMAT_ERROR; |
|
1927 |
goto cleanup; |
|
1928 |
} |
|
1929 | 1929 | |
1930 | 1930 |
if (any || constraint == LASSO_MESSAGE_FORMAT_SOAP) { |
1931 | 1931 |
gboolean is_soap = FALSE; |
... | ... | |
1934 | 1934 |
if (is_soap) { |
1935 | 1935 |
root = lasso_xml_get_soap_content(root); |
1936 | 1936 |
} |
1937 |
if (! root) { |
|
1938 |
rc = LASSO_MESSAGE_FORMAT_ERROR; |
|
1939 |
goto cleanup; |
|
1940 |
} |
|
1941 | 1937 |
if (is_soap) { |
1942 | 1938 |
rc = LASSO_MESSAGE_FORMAT_SOAP; |
1943 | 1939 |
goto cleanup; |
1944 | 1940 |
} |
1945 |
if (b64) { |
|
1946 |
lasso_release(msg); |
|
1947 |
rc = LASSO_MESSAGE_FORMAT_BASE64; |
|
1941 |
if (rc == LASSO_MESSAGE_FORMAT_BASE64) { |
|
1948 | 1942 |
goto cleanup; |
1949 | 1943 |
} |
1950 | 1944 |
rc = LASSO_MESSAGE_FORMAT_XML; |
1951 |
goto cleanup; |
|
1952 | 1945 |
} |
1953 | 1946 |
} |
1954 | 1947 |
} |
1955 | 1948 | |
1956 | 1949 |
cleanup: |
1950 |
lasso_release(base64_decoded_message); |
|
1957 | 1951 |
if (doc_out) { |
1958 | 1952 |
*doc_out = doc; |
1959 | 1953 |
if (root_out) { |
... | ... | |
1961 | 1955 |
} |
1962 | 1956 |
} else { |
1963 | 1957 |
lasso_release_doc(doc); |
1964 |
lasso_release_xml_node(root); |
|
1965 | 1958 |
} |
1966 | 1959 |
return rc; |
1967 | 1960 |
} |
... | ... | |
2665 | 2658 | |
2666 | 2659 |
gboolean |
2667 | 2660 |
lasso_get_base64_content(xmlNode *node, char **content, size_t *length) { |
2668 |
xmlChar *base64, *stripped_base64; |
|
2669 |
xmlChar *result; |
|
2670 |
int base64_length; |
|
2671 |
int rc = 0; |
|
2661 |
xmlChar *base64 = NULL; |
|
2662 |
xmlChar *stripped_base64 = NULL; |
|
2663 |
char *decoded = NULL; |
|
2664 |
int decoded_length = 0; |
|
2665 |
int rc = TRUE; |
|
2672 | 2666 | |
2673 |
if (! node || ! content || ! length) |
|
2674 |
return FALSE; |
|
2667 |
goto_cleanup_if_fail_with_rc(node && content && length, FALSE); |
|
2675 | 2668 | |
2676 | 2669 |
base64 = xmlNodeGetContent(node); |
2677 |
if (! base64) |
|
2678 |
return FALSE; |
|
2679 |
stripped_base64 = base64; |
|
2670 |
goto_cleanup_if_fail_with_rc(base64, FALSE); |
|
2671 | ||
2680 | 2672 |
/* skip spaces */ |
2673 |
stripped_base64 = base64; |
|
2681 | 2674 |
while (*stripped_base64 && isspace(*stripped_base64)) |
2682 | 2675 |
stripped_base64++; |
2683 | 2676 | |
2684 |
base64_length = strlen((char*)stripped_base64); |
|
2685 |
result = g_new(xmlChar, base64_length); |
|
2686 |
xmlSecErrorsDefaultCallbackEnableOutput(FALSE); |
|
2687 |
rc = xmlSecBase64Decode(stripped_base64, result, base64_length); |
|
2688 |
xmlSecErrorsDefaultCallbackEnableOutput(TRUE); |
|
2689 |
xmlFree(base64); |
|
2690 |
if (rc < 0) { |
|
2691 |
return FALSE; |
|
2692 |
} else { |
|
2693 |
*content = (char*)g_memdup(result, rc); |
|
2694 |
xmlFree(result); |
|
2695 |
*length = rc; |
|
2696 |
return TRUE; |
|
2697 |
} |
|
2677 |
goto_cleanup_if_fail_with_rc(lasso_base64_decode((char*)stripped_base64, &decoded, &decoded_length), FALSE); |
|
2678 |
lasso_transfer_string(*content, decoded); |
|
2679 |
*length = decoded_length; |
|
2680 |
cleanup: |
|
2681 |
lasso_release_xml_string(base64); |
|
2682 |
lasso_release_string(decoded); |
|
2683 |
return rc; |
|
2684 | ||
2698 | 2685 |
} |
2699 | 2686 | |
2700 | 2687 |
xmlSecKeyPtr |
... | ... | |
3191 | 3178 |
lasso_get_saml_message(xmlChar **query_fields) { |
3192 | 3179 |
int i = 0; |
3193 | 3180 |
char *enc = NULL; |
3194 |
char *message = NULL; |
|
3181 |
char *raw_message = NULL; |
|
3182 |
char *gziped_message = NULL; |
|
3183 |
int gziped_message_len = 0; |
|
3195 | 3184 |
char *saml_message = NULL; |
3196 |
char *decoded_message = NULL;
|
|
3185 |
size_t saml_message_len = 0;
|
|
3197 | 3186 |
xmlChar *field = NULL; |
3198 | 3187 |
char *t = NULL; |
3199 |
int rc = 0; |
|
3200 |
int len = 0; |
|
3201 | 3188 | |
3202 | 3189 |
for (i=0; (field=query_fields[i]); i++) { |
3203 | 3190 |
t = strchr((char*)field, '='); |
... | ... | |
3209 | 3196 |
continue; |
3210 | 3197 |
} |
3211 | 3198 |
if (strcmp((char*)field, LASSO_SAML2_FIELD_REQUEST) == 0 || strcmp((char*)field, LASSO_SAML2_FIELD_RESPONSE) == 0) { |
3212 |
message = t+1; |
|
3199 |
raw_message = t+1;
|
|
3213 | 3200 |
continue; |
3214 | 3201 |
} |
3215 | 3202 |
} |
3216 |
if (message == NULL) { |
|
3203 |
if (raw_message == NULL) {
|
|
3217 | 3204 |
return NULL; |
3218 | 3205 |
} |
3219 | 3206 |
if (enc && strcmp(enc, LASSO_SAML2_DEFLATE_ENCODING) != 0) { |
... | ... | |
3221 | 3208 |
debug("Unknown URL encoding: %64s", enc); |
3222 | 3209 |
return NULL; |
3223 | 3210 |
} |
3224 |
len = strlen(message); |
|
3225 |
decoded_message = g_malloc(len); |
|
3226 |
if (! is_base64(message)) { |
|
3227 |
debug("message is not base64"); |
|
3228 |
goto cleanup; |
|
3229 |
} |
|
3230 |
rc = xmlSecBase64Decode((xmlChar*)message, (xmlChar*)decoded_message, len); |
|
3231 |
if (rc < 0) { |
|
3232 |
debug("could not decode redirect SAML message"); |
|
3233 |
goto cleanup; |
|
3234 |
} |
|
3235 |
/* rc contains the length of the result */ |
|
3236 |
saml_message = (char*)lasso_inflate((unsigned char*) decoded_message, rc); |
|
3211 | ||
3212 |
goto_cleanup_if_fail(lasso_base64_decode(raw_message, &gziped_message, &gziped_message_len)) |
|
3213 |
saml_message = (char*)lasso_inflate((unsigned char*)gziped_message, gziped_message_len, &saml_message_len); |
|
3237 | 3214 |
cleanup: |
3238 |
if (decoded_message) { |
|
3239 |
lasso_release(decoded_message); |
|
3240 |
} |
|
3215 |
lasso_release_string(gziped_message); |
|
3216 | ||
3241 | 3217 |
return saml_message; |
3242 | 3218 |
} |
3243 | 3219 | |
... | ... | |
3253 | 3229 |
char *needle; |
3254 | 3230 |
xmlChar **query_fields = NULL; |
3255 | 3231 |
char *decoded_message = NULL; |
3232 |
int decoded_message_len = 0; |
|
3256 | 3233 |
xmlTextReader *reader = NULL; |
3257 | 3234 | |
3258 | 3235 |
g_assert(to_free); |
... | ... | |
3268 | 3245 |
} |
3269 | 3246 |
len = strlen(message); |
3270 | 3247 |
} else { /* POST */ |
3271 |
int rc = 0; |
|
3272 | ||
3273 | 3248 |
if (! is_base64(message)) { |
3274 | 3249 |
debug("POST message is not base64"); |
3275 | 3250 |
goto cleanup; |
3276 | 3251 |
} |
3277 |
decoded_message = g_malloc(len); |
|
3278 |
rc = xmlSecBase64Decode((xmlChar*)message, (xmlChar*)decoded_message, len); |
|
3279 |
if (rc < 0) { |
|
3252 |
if (! lasso_base64_decode(message, &decoded_message, &decoded_message_len)) { |
|
3280 | 3253 |
debug("could not decode POST SAML message"); |
3281 | 3254 |
goto cleanup; |
3282 | 3255 |
} |
3283 |
len = rc; |
|
3284 |
decoded_message[len] = '\0'; |
|
3285 |
message = *to_free = decoded_message; |
|
3286 |
decoded_message = NULL; |
|
3256 |
message = decoded_message; |
|
3257 |
len = decoded_message_len; |
|
3258 |
lasso_transfer_string(*to_free, decoded_message); |
|
3287 | 3259 |
} |
3288 | 3260 |
} |
3289 | 3261 | |
... | ... | |
3291 | 3263 |
reader = xmlReaderForMemory(message, len, "", NULL, XML_PARSE_NONET); |
3292 | 3264 | |
3293 | 3265 |
cleanup: |
3294 |
if (query_fields) |
|
3295 |
lasso_release_array_of_xml_strings(query_fields); |
|
3296 |
if (decoded_message) |
|
3297 |
lasso_release_string(decoded_message); |
|
3266 |
lasso_release_array_of_xml_strings(query_fields); |
|
3267 |
lasso_release_string(decoded_message); |
|
3298 | 3268 |
return reader; |
3299 | 3269 |
} |
lasso/xml/xml.c | ||
---|---|---|
2534 | 2534 |
LassoMessageFormat |
2535 | 2535 |
lasso_node_init_from_message_with_format(LassoNode *node, const char *message, LassoMessageFormat constraint, xmlDoc **doc_out, xmlNode **root_out) |
2536 | 2536 |
{ |
2537 |
char *msg = NULL; |
|
2537 |
char *decoded_msg = NULL; |
|
2538 |
int decoded_msg_len = 0; |
|
2539 |
const char *msg = NULL; |
|
2538 | 2540 |
gboolean b64 = FALSE; |
2539 | 2541 |
LassoMessageFormat rc = LASSO_MESSAGE_FORMAT_ERROR; |
2540 | 2542 |
xmlDoc *doc = NULL; |
... | ... | |
2546 | 2548 |
/* BASE64 case */ |
2547 | 2549 |
if (any || constraint == LASSO_MESSAGE_FORMAT_BASE64) { |
2548 | 2550 |
if (message[0] != 0 && is_base64(message)) { |
2549 |
int rc = 0; |
|
2550 | ||
2551 |
msg = g_malloc(strlen(message)); |
|
2552 |
rc = xmlSecBase64Decode((xmlChar*)message, (xmlChar*)msg, strlen(message)); |
|
2553 |
if (rc >= 0) { |
|
2551 |
if (lasso_base64_decode(message, &decoded_msg, &decoded_msg_len)) { |
|
2554 | 2552 |
b64 = TRUE; |
2553 |
msg = decoded_msg; |
|
2555 | 2554 |
} else { |
2556 |
lasso_release(msg); |
|
2557 |
msg = (char*)message; |
|
2555 |
msg = message; |
|
2558 | 2556 |
} |
2559 | 2557 |
} |
2560 | 2558 |
} |
... | ... | |
2589 | 2587 |
goto cleanup; |
2590 | 2588 |
} |
2591 | 2589 |
if (b64) { |
2592 |
lasso_release(msg); |
|
2593 | 2590 |
rc = LASSO_MESSAGE_FORMAT_BASE64; |
2594 | 2591 |
goto cleanup; |
2595 | 2592 |
} |
... | ... | |
2612 | 2609 |
} |
2613 | 2610 | |
2614 | 2611 |
cleanup: |
2612 |
lasso_release_string(decoded_msg); |
|
2615 | 2613 |
if (doc_out) { |
2616 | 2614 |
*doc_out = doc; |
2617 | 2615 |
if (root_out) { |
2618 |
- |