0004-Replace-all-use-of-xmlSecBase64Decode-by-lasso_base6.patch
lasso/id-ff/login.c | ||
---|---|---|
1652 | 1652 |
int i; |
1653 | 1653 |
char *artifact_b64 = NULL, *provider_succinct_id_b64; |
1654 | 1654 |
char provider_succinct_id[21]; |
1655 |
char artifact[43]; |
|
1655 |
char *artifact = NULL; |
|
1656 |
int artifact_len = 0; |
|
1656 | 1657 |
LassoSamlpRequestAbstract *request; |
1657 | 1658 |
LassoProfile *profile; |
1658 | 1659 | |
... | ... | |
1689 | 1690 |
lasso_assign_string(artifact_b64, response_msg); |
1690 | 1691 |
} |
1691 | 1692 | |
1692 |
i = xmlSecBase64Decode((xmlChar*)artifact_b64, (xmlChar*)artifact, 43); |
|
1693 |
if (i < 0 || i > 42) { |
|
1693 |
if (! lasso_base64_decode(artifact_b64, &artifact, &artifact_len)) { |
|
1694 |
return LASSO_PROFILE_ERROR_INVALID_ARTIFACT; |
|
1695 |
} |
|
1696 |
if (artifact_len != 42) { |
|
1694 | 1697 |
lasso_release_string(artifact_b64); |
1698 |
lasso_release_string(artifact); |
|
1695 | 1699 |
return LASSO_PROFILE_ERROR_INVALID_ARTIFACT; |
1696 | 1700 |
} |
1697 | 1701 | |
1698 | 1702 |
if (artifact[0] != 0 || artifact[1] != 3) { /* wrong type code */ |
1699 | 1703 |
lasso_release_string(artifact_b64); |
1704 |
lasso_release_string(artifact); |
|
1700 | 1705 |
return LASSO_PROFILE_ERROR_INVALID_ARTIFACT; |
1701 | 1706 |
} |
1702 | 1707 | |
1703 | 1708 |
memcpy(provider_succinct_id, artifact+2, 20); |
1709 |
lasso_release_string(artifact); |
|
1704 | 1710 |
provider_succinct_id[20] = 0; |
1705 | 1711 | |
1706 | 1712 |
provider_succinct_id_b64 = (char*)xmlSecBase64Encode((xmlChar*)provider_succinct_id, 20, 0); |
lasso/id-ff/provider.c | ||
---|---|---|
1434 | 1434 | |
1435 | 1435 |
if (format == LASSO_MESSAGE_FORMAT_BASE64) { |
1436 | 1436 |
int len; |
1437 |
char *msg = g_malloc(strlen(message));
|
|
1438 |
len = xmlSecBase64Decode((xmlChar*)message, (xmlChar*)msg, strlen(message)); |
|
1439 |
if (len < 0) {
|
|
1437 |
char *msg = NULL;
|
|
1438 | ||
1439 |
if (! lasso_base64_decode(message, &msg, &len)) {
|
|
1440 | 1440 |
goto_cleanup_with_rc(LASSO_PROFILE_ERROR_INVALID_MSG); |
1441 | 1441 |
} |
1442 |
doc = lasso_xml_parse_memory(msg, strlen(msg));
|
|
1442 |
doc = lasso_xml_parse_memory(msg, len);
|
|
1443 | 1443 |
lasso_release_string(msg); |
1444 | 1444 |
} else { |
1445 | 1445 |
doc = lasso_xml_parse_memory(message, strlen(message)); |
lasso/id-ff/session.c | ||
---|---|---|
797 | 797 | |
798 | 798 |
xmlNode* |
799 | 799 |
base64_to_xmlNode(xmlChar *buffer) { |
800 |
xmlChar *decoded = NULL; |
|
800 |
char *decoded = NULL; |
|
801 |
int decoded_len = 0; |
|
801 | 802 |
xmlDoc *doc = NULL; |
802 | 803 |
xmlNode *ret = NULL; |
803 |
int l1,l2; |
|
804 | 804 | |
805 |
l1 = 4*strlen((char*)buffer)+2; |
|
806 |
decoded = g_malloc(l1); |
|
807 |
l2 = xmlSecBase64Decode(buffer, decoded, l1); |
|
808 |
if (l2 < 0) |
|
805 |
if (! lasso_base64_decode((char*)buffer, &decoded, &decoded_len)) |
|
809 | 806 |
goto cleanup; |
810 |
doc = xmlParseMemory((char*)decoded, l2);
|
|
807 |
doc = xmlParseMemory(decoded, decoded_len);
|
|
811 | 808 |
if (doc == NULL) |
812 | 809 |
goto cleanup; |
813 | 810 |
ret = xmlDocGetRootElement(doc); |
814 | 811 |
if (ret) { |
815 |
ret = xmlCopyNode(ret, 1); |
|
812 |
ret = xmlCopyNode(ret, 1);
|
|
816 | 813 |
} |
817 | 814 |
cleanup: |
818 |
lasso_release(decoded); |
|
815 |
lasso_release_string(decoded);
|
|
819 | 816 |
lasso_release_doc(doc); |
820 | 817 | |
821 | 818 |
return ret; |
lasso/saml-2.0/profile.c | ||
---|---|---|
288 | 288 |
char *artifact_b64 = NULL; |
289 | 289 |
xmlChar *provider_succinct_id_b64 = NULL; |
290 | 290 |
char *provider_succinct_id[21]; |
291 |
char artifact[45]; |
|
291 |
char *artifact = NULL; |
|
292 |
int artifact_len = 0; |
|
292 | 293 |
LassoSamlp2RequestAbstract *request = NULL; |
293 | 294 |
LassoProvider *remote_provider = NULL; |
294 | 295 |
int i = 0; |
... | ... | |
307 | 308 |
return LASSO_PROFILE_ERROR_MISSING_ARTIFACT; |
308 | 309 |
} |
309 | 310 |
} else if (method == LASSO_HTTP_METHOD_ARTIFACT_POST) { |
310 |
artifact_b64 = g_strdup(msg);
|
|
311 |
lasso_assign_string(artifact_b64, msg);
|
|
311 | 312 |
} else { |
312 | 313 |
return critical_error(LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD); |
313 | 314 |
} |
314 | 315 | |
315 |
i = xmlSecBase64Decode((xmlChar*)artifact_b64, (xmlChar*)artifact, 45); |
|
316 |
if (i < 0 || i > 44) { |
|
317 |
lasso_release_string(artifact_b64); |
|
318 |
return LASSO_PROFILE_ERROR_INVALID_ARTIFACT; |
|
319 |
} |
|
316 |
goto_cleanup_if_fail_with_rc(lasso_base64_decode(artifact_b64, &artifact, &artifact_len), LASSO_PROFILE_ERROR_INVALID_ARTIFACT); |
|
320 | 317 | |
321 |
if (artifact[0] != 0 || artifact[1] != 4) { /* wrong type code */
|
|
322 |
lasso_release_string(artifact_b64); |
|
323 |
return LASSO_PROFILE_ERROR_INVALID_ARTIFACT;
|
|
324 |
}
|
|
318 |
goto_cleanup_if_fail_with_rc(artifact_len == 44, LASSO_PROFILE_ERROR_INVALID_ARTIFACT);
|
|
319 | ||
320 |
/* wrong type code */
|
|
321 |
goto_cleanup_if_fail_with_rc(artifact[0] == 0 && artifact[1] == 4, LASSO_PROFILE_ERROR_INVALID_ARTIFACT);
|
|
325 | 322 | |
326 | 323 |
memcpy(provider_succinct_id, artifact+4, 20); |
327 | 324 |
provider_succinct_id[20] = 0; |
... | ... | |
330 | 327 | |
331 | 328 |
lasso_assign_new_string(profile->remote_providerID, lasso_server_get_providerID_from_hash( |
332 | 329 |
profile->server, (char*)provider_succinct_id_b64)); |
333 |
lasso_release_xml_string(provider_succinct_id_b64); |
|
334 |
if (profile->remote_providerID == NULL) { |
|
335 |
return LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND; |
|
336 |
} |
|
330 |
goto_cleanup_if_fail_with_rc(profile->remote_providerID, LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND); |
|
337 | 331 | |
338 | 332 |
/* resolve the resolver url using the endpoint index in the artifact string */ |
339 | 333 |
remote_provider = lasso_server_get_provider(profile->server, profile->remote_providerID); |
... | ... | |
342 | 336 |
remote_provider_role, |
343 | 337 |
LASSO_SAML2_METADATA_ELEMENT_ARTIFACT_RESOLUTION_SERVICE, NULL, FALSE, |
344 | 338 |
FALSE, index_endpoint)); |
345 |
if (! profile->msg_url) { |
|
346 |
debug("looking for index endpoint %d", index_endpoint); |
|
347 |
return LASSO_PROFILE_ERROR_ENDPOINT_INDEX_NOT_FOUND; |
|
348 |
} |
|
349 | ||
339 |
goto_cleanup_if_fail_with_rc(profile->msg_url, LASSO_PROFILE_ERROR_ENDPOINT_INDEX_NOT_FOUND); |
|
350 | 340 | |
351 | 341 |
lasso_assign_new_gobject(profile->request, lasso_samlp2_artifact_resolve_new()); |
352 | 342 |
request = LASSO_SAMLP2_REQUEST_ABSTRACT(profile->request); |
353 |
lasso_assign_new_string(LASSO_SAMLP2_ARTIFACT_RESOLVE(request)->Artifact, artifact_b64);
|
|
343 |
lasso_transfer_string(LASSO_SAMLP2_ARTIFACT_RESOLVE(request)->Artifact, artifact_b64);
|
|
354 | 344 |
request->ID = lasso_build_unique_id(32); |
355 | 345 |
lasso_assign_string(request->Version, "2.0"); |
356 | 346 |
request->Issuer = LASSO_SAML2_NAME_ID(lasso_saml2_name_id_new_with_string( |
... | ... | |
361 | 351 |
(LassoNode*)request)); |
362 | 352 | |
363 | 353 |
cleanup: |
354 |
lasso_release_string(artifact_b64); |
|
355 |
lasso_release_string(artifact); |
|
356 |
lasso_release_xml_string(provider_succinct_id_b64); |
|
364 | 357 |
return rc; |
365 | 358 |
} |
366 | 359 |
lasso/xml/tools.c | ||
---|---|---|
1409 | 1409 |
gboolean |
1410 | 1410 |
lasso_node_init_from_deflated_query_part(LassoNode *node, char *deflate_string) |
1411 | 1411 |
{ |
1412 |
int len; |
|
1413 |
xmlChar *b64_zre, *zre, *re; |
|
1414 |
xmlDoc *doc; |
|
1415 |
xmlNode *root; |
|
1416 | ||
1417 |
b64_zre = (xmlChar*)xmlURIUnescapeString(deflate_string, 0, NULL); |
|
1418 |
len = strlen((char*)b64_zre); |
|
1419 |
zre = xmlMalloc(len*4); |
|
1420 |
len = xmlSecBase64Decode(b64_zre, zre, len*4); |
|
1421 |
xmlFree(b64_zre); |
|
1422 |
if (len == -1) { |
|
1423 |
message(G_LOG_LEVEL_CRITICAL, "Failed to base64-decode query"); |
|
1424 |
xmlFree(zre); |
|
1425 |
return FALSE; |
|
1426 |
} |
|
1412 |
xmlChar *buffer= NULL; |
|
1413 |
char *decoded = NULL; |
|
1414 |
int decoded_len = 0; |
|
1415 |
xmlChar *re = NULL; |
|
1416 |
size_t re_len = 0; |
|
1417 |
xmlDoc *doc = NULL; |
|
1418 |
xmlNode *root = NULL; |
|
1419 |
gboolean rc = TRUE; |
|
1427 | 1420 | |
1428 |
re = lasso_inflate(zre, len);
|
|
1429 |
xmlFree(zre);
|
|
1421 |
buffer = (xmlChar*)xmlURIUnescapeString(deflate_string, 0, NULL);
|
|
1422 |
goto_cleanup_if_fail_with_rc(lasso_base64_decode((char*)buffer, &decoded, &decoded_len), FALSE);
|
|
1430 | 1423 | |
1431 |
if (! re)
|
|
1432 |
return FALSE;
|
|
1424 |
re = lasso_inflate((unsigned char*)decoded, decoded_len, &re_len);
|
|
1425 |
goto_cleanup_if_fail_with_rc_with_warning(re != NULL, FALSE);
|
|
1433 | 1426 | |
1434 | 1427 |
doc = lasso_xml_parse_memory((char*)re, strlen((char*)re)); |
1435 |
lasso_release_string(re);
|
|
1428 |
goto_cleanup_if_fail_with_rc_with_warning(doc != NULL, FALSE);
|
|
1436 | 1429 | |
1437 | 1430 |
root = xmlDocGetRootElement(doc); |
1438 | 1431 |
lasso_node_init_from_xml(node, root); |
1432 |
cleanup: |
|
1433 |
lasso_release_xml_string(buffer); |
|
1434 |
lasso_release_string(decoded); |
|
1435 |
lasso_release_string(re); |
|
1439 | 1436 |
lasso_release_doc(doc); |
1440 | ||
1441 |
return TRUE; |
|
1437 |
return rc; |
|
1442 | 1438 |
} |
1443 | 1439 | |
1444 | 1440 |
char* |
... | ... | |
1899 | 1895 |
LassoMessageFormat |
1900 | 1896 |
lasso_xml_parse_message(const char *message, LassoMessageFormat constraint, xmlDoc **doc_out, xmlNode **root_out) |
1901 | 1897 |
{ |
1902 |
char *msg = NULL; |
|
1903 |
gboolean b64 = FALSE; |
|
1898 |
const char *msg = NULL; |
|
1899 |
int msg_len = 0; |
|
1900 |
char *base64_decoded_message = NULL; |
|
1904 | 1901 |
LassoMessageFormat rc = LASSO_MESSAGE_FORMAT_UNKNOWN; |
1905 | 1902 |
xmlDoc *doc = NULL; |
1906 | 1903 |
xmlNode *root = NULL; |
1907 | 1904 |
gboolean any = constraint == LASSO_MESSAGE_FORMAT_UNKNOWN; |
1908 | 1905 | |
1909 |
msg = (char*)message; |
|
1910 | ||
1911 | 1906 |
/* BASE64 case */ |
1912 | 1907 |
if (any || constraint == LASSO_MESSAGE_FORMAT_BASE64) { |
1913 | 1908 |
if (message[0] != 0 && is_base64(message)) { |
1914 |
msg = g_malloc(strlen(message)); |
|
1915 |
rc = xmlSecBase64Decode((xmlChar*)message, (xmlChar*)msg, strlen(message)); |
|
1916 |
if (rc >= 0) { |
|
1917 |
b64 = TRUE; |
|
1918 |
} else { |
|
1919 |
lasso_release(msg); |
|
1920 |
msg = (char*)message; |
|
1909 |
if (lasso_base64_decode(message, &base64_decoded_message, &msg_len)) { |
|
1910 |
rc = LASSO_MESSAGE_FORMAT_BASE64; |
|
1911 |
msg = base64_decoded_message; |
|
1921 | 1912 |
} |
1922 | 1913 |
} |
1923 | 1914 |
} |
1924 | 1915 | |
1916 |
if (! msg) { |
|
1917 |
msg = message; |
|
1918 |
msg_len = strlen(message); |
|
1919 |
} |
|
1920 | ||
1925 | 1921 |
/* XML case */ |
1926 | 1922 |
if (any || constraint == LASSO_MESSAGE_FORMAT_BASE64 || |
1927 | 1923 |
constraint == LASSO_MESSAGE_FORMAT_XML || |
1928 | 1924 |
constraint == LASSO_MESSAGE_FORMAT_SOAP) { |
1929 | 1925 |
if (strchr(msg, '<')) { |
1930 |
doc = lasso_xml_parse_memory(msg, strlen(msg));
|
|
1926 |
doc = lasso_xml_parse_memory(msg, msg_len);
|
|
1931 | 1927 |
if (doc == NULL) { |
1932 | 1928 |
rc = LASSO_MESSAGE_FORMAT_UNKNOWN; |
1933 | 1929 |
goto cleanup; |
1934 | 1930 |
} |
1935 | 1931 |
root = xmlDocGetRootElement(doc); |
1932 |
if (! root) { |
|
1933 |
rc = LASSO_MESSAGE_FORMAT_ERROR; |
|
1934 |
goto cleanup; |
|
1935 |
} |
|
1936 | 1936 | |
1937 | 1937 |
if (any || constraint == LASSO_MESSAGE_FORMAT_SOAP) { |
1938 | 1938 |
gboolean is_soap = FALSE; |
... | ... | |
1941 | 1941 |
if (is_soap) { |
1942 | 1942 |
root = lasso_xml_get_soap_content(root); |
1943 | 1943 |
} |
1944 |
if (! root) { |
|
1945 |
rc = LASSO_MESSAGE_FORMAT_ERROR; |
|
1946 |
goto cleanup; |
|
1947 |
} |
|
1948 | 1944 |
if (is_soap) { |
1949 | 1945 |
rc = LASSO_MESSAGE_FORMAT_SOAP; |
1950 | 1946 |
goto cleanup; |
1951 | 1947 |
} |
1952 |
if (b64) { |
|
1953 |
lasso_release(msg); |
|
1954 |
rc = LASSO_MESSAGE_FORMAT_BASE64; |
|
1948 |
if (rc == LASSO_MESSAGE_FORMAT_BASE64) { |
|
1955 | 1949 |
goto cleanup; |
1956 | 1950 |
} |
1957 | 1951 |
rc = LASSO_MESSAGE_FORMAT_XML; |
1958 |
goto cleanup; |
|
1959 | 1952 |
} |
1960 | 1953 |
} |
1961 | 1954 |
} |
1962 | 1955 | |
1963 | 1956 |
cleanup: |
1957 |
lasso_release(base64_decoded_message); |
|
1964 | 1958 |
if (doc_out) { |
1965 | 1959 |
*doc_out = doc; |
1966 | 1960 |
if (root_out) { |
... | ... | |
1968 | 1962 |
} |
1969 | 1963 |
} else { |
1970 | 1964 |
lasso_release_doc(doc); |
1971 |
lasso_release_xml_node(root); |
|
1972 | 1965 |
} |
1973 | 1966 |
return rc; |
1974 | 1967 |
} |
... | ... | |
2672 | 2665 | |
2673 | 2666 |
gboolean |
2674 | 2667 |
lasso_get_base64_content(xmlNode *node, char **content, size_t *length) { |
2675 |
xmlChar *base64, *stripped_base64; |
|
2676 |
xmlChar *result; |
|
2677 |
int base64_length; |
|
2678 |
int rc = 0; |
|
2668 |
xmlChar *base64 = NULL; |
|
2669 |
xmlChar *stripped_base64 = NULL; |
|
2670 |
char *decoded = NULL; |
|
2671 |
int decoded_length = 0; |
|
2672 |
int rc = TRUE; |
|
2679 | 2673 | |
2680 |
if (! node || ! content || ! length) |
|
2681 |
return FALSE; |
|
2674 |
goto_cleanup_if_fail_with_rc(node && content && length, FALSE); |
|
2682 | 2675 | |
2683 | 2676 |
base64 = xmlNodeGetContent(node); |
2684 |
if (! base64) |
|
2685 |
return FALSE; |
|
2686 |
stripped_base64 = base64; |
|
2677 |
goto_cleanup_if_fail_with_rc(base64, FALSE); |
|
2678 | ||
2687 | 2679 |
/* skip spaces */ |
2680 |
stripped_base64 = base64; |
|
2688 | 2681 |
while (*stripped_base64 && isspace(*stripped_base64)) |
2689 | 2682 |
stripped_base64++; |
2690 | 2683 | |
2691 |
base64_length = strlen((char*)stripped_base64); |
|
2692 |
result = g_new(xmlChar, base64_length); |
|
2693 |
xmlSecErrorsDefaultCallbackEnableOutput(FALSE); |
|
2694 |
rc = xmlSecBase64Decode(stripped_base64, result, base64_length); |
|
2695 |
xmlSecErrorsDefaultCallbackEnableOutput(TRUE); |
|
2696 |
xmlFree(base64); |
|
2697 |
if (rc < 0) { |
|
2698 |
return FALSE; |
|
2699 |
} else { |
|
2700 |
*content = (char*)g_memdup(result, rc); |
|
2701 |
xmlFree(result); |
|
2702 |
*length = rc; |
|
2703 |
return TRUE; |
|
2704 |
} |
|
2684 |
goto_cleanup_if_fail_with_rc(lasso_base64_decode((char*)stripped_base64, &decoded, &decoded_length), FALSE); |
|
2685 |
lasso_transfer_string(*content, decoded); |
|
2686 |
*length = decoded_length; |
|
2687 |
cleanup: |
|
2688 |
lasso_release_xml_string(base64); |
|
2689 |
lasso_release_string(decoded); |
|
2690 |
return rc; |
|
2691 | ||
2705 | 2692 |
} |
2706 | 2693 | |
2707 | 2694 |
xmlSecKeyPtr |
... | ... | |
3198 | 3185 |
lasso_get_saml_message(xmlChar **query_fields) { |
3199 | 3186 |
int i = 0; |
3200 | 3187 |
char *enc = NULL; |
3201 |
char *message = NULL; |
|
3188 |
char *raw_message = NULL; |
|
3189 |
char *gziped_message = NULL; |
|
3190 |
int gziped_message_len = 0; |
|
3202 | 3191 |
char *saml_message = NULL; |
3203 |
char *decoded_message = NULL;
|
|
3192 |
size_t saml_message_len = 0;
|
|
3204 | 3193 |
xmlChar *field = NULL; |
3205 | 3194 |
char *t = NULL; |
3206 |
int rc = 0; |
|
3207 |
int len = 0; |
|
3208 | 3195 | |
3209 | 3196 |
for (i=0; (field=query_fields[i]); i++) { |
3210 | 3197 |
t = strchr((char*)field, '='); |
... | ... | |
3216 | 3203 |
continue; |
3217 | 3204 |
} |
3218 | 3205 |
if (strcmp((char*)field, LASSO_SAML2_FIELD_REQUEST) == 0 || strcmp((char*)field, LASSO_SAML2_FIELD_RESPONSE) == 0) { |
3219 |
message = t+1; |
|
3206 |
raw_message = t+1;
|
|
3220 | 3207 |
continue; |
3221 | 3208 |
} |
3222 | 3209 |
} |
3223 |
if (message == NULL) { |
|
3210 |
if (raw_message == NULL) {
|
|
3224 | 3211 |
return NULL; |
3225 | 3212 |
} |
3226 | 3213 |
if (enc && strcmp(enc, LASSO_SAML2_DEFLATE_ENCODING) != 0) { |
... | ... | |
3228 | 3215 |
debug("Unknown URL encoding: %64s", enc); |
3229 | 3216 |
return NULL; |
3230 | 3217 |
} |
3231 |
len = strlen(message); |
|
3232 |
decoded_message = g_malloc(len); |
|
3233 |
if (! is_base64(message)) { |
|
3234 |
debug("message is not base64"); |
|
3235 |
goto cleanup; |
|
3236 |
} |
|
3237 |
rc = xmlSecBase64Decode((xmlChar*)message, (xmlChar*)decoded_message, len); |
|
3238 |
if (rc < 0) { |
|
3239 |
debug("could not decode redirect SAML message"); |
|
3240 |
goto cleanup; |
|
3241 |
} |
|
3242 |
/* rc contains the length of the result */ |
|
3243 |
saml_message = (char*)lasso_inflate((unsigned char*) decoded_message, rc); |
|
3218 | ||
3219 |
goto_cleanup_if_fail(lasso_base64_decode(raw_message, &gziped_message, &gziped_message_len)) |
|
3220 |
saml_message = (char*)lasso_inflate((unsigned char*)gziped_message, gziped_message_len, &saml_message_len); |
|
3244 | 3221 |
cleanup: |
3245 |
if (decoded_message) { |
|
3246 |
lasso_release(decoded_message); |
|
3247 |
} |
|
3222 |
lasso_release_string(gziped_message); |
|
3223 | ||
3248 | 3224 |
return saml_message; |
3249 | 3225 |
} |
3250 | 3226 | |
... | ... | |
3260 | 3236 |
char *needle; |
3261 | 3237 |
xmlChar **query_fields = NULL; |
3262 | 3238 |
char *decoded_message = NULL; |
3239 |
int decoded_message_len = 0; |
|
3263 | 3240 |
xmlTextReader *reader = NULL; |
3264 | 3241 | |
3265 | 3242 |
g_assert(to_free); |
... | ... | |
3275 | 3252 |
} |
3276 | 3253 |
len = strlen(message); |
3277 | 3254 |
} else { /* POST */ |
3278 |
int rc = 0; |
|
3279 | ||
3280 | 3255 |
if (! is_base64(message)) { |
3281 | 3256 |
debug("POST message is not base64"); |
3282 | 3257 |
goto cleanup; |
3283 | 3258 |
} |
3284 |
decoded_message = g_malloc(len); |
|
3285 |
rc = xmlSecBase64Decode((xmlChar*)message, (xmlChar*)decoded_message, len); |
|
3286 |
if (rc < 0) { |
|
3259 |
if (! lasso_base64_decode(message, &decoded_message, &decoded_message_len)) { |
|
3287 | 3260 |
debug("could not decode POST SAML message"); |
3288 | 3261 |
goto cleanup; |
3289 | 3262 |
} |
3290 |
len = rc; |
|
3291 |
decoded_message[len] = '\0'; |
|
3292 |
message = *to_free = decoded_message; |
|
3293 |
decoded_message = NULL; |
|
3263 |
message = decoded_message; |
|
3264 |
len = decoded_message_len; |
|
3265 |
lasso_transfer_string(*to_free, decoded_message); |
|
3294 | 3266 |
} |
3295 | 3267 |
} |
3296 | 3268 | |
... | ... | |
3298 | 3270 |
reader = xmlReaderForMemory(message, len, "", NULL, XML_PARSE_NONET); |
3299 | 3271 | |
3300 | 3272 |
cleanup: |
3301 |
if (query_fields) |
|
3302 |
lasso_release_array_of_xml_strings(query_fields); |
|
3303 |
if (decoded_message) |
|
3304 |
lasso_release_string(decoded_message); |
|
3273 |
lasso_release_array_of_xml_strings(query_fields); |
|
3274 |
lasso_release_string(decoded_message); |
|
3305 | 3275 |
return reader; |
3306 | 3276 |
} |
lasso/xml/xml.c | ||
---|---|---|
2534 | 2534 |
LassoMessageFormat |
2535 | 2535 |
lasso_node_init_from_message_with_format(LassoNode *node, const char *message, LassoMessageFormat constraint, xmlDoc **doc_out, xmlNode **root_out) |
2536 | 2536 |
{ |
2537 |
char *msg = NULL; |
|
2537 |
char *decoded_msg = NULL; |
|
2538 |
int decoded_msg_len = 0; |
|
2539 |
const char *msg = NULL; |
|
2538 | 2540 |
gboolean b64 = FALSE; |
2539 | 2541 |
LassoMessageFormat rc = LASSO_MESSAGE_FORMAT_ERROR; |
2540 | 2542 |
xmlDoc *doc = NULL; |
... | ... | |
2546 | 2548 |
/* BASE64 case */ |
2547 | 2549 |
if (any || constraint == LASSO_MESSAGE_FORMAT_BASE64) { |
2548 | 2550 |
if (message[0] != 0 && is_base64(message)) { |
2549 |
int rc = 0; |
|
2550 | ||
2551 |
msg = g_malloc(strlen(message)); |
|
2552 |
rc = xmlSecBase64Decode((xmlChar*)message, (xmlChar*)msg, strlen(message)); |
|
2553 |
if (rc >= 0) { |
|
2551 |
if (lasso_base64_decode(message, &decoded_msg, &decoded_msg_len)) { |
|
2554 | 2552 |
b64 = TRUE; |
2553 |
msg = decoded_msg; |
|
2555 | 2554 |
} else { |
2556 |
lasso_release(msg); |
|
2557 |
msg = (char*)message; |
|
2555 |
msg = message; |
|
2558 | 2556 |
} |
2559 | 2557 |
} |
2560 | 2558 |
} |
... | ... | |
2589 | 2587 |
goto cleanup; |
2590 | 2588 |
} |
2591 | 2589 |
if (b64) { |
2592 |
lasso_release(msg); |
|
2593 | 2590 |
rc = LASSO_MESSAGE_FORMAT_BASE64; |
2594 | 2591 |
goto cleanup; |
2595 | 2592 |
} |
... | ... | |
2612 | 2609 |
} |
2613 | 2610 | |
2614 | 2611 |
cleanup: |
2612 |
lasso_release_string(decoded_msg); |
|
2615 | 2613 |
if (doc_out) { |
2616 | 2614 |
*doc_out = doc; |
2617 | 2615 |
if (root_out) { |
2618 |
- |