RubyGems - xmlsec-ruby - Versions diffs - 0.0.7b → 0.0.7 - Mend

xmlsec-ruby 0.0.7b → 0.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

data/ext/xmlsec/extconf.rb +0 -6
data/ext/xmlsec/simple-xmlsec.c +76 -66
data/ext/xmlsec/simple-xmlsec_wrap.c +4 -4
metadata +9 -12

data/ext/xmlsec/extconf.rb CHANGED

@@ -1,11 +1,5 @@
 require 'mkmf'
 if pkg_config('xmlsec1-openssl')
-	# The rightscale image appears to have incorrect
-	# pkg-config files - this flag is needed to link against an
-	# 64-bit libxmlsec1 but isn't included in the pkg-config
-	if `uname -p`.match 'x86_64'
-		$CFLAGS += " -DXMLSEC_NO_SIZE_T"
-	end
 	create_makefile('xmlsec')
 else
 	puts "xmlsec1 is not installed."

data/ext/xmlsec/simple-xmlsec.c CHANGED

@@ -6,6 +6,8 @@
 #include <libxml/tree.h>
 #include <libxml/xmlmemory.h>
 #include <libxml/parser.h>
+#include <libxml/xpath.h>
+#include <libxml/xpathInternals.h>
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/xmltree.h>
@@ -21,74 +23,88 @@ void cleanup(xmlSecDSigCtxPtr dsigCtx) ;
 int verify_document(xmlDocPtr doc, const char* key);
 int verify_file(const char* xmlMessage, const char* key);
 void xmlSecErrorCallback(const char* file, int line, const char* func, const char* errorObject, const char* errorSubject, int reason, const char* msg);
-static int
-xmlSecAppAddIDAttr(xmlNodePtr node, const xmlChar* attrName, const xmlChar* nodeName, const xmlChar* nsHref) {
-    xmlAttrPtr attr, tmpAttr;
-    xmlNodePtr cur;
-    xmlChar* id;
-    if((node == NULL) || (attrName == NULL) || (nodeName == NULL)) {
-        return(-1);
-    }
-    /* process children first because it does not matter much but does simplify code */
-    cur = xmlSecGetNextElementNode(node->children);
-    while(cur != NULL) {
-        if(xmlSecAppAddIDAttr(cur, attrName, nodeName, nsHref) < 0) {
-            return(-1);
-        }
-        cur = xmlSecGetNextElementNode(cur->next);
-    }
-    /* node name must match */
-    if(!xmlStrEqual(node->name, nodeName)) {
-        return(0);
-    }
-    /* if nsHref is set then it also should match */
-    if((nsHref != NULL) && (node->ns != NULL) && (!xmlStrEqual(nsHref, node->ns->href))) {
-        return(0);
-    }
-    /* the attribute with name equal to attrName should exist */
-    for(attr = node->properties; attr != NULL; attr = attr->next) {
-        if(xmlStrEqual(attr->name, attrName)) {
-            break;
-        }
-    }
-    if(attr == NULL) {
-        return(0);
-    }
-    /* and this attr should have a value */
-    id = xmlNodeListGetString(node->doc, attr->children, 1);
-    if(id == NULL) {
-        return(0);
-    }
-    /* check that we don't have same ID already */
-    tmpAttr = xmlGetID(node->doc, id);
-    if(tmpAttr == NULL) {
-        xmlAddID(NULL, node->doc, id, attr);
-    } else if(tmpAttr != attr) {
-        fprintf(stderr, "Error: duplicate ID attribute \"%s\"\n", id);
-        xmlFree(id);
-        return(-1);
-    }
-    xmlFree(id);
-    return(0);
+int assign_id_attributes(xmlDocPtr doc) {
+  // Assume the ID attribute is one of (ID | Id | id) and tell this to libxml
+  xmlXPathContextPtr xpathCtx = xmlXPathNewContext(doc);
+  if(xpathCtx == NULL) {
+	  xmlFreeDoc(doc);
+	  rb_raise(rb_eRuntimeError,"Error: unable to create new XPath context\n");
+	  return(-1);
+  }
+  xmlChar* xpathExpr = "//*[@ID | @Id | @id]";
+  xmlXPathObjectPtr xpathObj = xmlXPathEvalExpression(xpathExpr, xpathCtx);
+  if(xpathObj == NULL) {
+	  xmlXPathFreeContext(xpathCtx);
+	  xmlFreeDoc(doc);
+	  rb_raise(rb_eRuntimeError,"Error: unable to evaluate xpath expression \"%s\"\n", xpathExpr);
+	  return(-1);
+  }
+  xmlNodeSetPtr nodes = xpathObj->nodesetval;
+  int size = (nodes) ? nodes->nodeNr : 0;
+  char* idNames[] = {"ID", "Id", "id"};
+  xmlAttrPtr attr = NULL, tmp = NULL;
+  int i,j;
+  for(i = 0; i < size; i++) {
+	  for(j=0; j<3;j++) {
+	  	tmp = xmlHasProp(nodes->nodeTab[i], idNames[j]);
+		if(tmp != NULL)
+			attr = tmp;
+	  }
+	  if(attr == NULL) {
+		xmlXPathFreeContext(xpathCtx);
+		return(-1);
+  	 }
+	 xmlChar* name = xmlNodeListGetString(doc, attr->children, 1);
+	 if(name == NULL) {
+		xmlXPathFreeContext(xpathCtx);
+		return(-1);
+	 }
+	 xmlAttrPtr tmp = xmlGetID(doc, name);
+	 if(tmp != NULL) {
+		 xmlFree(name);
+		 return 0;
+	 }
+	 xmlAddID(NULL, doc, name, attr);
+	 xmlFree(name);
+  }
+  xmlXPathFreeObject(xpathObj);
+  xmlXPathFreeContext(xpathCtx);
 }
 /* functions */
+/*
+ * Document-class: Xmlsec
+ *
+*/
+ /* call-seq:
+ * 	Xmlsec.verify_file(xml_string, pem_certificate_string)	-> 0,1
+ *
+ * Given a raw XML document string and X509 certificate in PEM format,
+ * verify the signatures in the document. Returns 0/1 on invalid/valid signature.
+ */
 int verify_file(const char* xmlMessage, const char* key) {
   xmlDocPtr doc = NULL;
   /* Init libxml and libxslt libraries */
   LIBXML_TEST_VERSION
   xmlSubstituteEntitiesDefault(1);
   doc = xmlParseDoc((xmlChar *) xmlMessage) ;
-  return verify_document(doc, key);
+  int result =  verify_document(doc, key);
+  xmlFreeDoc(doc);
+  return result;
 }
+ /* call-seq:
+ * 	Xmlsec.verify_document(doc, pem_certificate_string)	-> 0,1
+ *
+ * Given a LibXML::XML::Document object +doc+ and X509 certificate in PEM format,
+ * verify the signatures in the document. Returns 0/1 on invalid/valid signature.
+ */
 int verify_document(xmlDocPtr doc, const char* key) {
   initialize();
   xmlNodePtr node = NULL;
@@ -96,25 +112,19 @@ int verify_document(xmlDocPtr doc, const char* key) {
   int res = 0;
   if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	cleanup(dsigCtx);
 	rb_raise(rb_eRuntimeError, "unable to parse XML document");
   }
   /* find start node */
   node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
   if(node == NULL) {
-	cleanup(dsigCtx);
 	rb_raise(rb_eRuntimeError, "could not find start node in XML document");
   }
-  xmlNodePtr cur = xmlSecGetNextElementNode(doc->children);
-  while(cur != NULL) {
-	  if(xmlSecAppAddIDAttr(cur, "ID", "Response", "urn:oasis:names:tc:SAML:2.0:protocol") < 0) {
-		  cleanup(dsigCtx);
-		  rb_raise(rb_eRuntimeError, "could not define ID attribute");
-	  }
-	  cur = xmlSecGetNextElementNode(cur->next);
+  if(assign_id_attributes(doc) < 0) {
+	  rb_raise(rb_eRuntimeError, "Could not find ID attribute in document");
   }
   /* create signature context */
   dsigCtx = xmlSecDSigCtxCreate(NULL);

data/ext/xmlsec/simple-xmlsec_wrap.c CHANGED

@@ -1,6 +1,6 @@
 /* ----------------------------------------------------------------------------
  * This file was automatically generated by SWIG (http://www.swig.org).
- * Version 2.0.0
+ * Version 2.0.1
  *
  * This file is not intended to be easily readable and contains a number of
  * coding conventions designed to improve portability and efficiency. Do not make
@@ -281,7 +281,7 @@
 /*
    Flags/methods for returning states.
-   The SWIG conversion methods, as ConvertPtr, return and integer
+   The SWIG conversion methods, as ConvertPtr, return an integer
    that tells if the conversion was successful or not. And if not,
    an error code can be returned (see swigerrors.swg for the codes).
@@ -998,7 +998,7 @@ static VALUE _mSWIG = Qnil;
 /* Define custom exceptions for errors that do not map to existing Ruby
    exceptions.  Note this only works for C++ since a global cannot be
-   initialized by a funtion in C.  For C, fallback to rb_eRuntimeError.*/
+   initialized by a function in C.  For C, fallback to rb_eRuntimeError.*/
 SWIGINTERN VALUE
 getNullReferenceError(void) {
@@ -1807,7 +1807,7 @@ static VALUE mXmlsec;
 #define SWIG_RUBY_THREAD_END_BLOCK
-#define SWIGVERSION 0x020000
+#define SWIGVERSION 0x020001
 #define SWIG_VERSION SWIGVERSION

metadata CHANGED

@@ -1,14 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: xmlsec-ruby
 version: !ruby/object:Gem::Version
-  hash: 55
-  prerelease: 5
+  hash: 17
+  prerelease:
   segments:
   - 0
   - 0
   - 7
-  - b
-  version: 0.0.7b
+  version: 0.0.7
 platform: ruby
 authors:
 - Victor Lin
@@ -16,11 +15,11 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-04-25 00:00:00 -07:00
+date: 2011-04-18 00:00:00 -07:00
 default_executable:
 dependencies: []
-description: "\txmlsec-ruby is project using SWIG to create ruby bindings\n\
+description: "\txmlsec-ruby is a project using SWIG to create ruby bindings\n\
   \tfor the xmlsec library (http://www.aleksey.com/xmlsec/). \n"
 email: victor@coupa.com
 executables: []
@@ -54,14 +53,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      hash: 25
+      hash: 3
       segments:
-      - 1
-      - 3
-      - 1
-      version: 1.3.1
+      - 0
+      version: "0"
 requirements: []
 rubyforge_project: