[shibboleth-sp2] 30/82: SSPCPP-734 ISAPI configuration to use <ISAPI> Element
Etienne Dysli Metref
edm-guest at moszumanska.debian.org
Thu Nov 16 08:16:22 UTC 2017
This is an automated email from the git hooks/post-receive script.
edm-guest pushed a commit to branch master
in repository shibboleth-sp2.
commit c394a757fcf0fa178d32e0921012774d474f3f5a
Author: Rod Widdowson <rdw at steadingsoftware.com>
Date: Tue Jun 20 17:10:10 2017 +0100
SSPCPP-734 ISAPI configuration to use <ISAPI> Element
Includes code to check for old style plugins configured with new syntax.
---
Projects/vc14/Shibboleth.sln | 1 +
Projects/vc14/isapi_shib/isapi_shib.vcxproj | 8 +--
iis7_shib/register.cpp | 2 +-
isapi_shib/isapi_shib.cpp | 19 ++++++-
schemas/shibboleth-2.0-native-sp-config.xsd | 82 ++++++++++-------------------
5 files changed, 53 insertions(+), 59 deletions(-)
diff --git a/Projects/vc14/Shibboleth.sln b/Projects/vc14/Shibboleth.sln
index ef33b00..e225949 100644
--- a/Projects/vc14/Shibboleth.sln
+++ b/Projects/vc14/Shibboleth.sln
@@ -200,6 +200,7 @@ Global
{87C25D4E-8D19-4513-B0BA-BC668BC2DEE3}.Debug|Win32.Build.0 = Debug|Win32
{87C25D4E-8D19-4513-B0BA-BC668BC2DEE3}.Debug|x64.ActiveCfg = Debug|x64
{87C25D4E-8D19-4513-B0BA-BC668BC2DEE3}.Debug|x64.Build.0 = Debug|x64
+ {87C25D4E-8D19-4513-B0BA-BC668BC2DEE3}.Debug|x64.Deploy.0 = Debug|x64
{87C25D4E-8D19-4513-B0BA-BC668BC2DEE3}.Release|Win32.ActiveCfg = Release|Win32
{87C25D4E-8D19-4513-B0BA-BC668BC2DEE3}.Release|Win32.Build.0 = Release|Win32
{87C25D4E-8D19-4513-B0BA-BC668BC2DEE3}.Release|x64.ActiveCfg = Release|x64
diff --git a/Projects/vc14/isapi_shib/isapi_shib.vcxproj b/Projects/vc14/isapi_shib/isapi_shib.vcxproj
index 1a13524..03a2e67 100644
--- a/Projects/vc14/isapi_shib/isapi_shib.vcxproj
+++ b/Projects/vc14/isapi_shib/isapi_shib.vcxproj
@@ -124,7 +124,7 @@
</ResourceCompile>
<Link>
<AdditionalOptions>/export:GetExtensionVersion /export:GetFilterVersion /export:TerminateExtension /export:TerminateFilter /export:HttpFilterProc /export:HttpExtensionProc %(AdditionalOptions)</AdditionalOptions>
- <AdditionalDependencies>xerces-c_3.lib;xmltooling-lite1.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ <AdditionalDependencies>xerces-c_3.lib;xmltooling-lite1.lib;log4shib1.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalLibraryDirectories>..\..\..\..\cpp-xmltooling\Build\VC14\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
<RandomizedBaseAddress>false</RandomizedBaseAddress>
<DataExecutionPrevention>
@@ -159,7 +159,7 @@
</ResourceCompile>
<Link>
<AdditionalOptions>/export:GetExtensionVersion /export:GetFilterVersion /export:TerminateExtension /export:TerminateFilter /export:HttpFilterProc /export:HttpExtensionProc %(AdditionalOptions)</AdditionalOptions>
- <AdditionalDependencies>xerces-c_3.lib;xmltooling-lite1.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ <AdditionalDependencies>xerces-c_3.lib;xmltooling-lite1.lib;log4shib1.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalLibraryDirectories>..\..\..\..\cpp-xmltooling\Build\VC14\$(Platform)\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
<RandomizedBaseAddress>false</RandomizedBaseAddress>
<DataExecutionPrevention>
@@ -193,7 +193,7 @@
</ResourceCompile>
<Link>
<AdditionalOptions>/export:GetExtensionVersion /export:GetFilterVersion /export:TerminateExtension /export:TerminateFilter /export:HttpFilterProc /export:HttpExtensionProc %(AdditionalOptions)</AdditionalOptions>
- <AdditionalDependencies>xerces-c_3D.lib;xmltooling-lite1D.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ <AdditionalDependencies>xerces-c_3D.lib;xmltooling-lite1D.lib;log4shib1D.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalLibraryDirectories>..\..\..\..\cpp-xmltooling\Build\VC14\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
<GenerateDebugInformation>true</GenerateDebugInformation>
<RandomizedBaseAddress>false</RandomizedBaseAddress>
@@ -227,7 +227,7 @@
</ResourceCompile>
<Link>
<AdditionalOptions>/export:GetExtensionVersion /export:GetFilterVersion /export:TerminateExtension /export:TerminateFilter /export:HttpFilterProc /export:HttpExtensionProc %(AdditionalOptions)</AdditionalOptions>
- <AdditionalDependencies>xerces-c_3D.lib;xmltooling-lite1D.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ <AdditionalDependencies>xerces-c_3D.lib;xmltooling-lite1D.lib;log4shib1D.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalLibraryDirectories>..\..\..\..\cpp-xmltooling\Build\VC14\$(Platform)\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
<GenerateDebugInformation>true</GenerateDebugInformation>
<RandomizedBaseAddress>false</RandomizedBaseAddress>
diff --git a/iis7_shib/register.cpp b/iis7_shib/register.cpp
index 8f22bfa..88e7ede 100644
--- a/iis7_shib/register.cpp
+++ b/iis7_shib/register.cpp
@@ -150,7 +150,7 @@ RegisterModule(
}
}
- props = props->getPropertySet("IIS");
+ props = props->getPropertySet("ISAPI");
if (props) {
flag = props->getBool("normalizeRequest");
g_bNormalizeRequest = !flag.first || flag.second;
diff --git a/isapi_shib/isapi_shib.cpp b/isapi_shib/isapi_shib.cpp
index 9661c0c..1091bc7 100644
--- a/isapi_shib/isapi_shib.cpp
+++ b/isapi_shib/isapi_shib.cpp
@@ -46,6 +46,8 @@
#include <xmltooling/util/NDC.h>
#include <xmltooling/util/XMLConstants.h>
#include <xmltooling/util/XMLHelper.h>
+#include <xmltooling/logging.h>
+
#include <xercesc/util/Base64.hpp>
#include <xercesc/util/XMLUniDefs.hpp>
@@ -69,6 +71,8 @@ namespace {
static const XMLCh sslport[] = UNICODE_LITERAL_7(s,s,l,p,o,r,t);
static const XMLCh scheme[] = UNICODE_LITERAL_6(s,c,h,e,m,e);
static const XMLCh id[] = UNICODE_LITERAL_2(i,d);
+ static const XMLCh useHeaders[] = UNICODE_LITERAL_10(u, s, e, H, e, a, d, e, r, s);
+ static const XMLCh useVariables[] = UNICODE_LITERAL_12(u, s, e, V, a, r, i, a, b, l, e, s);
static const XMLCh Alias[] = UNICODE_LITERAL_5(A,l,i,a,s);
static const XMLCh Site[] = UNICODE_LITERAL_4(S,i,t,e);
@@ -237,13 +241,26 @@ extern "C" BOOL WINAPI GetFilterVersion(PHTTP_FILTER_VERSION pVer)
g_bNormalizeRequest = !flag.first || flag.second;
flag = props->getBool("safeHeaderNames");
g_bSafeHeaderNames = flag.first && flag.second;
+ if (props->getString("useHeaders").first)
+ log4shib::Category::getInstance(SHIBSP_LOGCAT ".ISAPI").warn("useHeaders attribute not valid for this filter");
+ if (props->getString("useVariables").first)
+ log4shib::Category::getInstance(SHIBSP_LOGCAT ".ISAPI").warn("useVariables attribute not valid for this filter");
+
const DOMElement* child = XMLHelper::getFirstChildElement(props->getElement(), Site);
while (child) {
string id(XMLHelper::getAttrString(child, "", id));
- if (!id.empty())
+ if (!id.empty()) {
g_Sites.insert(make_pair(id, site_t(child)));
+ if (!XMLHelper::getAttrString(child, "", useHeaders).empty())
+ log4shib::Category::getInstance(SHIBSP_LOGCAT ".ISAPI").warn("useHeaders attribute not valid for this filter");
+ if (!XMLHelper::getAttrString(child, "", useVariables).empty())
+ log4shib::Category::getInstance(SHIBSP_LOGCAT ".ISAPI").warn("useVariables attribute not valid for this filter");
+ }
child = XMLHelper::getNextSiblingElement(child, Site);
}
+
+ if (nullptr != props->getPropertySet("Roles"))
+ log4shib::Category::getInstance(SHIBSP_LOGCAT ".ISAPI").warn("<Roles> element not valid for this filter");
}
}
diff --git a/schemas/shibboleth-2.0-native-sp-config.xsd b/schemas/shibboleth-2.0-native-sp-config.xsd
index 0289cab..b9851f7 100644
--- a/schemas/shibboleth-2.0-native-sp-config.xsd
+++ b/schemas/shibboleth-2.0-native-sp-config.xsd
@@ -162,11 +162,11 @@
</annotation>
<sequence>
<element name="Extensions" type="conf:ExtensionsType" minOccurs="0"/>
- <choice>
- <element name="ISAPI" minOccurs="0">
- <complexType>
- <sequence>
- <element name="Site" maxOccurs="unbounded">
+ <element name="ISAPI" minOccurs="0">
+ <complexType>
+ <sequence maxOccurs="unbounded" minOccurs="0">
+ <choice>
+ <element name="Site">
<complexType>
<sequence>
<element name="Alias" type="conf:string" minOccurs="0" maxOccurs="unbounded"/>
@@ -174,59 +174,35 @@
<attribute name="id" type="unsignedInt" use="required"/>
<attribute name="name" type="conf:string" use="required"/>
<attribute name="port" type="unsignedInt"/>
+ <attribute name="useHeaders" type="boolean"/>
+ <attribute name="useVariables" type="boolean"/>
<attribute name="sslport" type="unsignedInt"/>
<attribute name="scheme" type="conf:string"/>
</complexType>
</element>
- <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="normalizeRequest" type="boolean"/>
- <attribute name="safeHeaderNames" type="boolean"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
- </element>
- <element name="IIS" minOccurs="0">
- <complexType>
- <sequence>
- <choice>
- <element name="Site" maxOccurs="unbounded" minOccurs="0">
- <complexType>
+ <element name="Roles">
+ <complexType>
<sequence>
- <element name="Alias" type="conf:string" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="id" type="unsignedInt" use="required"/>
- <attribute name="name" type="conf:string" use="required"/>
- <attribute name="port" type="unsignedInt"/>
- <attribute name="useHeaders" type="boolean"/>
- <attribute name="useVariables" type="boolean"/>
- <attribute name="sslport" type="unsignedInt"/>
- <attribute name="scheme" type="conf:string"/>
- </complexType>
- </element>
- <element name="Roles" maxOccurs="unbounded" minOccurs="0">
- <complexType>
- <sequence>
- <element name="Role" minOccurs="0" maxOccurs="unbounded">
- <complexType >
- <attribute name="attribute" type="string" use="required"/>
- <attribute name="prefix" type="string" use="optional"/>
- </complexType>
- </element>
- </sequence>
- <attribute name="authNRole" type="string" use="optional"/>
- </complexType>
- </element>
- </choice>
- <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="normalizeRequest" type="boolean"/>
- <attribute name="safeHeaderNames" type="boolean"/>
- <attribute name="useHeaders" type="boolean"/>
- <attribute name="useVariables" type="boolean"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
- </element>
- </choice>
+ <element name="Role" minOccurs="0" maxOccurs="unbounded">
+ <complexType >
+ <attribute name="attribute" type="string" use="required"/>
+ <attribute name="prefix" type="string" use="optional"/>
+ </complexType>
+ </element>
+ </sequence>
+ <attribute name="authNRole" type="string" use="optional"/>
+ </complexType>
+ </element>
+ </choice>
+ <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ </sequence>
+ <attribute name="normalizeRequest" type="boolean"/>
+ <attribute name="safeHeaderNames" type="boolean"/>
+ <attribute name="useHeaders" type="boolean"/>
+ <attribute name="useVariables" type="boolean"/>
+ <anyAttribute namespace="##other" processContents="lax"/>
+ </complexType>
+ </element>
<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
<attribute name="logger" type="anyURI"/>
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-shibboleth/shibboleth-sp2.git
More information about the Pkg-shibboleth-devel
mailing list