[shibboleth-sp2] 30/82: SSPCPP-734 ISAPI configuration to use <ISAPI> Element

Etienne Dysli Metref edm-guest at moszumanska.debian.org
Thu Nov 16 08:16:22 UTC 2017


This is an automated email from the git hooks/post-receive script.

edm-guest pushed a commit to branch master
in repository shibboleth-sp2.

commit c394a757fcf0fa178d32e0921012774d474f3f5a
Author: Rod Widdowson <rdw at steadingsoftware.com>
Date:   Tue Jun 20 17:10:10 2017 +0100

    SSPCPP-734 ISAPI configuration to use <ISAPI> Element
    
    Includes code to check for old style plugins configured with new syntax.
---
 Projects/vc14/Shibboleth.sln                |  1 +
 Projects/vc14/isapi_shib/isapi_shib.vcxproj |  8 +--
 iis7_shib/register.cpp                      |  2 +-
 isapi_shib/isapi_shib.cpp                   | 19 ++++++-
 schemas/shibboleth-2.0-native-sp-config.xsd | 82 ++++++++++-------------------
 5 files changed, 53 insertions(+), 59 deletions(-)

diff --git a/Projects/vc14/Shibboleth.sln b/Projects/vc14/Shibboleth.sln
index ef33b00..e225949 100644
--- a/Projects/vc14/Shibboleth.sln
+++ b/Projects/vc14/Shibboleth.sln
@@ -200,6 +200,7 @@ Global
 		{87C25D4E-8D19-4513-B0BA-BC668BC2DEE3}.Debug|Win32.Build.0 = Debug|Win32
 		{87C25D4E-8D19-4513-B0BA-BC668BC2DEE3}.Debug|x64.ActiveCfg = Debug|x64
 		{87C25D4E-8D19-4513-B0BA-BC668BC2DEE3}.Debug|x64.Build.0 = Debug|x64
+		{87C25D4E-8D19-4513-B0BA-BC668BC2DEE3}.Debug|x64.Deploy.0 = Debug|x64
 		{87C25D4E-8D19-4513-B0BA-BC668BC2DEE3}.Release|Win32.ActiveCfg = Release|Win32
 		{87C25D4E-8D19-4513-B0BA-BC668BC2DEE3}.Release|Win32.Build.0 = Release|Win32
 		{87C25D4E-8D19-4513-B0BA-BC668BC2DEE3}.Release|x64.ActiveCfg = Release|x64
diff --git a/Projects/vc14/isapi_shib/isapi_shib.vcxproj b/Projects/vc14/isapi_shib/isapi_shib.vcxproj
index 1a13524..03a2e67 100644
--- a/Projects/vc14/isapi_shib/isapi_shib.vcxproj
+++ b/Projects/vc14/isapi_shib/isapi_shib.vcxproj
@@ -124,7 +124,7 @@
     </ResourceCompile>
     <Link>
       <AdditionalOptions>/export:GetExtensionVersion /export:GetFilterVersion /export:TerminateExtension /export:TerminateFilter /export:HttpFilterProc /export:HttpExtensionProc %(AdditionalOptions)</AdditionalOptions>
-      <AdditionalDependencies>xerces-c_3.lib;xmltooling-lite1.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>xerces-c_3.lib;xmltooling-lite1.lib;log4shib1.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <AdditionalLibraryDirectories>..\..\..\..\cpp-xmltooling\Build\VC14\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
       <RandomizedBaseAddress>false</RandomizedBaseAddress>
       <DataExecutionPrevention>
@@ -159,7 +159,7 @@
     </ResourceCompile>
     <Link>
       <AdditionalOptions>/export:GetExtensionVersion /export:GetFilterVersion /export:TerminateExtension /export:TerminateFilter /export:HttpFilterProc /export:HttpExtensionProc %(AdditionalOptions)</AdditionalOptions>
-      <AdditionalDependencies>xerces-c_3.lib;xmltooling-lite1.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>xerces-c_3.lib;xmltooling-lite1.lib;log4shib1.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <AdditionalLibraryDirectories>..\..\..\..\cpp-xmltooling\Build\VC14\$(Platform)\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
       <RandomizedBaseAddress>false</RandomizedBaseAddress>
       <DataExecutionPrevention>
@@ -193,7 +193,7 @@
     </ResourceCompile>
     <Link>
       <AdditionalOptions>/export:GetExtensionVersion /export:GetFilterVersion /export:TerminateExtension /export:TerminateFilter /export:HttpFilterProc /export:HttpExtensionProc %(AdditionalOptions)</AdditionalOptions>
-      <AdditionalDependencies>xerces-c_3D.lib;xmltooling-lite1D.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>xerces-c_3D.lib;xmltooling-lite1D.lib;log4shib1D.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <AdditionalLibraryDirectories>..\..\..\..\cpp-xmltooling\Build\VC14\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
       <GenerateDebugInformation>true</GenerateDebugInformation>
       <RandomizedBaseAddress>false</RandomizedBaseAddress>
@@ -227,7 +227,7 @@
     </ResourceCompile>
     <Link>
       <AdditionalOptions>/export:GetExtensionVersion /export:GetFilterVersion /export:TerminateExtension /export:TerminateFilter /export:HttpFilterProc /export:HttpExtensionProc %(AdditionalOptions)</AdditionalOptions>
-      <AdditionalDependencies>xerces-c_3D.lib;xmltooling-lite1D.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>xerces-c_3D.lib;xmltooling-lite1D.lib;log4shib1D.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <AdditionalLibraryDirectories>..\..\..\..\cpp-xmltooling\Build\VC14\$(Platform)\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
       <GenerateDebugInformation>true</GenerateDebugInformation>
       <RandomizedBaseAddress>false</RandomizedBaseAddress>
diff --git a/iis7_shib/register.cpp b/iis7_shib/register.cpp
index 8f22bfa..88e7ede 100644
--- a/iis7_shib/register.cpp
+++ b/iis7_shib/register.cpp
@@ -150,7 +150,7 @@ RegisterModule(
             }
         }
 
-        props = props->getPropertySet("IIS");
+        props = props->getPropertySet("ISAPI");
         if (props) {
             flag = props->getBool("normalizeRequest");
             g_bNormalizeRequest = !flag.first || flag.second;
diff --git a/isapi_shib/isapi_shib.cpp b/isapi_shib/isapi_shib.cpp
index 9661c0c..1091bc7 100644
--- a/isapi_shib/isapi_shib.cpp
+++ b/isapi_shib/isapi_shib.cpp
@@ -46,6 +46,8 @@
 #include <xmltooling/util/NDC.h>
 #include <xmltooling/util/XMLConstants.h>
 #include <xmltooling/util/XMLHelper.h>
+#include <xmltooling/logging.h>
+
 #include <xercesc/util/Base64.hpp>
 #include <xercesc/util/XMLUniDefs.hpp>
 
@@ -69,6 +71,8 @@ namespace {
     static const XMLCh sslport[] =          UNICODE_LITERAL_7(s,s,l,p,o,r,t);
     static const XMLCh scheme[] =           UNICODE_LITERAL_6(s,c,h,e,m,e);
     static const XMLCh id[] =               UNICODE_LITERAL_2(i,d);
+    static const XMLCh useHeaders[] =       UNICODE_LITERAL_10(u, s, e, H, e, a, d, e, r, s);
+    static const XMLCh useVariables[] =     UNICODE_LITERAL_12(u, s, e, V, a, r, i, a, b, l, e, s);
     static const XMLCh Alias[] =            UNICODE_LITERAL_5(A,l,i,a,s);
     static const XMLCh Site[] =             UNICODE_LITERAL_4(S,i,t,e);
 
@@ -237,13 +241,26 @@ extern "C" BOOL WINAPI GetFilterVersion(PHTTP_FILTER_VERSION pVer)
             g_bNormalizeRequest = !flag.first || flag.second;
             flag = props->getBool("safeHeaderNames");
             g_bSafeHeaderNames = flag.first && flag.second;
+            if (props->getString("useHeaders").first)
+                log4shib::Category::getInstance(SHIBSP_LOGCAT ".ISAPI").warn("useHeaders attribute not valid for this filter");
+            if (props->getString("useVariables").first)
+                log4shib::Category::getInstance(SHIBSP_LOGCAT ".ISAPI").warn("useVariables attribute not valid for this filter");
+
             const DOMElement* child = XMLHelper::getFirstChildElement(props->getElement(), Site);
             while (child) {
                 string id(XMLHelper::getAttrString(child, "", id));
-                if (!id.empty())
+                if (!id.empty()) {
                     g_Sites.insert(make_pair(id, site_t(child)));
+                    if (!XMLHelper::getAttrString(child, "", useHeaders).empty())
+                        log4shib::Category::getInstance(SHIBSP_LOGCAT ".ISAPI").warn("useHeaders attribute not valid for this filter");
+                    if (!XMLHelper::getAttrString(child, "", useVariables).empty())
+                        log4shib::Category::getInstance(SHIBSP_LOGCAT ".ISAPI").warn("useVariables attribute not valid for this filter");
+                }
                 child = XMLHelper::getNextSiblingElement(child, Site);
             }
+
+            if (nullptr != props->getPropertySet("Roles"))
+                log4shib::Category::getInstance(SHIBSP_LOGCAT ".ISAPI").warn("<Roles> element not valid for this filter");
         }
     }
 
diff --git a/schemas/shibboleth-2.0-native-sp-config.xsd b/schemas/shibboleth-2.0-native-sp-config.xsd
index 0289cab..b9851f7 100644
--- a/schemas/shibboleth-2.0-native-sp-config.xsd
+++ b/schemas/shibboleth-2.0-native-sp-config.xsd
@@ -162,11 +162,11 @@
     </annotation>
     <sequence>
       <element name="Extensions" type="conf:ExtensionsType" minOccurs="0"/>
-      <choice>
-        <element name="ISAPI" minOccurs="0">
-          <complexType>
-            <sequence>
-              <element name="Site" maxOccurs="unbounded">
+      <element name="ISAPI" minOccurs="0">
+        <complexType>
+          <sequence maxOccurs="unbounded" minOccurs="0">
+            <choice>
+              <element name="Site">
                 <complexType>
                   <sequence>
                     <element name="Alias" type="conf:string" minOccurs="0" maxOccurs="unbounded"/>
@@ -174,59 +174,35 @@
                   <attribute name="id" type="unsignedInt" use="required"/>
                   <attribute name="name" type="conf:string" use="required"/>
                   <attribute name="port" type="unsignedInt"/>
+                  <attribute name="useHeaders" type="boolean"/>
+                  <attribute name="useVariables" type="boolean"/>
                   <attribute name="sslport" type="unsignedInt"/>
                   <attribute name="scheme" type="conf:string"/>
                 </complexType>
               </element>
-              <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
-            </sequence>
-            <attribute name="normalizeRequest" type="boolean"/>
-            <attribute name="safeHeaderNames" type="boolean"/>
-            <anyAttribute namespace="##other" processContents="lax"/>
-          </complexType>
-        </element>
-        <element name="IIS" minOccurs="0">
-          <complexType>
-            <sequence>
-              <choice>
-                <element name="Site" maxOccurs="unbounded" minOccurs="0">
-                  <complexType>
+              <element name="Roles">
+                <complexType>
                     <sequence>
-                      <element name="Alias" type="conf:string" minOccurs="0" maxOccurs="unbounded"/>
-                    </sequence>
-                    <attribute name="id" type="unsignedInt" use="required"/>
-                    <attribute name="name" type="conf:string" use="required"/>
-                    <attribute name="port" type="unsignedInt"/>
-                    <attribute name="useHeaders" type="boolean"/>
-                    <attribute name="useVariables" type="boolean"/>
-                    <attribute name="sslport" type="unsignedInt"/>
-                    <attribute name="scheme" type="conf:string"/>
-                  </complexType>
-                </element>
-                <element name="Roles" maxOccurs="unbounded" minOccurs="0">
-                  <complexType>
-                      <sequence>
-                        <element name="Role" minOccurs="0" maxOccurs="unbounded">
-                          <complexType >
-                            <attribute name="attribute" type="string" use="required"/>
-                            <attribute name="prefix" type="string" use="optional"/>
-                          </complexType>
-                        </element>
-                    </sequence>
-                    <attribute name="authNRole" type="string" use="optional"/>
-                  </complexType>
-                </element>
-              </choice>
-              <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
-            </sequence>
-            <attribute name="normalizeRequest" type="boolean"/>
-            <attribute name="safeHeaderNames" type="boolean"/>
-            <attribute name="useHeaders" type="boolean"/>
-            <attribute name="useVariables" type="boolean"/>
-            <anyAttribute namespace="##other" processContents="lax"/>
-          </complexType>
-        </element>
-      </choice>
+                      <element name="Role" minOccurs="0" maxOccurs="unbounded">
+                        <complexType >
+                          <attribute name="attribute" type="string" use="required"/>
+                          <attribute name="prefix" type="string" use="optional"/>
+                        </complexType>
+                      </element>
+                  </sequence>
+                  <attribute name="authNRole" type="string" use="optional"/>
+                </complexType>
+              </element>
+            </choice>
+            <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+          </sequence>
+          <attribute name="normalizeRequest" type="boolean"/>
+          <attribute name="safeHeaderNames" type="boolean"/>
+          <attribute name="useHeaders" type="boolean"/>
+          <attribute name="useVariables" type="boolean"/>
+          <anyAttribute namespace="##other" processContents="lax"/>
+        </complexType>
+      </element>
       <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
     </sequence>
     <attribute name="logger" type="anyURI"/>

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-shibboleth/shibboleth-sp2.git



More information about the Pkg-shibboleth-devel mailing list