You are viewing a plain text version of this content. The canonical link for it is here.
Posted to axis-cvs@ws.apache.org by ka...@apache.org on 2006/09/11 11:58:12 UTC
svn commit: r442152 - in /webservices/axis2/trunk/c/rampart:
include/rampart_timestamp_token.h src/util/rampart_util.c
src/util/timestamp_token.c
Author: kaushalye
Date: Mon Sep 11 02:58:12 2006
New Revision: 442152
URL: http://svn.apache.org/viewvc?view=rev&rev=442152
Log:
Fixed bug in timestamp token validation. The expire element is optional. Rampart does not return a failure if theere is not expire element.
JIRA AXIS2C-266
Modified:
webservices/axis2/trunk/c/rampart/include/rampart_timestamp_token.h
webservices/axis2/trunk/c/rampart/src/util/rampart_util.c
webservices/axis2/trunk/c/rampart/src/util/timestamp_token.c
Modified: webservices/axis2/trunk/c/rampart/include/rampart_timestamp_token.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/rampart_timestamp_token.h?view=diff&rev=442152&r1=442151&r2=442152
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/rampart_timestamp_token.h (original)
+++ webservices/axis2/trunk/c/rampart/include/rampart_timestamp_token.h Mon Sep 11 02:58:12 2006
@@ -24,7 +24,7 @@
#endif
#define RAMPART_TIMESTAMP_TOKEN_DEFAULT_TIME_TO_LIVE 300
-
+
#include <axis2_env.h>
#include <rampart_constants.h>
Modified: webservices/axis2/trunk/c/rampart/src/util/rampart_util.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/rampart_util.c?view=diff&rev=442152&r1=442151&r2=442152
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/util/rampart_util.c (original)
+++ webservices/axis2/trunk/c/rampart/src/util/rampart_util.c Mon Sep 11 02:58:12 2006
@@ -54,26 +54,12 @@
AXIS2_EXTERN axis2_char_t* AXIS2_CALL rampart_generate_time(const axis2_env_t *env, int ttl)
{
-#if 0
- char buffer[SIZE];
- time_t curtime;
- struct tm *loctime;
- axis2_char_t *created_str = NULL;
-
- curtime = time (NULL) + ttl;
- loctime = localtime (&curtime);
- strftime (buffer, SIZE, "%Y-%m-%dT%H:%M:%SZ\n", loctime);
- created_str = AXIS2_STRDUP(buffer, env);
-
- return created_str;
-#else
axis2_date_time_t *dt = NULL;
axis2_char_t *dt_str = NULL;
dt = axis2_date_time_create_with_offset(env, ttl);
dt_str = AXIS2_DATE_TIME_SERIALIZE_DATE_TIME(dt, env);
return dt_str;
-#endif
}
/**
Modified: webservices/axis2/trunk/c/rampart/src/util/timestamp_token.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/timestamp_token.c?view=diff&rev=442152&r1=442151&r2=442152
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/util/timestamp_token.c (original)
+++ webservices/axis2/trunk/c/rampart/src/util/timestamp_token.c Mon Sep 11 02:58:12 2006
@@ -154,9 +154,7 @@
created_val = rampart_generate_time(env, 0); /*Current time*/
AXIOM_ELEMENT_SET_TEXT (created_ele, env, created_val, created_node);
}
-
-
- expires_ele = axiom_element_create (env, ts_node, RAMPART_SECURITY_TIMESTAMP_EXPIRES, wsu_ns_obj,
+ expires_ele = axiom_element_create (env, ts_node, RAMPART_SECURITY_TIMESTAMP_EXPIRES, wsu_ns_obj,
&expires_node);
if(NULL != expires_ele)
@@ -164,7 +162,7 @@
expires_val = rampart_generate_time(env, ttl);
AXIOM_ELEMENT_SET_TEXT (expires_ele, env, expires_val, expires_node);
- }
+ }
}
return AXIS2_SUCCESS;
@@ -180,19 +178,21 @@
axiom_element_t *created_ele = NULL, *expires_ele = NULL, *ts_ele= NULL;
axiom_node_t *created_node = NULL, *expires_node = NULL;
axis2_char_t *created_val = NULL, *expires_val = NULL, *current_val = NULL;
-
+
ts_ele = AXIOM_NODE_GET_DATA_ELEMENT(ts_node, env);
if(!ts_ele)
{
- AXIS2_LOG_INFO(env->log," Cannot find timestamp ... :(");
+ AXIS2_LOG_INFO(env->log," Cannot find timestamp ... ");
return AXIS2_FAILURE;
}
+
created_qname = axis2_qname_create(env,
RAMPART_SECURITY_TIMESTAMP_CREATED,
RAMPART_WSU_XMLNS,
RAMPART_WSU);
+
if(created_qname)
{
created_ele = AXIOM_ELEMENT_GET_FIRST_CHILD_WITH_QNAME(ts_ele, env, created_qname, ts_node, &created_node);
@@ -203,7 +203,15 @@
}
}
- expires_qname = axis2_qname_create(env,
+ created_val = AXIOM_ELEMENT_GET_TEXT(created_ele, env, created_node);
+ /*Check weather created is less than current time or not*/
+ current_val = rampart_generate_time(env, 0);
+ validity = rampart_compare_date_time(env, created_val, current_val);
+ if(validity == AXIS2_FAILURE){
+ return AXIS2_FAILURE;
+ }
+
+ expires_qname = axis2_qname_create(env,
RAMPART_SECURITY_TIMESTAMP_EXPIRES,
RAMPART_WSU_XMLNS,
RAMPART_WSU);
@@ -213,19 +221,15 @@
if(!expires_ele)
{
AXIS2_LOG_INFO(env->log,"Cannot find expires in timestamp element...");
- return AXIS2_FAILURE;
+ /*If the expire element is not present, it means that the message will not be expired.*/
+ return AXIS2_SUCCESS;
}
}
-
- created_val = AXIOM_ELEMENT_GET_TEXT(created_ele, env, created_node);
+
+ /*Now the expired element is present. So check weather this has a valid timestamp.
+ If not it's a failure*/
expires_val = AXIOM_ELEMENT_GET_TEXT(expires_ele, env, expires_node);
- /*Check weather created is less than current time or not*/
- current_val = rampart_generate_time(env, 0);
- validity = rampart_compare_date_time(env, created_val, current_val);
- if(validity == AXIS2_FAILURE){
- return AXIS2_FAILURE;
- }
/*Check weather time has expired or not*/
validity = rampart_compare_date_time(env, current_val, expires_val);
if(validity == AXIS2_FAILURE){
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org