You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by sc...@apache.org on 2010/06/02 01:47:52 UTC
svn commit: r950314 - in /xml/security/trunk/c: CHANGELOG.txt
src/dsig/DSIGKeyInfoX509.cpp
Author: scantor
Date: Tue Jun 1 23:47:52 2010
New Revision: 950314
URL: http://svn.apache.org/viewvc?rev=950314&view=rev
Log:
https://issues.apache.org/bugzilla/show_bug.cgi?id=49371
Modified:
xml/security/trunk/c/CHANGELOG.txt
xml/security/trunk/c/src/dsig/DSIGKeyInfoX509.cpp
Modified: xml/security/trunk/c/CHANGELOG.txt
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/CHANGELOG.txt?rev=950314&r1=950313&r2=950314&view=diff
==============================================================================
--- xml/security/trunk/c/CHANGELOG.txt (original)
+++ xml/security/trunk/c/CHANGELOG.txt Tue Jun 1 23:47:52 2010
@@ -9,6 +9,7 @@ Changes since 1.5.1
* Fix for bug#49264, string release crash (SC)
* Fix for bug#44983, improper c14n of XSLT (SC)
* Fix for bug#49289, setters for Reference Type/Id (SC)
+* Fix for bug#49371, skip comments in X509Certificate elements (SC)
* Expose algorithm URI on Signature and Reference objects (SC)
* White/blacklisting of otherwise registered algorithms (SC)
Modified: xml/security/trunk/c/src/dsig/DSIGKeyInfoX509.cpp
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/src/dsig/DSIGKeyInfoX509.cpp?rev=950314&r1=950313&r2=950314&view=diff
==============================================================================
--- xml/security/trunk/c/src/dsig/DSIGKeyInfoX509.cpp (original)
+++ xml/security/trunk/c/src/dsig/DSIGKeyInfoX509.cpp Tue Jun 1 23:47:52 2010
@@ -31,8 +31,6 @@
#include <xsec/dsig/DSIGSignature.hpp>
#include <xsec/framework/XSECEnv.hpp>
-#include <xercesc/util/Janitor.hpp>
-
#include "../utils/XSECAutoPtr.hpp"
XERCES_CPP_NAMESPACE_USE
@@ -144,24 +142,31 @@ void DSIGKeyInfoX509::load(void) {
// See if it's a known element type
if (strEquals(getDSIGLocalName(tmpElt), "X509Certificate")) {
- X509Holder * h;
+ // Loop over Text nodes until we successfully load a certificate.
+ // If we run out, throw out the last exception raised.
+ X509Holder * h;
+ XSECCryptoX509* cryptoX509 = XSECPlatformUtils::g_cryptoProvider->X509();
DOMNode *certElt = findFirstChildOfType(tmpElt, DOMNode::TEXT_NODE);
-
- if (certElt != 0) {
-
- XSECnew(h, X509Holder);
-
- // Add to the list
-
- m_X509List.push_back(h);
-
- h->mp_encodedX509 = certElt->getNodeValue();
- h->mp_cryptoX509 = XSECPlatformUtils::g_cryptoProvider->X509();
- char * charX509 = XMLString::transcode(h->mp_encodedX509);
- ArrayJanitor<char> j_charX509(charX509);
- h->mp_cryptoX509->loadX509Base64Bin(charX509, (int) strlen(charX509));
-
+ while (certElt) {
+ XSECAutoPtrChar charX509(certElt->getNodeValue());
+ try {
+ cryptoX509->loadX509Base64Bin(charX509.get(), (int) strlen(charX509.get()));
+
+ // Add to the list
+ XSECnew(h, X509Holder);
+ m_X509List.push_back(h);
+ h->mp_encodedX509 = certElt->getNodeValue();
+ h->mp_cryptoX509 = cryptoX509;
+ break;
+ }
+ catch (XSECCryptoException&) {
+ certElt = findNextChildOfType(certElt, DOMNode::TEXT_NODE);
+ if (!certElt) {
+ delete cryptoX509;
+ throw;
+ }
+ }
}
}
@@ -448,7 +453,6 @@ void DSIGKeyInfoX509::setX509SubjectName
mp_X509SubjectName = XMLString::replicate(name);
XMLCh * encodedName = encodeDName(name);
- ArrayJanitor<XMLCh> j_encodedName(encodedName);
if (mp_X509SubjectNameTextNode == 0) {
@@ -475,6 +479,7 @@ void DSIGKeyInfoX509::setX509SubjectName
mp_X509SubjectNameTextNode->setNodeValue(encodedName);
}
+ XMLString::release(&encodedName);
}
void DSIGKeyInfoX509::setX509IssuerSerial(const XMLCh * name, const XMLCh * serial) {
@@ -485,7 +490,6 @@ void DSIGKeyInfoX509::setX509IssuerSeria
mp_X509IssuerName = XMLString::replicate(name);
XMLCh * encodedName = encodeDName(name);
- ArrayJanitor<XMLCh> j_encodedName(encodedName);
if (mp_X509IssuerNameTextNode == 0) {
@@ -535,6 +539,7 @@ void DSIGKeyInfoX509::setX509IssuerSeria
}
+ XMLString::release(&encodedName);
}
void DSIGKeyInfoX509::setRawRetrievalURI(const XMLCh * uri) {