You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by sh...@apache.org on 2008/02/26 15:17:44 UTC
svn commit: r631221 - in /webservices/rampart/trunk/c/src:
omxmlsec/signature.c util/rampart_context.c util/rampart_policy_validator.c
Author: shankar
Date: Tue Feb 26 06:17:43 2008
New Revision: 631221
URL: http://svn.apache.org/viewvc?rev=631221&view=rev
Log:
bug fixes in hmac signature validation, usernametoken validation and protection part building
Modified:
webservices/rampart/trunk/c/src/omxmlsec/signature.c
webservices/rampart/trunk/c/src/util/rampart_context.c
webservices/rampart/trunk/c/src/util/rampart_policy_validator.c
Modified: webservices/rampart/trunk/c/src/omxmlsec/signature.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/omxmlsec/signature.c?rev=631221&r1=631220&r2=631221&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/omxmlsec/signature.c (original)
+++ webservices/rampart/trunk/c/src/omxmlsec/signature.c Tue Feb 26 06:17:43 2008
@@ -179,7 +179,7 @@
signed_val = (axis2_char_t*)oxs_buffer_get_data(output_buf, env);
oxs_buffer_free(input_buf, env);
/*Compare the output with the signature. If tally; SUCCESS*/
- if(axutil_strcmp(signature, signed_val)){
+ if(axutil_strcmp(signature, signed_val) == 0){
oxs_buffer_free(output_buf, env);
return AXIS2_SUCCESS;
}else{
Modified: webservices/rampart/trunk/c/src/util/rampart_context.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/util/rampart_context.c?rev=631221&r1=631220&r2=631221&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/util/rampart_context.c (original)
+++ webservices/rampart/trunk/c/src/util/rampart_context.c Tue Feb 26 06:17:43 2008
@@ -1269,13 +1269,15 @@
if(!nspace)
return AXIS2_FAILURE;
- if(axutil_strcmp(nspace, RP_SECURITY_NS)==0)
+ local_name = (axis2_char_t*) rp_header_get_name(header, env);
+
+ /*if(axutil_strcmp(nspace, RP_SECURITY_NS)==0)*/
+ if((axutil_strcmp(nspace, RP_SECURITY_NS)==0) && (!local_name))
{
AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] We do not sign or encrypt security namespace headers");
return AXIS2_FAILURE;
}
- local_name = (axis2_char_t*) rp_header_get_name(header, env);
if(!local_name)
{
axutil_array_list_t *soap_header_blocks = NULL;
@@ -1339,11 +1341,11 @@
else
{
AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] Cannot find the header with name %s", local_name);
- return AXIS2_FAILURE;
+ return AXIS2_SUCCESS;
}
}
}
- return AXIS2_FAILURE;
+ return AXIS2_SUCCESS;
}
axis2_status_t rampart_context_set_elements_to_encrypt_or_sign(
Modified: webservices/rampart/trunk/c/src/util/rampart_policy_validator.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/util/rampart_policy_validator.c?rev=631221&r1=631220&r2=631221&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/util/rampart_policy_validator.c (original)
+++ webservices/rampart/trunk/c/src/util/rampart_policy_validator.c Tue Feb 26 06:17:43 2008
@@ -57,6 +57,9 @@
rampart_context_t *rampart_context,
axis2_msg_ctx_t *msg_ctx)
{
+ if(!axis2_msg_ctx_get_server_side(msg_ctx,env))
+ return AXIS2_SUCCESS;
+
if(rampart_context_is_include_username_token(rampart_context, env)){
axis2_char_t *ut_found = NULL;
ut_found = (axis2_char_t*)rampart_get_security_processed_result(env, msg_ctx, RAMPART_SPR_UT_CHECKED);