DOMElement *DSIGReference::createBlankReference(const XMLCh * URI,
const XMLCh * hashAlgorithmURI,
const XMLCh * type) {
// Reset this Reference just in case
m_isManifest = false;
mp_preHash = NULL;
mp_manifestList = NULL;
mp_transformsNode = NULL;
mp_transformList = NULL;
XSECmapURIToHashMethod(hashAlgorithmURI, me_hashMethod);
safeBuffer str;
DOMDocument *doc = mp_env->getParentDocument();
const XMLCh * prefix = mp_env->getDSIGNSPrefix();
makeQName(str, prefix, "Reference");
DOMElement *ret = doc->createElementNS(DSIGConstants::s_unicodeStrURIDSIG, str.rawXMLChBuffer());
mp_referenceNode = ret;
// Set type
if (type != NULL)
ret->setAttributeNS(NULL, MAKE_UNICODE_STRING("Type"), type);
// Set URI
if (URI != NULL) {
ret->setAttributeNS(NULL, s_unicodeStrURI, URI);
mp_URI = ret->getAttributeNS(NULL, s_unicodeStrURI); // Used later on as a pointer
}
else {
// Anonymous reference
mp_URI = NULL;
}
// Create hash and hashValue nodes
makeQName(str, prefix, "DigestMethod");
DOMElement *digestMethod = doc->createElementNS(DSIGConstants::s_unicodeStrURIDSIG, str.rawXMLChBuffer());
mp_env->doPrettyPrint(ret);
ret->appendChild(digestMethod);
mp_env->doPrettyPrint(ret);
digestMethod->setAttributeNS(NULL, DSIGConstants::s_unicodeStrAlgorithm,
hashAlgorithmURI);
// Retrieve the attribute value for later use
mp_algorithmURI =
digestMethod->getAttributeNS(NULL, DSIGConstants::s_unicodeStrAlgorithm);
// DigestValue
makeQName(str, prefix, "DigestValue");
mp_hashValueNode = doc->createElementNS(DSIGConstants::s_unicodeStrURIDSIG, str.rawXMLChBuffer());
ret->appendChild(mp_hashValueNode);
mp_env->doPrettyPrint(ret);
mp_hashValueNode->appendChild(doc->createTextNode(MAKE_UNICODE_STRING("Not yet calculated")));
m_loaded = true;
return ret;
}
void InternalCCache::cleanup()
{
#ifdef _DEBUG
saml::NDC ndc("cleanup()");
#endif
int rerun_timer = 0;
int timeout_life = 0;
Mutex* mutex = Mutex::create();
// Load our configuration details...
const XMLCh* tag=m_root->getAttributeNS(NULL,cleanupInterval);
if (tag && *tag)
rerun_timer = XMLString::parseInt(tag);
tag=m_root->getAttributeNS(NULL,cacheTimeout);
if (tag && *tag)
timeout_life = XMLString::parseInt(tag);
if (rerun_timer <= 0)
rerun_timer = 300; // rerun every 5 minutes
if (timeout_life <= 0)
timeout_life = 28800; // timeout after 8 hours
mutex->lock();
log->info("Cleanup thread started... Run every %d secs; timeout after %d secs",
rerun_timer, timeout_life);
while (shutdown == false) {
shutdown_wait->timedwait(mutex,rerun_timer);
if (shutdown == true)
break;
log->debug("Cleanup thread running...");
// Ok, let's run through the cleanup process and clean out
// really old sessions. This is a two-pass process. The
// first pass is done holding a read-lock while we iterate over
// the database. The second pass doesn't need a lock because
// the 'deletes' will lock the database.
// Pass 1: iterate over the map and find all entries that have not been
// used in X hours
vector<string> stale_keys;
time_t stale = time(NULL) - timeout_life;
lock->rdlock();
for (map<string,InternalCCacheEntry*>::iterator i=m_hashtable.begin();
i != m_hashtable.end(); i++)
{
// If the last access was BEFORE the stale timeout...
i->second->lock();
time_t last=i->second->lastAccess();
i->second->unlock();
if (last < stale)
stale_keys.push_back(i->first);
}
lock->unlock();
log->info("deleting %d old items.", stale_keys.size());
// Pass 2: walk through the list of stale entries and remove them from
// the database
for (vector<string>::iterator j = stale_keys.begin(); j != stale_keys.end(); j++) {
remove (j->c_str());
// Transaction Logging
STConfig& stc=static_cast<STConfig&>(ShibTargetConfig::getConfig());
stc.getTransactionLog().infoStream() << "Purged expired session from memory (ID: " << j->c_str() << ")";
stc.releaseTransactionLog();
}
}
log->info("Cleanup thread finished.");
mutex->unlock();
delete mutex;
Thread::exit(NULL);
}
Override::Override(const DOMElement* e, Category& log, const Override* base) : m_base(base), m_acl(NULL)
{
try {
// Load the property set.
load(e,log,this);
// Load any AccessControl provider.
loadACL(e,log);
// Handle nested Paths.
DOMElement* path = XMLHelper::getFirstChildElement(e,Path);
for (int i=1; path; ++i, path=XMLHelper::getNextSiblingElement(path,Path)) {
const XMLCh* n=path->getAttributeNS(NULL,name);
// Skip any leading slashes.
while (n && *n==chForwardSlash)
n++;
// Check for empty name.
if (!n || !*n) {
log.warn("skipping Path element (%d) with empty name attribute", i);
continue;
}
// Check for an embedded slash.
int slash=XMLString::indexOf(n,chForwardSlash);
if (slash>0) {
// Copy the first path segment.
XMLCh* namebuf=new XMLCh[slash + 1];
for (int pos=0; pos < slash; pos++)
namebuf[pos]=n[pos];
namebuf[slash]=chNull;
// Move past the slash in the original pathname.
n=n+slash+1;
// Skip any leading slashes again.
while (*n==chForwardSlash)
n++;
if (*n) {
// Create a placeholder Path element for the first path segment and replant under it.
DOMElement* newpath=path->getOwnerDocument()->createElementNS(shibspconstants::SHIB2SPCONFIG_NS,Path);
newpath->setAttributeNS(NULL,name,namebuf);
path->setAttributeNS(NULL,name,n);
path->getParentNode()->replaceChild(newpath,path);
newpath->appendChild(path);
// Repoint our locals at the new parent.
path=newpath;
n=path->getAttributeNS(NULL,name);
}
else {
// All we had was a pathname with trailing slash(es), so just reset it without them.
path->setAttributeNS(NULL,name,namebuf);
n=path->getAttributeNS(NULL,name);
}
delete[] namebuf;
}
Override* o=new Override(path,log,this);
pair<bool,const char*> name=o->getString("name");
char* dup=strdup(name.second);
for (char* pch=dup; *pch; pch++)
*pch=tolower(*pch);
if (m_map.count(dup)) {
log.warn("Skipping duplicate Path element (%s)",dup);
free(dup);
delete o;
continue;
}
m_map[dup]=o;
free(dup);
}
}
catch (exception&) {
delete m_acl;
for_each(m_map.begin(),m_map.end(),xmltooling::cleanup_pair<string,Override>());
throw;
}
}
