/**
* xmlXIncludeLoadTxt:
* @ctxt: the XInclude context
* @url: the associated URL
* @nr: the xinclude node number
*
* Load the content, and store the result in the XInclude context
*/
static void
xmlXIncludeLoadTxt(xmlXIncludeCtxtPtr ctxt, const xmlChar *url, int nr) {
xmlParserInputBufferPtr buf;
xmlNodePtr node;
xmlURIPtr uri;
xmlChar *URL;
int i;
/*
* Check the URL and remove any fragment identifier
*/
uri = xmlParseURI((const char *)url);
if (uri == NULL) {
xmlGenericError(xmlGenericErrorContext,
"XInclude: invalid value URI %s\n", url);
return;
}
if (uri->fragment != NULL) {
xmlGenericError(xmlGenericErrorContext,
"XInclude: fragment identifier forbidden for text: %s\n",
uri->fragment);
xmlFreeURI(uri);
return;
}
URL = xmlSaveUri(uri);
xmlFreeURI(uri);
if (URL == NULL) {
xmlGenericError(xmlGenericErrorContext,
"XInclude: invalid value URI %s\n", url);
return;
}
/*
* Handling of references to the local document are done
* directly through ctxt->doc.
*/
if (URL[0] == 0) {
xmlGenericError(xmlGenericErrorContext,
"XInclude: text serialization of document not available\n");
xmlFree(URL);
return;
}
/*
* Prevent reloading twice the document.
*/
for (i = 0; i < ctxt->txtNr; i++) {
if (xmlStrEqual(URL, ctxt->txturlTab[i])) {
node = xmlCopyNode(ctxt->txtTab[i], 1);
goto loaded;
}
}
/*
* Load it.
* Issue 62: how to detect the encoding
*/
buf = xmlParserInputBufferCreateFilename((const char *)URL, 0);
if (buf == NULL) {
xmlGenericError(xmlGenericErrorContext,
"XInclude: could not load %s\n", URL);
xmlFree(URL);
return;
}
node = xmlNewText(NULL);
/*
* Scan all chars from the resource and add the to the node
*/
while (xmlParserInputBufferRead(buf, 128) > 0) {
int len;
const xmlChar *content;
content = xmlBufferContent(buf->buffer);
len = xmlBufferLength(buf->buffer);
for (i = 0; i < len; i++) {
/*
* TODO: if the encoding issue is solved, scan UTF8 chars instead
*/
if (!IS_CHAR(content[i])) {
xmlGenericError(xmlGenericErrorContext,
"XInclude: %s contains invalid char %d\n", URL, content[i]);
} else {
xmlNodeAddContentLen(node, &content[i], 1);
}
}
xmlBufferShrink(buf->buffer, len);
}
xmlFreeParserInputBuffer(buf);
xmlXIncludeAddTxt(ctxt, node, URL);
loaded:
/*
* Add the element as the replacement copy.
*/
ctxt->repTab[nr] = node;
xmlFree(URL);
}
/**
* verify_request:
* @mng: the keys manager
*
* Verifies XML signature in the request (stdin).
*
* Returns 0 on success or a negative value if an error occurs.
*/
int
verify_request(xmlSecKeysMngrPtr mngr) {
xmlBufferPtr buffer = NULL;
char buf[256];
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecDSigCtxPtr dsigCtx = NULL;
int ret;
int res = -1;
assert(mngr);
/* load request in the buffer */
buffer = xmlBufferCreate();
if(buffer == NULL) {
fprintf(stdout,"Error: failed to create buffer\n");
goto done;
}
while(!feof(stdin)) {
ret = fread(buf, 1, sizeof(buf), stdin);
if(ret < 0) {
fprintf(stdout,"Error: read failed\n");
goto done;
}
xmlBufferAdd(buffer, buf, ret);
}
/* is the document subbmitted from the form? */
if(strncmp((char*)xmlBufferContent(buffer), "_xmldoc=", 8) == 0) {
xmlBufferShrink(buffer, 8);
buffer->use = url_decode((char*)xmlBufferContent(buffer), xmlBufferLength(buffer));
}
/**
* Load doc
*/
doc = xmlReadMemory(xmlBufferContent(buffer), xmlBufferLength(buffer),
NULL, NULL,
XML_PARSE_NOENT | XML_PARSE_NOCDATA |
XML_PARSE_PEDANTIC | XML_PARSE_NOCDATA);
if (doc == NULL) {
fprintf(stdout, "Error: unable to parse xml document (syntax error)\n");
goto done;
}
/*
* Check the document is of the right kind
*/
if(xmlDocGetRootElement(doc) == NULL) {
fprintf(stdout,"Error: empty document\n");
goto done;
}
/* find start node */
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
if(node == NULL) {
fprintf(stdout, "Error: start <dsig:Signature/> node not found\n");
goto done;
}
/* create signature context */
dsigCtx = xmlSecDSigCtxCreate(mngr);
if(dsigCtx == NULL) {
fprintf(stdout,"Error: failed to create signature context\n");
goto done;
}
/* we would like to store and print out everything */
/* actually we would not because it opens a security hole
dsigCtx->flags = XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES |
XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES |
XMLSEC_DSIG_FLAGS_STORE_SIGNATURE;
*/
/* Verify signature */
if(xmlSecDSigCtxVerify(dsigCtx, node) < 0) {
fprintf(stdout,"Error: signature verification failed\n");
goto done;
}
/* print verification result to stdout */
if(dsigCtx->status == xmlSecDSigStatusSucceeded) {
fprintf(stdout, "RESULT: Signature is OK\n");
} else {
fprintf(stdout, "RESULT: Signature is INVALID\n");
}
fprintf(stdout, "---------------------------------------------------\n");
xmlSecDSigCtxDebugDump(dsigCtx, stdout);
/* success */
res = 0;
done:
/* cleanup */
if(dsigCtx != NULL) {
xmlSecDSigCtxDestroy(dsigCtx);
}
if(doc != NULL) {
xmlFreeDoc(doc);
}
if(buffer != NULL) {
xmlBufferFree(buffer);
}
return(res);
}
