Hi, actually with that flag I want the xmlSecKeysMngrGetKey() to
restrict the key lookup to the name only. For instance, I may have
several keys of same type and key size in the key store but for
different purpose. Without that flag, the manager tries to find a key
that matches the key type and size, but then it may return a bad one, or
am I wrong ?
Regards,
Frank
Le 28/04/2012 05:55, Aleksey Sanin a écrit :
Sorry, I am not sure I understand what you are trying to do with
this patch. The xmlSecKeysMngrGetKey() already stops if the key
is not found.
Aleksey
On 4/27/12 1:45 AM, Frank Gross wrote:
Hi, I modified the library to support that flag as following. It is
working for me, but I don't know if it is ok. Could you have a look and
tell me what you think ,thanks ?
Modified: gws/branches/gws-ext-libs-2.50/lib-aleksey-xmlsec1/src/src/keys.c
===================================================================
--- gws/branches/gws-ext-libs-2.50/lib-aleksey-xmlsec1/src/src/keys.c
2012-04-26 16:10:31 UTC (rev 114254)
+++ gws/branches/gws-ext-libs-2.50/lib-aleksey-xmlsec1/src/src/keys.c
2012-04-26 16:15:18 UTC (rev 114255)
@@ -1326,7 +1326,7 @@
*/
xmlSecKeyPtr
xmlSecKeysMngrGetKey(xmlNodePtr keyInfoNode, xmlSecKeyInfoCtxPtr
keyInfoCtx) {
- xmlSecKeyPtr key;
+ xmlSecKeyPtr key,key2;
int ret;
xmlSecAssert2(keyInfoCtx != NULL, NULL);
@@ -1361,23 +1361,30 @@
return(key);
}
}
- xmlSecKeyDestroy(key);
- /* if we have keys manager, try it */
- if(keyInfoCtx->keysMngr != NULL) {
- key = xmlSecKeysMngrFindKey(keyInfoCtx->keysMngr, NULL,
keyInfoCtx);
- if(key == NULL) {
+ if (keyInfoCtx->keysMngr==NULL) {
+ xmlSecKeyDestroy(key);
+ } else {
+ /* if we have keys manager, try it */
+ if
(keyInfoCtx->flags&XMLSEC_KEYINFO_FLAGS_KEYNAME_STOP_ON_UNKNOWN) {
+ key2 = xmlSecKeysMngrFindKey(keyInfoCtx->keysMngr, key->name,
keyInfoCtx);
+ } else {
+ key2 = xmlSecKeysMngrFindKey(keyInfoCtx->keysMngr, NULL,
keyInfoCtx);
+ }
+ xmlSecKeyDestroy(key);
+ if(key2 == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"xmlSecKeysMngrFindKey",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
+
return(NULL);
}
- if(xmlSecKeyGetValue(key) != NULL) {
- return(key);
+ if(xmlSecKeyGetValue(key2) != NULL) {
+ return(key2);
}
- xmlSecKeyDestroy(key);
+ xmlSecKeyDestroy(key2);
}
xmlSecError(XMLSEC_ERRORS_HERE,
Frank
Le 26/04/2012 17:19, Aleksey Sanin a écrit :
Probably not.
Aleksey
On 4/26/12 8:13 AM, Frank Gross wrote:
Hi,
I would like to use the flag called
XMLSEC_KEYINFO_FLAGS_KEYNAME_STOP_ON_UNKNOWN, but it doesn't seem to
work. It is defined in keyinfo.h but nowhere else. Is this flag active ?
Regards,
Frank
--
Frank GROSS
Software Engineer - Web Services
Four J's Development Tools - http://www.4js.com
_______________________________________________
xmlsec mailing list
xmlsec@aleksey.com
http://www.aleksey.com/mailman/listinfo/xmlsec
