Skip to content

C
core
Kaydet (Commit) 595e446a authored tarafından Tor Lillqvist's avatar Tor Lillqvist
Dosyalara gözat
Seçenekler

Get rid of xmlsec_trace() and use SAL_INFO("xmlsecurity.xmlsec") 

Change-Id: I3e1db89de2019285ce313f9bae1375a5b82f6383
üst 662af47c
Hide whitespace changes
Inline Side-by-side
Showing with 53 additions and 178 deletions
xmlsecurity/Library_xsec_xmlsec.mk
Dosyayı görüntüle @ 595e446a
......@@ -58,7 +58,6 @@ $(eval $(call gb_Library_add_exception_objects,xsec_xmlsec,\
xmlsecurity/source/xmlsec/biginteger \
xmlsecurity/source/xmlsec/certificateextension_xmlsecimpl \
xmlsecurity/source/xmlsec/certvalidity \
xmlsecurity/source/xmlsec/diagnose \
xmlsecurity/source/xmlsec/errorcallback \
xmlsecurity/source/xmlsec/saxhelper \
xmlsecurity/source/xmlsec/serialnumberadapter \
......
xmlsecurity/source/xmlsec/diagnose.cxx deleted 100644 → 0
Dosyayı görüntüle @ 662af47c
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/*
* This file is part of the LibreOffice project.
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* This file incorporates work covered by the following license notice:
*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed
* with this work for additional information regarding copyright
* ownership. The ASF licenses this file to you under the Apache
* License, Version 2.0 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.apache.org/licenses/LICENSE-2.0 .
*/
#include "diagnose.hxx"
#include <stdio.h>
#include <stdarg.h>
#include <rtl/instance.hxx>
#include <rtl/bootstrap.hxx>
namespace xmlsecurity {
struct UseDiagnose : public rtl::StaticWithInit< bool, UseDiagnose>
{
bool operator () () const
{
OUString value;
bool res = rtl::Bootstrap::get( OUString("XMLSECURITY_TRACE"), value);
return res;
}
};
/* the function will print the string when
- build with debug
- the bootstrap variable XMLSECURITY_TRACE is set.
*/
void xmlsec_trace(const char* pszFormat, ...)
{
bool bDebug = false;
#if OSL_DEBUG_LEVEL > 1
bDebug = true;
#endif
if (bDebug || UseDiagnose::get())
{
va_list args;
fprintf(stderr, "[xmlsecurity] ");
va_start(args, pszFormat);
vfprintf(stderr, pszFormat, args);
va_end(args);
fprintf(stderr,"\n");
fflush(stderr);
}
}
}
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
xmlsecurity/source/xmlsec/diagnose.hxx deleted 100644 → 0
Dosyayı görüntüle @ 662af47c
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/*
* This file is part of the LibreOffice project.
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* This file incorporates work covered by the following license notice:
*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed
* with this work for additional information regarding copyright
* ownership. The ASF licenses this file to you under the Apache
* License, Version 2.0 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.apache.org/licenses/LICENSE-2.0 .
*/
#ifndef INCLUDED_XMLSECURITY_SOURCE_XMLSEC_DIAGNOSE_HXX
#define INCLUDED_XMLSECURITY_SOURCE_XMLSEC_DIAGNOSE_HXX
namespace xmlsecurity
{
void xmlsec_trace(const char* pszFormat, ...);
}
#endif // INCLUDED_XMLSECURITY_SOURCE_XMLSEC_DIAGNOSE_HXX
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx
Dosyayı görüntüle @ 595e446a
......@@ -40,13 +40,11 @@
#include <xmlsecurity/biginteger.hxx>
#include <sal/log.hxx>
#include <rtl/locale.h>
#include <osl/nlsupport.h>
#include <osl/process.h>
#include "../diagnose.hxx"
using namespace xmlsecurity;
using namespace ::com::sun::star::uno ;
using namespace ::com::sun::star::lang ;
using ::com::sun::star::lang::XMultiServiceFactory ;
......@@ -94,13 +92,12 @@ CertErrorToString arErrStrings[] =
void traceTrustStatus(DWORD err)
{
xmlsec_trace("The certificate error status is: ");
if (err == 0)
xmlsec_trace("%s", arErrStrings[0].name);
SAL_INFO("xmlsecurity.xmlsec", " " << arErrStrings[0].name);
for (int i = 1; i < SAL_N_ELEMENTS(arErrStrings); i++)
{
if (arErrStrings[i].error & err)
xmlsec_trace("%s", arErrStrings[i].name);
SAL_INFO("xmlsecurity.xmlsec", " " << arErrStrings[i].name);
}
}
......@@ -907,10 +904,7 @@ HCERTSTORE getCertStoreForIntermediatCerts(
for (int i = 0; i < seqCerts.getLength(); i++)
{
xmlsec_trace("Added temporary certificate: \n%s",
OUStringToOString(seqCerts[i]->getSubjectName(),
osl_getThreadTextEncoding()).getStr());
SAL_INFO("xmlsecurity.xmlsec", "Added temporary certificate: " << seqCerts[i]->getSubjectName());
Sequence<sal_Int8> data = seqCerts[i]->getEncoded();
PCCERT_CONTEXT cert = CertCreateCertificateContext(
......@@ -942,9 +936,7 @@ sal_Int32 SecurityEnvironment_MSCryptImpl :: verifyCertificate(
throw RuntimeException() ;
}
xmlsec_trace("Start verification of certificate: \n %s",
OUStringToOString(
aCert->getSubjectName(), osl_getThreadTextEncoding()).getStr());
SAL_INFO("xmlsecurity.xmlsec", "Start verification of certificate: " << aCert->getSubjectName());
xcert = ( X509Certificate_MSCryptImpl* )xCertTunnel->getSomething( X509Certificate_MSCryptImpl::getUnoTunnelId() ) ;
if( xcert == NULL ) {
......@@ -1007,7 +999,7 @@ sal_Int32 SecurityEnvironment_MSCryptImpl :: verifyCertificate(
//CertGetCertificateChain searches by default in MY, CA, ROOT and TRUST
//We do not check revocation of the root. In most cases there are none.
//Then we would get CERT_TRUST_REVOCATION_STATUS_UNKNOWN
xmlsec_trace("Verifying cert using revocation information.");
SAL_INFO("xmlsecurity.xmlsec", "Verifying cert using revocation information.");
bChain = CertGetCertificateChain(
NULL ,
pCertContext ,
......@@ -1020,11 +1012,11 @@ sal_Int32 SecurityEnvironment_MSCryptImpl :: verifyCertificate(
if (bChain && pChainContext->cChain > 0)
{
xmlsec_trace("Overall error status (all chains):");
SAL_INFO("xmlsecurity.xmlsec", "Overall error status (all chains):");
traceTrustStatus(pChainContext->TrustStatus.dwErrorStatus);
//highest quality chains come first
PCERT_SIMPLE_CHAIN pSimpleChain = pChainContext->rgpChain[0];
xmlsec_trace("Error status of first chain: ");
SAL_INFO("xmlsecurity.xmlsec", "Error status of first chain:");
traceTrustStatus(pSimpleChain->TrustStatus.dwErrorStatus);
//CERT_TRUST_REVOCATION_STATUS_UNKNOWN is also set if a certificate
......@@ -1044,7 +1036,7 @@ sal_Int32 SecurityEnvironment_MSCryptImpl :: verifyCertificate(
//we test again, without requiring revocation checking.
CertFreeCertificateChain(pChainContext);
pChainContext = NULL;
xmlsec_trace("Checking again but without requiring revocation information.");
SAL_INFO("xmlsecurity.xmlsec", "Checking again but without requiring revocation information.");
bChain = CertGetCertificateChain(
NULL ,
pCertContext ,
......@@ -1058,31 +1050,31 @@ sal_Int32 SecurityEnvironment_MSCryptImpl :: verifyCertificate(
&& pChainContext->cChain > 0
&& pChainContext->rgpChain[0]->TrustStatus.dwErrorStatus == CERT_TRUST_NO_ERROR)
{
xmlsec_trace("Certificate is valid.\n");
SAL_INFO("xmlsecurity.xmlsec", "Certificate is valid.");
validity = ::com::sun::star::security::CertificateValidity::VALID;
}
else
{
xmlsec_trace("Certificate is invalid.\n");
SAL_INFO("xmlsecurity.xmlsec", "Certificate is invalid.");
}
}
else
{
//valid and revocation information available
xmlsec_trace("Certificate is valid.\n");
SAL_INFO("xmlsecurity.xmlsec", "Certificate is valid.");
validity = ::com::sun::star::security::CertificateValidity::VALID;
}
}
else
{
//invalid
xmlsec_trace("Certificate is invalid.\n");
SAL_INFO("xmlsecurity.xmlsec", "Certificate is invalid.");
validity = ::com::sun::star::security::CertificateValidity::INVALID ;
}
}
else
{
xmlsec_trace("CertGetCertificateChaine failed.\n");
SAL_INFO("xmlsecurity.xmlsec", "CertGetCertificateChaine failed.");
}
}
......
xmlsecurity/source/xmlsec/nss/nssinitializer.cxx
Dosyayı görüntüle @ 595e446a
......@@ -44,7 +44,6 @@
#include <sal/log.hxx>
#include "seinitializer_nssimpl.hxx"
#include "../diagnose.hxx"
#include "securityenvironment_nssimpl.hxx"
#include "digestcontext.hxx"
......@@ -62,7 +61,6 @@
namespace cssu = css::uno;
namespace cssl = css::lang;
using namespace xmlsecurity;
using namespace com::sun::star;
#define IMPLEMENTATION_NAME "com.sun.star.xml.security.bridge.xmlsec.NSSInitializer_NssImpl"
......@@ -124,9 +122,7 @@ void deleteRootsModule()
{
if (PK11_HasRootCerts(slot))
{
xmlsec_trace("The root certifificates module \"%s"
"\" is already loaded: \n%s",
module->commonName, module->dllName);
SAL_INFO("xmlsecurity.xmlsec", "The root certifificates module \"" << module->commonName << "\" is already loaded: " << module->dllName);
RootsModule = SECMOD_ReferenceModule(module);
break;
......@@ -142,12 +138,11 @@ void deleteRootsModule()
PRInt32 modType;
if (SECSuccess == SECMOD_DeleteModule(RootsModule->commonName, &modType))
{
xmlsec_trace("Deleted module \"%s\".", RootsModule->commonName);
SAL_INFO("xmlsecurity.xmlsec", "Deleted module \"" << RootsModule->commonName << "\".");
}
else
{
xmlsec_trace("Failed to delete \"%s\" : \n%s",
RootsModule->commonName, RootsModule->dllName);
SAL_INFO("xmlsecurity.xmlsec", "Failed to delete \"" << RootsModule->commonName << "\": " << RootsModule->dllName);
}
SECMOD_DestroyModule(RootsModule);
RootsModule = 0;
......@@ -256,7 +251,7 @@ bool nsscrypto_initialize( const css::uno::Reference< css::uno::XComponentContex
#else
(void) rxContext;
#endif
xmlsec_trace( "Using profile: %s", sCertDir.getStr() );
SAL_INFO("xmlsecurity.xmlsec", "Using profile: " << sCertDir.getStr() );
PR_Init( PR_USER_THREAD, PR_PRIORITY_NORMAL, 1 ) ;
......@@ -266,13 +261,13 @@ bool nsscrypto_initialize( const css::uno::Reference< css::uno::XComponentContex
{
if( NSS_InitReadWrite( sCertDir.getStr() ) != SECSuccess )
{
xmlsec_trace("Initializing NSS with profile failed.");
SAL_INFO("xmlsecurity.xmlsec", "Initializing NSS with profile failed.");
int errlen = PR_GetErrorTextLength();
if(errlen > 0)
{
boost::scoped_array<char> const error(new char[errlen + 1]);
PR_GetErrorText(error.get());
xmlsec_trace("%s", error.get());
SAL_INFO("xmlsecurity.xmlsec", error.get());
}
bSuccess = false;
}
......@@ -280,16 +275,16 @@ bool nsscrypto_initialize( const css::uno::Reference< css::uno::XComponentContex
if( sCertDir.isEmpty() || !bSuccess )
{
xmlsec_trace("Initializing NSS without profile.");
SAL_INFO("xmlsecurity.xmlsec", "Initializing NSS without profile.");
if ( NSS_NoDB_Init(NULL) != SECSuccess )
{
xmlsec_trace("Initializing NSS without profile failed.");
SAL_INFO("xmlsecurity.xmlsec", "Initializing NSS without profile failed.");
int errlen = PR_GetErrorTextLength();
if(errlen > 0)
{
boost::scoped_array<char> const error(new char[errlen + 1]);
PR_GetErrorText(error.get());
xmlsec_trace("%s", error.get());
SAL_INFO("xmlsecurity.xmlsec", error.get());
}
return false ;
}
......@@ -330,26 +325,23 @@ bool nsscrypto_initialize( const css::uno::Reference< css::uno::XComponentContex
SECMOD_DestroyModule(RootsModule);
RootsModule = 0;
if (found)
xmlsec_trace("Added new root certificate module "
"\"" ROOT_CERTS "\" contained in \n%s", ospath.getStr());
SAL_INFO("xmlsecurity.xmlsec", "Added new root certificate module " ROOT_CERTS " contained in " << ospath);
else
{
xmlsec_trace("FAILED to load the new root certificate module "
"\"" ROOT_CERTS "\" contained in \n%s", ospath.getStr());
SAL_INFO("xmlsecurity.xmlsec", "FAILED to load the new root certificate module " ROOT_CERTS "contained in " << ospath);
return_value = false;
}
}
else
{
xmlsec_trace("FAILED to add new root certifice module: "
"\"" ROOT_CERTS "\" contained in \n%s", ospath.getStr());
SAL_INFO("xmlsecurity.xmlsec", "FAILED to add new root certifice module " ROOT_CERTS " contained in " << ospath);
return_value = false;
}
}
else
{
xmlsec_trace("Adding new root certificate module failed.");
SAL_INFO("xmlsecurity.xmlsec", "Adding new root certificate module failed.");
return_value = false;
}
}
......@@ -370,18 +362,17 @@ extern "C" void nsscrypto_finalize()
if (SECSuccess == SECMOD_UnloadUserModule(RootsModule))
{
xmlsec_trace("Unloaded module \"" ROOT_CERTS "\".");
SAL_INFO("xmlsecurity.xmlsec", "Unloaded module \"" ROOT_CERTS "\".");
}
else
{
xmlsec_trace("Failed unloading module \"" ROOT_CERTS "\".");
SAL_INFO("xmlsecurity.xmlsec", "Failed unloading module \"" ROOT_CERTS "\".");
}
SECMOD_DestroyModule(RootsModule);
}
else
{
xmlsec_trace("Unloading module \"" ROOT_CERTS
"\" failed because it was not found.");
SAL_INFO("xmlsecurity.xmlsec", "Unloading module \"" ROOT_CERTS "\" failed because it was not found.");
}
PK11_LogoutAll();
NSS_Shutdown();
......
xmlsecurity/source/xmlsec/nss/secerror.cxx
Dosyayı görüntüle @ 595e446a
......@@ -24,13 +24,10 @@
#include "nspr.h"
#include "nss.h"
#include "certt.h"
#include <sal/log.hxx>
#include <sal/macros.h>
#include <sal/types.h>
#include "../diagnose.hxx"
using namespace xmlsecurity;
struct ErrDesc {
PRErrorCode errNum;
const char * errString;
......@@ -73,19 +70,19 @@ printChainFailure(CERTVerifyLog *log)
if (log->count > 0)
{
xmlsec_trace("Bad certifcation path:");
SAL_INFO("xmlsecurity.xmlsec", "Bad certifcation path:");
unsigned long errorFlags = 0;
for (node = log->head; node; node = node->next)
{
if (depth != node->depth)
{
depth = node->depth;
xmlsec_trace("Certificate: %d. %s %s:", depth,
node->cert->subjectName,
depth ? "[Certificate Authority]": "");
SAL_INFO("xmlsecurity.xmlsec", "Certificate: " << depth <<
node->cert->subjectName << ": " <<
(depth ? "[Certificate Authority]": ""));
}
xmlsec_trace(" ERROR %ld: %s", node->error,
getCertError(node->error));
SAL_INFO("xmlsecurity.xmlsec", " ERROR " << node->error << ": " <<
getCertError(node->error));
specificError = NULL;
issuer = NULL;
switch (node->error)
......@@ -152,9 +149,9 @@ printChainFailure(CERTVerifyLog *log)
break;
}
if (specificError)
xmlsec_trace("%s", specificError);
SAL_INFO("xmlsecurity.xmlsec", specificError);
if (issuer)
xmlsec_trace("%s", issuer);
SAL_INFO("xmlsecurity.xmlsec", issuer);
}
}
}
......
xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx
Dosyayı görüntüle @ 595e446a
......@@ -27,7 +27,6 @@
#include "securityenvironment_nssimpl.hxx"
#include "x509certificate_nssimpl.hxx"
#include <comphelper/servicehelper.hxx>
#include "../diagnose.hxx"
#include "xmlsecurity/xmlsec-wrapper.h"
......@@ -46,7 +45,6 @@
// added for password exception
#include <com/sun/star/security/NoPasswordException.hpp>
namespace csss = ::com::sun::star::security;
using namespace xmlsecurity;
using namespace ::com::sun::star::security;
using namespace com::sun::star;
using namespace ::com::sun::star::uno ;
......@@ -698,9 +696,7 @@ verifyCertificate( const Reference< csss::XCertificate >& aCert,
throw RuntimeException() ;
}
xmlsec_trace("Start verification of certificate: \n %s \n",
OUStringToOString(
aCert->getSubjectName(), osl_getThreadTextEncoding()).getStr());
SAL_INFO("xmlsecurity.xmlsec", "Start verification of certificate: " << aCert->getSubjectName());
xcert = reinterpret_cast<X509Certificate_NssImpl*>(
sal::static_int_cast<sal_uIntPtr>(xCertTunnel->getSomething( X509Certificate_NssImpl::getUnoTunnelId() ))) ;
......@@ -732,15 +728,13 @@ verifyCertificate( const Reference< csss::XCertificate >& aCert,
PR_TRUE /* copyDER */);
if (!certTmp)
{
xmlsec_trace("Failed to add a temporary certificate: %s",
OUStringToOString(intermediateCerts[i]->getIssuerName(),
osl_getThreadTextEncoding()).getStr());
SAL_INFO("xmlsecurity.xmlsec", "Failed to add a temporary certificate: " << intermediateCerts[i]->getIssuerName());
}
else
{
xmlsec_trace("Added temporary certificate: %s",
certTmp->subjectName ? certTmp->subjectName : "");
SAL_INFO("xmlsecurity.xmlsec", "Added temporary certificate: " <<
(certTmp->subjectName ? certTmp->subjectName : ""));
vecTmpNSSCertificates.push_back(certTmp);
}
}
......@@ -847,14 +841,16 @@ verifyCertificate( const Reference< csss::XCertificate >& aCert,
int numUsages = SAL_N_ELEMENTS(arUsages);
for (int i = 0; i < numUsages; i++)
{
xmlsec_trace("Testing usage %d of %d: %s (0x%x)", i + 1,
numUsages, arUsages[i].description, (int) arUsages[i].usage);
SAL_INFO("xmlsecurity.xmlsec", "Testing usage " << i+1 <<
" of " << numUsages << ": " <<
arUsages[i].description <<
" (0x" << std::hex << (int) arUsages[i].usage << ")" << std::dec);
status = CERT_PKIXVerifyCert(const_cast<CERTCertificate *>(cert), arUsages[i].usage,
cvin, cvout, NULL);
if( status == SECSuccess )
{
xmlsec_trace("CERT_PKIXVerifyCert returned SECSuccess.");
SAL_INFO("xmlsecurity.xmlsec", "CERT_PKIXVerifyCert returned SECSuccess.");
//When an intermediate or root certificate is checked then we expect the usage
//certificateUsageSSLCA. This, however, will be only set when in the trust settings dialog
//the button "This certificate can identify websites" is checked. If for example only
......@@ -865,11 +861,11 @@ verifyCertificate( const Reference< csss::XCertificate >& aCert,
//will be displayed as invalid.
validity = csss::CertificateValidity::VALID;
xmlsec_trace("Certificate is valid.\n");
SAL_INFO("xmlsecurity.xmlsec", "Certificate is valid.");
CERTCertificate * issuerCert = cvout[0].value.pointer.cert;
if (issuerCert)
{
xmlsec_trace("Root certificate: %s", issuerCert->subjectName);
SAL_INFO("xmlsecurity.xmlsec", "Root certificate: " << issuerCert->subjectName);
CERT_DestroyCertificate(issuerCert);
};
......@@ -878,7 +874,7 @@ verifyCertificate( const Reference< csss::XCertificate >& aCert,
else
{
PRIntn err = PR_GetError();
xmlsec_trace("Error: , %d = %s", err, getCertError(err));
SAL_INFO("xmlsecurity.xmlsec", "Error: " << err << ": " << getCertError(err));
/* Display validation results */
if ( log.count > 0)
......@@ -893,7 +889,7 @@ verifyCertificate( const Reference< csss::XCertificate >& aCert,
log.head = log.tail = NULL;
log.count = 0;
}
xmlsec_trace("Certificate is invalid.\n");
SAL_INFO("xmlsecurity.xmlsec", "Certificate is invalid.");
}
}
......@@ -907,7 +903,7 @@ verifyCertificate( const Reference< csss::XCertificate >& aCert,
std::vector<CERTCertificate*>::const_iterator cert_i;
for (cert_i = vecTmpNSSCertificates.begin(); cert_i != vecTmpNSSCertificates.end(); ++cert_i)
{
xmlsec_trace("Destroying temporary certificate");
SAL_INFO("xmlsecurity.xmlsec", "Destroying temporary certificate");
CERT_DestroyCertificate(*cert_i);
}
return validity ;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment