summaryrefslogtreecommitdiff
path: root/xmlsecurity
diff options
context:
space:
mode:
authorJoachim Lingner <jl@openoffice.org>2009-11-09 16:49:25 +0100
committerJoachim Lingner <jl@openoffice.org>2009-11-09 16:49:25 +0100
commit571f1b108037267691784e09812ac9a3b624e805 (patch)
tree054450021a9d029ee7b816a2035454f5795dcf30 /xmlsecurity
parent1e0bc66d16aee28ce8bd9582ea32178c63841902 (diff)
jl137: #i103420# better allow tracing in product built depending on bootstrap var XMLSECURITY_TRACE
Diffstat (limited to 'xmlsecurity')
-rw-r--r--xmlsecurity/source/xmlsec/makefile.mk3
-rw-r--r--xmlsecurity/source/xmlsec/nss/secerror.cxx18
-rw-r--r--xmlsecurity/source/xmlsec/nss/secerror.hxx2
-rw-r--r--xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx34
-rw-r--r--xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.cxx24
5 files changed, 44 insertions, 37 deletions
diff --git a/xmlsecurity/source/xmlsec/makefile.mk b/xmlsecurity/source/xmlsec/makefile.mk
index 233b5c370620..0479c24e8c91 100644
--- a/xmlsecurity/source/xmlsec/makefile.mk
+++ b/xmlsecurity/source/xmlsec/makefile.mk
@@ -66,7 +66,8 @@ SLOFILES = \
$(SLO)$/certificateextension_xmlsecimpl.obj \
$(SLO)$/xmlstreamio.obj \
$(SLO)$/errorcallback.obj \
- $(SLO)$/xsec_xmlsec.obj
+ $(SLO)$/xsec_xmlsec.obj \
+ $(SLO)$/diagnose.obj
# --- Targets ------------------------------------------------------
diff --git a/xmlsecurity/source/xmlsec/nss/secerror.cxx b/xmlsecurity/source/xmlsec/nss/secerror.cxx
index 04406cce499e..71e108434484 100644
--- a/xmlsecurity/source/xmlsec/nss/secerror.cxx
+++ b/xmlsecurity/source/xmlsec/nss/secerror.cxx
@@ -27,11 +27,17 @@
* for a copy of the LGPLv3 License.
*
************************************************************************/
+
+
#include "secerr.h"
#include "sslerr.h"
#include "nspr.h"
#include "certt.h"
+#include "../diagnose.hxx"
+
+using namespace xmlsecurity;
+
struct ErrDesc {
PRErrorCode errNum;
const char * errString;
@@ -65,7 +71,7 @@ getCertError(PRErrorCode errNum)
}
void
-printChainFailure(FILE *outfile, CERTVerifyLog *log)
+printChainFailure(CERTVerifyLog *log)
{
unsigned int errorFlags = 0;
unsigned int depth = (unsigned int)-1;
@@ -75,17 +81,17 @@ printChainFailure(FILE *outfile, CERTVerifyLog *log)
if (log->count > 0)
{
- fprintf(outfile,"Bad certifcation path:\n");
+ xmlsec_trace("Bad certifcation path:");
for (node = log->head; node; node = node->next)
{
if (depth != node->depth)
{
depth = node->depth;
- fprintf(outfile,"Certificate: %d. %s %s:\n", depth,
+ xmlsec_trace("Certificate: %d. %s %s:", depth,
node->cert->subjectName,
depth ? "[Certificate Authority]": "");
}
- fprintf(outfile," ERROR %ld: %s\n", node->error,
+ xmlsec_trace(" ERROR %ld: %s", node->error,
getCertError(node->error));
specificError = NULL;
issuer = NULL;
@@ -151,9 +157,9 @@ printChainFailure(FILE *outfile, CERTVerifyLog *log)
break;
}
if (specificError)
- fprintf(stderr,"%s\n", specificError);
+ xmlsec_trace("%s", specificError);
if (issuer)
- fprintf(stderr, "%s\n", issuer);
+ xmlsec_trace("%s", issuer);
}
}
}
diff --git a/xmlsecurity/source/xmlsec/nss/secerror.hxx b/xmlsecurity/source/xmlsec/nss/secerror.hxx
index 951e638e3a72..732fef5fd03e 100644
--- a/xmlsecurity/source/xmlsec/nss/secerror.hxx
+++ b/xmlsecurity/source/xmlsec/nss/secerror.hxx
@@ -35,6 +35,6 @@ const char *
getCertError(PRErrorCode errNum);
void
-printChainFailure(FILE *outfile, CERTVerifyLog *log);
+printChainFailure(CERTVerifyLog *log);
#endif // _XSECERROR_HXX_
diff --git a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx
index 6f4e75ed2b8e..ed4fc24de4ce 100644
--- a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx
+++ b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx
@@ -42,7 +42,7 @@
#include "securityenvironment_nssimpl.hxx"
#include "x509certificate_nssimpl.hxx"
#include <rtl/uuid.h>
-
+#include "../diagnose.hxx"
#include <sal/types.h>
//For reasons that escape me, this is what xmlsec does when size_t is not 4
@@ -71,6 +71,7 @@
// MM : added for password exception
#include <com/sun/star/security/NoPasswordException.hpp>
namespace csss = ::com::sun::star::security;
+using namespace xmlsecurity;
using namespace ::com::sun::star::security;
using namespace com::sun::star;
using namespace ::com::sun::star::uno ;
@@ -773,7 +774,7 @@ verifyCertificate( const Reference< csss::XCertificate >& aCert,
throw RuntimeException() ;
}
- OSL_TRACE("[xmlsecurity] Start verification of certificate: \n %s \n",
+ xmlsec_trace("Start verification of certificate: \n %s \n",
OUStringToOString(
aCert->getSubjectName(), osl_getThreadTextEncoding()).getStr());
@@ -807,14 +808,14 @@ verifyCertificate( const Reference< csss::XCertificate >& aCert,
PR_TRUE /* copyDER */);
if (!certTmp)
{
- OSL_TRACE("[xmlsecurity] Failed to add a temporary certificate: %s",
+ xmlsec_trace("Failed to add a temporary certificate: %s",
OUStringToOString(intermediateCerts[i]->getIssuerName(),
osl_getThreadTextEncoding()).getStr());
}
else
{
- OSL_TRACE("[xmlsecurity] Added temporary certificate: %s",
+ xmlsec_trace("Added temporary certificate: %s",
certTmp->subjectName ? certTmp->subjectName : "");
vecTmpNSSCertificates.push_back(certTmp);
}
@@ -914,21 +915,20 @@ verifyCertificate( const Reference< csss::XCertificate >& aCert,
{certificateUsageSSLServer, "certificateUsageSSLServer" },
{certificateUsageSSLCA, "certificateUsageSSLCA" },
{certificateUsageEmailSigner, "certificateUsageEmailSigner"}, //only usable for end certs
-// {certificateUsageEmailRecipient, "certificateUsageEmailRecipient"},
-// {certificateUsageObjectSigner, "certificateUsageObjectSigner"}
+ {certificateUsageEmailRecipient, "certificateUsageEmailRecipient"}
};
int numUsages = sizeof(arUsages) / sizeof(UsageDescription);
for (int i = 0; i < numUsages; i++)
{
- OSL_TRACE("[xmlsecurity] Testing usage %d of %d: %s (0x%x)", i + 1,
+ xmlsec_trace("Testing usage %d of %d: %s (0x%x)", i + 1,
numUsages, arUsages[i].description, (int) arUsages[i].usage);
status = CERT_PKIXVerifyCert(const_cast<CERTCertificate *>(cert), arUsages[i].usage,
cvin, cvout, NULL);
if( status == SECSuccess )
{
- OSL_TRACE("[xmlsecurity] CERT_PKIXVerifyCert returned SECSuccess.");
+ xmlsec_trace("CERT_PKIXVerifyCert returned SECSuccess.");
//When an intermediate or root certificate is checked then we expect the usage
//certificateUsageSSLCA. This, however, will be only set when in the trust settings dialog
//the button "This certificate can identify websites" is checked. If for example only
@@ -939,11 +939,11 @@ verifyCertificate( const Reference< csss::XCertificate >& aCert,
//will be displayed as invalid.
validity = csss::CertificateValidity::VALID;
- OSL_TRACE("[xmlsecurity] Certificate is valid.\n");
+ xmlsec_trace("Certificate is valid.\n");
CERTCertificate * issuerCert = cvout[0].value.pointer.cert;
if (issuerCert)
{
- OSL_TRACE("[xmlsecurity] Root certificate: %s", issuerCert->subjectName);
+ xmlsec_trace("Root certificate: %s", issuerCert->subjectName);
CERT_DestroyCertificate(issuerCert);
};
@@ -951,17 +951,15 @@ verifyCertificate( const Reference< csss::XCertificate >& aCert,
}
else
{
-#if OSL_DEBUG_LEVEL > 1
PRIntn err = PR_GetError();
- fprintf(stderr, "Error: , %d = %s\n", err, getCertError(err));
-#endif
+ xmlsec_trace("Error: , %d = %s", err, getCertError(err));
+
/* Display validation results */
if ( log.count > 0)
{
CERTVerifyLogNode *node = NULL;
-#if OSL_DEBUG_LEVEL > 1
- printChainFailure(stderr, &log);
-#endif
+ printChainFailure(&log);
+
for (node = log.head; node; node = node->next) {
if (node->cert)
CERT_DestroyCertificate(node->cert);
@@ -969,7 +967,7 @@ verifyCertificate( const Reference< csss::XCertificate >& aCert,
log.head = log.tail = NULL;
log.count = 0;
}
- OSL_TRACE("[xmlsecurity] Certificate is invalid.");
+ xmlsec_trace("Certificate is invalid.\n");
}
}
@@ -983,7 +981,7 @@ verifyCertificate( const Reference< csss::XCertificate >& aCert,
std::vector<CERTCertificate*>::const_iterator cert_i;
for (cert_i = vecTmpNSSCertificates.begin(); cert_i != vecTmpNSSCertificates.end(); cert_i++)
{
- OSL_TRACE("[xmlsecurity] Destroying temporary certificate");
+ xmlsec_trace("Destroying temporary certificate");
CERT_DestroyCertificate(*cert_i);
}
return validity ;
diff --git a/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.cxx
index efa31c8e0ccb..f858a5a31421 100644
--- a/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.cxx
+++ b/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.cxx
@@ -64,6 +64,7 @@
#include <rtl/logfile.hxx>
#include "seinitializer_nssimpl.hxx"
+#include "../diagnose.hxx"
#include "securityenvironment_nssimpl.hxx"
#include <com/sun/star/mozilla/XMozillaBootstrap.hpp>
@@ -79,6 +80,7 @@ namespace cssu = com::sun::star::uno;
namespace cssl = com::sun::star::lang;
namespace cssxc = com::sun::star::xml::crypto;
+using namespace xmlsecurity;
using namespace com::sun::star;
using ::rtl::OUString;
using ::rtl::OString;
@@ -142,7 +144,7 @@ void deleteRootsModule()
{
if (PK11_HasRootCerts(slot))
{
- OSL_TRACE("[xmlsecurity] The root certifificates module \"%s"
+ xmlsec_trace("The root certifificates module \"%s"
"\" is already loaded: \n%s",
module->commonName, module->dllName);
@@ -160,11 +162,11 @@ void deleteRootsModule()
PRInt32 modType;
if (SECSuccess == SECMOD_DeleteModule(RootsModule->commonName, &modType))
{
- OSL_TRACE("[xmlsecurity] Deleted module \"%s\".", RootsModule->commonName);
+ xmlsec_trace("Deleted module \"%s\".", RootsModule->commonName);
}
else
{
- OSL_TRACE("[xmlsecurity] Failed to delete \"%s\" : \n%s",
+ xmlsec_trace("Failed to delete \"%s\" : \n%s",
RootsModule->commonName, RootsModule->dllName);
}
SECMOD_DestroyModule(RootsModule);
@@ -197,7 +199,7 @@ bool nsscrypto_initialize( const char* token, bool & out_nss_init )
{
bool return_value = true;
- OSL_TRACE("[xmlsecurity] Using profile: %s", token);
+ xmlsec_trace("Using profile: %s", token);
PR_Init( PR_USER_THREAD, PR_PRIORITY_NORMAL, 1 ) ;
@@ -250,18 +252,18 @@ bool nsscrypto_initialize( const char* token, bool & out_nss_init )
SECMOD_DestroyModule(RootsModule);
RootsModule = 0;
if (found)
- OSL_TRACE("[xmlsecurity] Added new root certificate module "
+ xmlsec_trace("Added new root certificate module "
"\""ROOT_CERTS"\" contained in \n%s", ospath.getStr());
else
{
- OSL_TRACE("[xmlsecurity] FAILED to load the new root certificate module "
+ xmlsec_trace("FAILED to load the new root certificate module "
"\""ROOT_CERTS"\" contained in \n%s", ospath.getStr());
return_value = false;
}
}
else
{
- OSL_TRACE("[xmlsecurity] FAILED to add new root certifice module: "
+ xmlsec_trace("FAILED to add new root certifice module: "
"\""ROOT_CERTS"\" contained in \n%s", ospath.getStr());
return_value = false;
@@ -269,7 +271,7 @@ bool nsscrypto_initialize( const char* token, bool & out_nss_init )
}
else
{
- OSL_TRACE("[xmlsecurity] Adding new root certificate module failed.");
+ xmlsec_trace("Adding new root certificate module failed.");
return_value = false;
}
#if SYSTEM_MOZILLA
@@ -290,17 +292,17 @@ extern "C" void nsscrypto_finalize()
if (SECSuccess == SECMOD_UnloadUserModule(RootsModule))
{
- OSL_TRACE("[xmlsecurity] Unloaded module \""ROOT_CERTS"\".");
+ xmlsec_trace("Unloaded module \""ROOT_CERTS"\".");
}
else
{
- OSL_TRACE("[xmlsecurity] Failed unloadeding module \""ROOT_CERTS"\".");
+ xmlsec_trace("Failed unloadeding module \""ROOT_CERTS"\".");
}
SECMOD_DestroyModule(RootsModule);
}
else
{
- OSL_TRACE("[xmlsecurity] Unloading module \""ROOT_CERTS
+ xmlsec_trace("Unloading module \""ROOT_CERTS
"\" failed because it was not found.");
}
PK11_LogoutAll();