diff options
| author | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2019-01-10 22:34:26 +0200 |
|---|---|---|
| committer | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2019-01-11 22:48:39 +0200 |
| commit | dbbfe1e3b032a1ecf8e2c84eca5fa74728f257f2 (patch) | |
| tree | b33bc081580a45afac539fe9101897159c505532 | |
| parent | 4d1e36c43f70e43c66055f46fd092799a025a111 (diff) | |
| download | pysaml2-dbbfe1e3b032a1ecf8e2c84eca5fa74728f257f2.tar.gz | |
Remove validate_output parameter from _run_xmlsec
All callers set it to false, but one which calls the validation method itself
after the call to _run_xmlsec (which means that validation is done twice).
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
| -rw-r--r-- | src/saml2/sigver.py | 25 | ||||
| -rw-r--r-- | tests/test_42_enc.py | 4 |
2 files changed, 6 insertions, 23 deletions
diff --git a/src/saml2/sigver.py b/src/saml2/sigver.py index a18c6c4b..e66d4dfa 100644 --- a/src/saml2/sigver.py +++ b/src/saml2/sigver.py @@ -592,7 +592,6 @@ def verify_redirect_signature(saml_msg, crypto, cert=None, sigkey=None): LOG_LINE = 60 * '=' + '\n%s\n' + 60 * '-' + '\n%s' + 60 * '=' -LOG_LINE_2 = 60 * '=' + '\n%s\n%s\n' + 60 * '-' + '\n%s' + 60 * '=' def make_str(txt): @@ -727,9 +726,7 @@ class CryptoBackendXmlSec1(CryptoBackend): if xpath: com_list.extend(['--node-xpath', xpath]) - (_stdout, _stderr, output) = self._run_xmlsec( - com_list, [template], validate_output=False - ) + (_stdout, _stderr, output) = self._run_xmlsec(com_list, [template]) return output @@ -770,9 +767,7 @@ class CryptoBackendXmlSec1(CryptoBackend): if node_id: com_list.extend(['--node-id', node_id]) - (_stdout, _stderr, output) = self._run_xmlsec( - com_list, [tmpl], validate_output=False - ) + (_stdout, _stderr, output) = self._run_xmlsec(com_list, [tmpl]) os.unlink(fil) if not output: @@ -799,9 +794,7 @@ class CryptoBackendXmlSec1(CryptoBackend): ENC_KEY_CLASS, ] - (_stdout, _stderr, output) = self._run_xmlsec( - com_list, [fil], validate_output=False - ) + (_stdout, _stderr, output) = self._run_xmlsec(com_list, [fil]) return output.decode('utf-8') def sign_statement(self, statement, node_name, key_file, node_id, id_attr): @@ -838,7 +831,7 @@ class CryptoBackendXmlSec1(CryptoBackend): try: (stdout, stderr, signed_statement) = self._run_xmlsec( - com_list, [fil], validate_output=False + com_list, [fil] ) # this doesn't work if --store-signatures are used @@ -888,13 +881,12 @@ class CryptoBackendXmlSec1(CryptoBackend): return parse_xmlsec_output(stderr) - def _run_xmlsec(self, com_list, extra_args, validate_output=True): + def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters - :param validate_output: Parse and validate the output :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix='.xml', delete=self._xmlsec_delete_tmpfiles) as ntf: @@ -913,13 +905,6 @@ class CryptoBackendXmlSec1(CryptoBackend): raise XmlsecError('{err_code}:{err_msg}'.format( err_code=pof.returncode, err_msg=p_err)) - try: - if validate_output: - parse_xmlsec_output(p_err) - except XmlsecError as exc: - logger.error(LOG_LINE_2, p_out, p_err, exc) - raise - ntf.seek(0) return p_out, p_err, ntf.read() diff --git a/tests/test_42_enc.py b/tests/test_42_enc.py index d5c348f1..c29eca1e 100644 --- a/tests/test_42_enc.py +++ b/tests/test_42_enc.py @@ -72,9 +72,7 @@ def test_enc1(): "--node-xpath", ASSERT_XPATH] crypto = CryptoBackendXmlSec1(xmlsec_path) - (_stdout, _stderr, output) = crypto._run_xmlsec( - com_list, [tmpl], validate_output=False - ) + (_stdout, _stderr, output) = crypto._run_xmlsec(com_list, [tmpl]) print(output) assert _stderr == "" |