gnunet-svn
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[libeufin] branch master updated: Validating documents before communicat


From: gnunet
Subject: [libeufin] branch master updated: Validating documents before communicating them (sandbox)
Date: Wed, 08 Jul 2020 22:04:38 +0200

This is an automated email from the git hooks/post-receive script.

ms pushed a commit to branch master
in repository libeufin.

The following commit(s) were added to refs/heads/master by this push:
     new d3fba05  Validating documents before communicating them (sandbox)
d3fba05 is described below

commit d3fba053fe2e0e4a1268da726f62aa96f0e12fdd
Author: MS <ms@taler.net>
AuthorDate: Wed Jul 8 16:10:52 2020 +0200

    Validating documents before communicating them (sandbox)
---
 .../tech/libeufin/sandbox/EbicsProtocolBackend.kt      | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git 
a/sandbox/src/main/kotlin/tech/libeufin/sandbox/EbicsProtocolBackend.kt 
b/sandbox/src/main/kotlin/tech/libeufin/sandbox/EbicsProtocolBackend.kt
index 9e4a2bb..f7490e5 100644
--- a/sandbox/src/main/kotlin/tech/libeufin/sandbox/EbicsProtocolBackend.kt
+++ b/sandbox/src/main/kotlin/tech/libeufin/sandbox/EbicsProtocolBackend.kt
@@ -124,6 +124,10 @@ private suspend fun 
ApplicationCall.respondEbicsKeyManagement(
     }
     val text = XMLUtil.convertJaxbToString(responseXml)
     LOGGER.info("responding with:\n${text}")
+    if (!XMLUtil.validateFromString(text)) throw SandboxError(
+        HttpStatusCode.InternalServerError,
+        "Outgoint EBICS key management response is invalid"
+    )
     respondText(text, ContentType.Application.Xml, HttpStatusCode.OK)
 }
 
@@ -515,7 +519,13 @@ private fun handleEbicsC53(requestContext: 
RequestContext): ByteArray {
         requestContext.requestObject.header,
         requestContext.subscriber
     )
+    // FIXME: this function should be replaced with one that fills only
+    // *one* CAMT document with multiple "Ntry" elements.
     return camt.map {
+        if (!XMLUtil.validateFromString(it)) throw SandboxError(
+            HttpStatusCode.InternalServerError,
+            "CAMT document was generated invalid"
+        )
         it.toByteArray(Charsets.UTF_8)
     }.zip()
 }
@@ -1090,6 +1100,10 @@ suspend fun ApplicationCall.ebicsweb() {
 
             val strResp = XMLUtil.convertJaxbToString(hevResponse)
             LOGGER.debug("HEV response: $strResp")
+            if (!XMLUtil.validateFromString(strResp)) throw SandboxError(
+                HttpStatusCode.InternalServerError,
+                "Outgoing HEV response is invalid"
+            )
             respondText(strResp, ContentType.Application.Xml, 
HttpStatusCode.OK)
         }
         "ebicsNoPubKeyDigestsRequest" -> {
@@ -1142,6 +1156,10 @@ suspend fun ApplicationCall.ebicsweb() {
                 }
                 signEbicsResponse(ebicsResponse, requestContext.hostAuthPriv)
             }
+            if (!XMLUtil.validateFromString(responseXmlStr)) throw 
SandboxError(
+                HttpStatusCode.InternalServerError,
+                "Outgoing EBICS XML is invalid"
+            )
             respondText(responseXmlStr, ContentType.Application.Xml, 
HttpStatusCode.OK)
         }
         else -> {

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]