[shibboleth-sp2] 04/100: Small fix to shireURL handling
Ferenc Wágner
wferi-guest at moszumanska.debian.org
Tue Jan 26 21:29:12 UTC 2016
This is an automated email from the git hooks/post-receive script.
wferi-guest pushed a commit to annotated tag 1.2.1
in repository shibboleth-sp2.
commit a1622006f53b1d9f9c92c89ae4bfaf6a177f141d
Author: Scott Cantor <cantor.2 at osu.edu>
Date: Fri May 28 21:54:23 2004 +0000
Small fix to shireURL handling
---
apache/mod_apache.cpp | 18 ++++++++++++++++--
isapi_shib/isapi_shib.cpp | 12 ++++++++++--
shib-target/shib-shire.cpp | 2 +-
3 files changed, 27 insertions(+), 5 deletions(-)
diff --git a/apache/mod_apache.cpp b/apache/mod_apache.cpp
index 91e3950..002d845 100644
--- a/apache/mod_apache.cpp
+++ b/apache/mod_apache.cpp
@@ -221,8 +221,15 @@ extern "C" int shib_check_user(request_rec* r)
// Declare SHIRE object for this request.
SHIRE shire(application);
+ const char* shireURL=shire.getShireURL(targeturl);
+ if (!shireURL) {
+ ap_log_rerror(APLOG_MARK,APLOG_ERR|APLOG_NOERRNO,SH_AP_R(r),
+ "shib_check_user: unable to map request to proper shireURL setting, check configuration");
+ return SERVER_ERROR;
+ }
+
// Get location of this application's assertion consumer service and see if this is it.
- if (strstr(targeturl,shire.getShireURL(targeturl))) {
+ if (strstr(targeturl,shireURL)) {
return shib_handler(r,application,shire);
}
@@ -564,8 +571,15 @@ int shib_handler(request_rec* r, const IApplication* application, SHIRE& shire)
const char* targeturl=shib_get_targeturl(r,sc->szScheme);
+ const char* shireURL=shire.getShireURL(targeturl);
+ if (!shireURL) {
+ ap_log_rerror(APLOG_MARK,APLOG_ERR|APLOG_NOERRNO,SH_AP_R(r),
+ "shib_post_handler: unable to map request to proper shireURL setting, check configuration");
+ return SERVER_ERROR;
+ }
+
// Make sure we only process the SHIRE requests.
- if (!strstr(targeturl,shire.getShireURL(targeturl)))
+ if (!strstr(targeturl,shireURL))
return DECLINED;
ap_log_rerror(APLOG_MARK,APLOG_DEBUG|APLOG_NOERRNO,SH_AP_R(r),"shib_handler() running");
diff --git a/isapi_shib/isapi_shib.cpp b/isapi_shib/isapi_shib.cpp
index 580eabc..28221cc 100644
--- a/isapi_shib/isapi_shib.cpp
+++ b/isapi_shib/isapi_shib.cpp
@@ -467,9 +467,13 @@ extern "C" DWORD WINAPI HttpFilterProc(PHTTP_FILTER_CONTEXT pfc, DWORD notificat
// Declare SHIRE object for this request.
SHIRE shire(application);
+
+ const char* shireURL=shire.getShireURL(targeturl.c_str());
+ if (!shireURL)
+ return WriteClientError(pfc,"Unable to map request to proper shireURL setting, check configuration.");
// If the user is accessing the SHIRE acceptance point, pass it on.
- if (targeturl.find(shire.getShireURL(targeturl.c_str()))!=string::npos)
+ if (targeturl.find(shireURL)!=string::npos)
return SF_STATUS_REQ_NEXT_NOTIFICATION;
// Now check the policy for this request.
@@ -862,9 +866,13 @@ extern "C" DWORD WINAPI HttpExtensionProc(LPEXTENSION_CONTROL_BLOCK lpECB)
return WriteClientError(lpECB,"Unable to map request to application session settings, check configuration.");
SHIRE shire(application);
+
+ const char* shireURL=shire.getShireURL(targeturl.c_str());
+ if (!shireURL)
+ return WriteClientError(lpECB,"Unable to map request to proper shireURL setting, check configuration.");
// Make sure we only process the SHIRE requests.
- if (!strstr(targeturl.c_str(),shire.getShireURL(targeturl.c_str())))
+ if (!strstr(targeturl.c_str(),shireURL))
return WriteClientError(lpECB,"The request's application and associated shireURL setting are inconsistent.");;
pair<const char*,const char*> shib_cookie=shire.getCookieNameProps();
diff --git a/shib-target/shib-shire.cpp b/shib-target/shib-shire.cpp
index cd9cabc..52d8e9f 100644
--- a/shib-target/shib-shire.cpp
+++ b/shib-target/shib-shire.cpp
@@ -269,7 +269,7 @@ const char* SHIRE::getShireURL(const char* resource) const
}
// Should never happen...
- if (!shire)
+ if (!shire || (*shire!='/' && strncmp(shire,"http:",5) && strncmp(shire,"https:",6)))
return NULL;
// The "shireURL" property can be in one of three formats:
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-shibboleth/shibboleth-sp2.git
More information about the Pkg-shibboleth-devel
mailing list