[shibboleth-sp2] 10/25: Better handling for remote-user duplicate header.

[Ferenc Wágner]

This is an automated email from the git hooks/post-receive script.

wferi-guest pushed a commit to annotated tag 1.3.2
in repository shibboleth-sp2.

commit 9dbe7810485d13c0d3814d73af92a2e663ab9104
Author: Scott Cantor <cantor.2 at osu.edu>
Date:   Tue Sep 9 14:21:10 2008 +0000

    Better handling for remote-user duplicate header.
---
 nsapi_shib/nsapi_shib.cpp | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/nsapi_shib/nsapi_shib.cpp b/nsapi_shib/nsapi_shib.cpp
index 38b87b4..1c9394d 100644
--- a/nsapi_shib/nsapi_shib.cpp
+++ b/nsapi_shib/nsapi_shib.cpp
@@ -281,6 +281,7 @@ public:
             throw SAMLException("Attempt to spoof header ($1) was detected.", params(1, name.c_str()));
         param_free(pblock_remove("auth-user",m_rq->vars));
         param_free(pblock_remove("remote-user",m_rq->headers));
+        pblock_nvinsert("remote-user", g_unsetHeaderValue.c_str(), m_rq->headers);
     }
     else {
         if (g_checkSpoofing && m_firsttime && !m_rq->orig_rq) {
@@ -315,6 +316,7 @@ public:
     return string(hdr ? hdr : "");
   }
   virtual void setRemoteUser(const string &user) {
+    param_free(pblock_remove("remote-user",m_rq->headers));
     pblock_nvinsert("remote-user", user.c_str(), m_rq->headers);
     pblock_nvinsert("auth-user", user.c_str(), m_rq->vars);
   }

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-shibboleth/shibboleth-sp2.git