projects
/
shibboleth
/
sp.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fix for empty response.
[shibboleth/sp.git]
/
shibsp
/
attribute
/
resolver
/
impl
/
QueryAttributeResolver.cpp
diff --git
a/shibsp/attribute/resolver/impl/QueryAttributeResolver.cpp
b/shibsp/attribute/resolver/impl/QueryAttributeResolver.cpp
index
825af50
..
70b2f9e
100644
(file)
--- a/
shibsp/attribute/resolver/impl/QueryAttributeResolver.cpp
+++ b/
shibsp/attribute/resolver/impl/QueryAttributeResolver.cpp
@@
-320,7
+320,12
@@
bool QueryResolver::SAML1Query(QueryContext& ctx) const
}
const vector<saml1::Assertion*>& assertions = const_cast<const saml1p::Response*>(response)->getAssertions();
}
const vector<saml1::Assertion*>& assertions = const_cast<const saml1p::Response*>(response)->getAssertions();
- if (assertions.size()>1)
+ if (assertions.empty()) {
+ delete response;
+ m_log.warn("response from attribute authority was empty");
+ return true;
+ }
+ else if (assertions.size()>1)
m_log.warn("simple resolver only supports one assertion in the query response");
auto_ptr<saml1p::Response> wrapper(response);
m_log.warn("simple resolver only supports one assertion in the query response");
auto_ptr<saml1p::Response> wrapper(response);
@@
-437,10
+442,15
@@
bool QueryResolver::SAML2Query(QueryContext& ctx) const
}
const vector<saml2::Assertion*>& assertions = const_cast<const saml2p::Response*>(response)->getAssertions();
}
const vector<saml2::Assertion*>& assertions = const_cast<const saml2p::Response*>(response)->getAssertions();
- if (assertions.size()>1)
+ if (assertions.empty()) {
+ delete srt;
+ m_log.warn("response from attribute authority was empty");
+ return true;
+ }
+ else if (assertions.size()>1)
m_log.warn("simple resolver only supports one assertion in the query response");
m_log.warn("simple resolver only supports one assertion in the query response");
- auto_ptr<saml2p::
Response> wrapper(response
);
+ auto_ptr<saml2p::
StatusResponseType> wrapper(srt
);
saml2::Assertion* newtoken = assertions.front();
if (!newtoken->getSignature() && signedAssertions.first && signedAssertions.second) {
saml2::Assertion* newtoken = assertions.front();
if (!newtoken->getSignature() && signedAssertions.first && signedAssertions.second) {