* $Id$
*/
+#define SHIBSP_LITE
+
#ifdef SOLARIS2
#undef _XOPEN_SOURCE // causes gethostname conflict in unistd.h
#endif
#include <xmltooling/XMLToolingConfig.h>
#include <xmltooling/util/NDC.h>
#include <xmltooling/util/Threads.h>
+#include <xmltooling/util/XMLConstants.h>
#include <xmltooling/util/XMLHelper.h>
#ifdef WIN32
{
mutable string m_body;
mutable bool m_gotBody;
- vector<XSECCryptoX509*> m_certs;
+ mutable vector<string> m_certs;
public:
request_rec* m_req;
if (m_gotBody || m_req->method_number==M_GET)
return m_body.c_str();
// Read the posted data
- if (ap_setup_client_block(m_req, REQUEST_CHUNKED_DECHUNK)) {
+ if (ap_setup_client_block(m_req, REQUEST_CHUNKED_DECHUNK) != OK) {
m_gotBody=true;
log(SPError, "Apache function (setup_client_block) failed while reading request body.");
+ return m_body.c_str();
}
if (!ap_should_client_block(m_req)) {
m_gotBody=true;
log(SPError, "Apache function (should_client_block) failed while reading request body.");
+ return m_body.c_str();
}
if (m_req->remaining > 1024*1024)
throw opensaml::SecurityPolicyException("Blocked request body larger than 1M size limit.");
m_gotBody=true;
+ int len;
char buff[HUGE_STRING_LEN];
ap_hard_timeout("[mod_shib] getRequestBody", m_req);
- memset(buff, 0, sizeof(buff));
- while (ap_get_client_block(m_req, buff, sizeof(buff)-1) > 0) {
+ while ((len=ap_get_client_block(m_req, buff, sizeof(buff))) > 0) {
ap_reset_timeout(m_req);
- m_body += buff;
- memset(buff, 0, sizeof(buff));
+ m_body.append(buff, len);
}
ap_kill_timeout(m_req);
return m_body.c_str();
in.read(buf,1024);
ap_rwrite(buf,in.gcount(),m_req);
}
- return ((status==SAML_HTTP_STATUS_OK) ? DONE : status);
+ if (status!=XMLTOOLING_HTTP_STATUS_OK)
+ m_req->status = status;
+ return DONE;
}
long sendRedirect(const char* url) {
ap_table_set(m_req->headers_out, "Location", url);
return REDIRECT;
}
- const vector<XSECCryptoX509*>& getClientCertificates() const {
+ const vector<string>& getClientCertificates() const {
+ if (m_certs.empty()) {
+ const char* cert = ap_table_get(m_req->subprocess_env, "SSL_CLIENT_CERT");
+ if (cert)
+ m_certs.push_back(cert);
+ int i = 0;
+ do {
+ cert = ap_table_get(m_req->subprocess_env, ap_psprintf(m_req->pool, "SSL_CLIENT_CERT_CHAIN_%d", i++));
+ if (cert)
+ m_certs.push_back(cert);
+ } while (cert);
+ }
return m_certs;
}
long returnDecline(void) { return DECLINED; }