#undef _XOPEN_SOURCE // causes gethostname conflict in unistd.h
#endif
+#ifdef WIN32
+# define _CRT_NONSTDC_NO_DEPRECATE 1
+# define _CRT_SECURE_NO_DEPRECATE 1
+#endif
+
// SAML Runtime
#include <saml/saml.h>
#include <shib/shib.h>
-#include <shib/shib-threads.h>
#include <shib-target/shib-target.h>
+#include <shibsp/SPConfig.h>
#include <xercesc/util/regx/RegularExpression.hpp>
+#ifdef WIN32
+# include <winsock.h>
+#endif
+
#undef _XPG4_2
// Apache specific header files
#include <unistd.h> // for getpid()
#endif
-using namespace std;
-using namespace saml;
-using namespace shibboleth;
+using namespace shibsp;
using namespace shibtarget;
+using namespace saml;
+using namespace xmltooling;
+using namespace std;
extern "C" module MODULE_VAR_EXPORT mod_shib;
extern "C" const char* shib_set_server_string_slot(cmd_parms* parms, void*, const char* arg)
{
char* base=(char*)ap_get_module_config(parms->server->module_config,&mod_shib);
- int offset=(int)parms->info;
+ size_t offset=(size_t)parms->info;
*((char**)(base + offset))=ap_pstrdup(parms->pool,arg);
return NULL;
}
class ShibTargetApache : public ShibTarget
{
+ mutable string m_body;
+ mutable bool m_gotBody;
+
public:
- ShibTargetApache(request_rec* req) {
+ request_rec* m_req;
+ shib_dir_config* m_dc;
+ shib_server_config* m_sc;
+
+ ShibTargetApache(request_rec* req) : m_gotBody(false) {
m_sc = (shib_server_config*)ap_get_module_config(req->server->module_config, &mod_shib);
m_dc = (shib_dir_config*)ap_get_module_config(req->per_dir_config, &mod_shib);
m_req = req;
}
- ~ShibTargetApache() { }
+ virtual ~ShibTargetApache() {}
virtual void log(ShibLogLevel level, const string &msg) {
ShibTarget::log(level,msg);
char* val = ap_psprintf(m_req->pool, "%s=%s", name.c_str(), value.c_str());
ap_table_addn(m_req->err_headers_out, "Set-Cookie", val);
}
- virtual string getArgs(void) { return string(m_req->args ? m_req->args : ""); }
- virtual string getPostData(void) {
+ virtual const char* getQueryString() const { return m_req->args; }
+ virtual const char* getRequestBody() const {
+ if (m_gotBody)
+ return m_body.c_str();
// Read the posted data
if (ap_setup_client_block(m_req, REQUEST_CHUNKED_ERROR))
- throw FatalProfileException("Apache function (setup_client_block) failed while reading profile submission.");
+ throw SAMLException("Apache function (setup_client_block) failed while reading POST request body.");
if (!ap_should_client_block(m_req))
- throw FatalProfileException("Apache function (should_client_block) failed while reading profile submission.");
+ throw SAMLException("Apache function (should_client_block) failed while reading POST request body.");
if (m_req->remaining > 1024*1024)
- throw FatalProfileException("Blocked too-large a submission to profile endpoint.");
- string cgistr;
+ throw SAMLException("Blocked POST request body larger than size limit.");
+ m_gotBody=true;
char buff[HUGE_STRING_LEN];
- ap_hard_timeout("[mod_shib] getPostData", m_req);
+ ap_hard_timeout("[mod_shib] getRequestBody", m_req);
memset(buff, 0, sizeof(buff));
while (ap_get_client_block(m_req, buff, sizeof(buff)-1) > 0) {
ap_reset_timeout(m_req);
- cgistr += buff;
+ m_body += buff;
memset(buff, 0, sizeof(buff));
}
ap_kill_timeout(m_req);
-
- return cgistr;
+ return m_body.c_str();
}
virtual void clearHeader(const string &name) {
ap_table_unset(m_req->headers_in, name.c_str());
}
virtual void* returnDecline(void) { return (void*)DECLINED; }
virtual void* returnOK(void) { return (void*)OK; }
-
- request_rec* m_req;
- shib_dir_config* m_dc;
- shib_server_config* m_sc;
};
/********************************************************************************/
}
}
else {
- Iterator<IAAP*> provs=st->getApplication()->getAAPProviders();
- AAP wrapper(provs,w);
+ Iterator<shibboleth::IAAP*> provs=st->getApplication()->getAAPProviders();
+ shibboleth::AAP wrapper(provs,w);
if (wrapper.fail()) {
st->log(ShibTarget::LogLevelWarn, string("htAccessControl plugin didn't recognize require rule: ") + w);
continue;
}
string vals_str(vals);
- unsigned int j = 0;
+ int j = 0;
for (unsigned int i = 0; i < vals_str.length(); i++) {
if (vals_str.at(i) == ';') {
if (i == 0) {
try {
g_Config=&ShibTargetConfig::getConfig();
- g_Config->setFeatures(
- ShibTargetConfig::Listener |
- ShibTargetConfig::Metadata |
- ShibTargetConfig::AAP |
- ShibTargetConfig::RequestMapper |
- ShibTargetConfig::LocalExtensions |
- ShibTargetConfig::Logging
+ SPConfig::getConfig().setFeatures(
+ SPConfig::Caching |
+ SPConfig::Listener |
+ SPConfig::Metadata |
+ SPConfig::AAP |
+ SPConfig::RequestMapper |
+ SPConfig::InProcess |
+ SPConfig::Logging
);
if (!g_Config->init(g_szSchemaDir)) {
ap_log_error(APLOG_MARK,APLOG_CRIT|APLOG_NOERRNO,SH_AP_R(s),"shib_child_init() failed to initialize libraries");
// SHIB Module commands
static command_rec shire_cmds[] = {
- {"SHIREConfig", (config_fn_t)ap_set_global_string_slot, &g_szSHIBConfig,
- RSRC_CONF, TAKE1, "Path to shibboleth.xml config file"},
{"ShibConfig", (config_fn_t)ap_set_global_string_slot, &g_szSHIBConfig,
RSRC_CONF, TAKE1, "Path to shibboleth.xml config file"},
{"ShibSchemaDir", (config_fn_t)ap_set_global_string_slot, &g_szSchemaDir,