Bump file versions for changed plugins

[shibboleth/cpp-sp.git] / fastcgi / shibresponder.cpp

diff --git a/fastcgi/shibresponder.cpp b/fastcgi/shibresponder.cpp
index 8cedbfd..e23bf58 100644 (file)
--- a/fastcgi/shibresponder.cpp
+++ b/fastcgi/shibresponder.cpp
@@ -1,17 +1,21 @@
-/*
- *  Copyright 2001-2010 Internet2
+/**
+ * Licensed to the University Corporation for Advanced Internet
+ * Development, Inc. (UCAID) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
  *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * UCAID licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the
+ * License at
  *
- *     http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
  */
 
 /* shibresponder.cpp - Shibboleth FastCGI Responder/Handler
@@ -188,8 +192,8 @@ public:
         string hdr=string("Status: 302 Please Wait\r\nLocation: ") + url + "\r\n"
           "Content-Type: text/html\r\n"
           "Content-Length: 40\r\n"
-          "Expires: 01-Jan-1997 12:00:00 GMT\r\n"
-          "Cache-Control: private,no-store,no-cache\r\n";
+          "Expires: Wed, 01 Jan 1997 12:00:00 GMT\r\n"
+          "Cache-Control: private,no-store,no-cache,max-age=0\r\n";
         for (multimap<string,string>::const_iterator i=m_headers.begin(); i!=m_headers.end(); ++i)
             hdr += i->first + ": " + i->second + "\r\n";
         hdr += "\r\n";
@@ -244,10 +248,11 @@ static long gstdin(FCGX_Request* request, char** content)
         if (clen > STDIN_MAX)
             clen = STDIN_MAX;
 
-        *content = new char[clen];
+        *content = new char[clen + 1];
 
         cin.read(*content, clen);
         clen = cin.gcount();
+        (*content)[clen] = 0;
     }
     else {
         // *never* read stdin when CONTENT_LENGTH is missing or unparsable
@@ -339,8 +344,9 @@ int main(void)
         // Although FastCGI supports writing before reading,
         // many http clients (browsers) don't support it (so
         // the connection deadlocks until a timeout expires!).
-        char* content;
+        char* content = nullptr;
         gstdin(&request, &content);
+        auto_arrayptr<char> wrapper(content);
 
         try {
             xmltooling::NDC ndc("FastCGI shibresponder");
@@ -380,8 +386,6 @@ int main(void)
             print_error("<html><body>FastCGI Shibboleth responder caught an exception, check log for details.</body></html>");
         }
 
-        delete[] content;
-
         // If the output streambufs had non-zero bufsizes and
         // were constructed outside of the accept loop (i.e.
         // their destructor won't be called here), they would