X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;ds=sidebyside;f=src%2Fshibresolver%2Fresolver.cpp;h=287adda15b9039934a6e9324ab0fa8dd8c9f740c;hb=4d852fa06fdc1f1488cd57732dc1d7c984b8b55e;hp=83b6269f852dcaf8585de7f94da045f8cac8e2c0;hpb=42027b967a3db8d5136c2e0b3b13f7dc45b2b1e1;p=shibboleth%2Fcpp-sp-resolver.git diff --git a/src/shibresolver/resolver.cpp b/src/shibresolver/resolver.cpp index 83b6269..287adda 100644 --- a/src/shibresolver/resolver.cpp +++ b/src/shibresolver/resolver.cpp @@ -116,7 +116,9 @@ void ShibbolethResolver::setRequest(const SPRequest* request) if (request) { const GSSRequest* gss = dynamic_cast(request); if (gss) { - addToken(gss->getGSSContext()); + // TODO: fix API to prevent destruction of contexts + gss_ctx_id_t ctx = gss->getGSSContext(); + addToken(&ctx); } } #endif @@ -143,44 +145,54 @@ void ShibbolethResolver::addToken(const XMLObject* token) } #ifdef SHIBRESOLVER_HAVE_GSSAPI -void ShibbolethResolver::addToken(gss_ctx_id_t ctx) +void ShibbolethResolver::addToken(gss_ctx_id_t* ctx) { if (m_gsswrapper) { delete m_gsswrapper; m_gsswrapper = NULL; } - if (ctx != GSS_C_NO_CONTEXT) { - OM_uint32 minor; - gss_buffer_desc contextbuf; - contextbuf.length = 0; - contextbuf.value = NULL; - OM_uint32 major = gss_export_sec_context(&minor, &ctx, &contextbuf); + if (ctx && *ctx != GSS_C_NO_CONTEXT) { + OM_uint32 major, minor; + gss_buffer_desc contextbuf = GSS_C_EMPTY_BUFFER; + + major = gss_export_sec_context(&minor, ctx, &contextbuf); if (major == GSS_S_COMPLETE) { - xsecsize_t len=0; - XMLByte* out=Base64::encode(reinterpret_cast(contextbuf.value), contextbuf.length, &len); - if (out) { - string s; - s.append(reinterpret_cast(out), len); - auto_ptr_XMLCh temp(s.c_str()); -#ifdef SHIBSP_XERCESC_HAS_XMLBYTE_RELEASE - XMLString::release(&out); -#else - XMLString::release((char**)&out); -#endif - static const XMLCh _GSSAPI[] = UNICODE_LITERAL_6(G,S,S,A,P,I); - m_gsswrapper = new AnyElementImpl(shibspconstants::SHIB2ATTRIBUTEMAP_NS, _GSSAPI); - m_gsswrapper->setTextContent(temp.get()); - } - else { - Category::getInstance(SHIBRESOLVER_LOGCAT).error("error while base64-encoding GSS context"); - } + addToken(&contextbuf); + gss_release_buffer(&minor, &contextbuf); } else { Category::getInstance(SHIBRESOLVER_LOGCAT).error("error exporting GSS context"); } } } + +void ShibbolethResolver::addToken(const gss_buffer_t contextbuf) +{ + if (m_gsswrapper) { + delete m_gsswrapper; + m_gsswrapper = NULL; + } + + xsecsize_t len=0; + XMLByte* out=Base64::encode(reinterpret_cast(contextbuf->value), contextbuf->length, &len); + if (out) { + string s; + s.append(reinterpret_cast(out), len); + auto_ptr_XMLCh temp(s.c_str()); +#ifdef SHIBSP_XERCESC_HAS_XMLBYTE_RELEASE + XMLString::release(&out); +#else + XMLString::release((char**)&out); +#endif + static const XMLCh _GSSAPI[] = UNICODE_LITERAL_13(G,S,S,A,P,I,C,o,n,t,e,x,t); + m_gsswrapper = new AnyElementImpl(shibspconstants::SHIB2ATTRIBUTEMAP_NS, _GSSAPI); + m_gsswrapper->setTextContent(temp.get()); + } + else { + Category::getInstance(SHIBRESOLVER_LOGCAT).error("error while base64-encoding GSS context"); + } +} #endif void ShibbolethResolver::addAttribute(Attribute* attr) @@ -216,7 +228,7 @@ void ShibbolethResolver::resolve() if (!app) throw ConfigurationException("Unable to locate application for resolution."); -#ifdef HAVE_GSSAPI +#ifdef SHIBRESOLVER_HAVE_GSSAPI if (m_gsswrapper) m_tokens.push_back(m_gsswrapper); #endif