Added a sanity check if cookie value has an equal sign in it.

author Scott Cantor <cantor.2@osu.edu>

Thu, 4 Nov 2004 20:34:48 +0000 (20:34 +0000)

committer Scott Cantor <cantor.2@osu.edu>

Thu, 4 Nov 2004 20:34:48 +0000 (20:34 +0000)
author Scott Cantor <cantor.2@osu.edu>
Thu, 4 Nov 2004 20:34:48 +0000 (20:34 +0000)
committer Scott Cantor <cantor.2@osu.edu>
Thu, 4 Nov 2004 20:34:48 +0000 (20:34 +0000)
diff --git a/shib-target/shib-shire.cpp b/shib-target/shib-shire.cpp

index eacb67a..e7d3a3c 100644 (file)
--- a/shib-target/shib-shire.cpp
+++ b/shib-target/shib-shire.cpp
@@ -374,6 +374,10 @@ RPCError* SHIRE::sessionIsValid(const char* session_id, const char* ip) const
      log.error ("No cookie value was provided");
      return new RPCError(SHIBRPC_NO_SESSION, "No cookie value was provided");
    }
+  else if (strchr(session_id,'=')) {
+    log.error ("The cookie value wasn't extracted successfully, use a more unique cookie name for your installation.");
+    return new RPCError(SHIBRPC_INTERNAL_ERROR, "The cookie value wasn't extracted successfully, use a more unique cookie name for your installation.");
+  }
  
    if (!ip || !*ip) {
      log.error ("Invalid IP Address");
author	Scott Cantor <cantor.2@osu.edu>
	Thu, 4 Nov 2004 20:34:48 +0000 (20:34 +0000)
committer	Scott Cantor <cantor.2@osu.edu>
	Thu, 4 Nov 2004 20:34:48 +0000 (20:34 +0000)