Use shibboleth-sp as package name for compatibility.

[shibboleth/cpp-sp.git] / fastcgi / shibresponder.cpp

diff --git a/fastcgi/shibresponder.cpp b/fastcgi/shibresponder.cpp
index 2709187..32afe8e 100644 (file)
--- a/fastcgi/shibresponder.cpp
+++ b/fastcgi/shibresponder.cpp
@@ -72,7 +72,7 @@ class ShibTargetFCGI : public AbstractSPRequest
 
 public:
     ShibTargetFCGI(FCGX_Request* req, char* post_data, const char* scheme=nullptr, const char* hostname=nullptr, int port=0)
-        : AbstractSPRequest(SHIBSP_LOGCAT".FastCGI"), m_req(req), m_body(post_data) {
+        : AbstractSPRequest(SHIBSP_LOGCAT ".FastCGI"), m_req(req), m_body(post_data) {
 
         const char* server_name_str = hostname;
         if (!server_name_str || !*server_name_str)
@@ -150,11 +150,13 @@ public:
 
     void setResponseHeader(const char* name, const char* value) {
         HTTPResponse::setResponseHeader(name, value);
-        // Set for later.
-        if (value)
-            m_headers.insert(make_pair(name,value));
-        else
-            m_headers.erase(name);
+        if (name) {
+            // Set for later.
+            if (value)
+                m_headers.insert(make_pair(name,value));
+            else
+                m_headers.erase(name);
+        }
     }
 
     const char* getQueryString() const {
@@ -192,8 +194,8 @@ public:
         string hdr=string("Status: 302 Please Wait\r\nLocation: ") + url + "\r\n"
           "Content-Type: text/html\r\n"
           "Content-Length: 40\r\n"
-          "Expires: 01-Jan-1997 12:00:00 GMT\r\n"
-          "Cache-Control: private,no-store,no-cache\r\n";
+          "Expires: Wed, 01 Jan 1997 12:00:00 GMT\r\n"
+          "Cache-Control: private,no-store,no-cache,max-age=0\r\n";
         for (multimap<string,string>::const_iterator i=m_headers.begin(); i!=m_headers.end(); ++i)
             hdr += i->first + ": " + i->second + "\r\n";
         hdr += "\r\n";
@@ -248,10 +250,11 @@ static long gstdin(FCGX_Request* request, char** content)
         if (clen > STDIN_MAX)
             clen = STDIN_MAX;
 
-        *content = new char[clen];
+        *content = new char[clen + 1];
 
         cin.read(*content, clen);
         clen = cin.gcount();
+        (*content)[clen] = 0;
     }
     else {
         // *never* read stdin when CONTENT_LENGTH is missing or unparsable
@@ -343,8 +346,9 @@ int main(void)
         // Although FastCGI supports writing before reading,
         // many http clients (browsers) don't support it (so
         // the connection deadlocks until a timeout expires!).
-        char* content;
+        char* content = nullptr;
         gstdin(&request, &content);
+        auto_arrayptr<char> wrapper(content);
 
         try {
             xmltooling::NDC ndc("FastCGI shibresponder");
@@ -384,8 +388,6 @@ int main(void)
             print_error("<html><body>FastCGI Shibboleth responder caught an exception, check log for details.</body></html>");
         }
 
-        delete[] content;
-
         // If the output streambufs had non-zero bufsizes and
         // were constructed outside of the accept loop (i.e.
         // their destructor won't be called here), they would