Use shibboleth-sp as package name for compatibility.

[shibboleth/cpp-sp.git] / fastcgi / shibresponder.cpp

diff --git a/fastcgi/shibresponder.cpp b/fastcgi/shibresponder.cpp
index c99d945..32afe8e 100644 (file)
--- a/fastcgi/shibresponder.cpp
+++ b/fastcgi/shibresponder.cpp
@@ -1,17 +1,21 @@
-/*
- *  Copyright 2001-2009 Internet2
+/**
+ * Licensed to the University Corporation for Advanced Internet
+ * Development, Inc. (UCAID) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
  *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * UCAID licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the
+ * License at
  *
- *     http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
  */
 
 /* shibresponder.cpp - Shibboleth FastCGI Responder/Handler
@@ -67,8 +71,8 @@ class ShibTargetFCGI : public AbstractSPRequest
     string m_scheme,m_hostname;
 
 public:
-    ShibTargetFCGI(FCGX_Request* req, char* post_data, const char* scheme=NULL, const char* hostname=NULL, int port=0)
-        : AbstractSPRequest(SHIBSP_LOGCAT".FastCGI"), m_req(req), m_body(post_data) {
+    ShibTargetFCGI(FCGX_Request* req, char* post_data, const char* scheme=nullptr, const char* hostname=nullptr, int port=0)
+        : AbstractSPRequest(SHIBSP_LOGCAT ".FastCGI"), m_req(req), m_body(post_data) {
 
         const char* server_name_str = hostname;
         if (!server_name_str || !*server_name_str)
@@ -146,11 +150,13 @@ public:
 
     void setResponseHeader(const char* name, const char* value) {
         HTTPResponse::setResponseHeader(name, value);
-        // Set for later.
-        if (value)
-            m_headers.insert(make_pair(name,value));
-        else
-            m_headers.erase(name);
+        if (name) {
+            // Set for later.
+            if (value)
+                m_headers.insert(make_pair(name,value));
+            else
+                m_headers.erase(name);
+        }
     }
 
     const char* getQueryString() const {
@@ -172,6 +178,7 @@ public:
             case XMLTOOLING_HTTP_STATUS_UNAUTHORIZED:   codestr="Status: 401 Authorization Required"; break;
             case XMLTOOLING_HTTP_STATUS_FORBIDDEN:      codestr="Status: 403 Forbidden"; break;
             case XMLTOOLING_HTTP_STATUS_NOTFOUND:       codestr="Status: 404 Not Found"; break;
+            case XMLTOOLING_HTTP_STATUS_NOTMODIFIED:    codestr="Status: 304 Not Modified"; break;
         }
         cout << codestr << "\r\n" << hdr << "\r\n";
         char buf[1024];
@@ -187,8 +194,8 @@ public:
         string hdr=string("Status: 302 Please Wait\r\nLocation: ") + url + "\r\n"
           "Content-Type: text/html\r\n"
           "Content-Length: 40\r\n"
-          "Expires: 01-Jan-1997 12:00:00 GMT\r\n"
-          "Cache-Control: private,no-store,no-cache\r\n";
+          "Expires: Wed, 01 Jan 1997 12:00:00 GMT\r\n"
+          "Cache-Control: private,no-store,no-cache,max-age=0\r\n";
         for (multimap<string,string>::const_iterator i=m_headers.begin(); i!=m_headers.end(); ++i)
             hdr += i->first + ": " + i->second + "\r\n";
         hdr += "\r\n";
@@ -243,10 +250,11 @@ static long gstdin(FCGX_Request* request, char** content)
         if (clen > STDIN_MAX)
             clen = STDIN_MAX;
 
-        *content = new char[clen];
+        *content = new char[clen + 1];
 
         cin.read(*content, clen);
         clen = cin.gcount();
+        (*content)[clen] = 0;
     }
     else {
         // *never* read stdin when CONTENT_LENGTH is missing or unparsable
@@ -289,7 +297,7 @@ int main(void)
     }
 
     try {
-        if (!g_Config->instantiate(NULL, true))
+        if (!g_Config->instantiate(nullptr, true))
             throw runtime_error("unknown error");
     }
     catch (exception& ex) {
@@ -338,8 +346,9 @@ int main(void)
         // Although FastCGI supports writing before reading,
         // many http clients (browsers) don't support it (so
         // the connection deadlocks until a timeout expires!).
-        char* content;
+        char* content = nullptr;
         gstdin(&request, &content);
+        auto_arrayptr<char> wrapper(content);
 
         try {
             xmltooling::NDC ndc("FastCGI shibresponder");
@@ -379,8 +388,6 @@ int main(void)
             print_error("<html><body>FastCGI Shibboleth responder caught an exception, check log for details.</body></html>");
         }
 
-        delete[] content;
-
         // If the output streambufs had non-zero bufsizes and
         // were constructed outside of the accept loop (i.e.
         // their destructor won't be called here), they would