From 174c7ed696fbc4daa297c8019fcaa11a3c84d840 Mon Sep 17 00:00:00 2001 From: Frederic Peters Date: Tue, 4 Jan 2005 15:40:37 +0000 Subject: clean some state and uri escape artifact --- lasso/id-ff/login.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/lasso/id-ff/login.c b/lasso/id-ff/login.c index 76bea661..75c0f486 100644 --- a/lasso/id-ff/login.c +++ b/lasso/id-ff/login.c @@ -479,14 +479,15 @@ lasso_login_build_artifact_msg(LassoLogin *login, LassoHttpMethod http_method) relayState = xmlURIEscapeStr(LASSO_LIB_AUTHN_REQUEST(profile->request)->RelayState, NULL); if (http_method == LASSO_HTTP_METHOD_REDIRECT) { + xmlChar *escaped_artifact = xmlURIEscapeStr(b64_samlArt, NULL); if (relayState == NULL) { - profile->msg_url = g_strdup_printf( - "%s?SAMLart=%s", url, b64_samlArt); + profile->msg_url = g_strdup_printf("%s?SAMLart=%s", url, escaped_artifact); } else { profile->msg_url = g_strdup_printf( "%s?SAMLart=%s&RelayState=%s", - url, b64_samlArt, relayState); + url, escaped_artifact, relayState); } + xmlFree(escaped_artifact); } if (http_method == LASSO_HTTP_METHOD_POST) { @@ -816,6 +817,12 @@ lasso_login_init_authn_request(LassoLogin *login, const gchar *remote_providerID profile = LASSO_PROFILE(login); + /* clean state */ + if (profile->remote_providerID) + g_free(profile->remote_providerID); + if (profile->request) + lasso_node_destroy(LASSO_NODE(profile->request)); + if (remote_providerID != NULL) { profile->remote_providerID = g_strdup(remote_providerID); } else { @@ -1142,6 +1149,9 @@ lasso_login_process_authn_response_msg(LassoLogin *login, gchar *authn_response_ g_return_val_if_fail(LASSO_IS_LOGIN(login), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); g_return_val_if_fail(authn_response_msg != NULL, LASSO_PARAM_ERROR_INVALID_VALUE); + /* clean state */ + if (LASSO_PROFILE(login)->remote_providerID) + g_free(LASSO_PROFILE(login)->remote_providerID); if (LASSO_PROFILE(login)->response) lasso_node_destroy(LASSO_NODE(LASSO_PROFILE(login)->response)); -- cgit