diff options
author | olavmrk <olavmrk@a716ebb1-153a-0410-b759-cfb97c6a1b53> | 2010-06-30 14:02:29 +0000 |
---|---|---|
committer | olavmrk <olavmrk@a716ebb1-153a-0410-b759-cfb97c6a1b53> | 2010-06-30 14:02:29 +0000 |
commit | 6706ab2946b3712a9b3a259bb6f1d6c356fd4555 (patch) | |
tree | ce879347137f86f7dc91bd052e37f4f0bd9a1120 | |
parent | ebba3d5671fa289d8b70ef5ea33167e37b4d2b17 (diff) | |
download | mod_auth_mellon-6706ab2946b3712a9b3a259bb6f1d6c356fd4555.tar.gz mod_auth_mellon-6706ab2946b3712a9b3a259bb6f1d6c356fd4555.tar.xz mod_auth_mellon-6706ab2946b3712a9b3a259bb6f1d6c356fd4555.zip |
Reject messages with more than one assertion.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@98 a716ebb1-153a-0410-b759-cfb97c6a1b53
-rw-r--r-- | auth_mellon_handler.c | 156 |
1 files changed, 77 insertions, 79 deletions
diff --git a/auth_mellon_handler.c b/auth_mellon_handler.c index f12901b..7acf103 100644 --- a/auth_mellon_handler.c +++ b/auth_mellon_handler.c @@ -1260,25 +1260,24 @@ static int am_store_attribute(request_rec *r, am_cache_entry_t *session, } -/* This function iterates over a list of assertion elements, and adds all the - * attributes it finds to the session data for the current user. +/* Add all the attributes from an assertion to the session data for the + * current user. * * Parameters: - * am_cache_entry_t *s The current session. - * request_rec *r The current request. - * const char *name_id The name identifier we received from the IdP. - * GList *assertions A list of LassoSaml2Assertion objects. + * am_cache_entry_t *s The current session. + * request_rec *r The current request. + * const char *name_id The name identifier we received from + * the IdP. + * LassoSaml2Assertion *assertion The assertion. * * Returns: * HTTP_BAD_REQUEST if we couldn't find the session id of the user, or * OK if no error occured. */ static int add_attributes(am_cache_entry_t *session, request_rec *r, - const char *name_id, GList *assertions) + const char *name_id, LassoSaml2Assertion *assertion) { am_dir_cfg_rec *dir_cfg; - GList *asrt_itr; - LassoSaml2Assertion *assertion; GList *atr_stmt_itr; LassoSaml2AttributeStatement *atr_stmt; GList *atr_itr; @@ -1309,80 +1308,66 @@ static int add_attributes(am_cache_entry_t *session, request_rec *r, return ret; } - /* assertions is a list of LassoSaml2Assertion objects. */ - for(asrt_itr = g_list_first(assertions); asrt_itr != NULL; - asrt_itr = g_list_next(asrt_itr)) { + /* Update expires timestamp of session. */ + am_handle_session_expire(r, session, assertion); + + /* assertion->AttributeStatement is a list of + * LassoSaml2AttributeStatement objects. + */ + for(atr_stmt_itr = g_list_first(assertion->AttributeStatement); + atr_stmt_itr != NULL; + atr_stmt_itr = g_list_next(atr_stmt_itr)) { - assertion = LASSO_SAML2_ASSERTION(asrt_itr->data); + atr_stmt = LASSO_SAML2_ATTRIBUTE_STATEMENT(atr_stmt_itr->data); - /* Update expires timestamp of session. */ - am_handle_session_expire(r, session, assertion); + /* atr_stmt->Attribute is list of LassoSaml2Attribute objects. */ + for(atr_itr = g_list_first(atr_stmt->Attribute); + atr_itr != NULL; + atr_itr = g_list_next(atr_itr)) { - /* assertion->AttributeStatement is a list of - * LassoSaml2AttributeStatement objects. - */ - for(atr_stmt_itr = g_list_first(assertion->AttributeStatement); - atr_stmt_itr != NULL; - atr_stmt_itr = g_list_next(atr_stmt_itr)) { + attribute = LASSO_SAML2_ATTRIBUTE(atr_itr->data); + + /* attribute->AttributeValue is a list of + * LassoSaml2AttributeValue objects. + */ + for(value_itr = g_list_first(attribute->AttributeValue); + value_itr != NULL; + value_itr = g_list_next(value_itr)) { + + value = LASSO_SAML2_ATTRIBUTE_VALUE( + value_itr->data + ); + + /* value->any is a list with the child nodes of the + * AttributeValue element. + * + * We assume that the list contains a single text node. + */ + if(value->any == NULL) { + ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, + "AttributeValue element was empty."); + continue; + } - atr_stmt = LASSO_SAML2_ATTRIBUTE_STATEMENT(atr_stmt_itr->data); + /* Verify that this is a LassoMiscTextNode object. */ + if(!LASSO_IS_MISC_TEXT_NODE(value->any->data)) { + ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, + "AttributeValue element contained an " + " element which wasn't a text node."); + continue; + } - /* atr_stmt->Attribute is list of LassoSaml2Attribute objects. */ - for(atr_itr = g_list_first(atr_stmt->Attribute); - atr_itr != NULL; - atr_itr = g_list_next(atr_itr)) { + value_text = LASSO_MISC_TEXT_NODE(value->any->data); - attribute = LASSO_SAML2_ATTRIBUTE(atr_itr->data); - /* attribute->AttributeValue is a list of - * LassoSaml2AttributeValue objects. - */ - for(value_itr = g_list_first(attribute->AttributeValue); - value_itr != NULL; - value_itr = g_list_next(value_itr)) { - - value = LASSO_SAML2_ATTRIBUTE_VALUE( - value_itr->data - ); - - /* value->any is a list with the child nodes of the - * AttributeValue element. - * - * We assume that the list contains a single text node. - */ - if(value->any == NULL) { - ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, - "AttributeValue element was empty."); - continue; - } - - /* Verify that this is a LassoMiscTextNode object. */ - if(!LASSO_IS_MISC_TEXT_NODE(value->any->data)) { - ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, - "AttributeValue element contained an " - " element which wasn't a text node."); - continue; - } - - value_text = LASSO_MISC_TEXT_NODE(value->any->data); - - - /* Decode and save the attribute. */ - ret = am_store_attribute(r, session, attribute->Name, - value_text->content); - if(ret != OK) { - return ret; - } + /* Decode and save the attribute. */ + ret = am_store_attribute(r, session, attribute->Name, + value_text->content); + if(ret != OK) { + return ret; } } } - - /* TODO: lasso only verifies the signature on the _first_ asserion - * element. Therefore we can't trust any of following assertions. - * If the Response-element is signed then we can trust all the - * assertions, but we have no way to find what element is signed. - */ - break; } return OK; @@ -1408,7 +1393,8 @@ static int am_handle_reply_common(request_rec *r, LassoLogin *login, char *relay_state, char *saml_response) { const char *name_id; - GList *assertions; + LassoSamlp2Response *response; + LassoSaml2Assertion *assertion; const char *in_response_to; am_dir_cfg_rec *dir_cfg; am_cache_entry_t *session; @@ -1428,11 +1414,23 @@ static int am_handle_reply_common(request_rec *r, LassoLogin *login, name_id = LASSO_SAML2_NAME_ID(LASSO_PROFILE(login)->nameIdentifier) ->content; - assertions = LASSO_SAMLP2_RESPONSE(LASSO_PROFILE(login)->response) - ->Assertion; + response = LASSO_SAMLP2_RESPONSE(LASSO_PROFILE(login)->response); + + if (g_list_length(response->Assertion) == 0) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, + "No Assertion in response."); + lasso_login_destroy(login); + return HTTP_BAD_REQUEST; + } + if (g_list_length(response->Assertion) > 1) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, + "More than one Assertion in response."); + lasso_login_destroy(login); + return HTTP_BAD_REQUEST; + } + assertion = g_list_first(response->Assertion)->data; - in_response_to = LASSO_SAMLP2_RESPONSE(LASSO_PROFILE(login)->response) - ->parent.InResponseTo; + in_response_to = response->parent.InResponseTo; if(in_response_to != NULL) { @@ -1466,7 +1464,7 @@ static int am_handle_reply_common(request_rec *r, LassoLogin *login, return HTTP_INTERNAL_SERVER_ERROR; } - rc = add_attributes(session, r, name_id, assertions); + rc = add_attributes(session, r, name_id, assertion); if(rc != OK) { am_release_request_session(r, session); lasso_login_destroy(login); |