rpms/mod_auth_mellon
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Resolves: bug #1414019 Incorrect PAOS Content-Type header

Browse Source
This commit is contained in:
John Dennis 2017-01-17 10:02:37 -05:00
parent 301b3bd790
commit ad64c07aa6
2 changed files with 42 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
content-type.patch Normal file
View File

@ -0,0 +1,36 @@
commit 040a1ae5cb2aab38b2bc716cc3d0d6fa7b998a7a
Author: John Dennis <jdennis@redhat.com>
Date: Mon Jan 16 09:02:06 2017 -0500
Use ap_set_content_type() to set "Content-Type" header
Formerly we were setting the response header "Content-Type" in
r->headers_out directly via the apr_table_setn() call. Although using
apr_table_setn() is appropriate for many HTTP headers Apache actively
manages a small set of headers in
http_filters.c:ap_http_header_filter(). These managed headers are
derived from values maintained in the request_rec. "Content-Type" is
one of the managed headers.
Because we didn't set r->content_type field via the
ap_set_content_type() call and instead directly updated the
r->headers_out table our value for "Content-Type" was overwriten when
the ap_http_header_filter() was run just prior to emitting the
response with the result the "Content-Type" header returned to the
client was incorrect.
Signed-off-by: John Dennis <jdennis@redhat.com>
diff --git a/auth_mellon_handler.c b/auth_mellon_handler.c
index a55828a..25365de 100644
--- a/auth_mellon_handler.c
+++ b/auth_mellon_handler.c
@@ -2655,7 +2655,7 @@ static int am_set_authn_request_post_content(request_rec *r, LassoLogin *login)
*/
static int am_set_authn_request_paos_content(request_rec *r, LassoLogin *login)
{
- apr_table_setn(r->headers_out, "Content-Type", MEDIA_TYPE_PAOS);
+ ap_set_content_type(r, MEDIA_TYPE_PAOS);
ap_rputs(LASSO_PROFILE(login)->msg_body, r);
return OK;

7
mod_auth_mellon.spec
View File

@ -1,7 +1,7 @@
Summary: A SAML 2.0 authentication module for the Apache Httpd Server Summary: A SAML 2.0 authentication module for the Apache Httpd Server
Name: mod_auth_mellon Name: mod_auth_mellon
Version: 0.12.0 Version: 0.12.0
Release: 3%{?dist} Release: 4%{?dist}
Group: System Environment/Daemons Group: System Environment/Daemons
Source0: https://github.com/UNINETT/mod_auth_mellon/releases/download/v%{version}/%{name}-%{version}.tar.gz Source0: https://github.com/UNINETT/mod_auth_mellon/releases/download/v%{version}/%{name}-%{version}.tar.gz
Source1: auth_mellon.conf Source1: auth_mellon.conf
@ -20,6 +20,7 @@ Requires: lasso >= 2.5.0
Url: https://github.com/UNINETT/mod_auth_mellon Url: https://github.com/UNINETT/mod_auth_mellon
Patch1: enabled_in_check_uid.patch Patch1: enabled_in_check_uid.patch
Patch2: content-type.patch
%description %description
@ -30,6 +31,7 @@ received in assertions generated by a IdP server.
%prep %prep
%setup -q -n %{name}-%{version} %setup -q -n %{name}-%{version}
%patch1 -p1 %patch1 -p1
%patch2 -p1
%build %build
export APXS=%{_httpd_apxs} export APXS=%{_httpd_apxs}
@ -71,6 +73,9 @@ install -m 755 %{SOURCE4} %{buildroot}/%{_libexecdir}/%{name}
%dir /run/%{name}/ %dir /run/%{name}/
%changelog %changelog
* Tue Jan 17 2017 John Dennis <jdennis@redhat.com> - 0.12.0-4
- Resolves: bug #1414019 Incorrect PAOS Content-Type header
* Mon Jan 9 2017 John Dennis <jdennis@redhat.com> - 0.12.0-3 * Mon Jan 9 2017 John Dennis <jdennis@redhat.com> - 0.12.0-3
- bump release for rebuild - bump release for rebuild