remove unused patches

2019-03-22 21:12:26 +01:00 · 2019-03-22 21:12:26 +01:00 · d47343a603
commit d47343a603
parent 1a042645d0
3 changed files with 0 additions and 103 deletions
--- a/acs-warning.patch
+++ b/acs-warning.patch
@ -1,33 +0,0 @@
 commit 5ba9bb72707a90503cd4d042083ea074a0cb6b8a
 Author: John Dennis <jdennis@redhat.com>
 Date:   Fri Oct 30 15:46:33 2015 -0400
    Role maybe unknown when assertion consumer url is looked up
    Replace the call to lasso_provider_get_metadata_one() with
    lasso_provider_get_metadata_one_for_role() so that we can exlicitly
    pass the LASSO_PROVIDER_ROLE_SP role. The former call obtains the
    role from the provider object and then calls
    lasso_provider_get_metadata_one_for_role() using that role. However
    the role will not have been set in the provider until the first request is
    processed. This means the first time we call this routine it won't
    work correctly because the role will not have been set yet, by
    explicitly passing the role we avoid this problem.
    Signed-off-by: John Dennis <jdennis@redhat.com>
 diff --git a/auth_mellon_util.c b/auth_mellon_util.c
 index 155bb1a..6c694b7 100644
 --- a/auth_mellon_util.c
 +++ b/auth_mellon_util.c
@@ -1827,7 +1827,9 @@ char *am_get_assertion_consumer_service_by_binding(LassoProvider *provider, cons
     }
     if (selected_descriptor) {
 -        url = lasso_provider_get_metadata_one(provider, selected_descriptor);
 +        url = lasso_provider_get_metadata_one_for_role(provider,
 +                                                       LASSO_PROVIDER_ROLE_SP,
 +                                                       selected_descriptor);
     }
     lasso_release_list_of_strings(descriptors);
--- a/content-type.patch
+++ b/content-type.patch
@ -1,36 +0,0 @@
 commit 040a1ae5cb2aab38b2bc716cc3d0d6fa7b998a7a
 Author: John Dennis <jdennis@redhat.com>
 Date:   Mon Jan 16 09:02:06 2017 -0500
    Use ap_set_content_type() to set "Content-Type" header
    Formerly we were setting the response header "Content-Type" in
    r->headers_out directly via the apr_table_setn() call. Although using
    apr_table_setn() is appropriate for many HTTP headers Apache actively
    manages a small set of headers in
    http_filters.c:ap_http_header_filter(). These managed headers are
    derived from values maintained in the request_rec. "Content-Type" is
    one of the managed headers.
    Because we didn't set r->content_type field via the
    ap_set_content_type() call and instead directly updated the
    r->headers_out table our value for "Content-Type" was overwriten when
    the ap_http_header_filter() was run just prior to emitting the
    response with the result the "Content-Type" header returned to the
    client was incorrect.
    Signed-off-by: John Dennis <jdennis@redhat.com>
 diff --git a/auth_mellon_handler.c b/auth_mellon_handler.c
 index a55828a..25365de 100644
 --- a/auth_mellon_handler.c
 +++ b/auth_mellon_handler.c
@@ -2655,7 +2655,7 @@ static int am_set_authn_request_post_content(request_rec *r, LassoLogin *login)
  */
 static int am_set_authn_request_paos_content(request_rec *r, LassoLogin *login)
 {
 -    apr_table_setn(r->headers_out, "Content-Type", MEDIA_TYPE_PAOS);
 +    ap_set_content_type(r, MEDIA_TYPE_PAOS);
     ap_rputs(LASSO_PROFILE(login)->msg_body, r);
     return OK;
--- a/enabled_in_check_uid.patch
+++ b/enabled_in_check_uid.patch
@ -1,34 +0,0 @@
 commit 912aa852ebd78577f59cf7958c709acea98ace4c
 Author: John Dennis <jdennis@redhat.com>
 Date:   Fri Apr 8 09:01:22 2016 -0400
    am_check_uid() should be no-op if mellon not enabled
    mod_auth_mellon was interferring with other Apache authentication
    modules (e.g. mod_auth_kerb) because when the Apache check_user_id
    hook ran the logic in am_check_uid would execute even if mellon was
    not enabled for the location. This short circuited the hook execution
    and never allowed the authentication enabled for the location to
    execute. It resulted in HTTP_UNAUTHORIZED being returned with the
    client then expecting a WWW-Authenticate header field causing the
    client to attempt to authenticate again.
    Signed-off-by: John Dennis <jdennis@redhat.com>
 diff --git a/auth_mellon_handler.c b/auth_mellon_handler.c
 index a72e1ca..864396f 100644
 --- a/auth_mellon_handler.c
 +++ b/auth_mellon_handler.c
@@ -3625,6 +3625,12 @@ int am_check_uid(request_rec *r)
         return OK;
     }
 +    /* Check that the user has enabled authentication for this directory. */
 +    if(dir->enable_mellon == am_enable_off
 +       || dir->enable_mellon == am_enable_default) {
 +	return DECLINED;
 +    }
 +
 #ifdef HAVE_ECP
     am_req_cfg_rec *req_cfg = am_get_req_cfg(r);
     if (req_cfg->ecp_authn_req) {