update test-segfault.patch to match upstream

2018-08-16 09:31:00 -04:00 · 2018-08-16 09:31:00 -04:00 · f8783c38fb
commit f8783c38fb
parent c2434ec46d
2 changed files with 44 additions and 3 deletions
--- a/mod_auth_openidc.spec
+++ b/mod_auth_openidc.spec
@ -15,7 +15,7 @@

 Name:		mod_auth_openidc
 Version:	2.3.7
-Release:	2%{?dist}
+Release:	3%{?dist}
 Summary:	OpenID Connect auth module for Apache HTTP Server

 Group:		System Environment/Daemons
@ -97,6 +97,9 @@ install -m 700 -d $RPM_BUILD_ROOT%{httpd_pkg_cache_dir}/cache
 %dir %attr(0700, apache, apache) %{httpd_pkg_cache_dir}/cache

 %changelog
+* Thu Aug 16 2018  <jdennis@redhat.com> - 2.3.7-3
+- update test-segfault.patch to match upstream
+
 * Tue Aug 14 2018  <jdennis@redhat.com> - 2.3.7-2
 - Resolves: rhbz# 1614977 - fix unit test segfault,
  the problem was not limited exclusively to s390x, but s390x provoked it.
--- a/test-segfault.patch
+++ b/test-segfault.patch
@ -1,6 +1,6 @@
-commit f7104535a5c686173c8cb875ae2ab56ab51b9e56
+commit fe7dfb14c45262df3b15bda374b2ee390b43cfb4
 Author: John Dennis <jdennis@redhat.com>
-Date:   Tue Aug 14 15:36:51 2018 -0400
+Date:   Tue Aug 14 18:08:56 2018 -0400

    test_proto_authorization_request() segfault due to uninitialized value
    
@ -30,6 +30,8 @@ Date:   Tue Aug 14 15:36:51 2018 -0400
    OIDC_AUTH_REQUEST_METHOD ever added a new enumerated value.
    
    The defined values for OIDC_AUTH_REQUEST_METHOD are:
+    define OIDC_AUTH_REQUEST_METHOD_GET  0
+    define OIDC_AUTH_REQUEST_METHOD_POST 1
    
    So what the test on line src/proto.c:646 is really saying is this:
    if provider->auth_request_method != 1 then use the GET method.
@ -94,6 +96,8 @@ Date:   Tue Aug 14 15:36:51 2018 -0400
    operated on and if the enumerated value is not valid it should return
    an error.
    
+Note: The above was fixed in the following commit.
+
    Signed-off-by: John Dennis <jdennis@redhat.com>

 diff --git a/test/test.c b/test/test.c
@ -127,3 +131,37 @@ index 16f09b5..87d3700 100755
 	request->connection->local_addr = apr_pcalloc(request->pool,
 			sizeof(apr_sockaddr_t));
 
+commit aca77a82c1ce2f1ec8f363066ffbc480b3bd75c8
+Author: Hans Zandbelt <hans.zandbelt@zmartzone.eu>
+Date:   Wed Aug 15 07:47:57 2018 +0200
+
+    add sanity check on provider->auth_request_method; closes #382
+    
+    thanks @jdennis; bump to 2.3.8rc4
+    
+    Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>
+
+diff --git a/src/proto.c b/src/proto.c
+index e9dbc99..ac7696a 100644
+--- a/src/proto.c
+++ b/src/proto.c
+@@ -649,7 +649,7 @@ int oidc_proto_authorization_request(request_rec *r,
+ 		rv = oidc_proto_html_post(r, provider->authorization_endpoint_url,
+ 				params);
+ 
+-	} else {
+	} else if (provider->auth_request_method == OIDC_AUTH_REQUEST_METHOD_GET) {
+ 
+ 		/* construct the full authorization request URL */
+ 		authorization_request = oidc_util_http_query_encoded_url(r,
+@@ -666,6 +666,10 @@ int oidc_proto_authorization_request(request_rec *r,
+ 			/* and tell Apache to return an HTTP Redirect (302) message */
+ 			rv = HTTP_MOVED_TEMPORARILY;
+ 		}
+	} else {
+		oidc_error(r, "provider->auth_request_method set to wrong value: %d",
+				provider->auth_request_method);
+		return HTTP_INTERNAL_SERVER_ERROR;
+ 	}
+ 
+ 	/* add a referred token binding request for the provider if enabled */