rpms/mod_auth_openidc
7
0
Fork 0
Code Issues Pull Requests Releases Activity
596714313c
mod_auth_openidc/SOURCES/0008-make-the-default-max-number-of-state-cookies-7-inste.patch

46 lines
1.5 KiB
Diff
Raw Blame History

From 623163348f74fc1bd019a676fa24af69dde79654 Mon Sep 17 00:00:00 2001
From: Hans Zandbelt <hans.zandbelt@zmartzone.eu>
Date: Fri, 3 Aug 2018 21:41:34 +0200
Subject: [PATCH 08/11] make the default max number of state cookies 7 instead
of unlimited
bump to 2.3.8rc1
Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>
(cherry picked from commit 6616372af77df04a9b0b197e759790ecf3f2399a)
---
ChangeLog | 5 ++++-
src/config.c | 2 +-
2 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index b6ac513..27f45be 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,8 @@
-08/01/2018
+
+08/03/2018
- add option to set an upper limit to the number of concurrent state cookies via OIDCStateMaxNumberOfCookies; see #331
+- make the default maximum number of parallel state cookies 7 instead of unlimited; see #331
+- bump o 2.3.8rc1
07/06/2018
- abort when string length for remote user name substitution is larger than 255 characters
diff --git a/src/config.c b/src/config.c
index c793818..6fa6227 100644
--- a/src/config.c
+++ b/src/config.c
@@ -105,7 +105,7 @@
/* timeout in seconds after which state expires */
#define OIDC_DEFAULT_STATE_TIMEOUT 300
/* maximum number of parallel state cookies; 0 means unlimited, until the browser or server gives up */
-#define OIDC_DEFAULT_MAX_NUMBER_OF_STATE_COOKIES 0
+#define OIDC_DEFAULT_MAX_NUMBER_OF_STATE_COOKIES 7
/* default session inactivity timeout */
#define OIDC_DEFAULT_SESSION_INACTIVITY_TIMEOUT 300
/* default session max duration */
--
2.26.2
Reference in New Issue View Git Blame Copy Permalink