diff options
| -rw-r--r-- | auth_mellon_compat.h | 30 | ||||
| -rw-r--r-- | auth_mellon_handler.c | 4 | ||||
| -rw-r--r-- | mod_auth_mellon.c | 7 |
3 files changed, 33 insertions, 8 deletions
diff --git a/auth_mellon_compat.h b/auth_mellon_compat.h index f521d5b..dba25c0 100644 --- a/auth_mellon_compat.h +++ b/auth_mellon_compat.h @@ -3,6 +3,12 @@ #include <glib.h> +#include "ap_config.h" +#include "ap_release.h" +#ifdef AP_NEED_SET_MUTEX_PERMS +#include "unixd.h" +#endif + /* Old glib compatibility */ #if (GLIB_MAJOR_VERSION == 2) && (GLIB_MINOR_VERSION < 14) @@ -24,4 +30,28 @@ static GList *g_hash_table_get_keys(GHashTable *ht) } #endif + +/* "remote_ip" in struct conn_rec changed name to "client_ip" in Apache 2.4. + * This function retrieves the corrent member depending on the Apache version. + */ +static inline const char *am_compat_request_ip(request_rec *r) { +#if (AP_SERVER_MAJORVERSION_NUMBER == 2) && (AP_SERVER_MINORVERSION_NUMBER < 4) + return r->connection->remote_ip; +#else + return r->connection->client_ip; +#endif +} + +/* unixd_set_global_mutex_perms changed name to ap_unixd_set_global_mutex_perms + * in Apache 2.4. This function provides a wrapper with the new name for old + * versions. + */ +#ifdef AP_NEED_SET_MUTEX_PERMS +#if (AP_SERVER_MAJORVERSION_NUMBER == 2) && (AP_SERVER_MINORVERSION_NUMBER < 4) +static inline apr_status_t ap_unixd_set_global_mutex_perms(apr_global_mutex_t *gmutex) { + return unixd_set_global_mutex_perms(gmutex); +} +#endif +#endif /* AP_NEED_SET_MUTEX_PERMS */ + #endif /* AUTH_MELLON_COMPAT_H */ diff --git a/auth_mellon_handler.c b/auth_mellon_handler.c index a24f59b..996daea 100644 --- a/auth_mellon_handler.c +++ b/auth_mellon_handler.c @@ -1283,11 +1283,11 @@ static int am_validate_subject(request_rec *r, LassoSaml2Assertion *assertion, } if (scd->Address && CFG_VALUE(cfg, subject_confirmation_data_address_check)) { - if (strcasecmp(scd->Address, r->connection->remote_ip)) { + if (strcasecmp(scd->Address, am_compat_request_ip(r))) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "Wrong Address in SubjectConfirmationData." "Current address is \"%s\", but should have been \"%s\".", - r->connection->remote_ip, scd->Address); + am_compat_request_ip(r), scd->Address); return HTTP_BAD_REQUEST; } } diff --git a/mod_auth_mellon.c b/mod_auth_mellon.c index b7d8349..86949a4 100644 --- a/mod_auth_mellon.c +++ b/mod_auth_mellon.c @@ -24,11 +24,6 @@ #include <curl/curl.h> -#ifdef AP_NEED_SET_MUTEX_PERMS -#include "unixd.h" -#endif - - /* This function is called after the configuration of the server is parsed * (it's a post-config hook). * @@ -133,7 +128,7 @@ static int am_global_init(apr_pool_t *conf, apr_pool_t *log, /* On some platforms the mutex is implemented as a file. To allow child * processes running as a different user to open it, it is necessary to * change the permissions on it. */ - rv = unixd_set_global_mutex_perms(mod->lock); + rv = ap_unixd_set_global_mutex_perms(mod->lock); if (rv != APR_SUCCESS) { ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s, "Failed to set permissions on session table lock;" |