summaryrefslogtreecommitdiffstats
path: root/auth_mellon_util.c
Commit message (Collapse)AuthorAgeFilesLines
* Convert session env array to dynamic size storageolavmrk2014-06-201-3/+5
| | | | | | | | | | Using the previously introduced storage facility convert storage of env key/value pairs from being constrained to fixed sized strings to being constrained only by the overall entry cache size. Signed-off-by: Simo Sorce <simo@redhat.com> git-svn-id: https://modmellon.googlecode.com/svn/trunk@235 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Fix potential NULL Dereference bugsolavmrk2014-06-121-4/+8
| | | | | | | | Found by Coverity Signed-off-by: Simo Sorce <simo@redhat.com> git-svn-id: https://modmellon.googlecode.com/svn/trunk@229 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Simplify cache disabling headers.olavmrk2014-02-131-22/+10
| | | | | | | | | | | | | | | | | | This patch changes the headers sent to prevent errornous caching of the responses sent to only use a single header: Cache-Control: private, must-revalidate This single header should ensure that the data isn't shared between multiple users, and that the browser checks that the content is still valid for each request (enabling logout to work as expected). This drops the Exires-header, which should be unnecessary since all modern browsers support the Cache-Control-header. Thanks to Arthur Müller for providing this patch. git-svn-id: https://modmellon.googlecode.com/svn/trunk@223 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Fix typos.olavmrk2013-05-211-1/+1
| | | | | | Thanks to Thijs Kinkhorst for providing this patch. git-svn-id: https://modmellon.googlecode.com/svn/trunk@210 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Fix am_urldecode handling of encoded slashes.olavmrk2013-05-081-14/+62
| | | | | | | | | | | | | | Apache has fixed a bug/misfeature where ap_unescape_url_keep2f() decoded %2f-escapes. This leaves us with no functions that can be used to urldecode strings, so we have to roll our own. If we drop support for Apache 2.2, we can use ap_unescape_urlencoded(). See: http://svn.apache.org/viewvc?view=revision&revision=578332 git-svn-id: https://modmellon.googlecode.com/svn/trunk@206 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Fix repost data expiration.olavmrk2013-03-221-1/+5
| | | | | | | | | | We were mixing microseconds and seconds, causing us to always delete all the repost data. This patch fixes the comparison, and also optimizes it a bit. Thanks to Matthew Slowe for diagnosing this bug! git-svn-id: https://modmellon.googlecode.com/svn/trunk@201 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Rename am_generate_session_id() to am_generate_id().olavmrk2013-03-061-12/+12
| | | | | | | | Since this function is used for both generating session IDs and for generating POST data identifiers for POST replay, it should have a generic name. git-svn-id: https://modmellon.googlecode.com/svn/trunk@181 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Disable automatic creation of MellonPostDirectory.olavmrk2013-03-061-68/+11
| | | | | | | | Now that the POST replay functionality has been disabled by default, we can force the administrator to create this directory manually. This saves us from worrying about temp file/directory vulnerabilities. git-svn-id: https://modmellon.googlecode.com/svn/trunk@178 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Do not set headers twice.olavmrk2012-01-121-8/+2
| | | | | | | | | | For historic reasons, we added several headers to both "headers_out" and "err_headers_out". This has the unfortunate side effect of sending the headers twice. This change modifies the code to only add those headers to "err_headers_out", which is sent both for successful requests and for errors. git-svn-id: https://modmellon.googlecode.com/svn/trunk@145 a716ebb1-153a-0410-b759-cfb97c6a1b53
* New MellonIdPMetadataGlob directive to load mulitple IdP metadatamanu@netbsd.org2011-03-231-0/+25
| | | | | | | using a glob(3) pattern. git-svn-id: https://modmellon.googlecode.com/svn/trunk@117 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Regexp backreference substitution in MellonCond manu@netbsd.org2011-03-221-1/+225
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@116 a716ebb1-153a-0410-b759-cfb97c6a1b53
* New MellonCond directive to enable attribute filtering beyond MellonRequire manu@netbsd.org2011-03-171-33/+87
| | | | | | | | | functionalities. Supports regexp, negations, and attribute name remapping though MellonSetEnv git-svn-id: https://modmellon.googlecode.com/svn/trunk@114 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Fix references to MellonPostDirectory in README and in a comment.olavmrk2011-02-181-2/+2
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@111 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Change implementation of am_get_endpoint_url to use ap_construct_urlbenjamin.dauvergne2010-10-211-24/+1
| | | | | | | | | | | ap_construct_url() use the ServerName directive to reconstruct an absolute URL. It allows to force the use of an https:// URL (when you are behind an SSL proxy it is needed) by configuring your VirtualHost like that: ServerName https://example.com git-svn-id: https://modmellon.googlecode.com/svn/trunk@110 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Change return type of am_reconstruct_url to not be const.olavmrk2010-06-301-2/+2
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@97 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Shibboleth 2 interoperability. This is acchieved by increasing themanu@netbsd.org2010-05-311-0/+36
| | | | | | | | | | | | | storage for attributes, as OID-named attributes sent by the Shibboleth IdP consomes quite some space. There is also a required Destination attribute in AuthnRequest elements. It is done by trunk version of lasso, but not by any currently released version, hence we do if it is not done. git-svn-id: https://modmellon.googlecode.com/svn/trunk@85 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Off-by one bug that caused malfunction when replaying a POST request manu@netbsd.org2009-11-131-1/+1
| | | | | | | | | | | | | | containing an empty filed such as <input type="hidden" name="foo" value=""/> It was reposted as <input type="hidden" name="foo" value=" "/> git-svn-id: https://modmellon.googlecode.com/svn/trunk@71 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Make sure that redirect URLs doesn't contain control characters.olavmrk2009-11-111-0/+26
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@69 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Support replay of multipart/form-data POST requestsmanu@netbsd.org2009-11-111-55/+294
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@68 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Replay POST requets after been sent to the IdPmanu@netbsd.org2009-11-091-0/+352
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@67 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Do not ever send Cache-Control: no-cahche to IE, as it breaks filemanu@netbsd.org2009-08-111-6/+23
| | | | | | | downloads. git-svn-id: https://modmellon.googlecode.com/svn/trunk@65 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Update am_getfile to use apr_file_read_full.olavmrk2009-06-141-3/+4
| | | | | | | | | This chages am_getfile to use apr_file_read_full instead of apr_file_read to avoid a potential problem if a signal is received while reading the file data. A signal could cause the apr_file_read to return less than the requested number of bytes. git-svn-id: https://modmellon.googlecode.com/svn/trunk@56 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Use lasso_server_new_from_buffer if available.olavmrk2008-11-101-0/+53
| | | | | | | | | | | | Recent versions of Lasso supports loading the SP metadata, certificate and private key from memory. This patch changes mod_mellon to use this function if it is available. This makes it possible to store the SP private key readable only from root. Thanks to Emmanuel Dreyfus for this patch. git-svn-id: https://modmellon.googlecode.com/svn/trunk@35 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Initial import of version 0.0.6olavmrk2007-09-241-0/+518
git-svn-id: https://modmellon.googlecode.com/svn/trunk@3 a716ebb1-153a-0410-b759-cfb97c6a1b53
generated by cgit (git 2.34.1) at 2024-05-03 02:59:03 +0000