From 1d61071f18a0e63e03b9c37cc407327b91fc6273 Mon Sep 17 00:00:00 2001
From: Jarek Polok <jpolok@xenophile.cern.ch>
Date: Tue, 11 Nov 2014 17:38:57 +0100
Subject: [PATCH] Adding MellonMergeEnvVars (optional) functionality Allows to
concatenate env. variables values in single variable name, ie:
VAR=val1;val2;val3;...
instead of standard mod_auth_mellom behaviour:
VAR=val1
VAR_0=val1
VAR_1=val2
VAR_2=val3
...
---
README | 16 ++++++++++++++++
auth_mellon.h | 1 +
auth_mellon_cache.c | 35 ++++++++++++++++++++++++++---------
auth_mellon_config.c | 18 ++++++++++++++++++
4 files changed, 61 insertions(+), 9 deletions(-)
diff --git a/README b/README
index 238171301a857b9ede7933b9f4981c4bb58731ec..b5ff9b8ed8364367c32d8251d3d69fc27046d1dd 100644
--- a/README
+++ b/README
@@ -232,6 +232,13 @@ MellonPostCount 100
# Default. None set.
MellonSetEnvNoPrefix "DISPLAY_NAME" "displayName"
+ # MellonMergeEnvVars merges multiple values of environement variables
+ # set using MellonSetEnv into single variable:
+ # ie: MYENV_VAR => val1;val2;val3 instead of default behaviour of:
+ # MYENV_VAR_0 => val1, MYENV_VAR_1 => val2 ... etc.
+ # Default: MellonMergeEnvVars Off
+ MellonMergeEnvVars On
+
# If MellonSessionDump is set, then the SAML session will be
# available in the MELLON_SESSION environment variable
MellonSessionDump Off
@@ -590,6 +597,15 @@ MELLON_<name>, and once named <MELLON_<name>_0.
In the case of multivalued attributes MELLON_<name> will contain the first
value.
+NOTE:
+
+if MellonMergeEnvVars is set to On multiple values of attributes
+will be stored in single environement variable, separated by ";"
+
+MELLON_<name> -> "value1;value2;value3[;valueX]"
+
+and variables MELLON_<name>_0, MELLON_<name>_1, MELLON_<name>_2 will
+not be created.
The following code is a simple php-script which prints out all the
variables:
diff --git a/auth_mellon.h b/auth_mellon.h
index e915cbfbdd33072637780145ce5d7fcf7d9ebc88..8649674617d9cb31438e9d73a822f688ce43182f 100644
--- a/auth_mellon.h
+++ b/auth_mellon.h
@@ -175,6 +175,7 @@ typedef struct am_dir_cfg_rec {
const char *varname;
int secure;
+ int merge_env_vars;
const char *cookie_domain;
const char *cookie_path;
apr_array_header_t *cond;
diff --git a/auth_mellon_cache.c b/auth_mellon_cache.c
index ed96732c5dec221443839be91dda50431834611b..1982e604049ca6655ea93034d5f05dd72281b34e 100644
--- a/auth_mellon_cache.c
+++ b/auth_mellon_cache.c
@@ -521,6 +521,7 @@ void am_cache_env_populate(request_rec *r, am_cache_entry_t *t)
const char *varname;
const char *varname_prefix;
const char *value;
+ const char *prefixed_varname;
int *count;
int status;
@@ -581,6 +582,8 @@ void am_cache_env_populate(request_rec *r, am_cache_entry_t *t)
}
}
+ prefixed_varname = apr_pstrcat(r->pool, varname_prefix, varname, NULL);
+
/* Find the number of times this variable has been set. */
count = apr_hash_get(counters, varname, APR_HASH_KEY_STRING);
if(count == NULL) {
@@ -591,18 +594,32 @@ void am_cache_env_populate(request_rec *r, am_cache_entry_t *t)
apr_hash_set(counters, varname, APR_HASH_KEY_STRING, count);
/* Add the variable without a suffix. */
+ apr_table_set(r->subprocess_env,prefixed_varname,value);
+ }
+
+ if (d->merge_env_vars != 1) {
+
+ /* Add the variable with a suffix indicating how many times it has
+ * been added before.
+ */
apr_table_set(r->subprocess_env,
- apr_pstrcat(r->pool, varname_prefix, varname, NULL),
+ apr_psprintf(r->pool, "%s_%d", prefixed_varname, *count),
value);
+
+ } else if (*count > 0) {
+
+ /*
+ * Merge multiple values, separating with ";"
+ * this makes auth_mellon work same way mod_shib is:
+ * https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPAttributeAccess
+ */
+ apr_table_set(r->subprocess_env,
+ prefixed_varname,
+ apr_pstrcat(r->pool,
+ apr_table_get(r->subprocess_env,prefixed_varname),
+ ";", value, NULL));
}
-
- /* Add the variable with a suffix indicating how many times it has
- * been added before.
- */
- apr_table_set(r->subprocess_env,
- apr_psprintf(r->pool, "%s%s_%d", varname_prefix, varname, *count),
- value);
-
+
/* Increase the count. */
++(*count);
}
diff --git a/auth_mellon_config.c b/auth_mellon_config.c
index dbcbfaa6604f4bdcfdf940a1d724947ff1100a6e..d3a408a6bcbec4fc1286222542aecbfcd3ba43e9 100644
--- a/auth_mellon_config.c
+++ b/auth_mellon_config.c
@@ -70,6 +70,12 @@ static const apr_size_t post_size = 1024 * 1024 * 1024;
*/
static const int post_count = 100;
+/* whether to merge env. vars or not
+ * the MellonMergeEnvVars configuration directive if you change this.
+ */
+static const int default_merge_env_vars = -1;
+
+
/* This function handles configuration directives which set a
* multivalued string slot in the module configuration (the destination
* strucure is a hash).
@@ -1218,6 +1224,13 @@ const command_rec auth_mellon_commands[] = {
OR_AUTHCFG,
"Whether we should replay POST requests that trigger authentication. Default is off."
),
+ AP_INIT_FLAG(
+ "MellonMergeEnvVars",
+ ap_set_flag_slot,
+ (void *)APR_OFFSETOF(am_dir_cfg_rec, merge_env_vars),
+ OR_AUTHCFG,
+ "Whether to merge environement variables multi-values or not. Default is off."
+ ),
{NULL}
};
@@ -1273,6 +1286,7 @@ void *auth_mellon_dir_config(apr_pool_t *p, char *d)
dir->varname = default_cookie_name;
dir->secure = default_secure_cookie;
+ dir->merge_env_vars = default_merge_env_vars;
dir->cond = apr_array_make(p, 0, sizeof(am_cond_t));
dir->cookie_domain = NULL;
dir->cookie_path = NULL;
@@ -1393,6 +1407,10 @@ void *auth_mellon_dir_merge(apr_pool_t *p, void *base, void *add)
add_cfg->secure :
base_cfg->secure);
+ new_cfg->merge_env_vars = (add_cfg->merge_env_vars != default_merge_env_vars ?
+ add_cfg->merge_env_vars :
+ base_cfg->merge_env_vars);
+
new_cfg->cookie_domain = (add_cfg->cookie_domain != NULL ?
add_cfg->cookie_domain :
base_cfg->cookie_domain);
--
2.1.0