diff --git a/SOURCES/content-type.patch b/SOURCES/content-type.patch new file mode 100644 index 0000000..7b8b54a --- /dev/null +++ b/SOURCES/content-type.patch @@ -0,0 +1,36 @@ +commit 040a1ae5cb2aab38b2bc716cc3d0d6fa7b998a7a +Author: John Dennis +Date: Mon Jan 16 09:02:06 2017 -0500 + + Use ap_set_content_type() to set "Content-Type" header + + Formerly we were setting the response header "Content-Type" in + r->headers_out directly via the apr_table_setn() call. Although using + apr_table_setn() is appropriate for many HTTP headers Apache actively + manages a small set of headers in + http_filters.c:ap_http_header_filter(). These managed headers are + derived from values maintained in the request_rec. "Content-Type" is + one of the managed headers. + + Because we didn't set r->content_type field via the + ap_set_content_type() call and instead directly updated the + r->headers_out table our value for "Content-Type" was overwriten when + the ap_http_header_filter() was run just prior to emitting the + response with the result the "Content-Type" header returned to the + client was incorrect. + + Signed-off-by: John Dennis + +diff --git a/auth_mellon_handler.c b/auth_mellon_handler.c +index a55828a..25365de 100644 +--- a/auth_mellon_handler.c ++++ b/auth_mellon_handler.c +@@ -2655,7 +2655,7 @@ static int am_set_authn_request_post_content(request_rec *r, LassoLogin *login) + */ + static int am_set_authn_request_paos_content(request_rec *r, LassoLogin *login) + { +- apr_table_setn(r->headers_out, "Content-Type", MEDIA_TYPE_PAOS); ++ ap_set_content_type(r, MEDIA_TYPE_PAOS); + ap_rputs(LASSO_PROFILE(login)->msg_body, r); + + return OK; diff --git a/SPECS/mod_auth_mellon.spec b/SPECS/mod_auth_mellon.spec index 789156d..1f5e40b 100644 --- a/SPECS/mod_auth_mellon.spec +++ b/SPECS/mod_auth_mellon.spec @@ -1,7 +1,7 @@ Summary: A SAML 2.0 authentication module for the Apache Httpd Server Name: mod_auth_mellon Version: 0.11.0 -Release: 2%{?dist} +Release: 4%{?dist} Group: System Environment/Daemons Source0: https://github.com/UNINETT/mod_auth_mellon/releases/download/v%{version}/%{name}-%{version}.tar.gz Source1: auth_mellon.conf @@ -22,6 +22,7 @@ Url: https://github.com/UNINETT/mod_auth_mellon Patch1: lasso_provider_warning.patch Patch2: enabled_in_check_uid.patch Patch3: ecp_doc.patch +Patch4: content-type.patch %description The mod_auth_mellon module is an authentication service that implements the @@ -33,6 +34,7 @@ received in assertions generated by a IdP server. %patch1 -p1 %patch2 -p1 %patch3 -p1 +%patch4 -p1 %build export APXS=%{_httpd_apxs} @@ -74,6 +76,13 @@ install -m 755 %{SOURCE4} %{buildroot}/%{_libexecdir}/%{name} %dir /run/%{name}/ %changelog +* Mon Jan 30 2017 John Dennis - 0.11.0-4 +- Resolves: rhbz#1414021 - Incorrect Content-Type header in ECP PAOS + Rebuilding due to missing comment in Changelog + +* Mon Jan 30 2017 John Dennis - 0.11.0-3 +- Resolves: rhbz#1414021 - Incorrect Content-Type header in ECP PAOS + * Fri Apr 8 2016 John Dennis - 0.11.0-2 - Resolves: bug #1296286 mod_auth_mellon emits CRITICAL warning message in Apache log when doing ECP