From 1d61071f18a0e63e03b9c37cc407327b91fc6273 Mon Sep 17 00:00:00 2001 From: Jarek Polok Date: Tue, 11 Nov 2014 17:38:57 +0100 Subject: [PATCH] Adding MellonMergeEnvVars (optional) functionality Allows to concatenate env. variables values in single variable name, ie: VAR=val1;val2;val3;... instead of standard mod_auth_mellom behaviour: VAR=val1 VAR_0=val1 VAR_1=val2 VAR_2=val3 ... --- README | 16 ++++++++++++++++ auth_mellon.h | 1 + auth_mellon_cache.c | 35 ++++++++++++++++++++++++++--------- auth_mellon_config.c | 18 ++++++++++++++++++ 4 files changed, 61 insertions(+), 9 deletions(-) diff --git a/README b/README index 238171301a857b9ede7933b9f4981c4bb58731ec..b5ff9b8ed8364367c32d8251d3d69fc27046d1dd 100644 --- a/README +++ b/README @@ -232,6 +232,13 @@ MellonPostCount 100 # Default. None set. MellonSetEnvNoPrefix "DISPLAY_NAME" "displayName" + # MellonMergeEnvVars merges multiple values of environement variables + # set using MellonSetEnv into single variable: + # ie: MYENV_VAR => val1;val2;val3 instead of default behaviour of: + # MYENV_VAR_0 => val1, MYENV_VAR_1 => val2 ... etc. + # Default: MellonMergeEnvVars Off + MellonMergeEnvVars On + # If MellonSessionDump is set, then the SAML session will be # available in the MELLON_SESSION environment variable MellonSessionDump Off @@ -590,6 +597,15 @@ MELLON_, and once named _0. In the case of multivalued attributes MELLON_ will contain the first value. +NOTE: + +if MellonMergeEnvVars is set to On multiple values of attributes +will be stored in single environement variable, separated by ";" + +MELLON_ -> "value1;value2;value3[;valueX]" + +and variables MELLON__0, MELLON__1, MELLON__2 will +not be created. The following code is a simple php-script which prints out all the variables: diff --git a/auth_mellon.h b/auth_mellon.h index e915cbfbdd33072637780145ce5d7fcf7d9ebc88..8649674617d9cb31438e9d73a822f688ce43182f 100644 --- a/auth_mellon.h +++ b/auth_mellon.h @@ -175,6 +175,7 @@ typedef struct am_dir_cfg_rec { const char *varname; int secure; + int merge_env_vars; const char *cookie_domain; const char *cookie_path; apr_array_header_t *cond; diff --git a/auth_mellon_cache.c b/auth_mellon_cache.c index ed96732c5dec221443839be91dda50431834611b..1982e604049ca6655ea93034d5f05dd72281b34e 100644 --- a/auth_mellon_cache.c +++ b/auth_mellon_cache.c @@ -521,6 +521,7 @@ void am_cache_env_populate(request_rec *r, am_cache_entry_t *t) const char *varname; const char *varname_prefix; const char *value; + const char *prefixed_varname; int *count; int status; @@ -581,6 +582,8 @@ void am_cache_env_populate(request_rec *r, am_cache_entry_t *t) } } + prefixed_varname = apr_pstrcat(r->pool, varname_prefix, varname, NULL); + /* Find the number of times this variable has been set. */ count = apr_hash_get(counters, varname, APR_HASH_KEY_STRING); if(count == NULL) { @@ -591,18 +594,32 @@ void am_cache_env_populate(request_rec *r, am_cache_entry_t *t) apr_hash_set(counters, varname, APR_HASH_KEY_STRING, count); /* Add the variable without a suffix. */ + apr_table_set(r->subprocess_env,prefixed_varname,value); + } + + if (d->merge_env_vars != 1) { + + /* Add the variable with a suffix indicating how many times it has + * been added before. + */ apr_table_set(r->subprocess_env, - apr_pstrcat(r->pool, varname_prefix, varname, NULL), + apr_psprintf(r->pool, "%s_%d", prefixed_varname, *count), value); + + } else if (*count > 0) { + + /* + * Merge multiple values, separating with ";" + * this makes auth_mellon work same way mod_shib is: + * https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPAttributeAccess + */ + apr_table_set(r->subprocess_env, + prefixed_varname, + apr_pstrcat(r->pool, + apr_table_get(r->subprocess_env,prefixed_varname), + ";", value, NULL)); } - - /* Add the variable with a suffix indicating how many times it has - * been added before. - */ - apr_table_set(r->subprocess_env, - apr_psprintf(r->pool, "%s%s_%d", varname_prefix, varname, *count), - value); - + /* Increase the count. */ ++(*count); } diff --git a/auth_mellon_config.c b/auth_mellon_config.c index dbcbfaa6604f4bdcfdf940a1d724947ff1100a6e..d3a408a6bcbec4fc1286222542aecbfcd3ba43e9 100644 --- a/auth_mellon_config.c +++ b/auth_mellon_config.c @@ -70,6 +70,12 @@ static const apr_size_t post_size = 1024 * 1024 * 1024; */ static const int post_count = 100; +/* whether to merge env. vars or not + * the MellonMergeEnvVars configuration directive if you change this. + */ +static const int default_merge_env_vars = -1; + + /* This function handles configuration directives which set a * multivalued string slot in the module configuration (the destination * strucure is a hash). @@ -1218,6 +1224,13 @@ const command_rec auth_mellon_commands[] = { OR_AUTHCFG, "Whether we should replay POST requests that trigger authentication. Default is off." ), + AP_INIT_FLAG( + "MellonMergeEnvVars", + ap_set_flag_slot, + (void *)APR_OFFSETOF(am_dir_cfg_rec, merge_env_vars), + OR_AUTHCFG, + "Whether to merge environement variables multi-values or not. Default is off." + ), {NULL} }; @@ -1273,6 +1286,7 @@ void *auth_mellon_dir_config(apr_pool_t *p, char *d) dir->varname = default_cookie_name; dir->secure = default_secure_cookie; + dir->merge_env_vars = default_merge_env_vars; dir->cond = apr_array_make(p, 0, sizeof(am_cond_t)); dir->cookie_domain = NULL; dir->cookie_path = NULL; @@ -1393,6 +1407,10 @@ void *auth_mellon_dir_merge(apr_pool_t *p, void *base, void *add) add_cfg->secure : base_cfg->secure); + new_cfg->merge_env_vars = (add_cfg->merge_env_vars != default_merge_env_vars ? + add_cfg->merge_env_vars : + base_cfg->merge_env_vars); + new_cfg->cookie_domain = (add_cfg->cookie_domain != NULL ? add_cfg->cookie_domain : base_cfg->cookie_domain); -- 2.1.0