rpms / mod_auth_openidc

Clone
Source Code
GIT

Blame SOURCES/0014-add-value-of-OIDC_SET_COOKIE_APPEND-env-var-to-Set-C.patch

c7 c7-beta c8-beta-stream-2.3 c8-stream-2.3 c8s-stream-2.3 c9 c9-beta
  1.   06debe8bc74e9ae3c3370f03acd744967f9a22a1
  2.   SOURCES
  3.   0014-add-value-of-OIDC_SET_COOKIE_APPEND-env-var-to-Set-C.patch
Blob History Raw
5b8408 
From 0bd084eb058361517b64a2c10a46c332adc9aeea Mon Sep 17 00:00:00 2001
5b8408 
From: Hans Zandbelt <hans.zandbelt@zmartzone.eu>
5b8408 
Date: Wed, 15 Jan 2020 17:58:53 +0100
5b8408 
Subject: [PATCH 14/19] add value of OIDC_SET_COOKIE_APPEND env var to
5b8408 
 Set-Cookie headers
5b8408
5b8408 
- useful for handling changing/upcoming SameSite behaviors across
5b8408 
different browsers, e.g.:
5b8408 
  SetEnvIf User-Agent ".*IOS.*" OIDC_SET_COOKIE_APPEND=SameSite=None
5b8408 
- bump to 2.4.1rc4
5b8408
5b8408 
Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>
5b8408 
(cherry picked from commit a326dbe843a755124ecee883db52dcdc26284c26)
5b8408 
---
5b8408 
 ChangeLog  |  5 +++++
5b8408 
 src/util.c | 27 +++++++++++++++++++++++++++
5b8408 
 2 files changed, 32 insertions(+)
5b8408
5b8408 
diff --git a/ChangeLog b/ChangeLog
5b8408 
index dfe4bd6..fc7c5ae 100644
5b8408 
--- a/ChangeLog
5b8408 
+++ b/ChangeLog
5b8408 
@@ -1,3 +1,8 @@
5b8408 
+01/15/2020
5b8408 
+- add value of OIDC_SET_COOKIE_APPEND env var to Set-Cookie headers
5b8408 
+  useful for handling changing/upcoming SameSite behaviors across different browsers, e.g.:
5b8408 
+    SetEnvIf User-Agent ".*IOS.*" OIDC_SET_COOKIE_APPEND=SameSite=None
5b8408 
+
5b8408 
 08/04/2018
5b8408 
 - don't return content with 503 since it will turn the HTTP status code into a 200; see #331
5b8408
5b8408 
diff --git a/src/util.c b/src/util.c
5b8408 
index 67b2fc3..993718e 100644
5b8408 
--- a/src/util.c
5b8408 
+++ b/src/util.c
5b8408 
@@ -914,6 +914,27 @@ static char *oidc_util_get_cookie_path(request_rec *r) {
5b8408
5b8408 
 #define OIDC_COOKIE_MAX_SIZE            4093
5b8408
5b8408 
+#define OIDC_SET_COOKIE_APPEND_ENV_VAR  "OIDC_SET_COOKIE_APPEND"
5b8408 
+
5b8408 
+const char *oidc_util_set_cookie_append_value(request_rec *r, oidc_cfg *c) {
5b8408 
+	const char *env_var_value = NULL;
5b8408 
+
5b8408 
+	if (r->subprocess_env != NULL)
5b8408 
+		env_var_value = apr_table_get(r->subprocess_env,
5b8408 
+				OIDC_SET_COOKIE_APPEND_ENV_VAR);
5b8408 
+
5b8408 
+	if (env_var_value == NULL) {
5b8408 
+		oidc_debug(r, "no cookie append environment variable %s found",
5b8408 
+				OIDC_SET_COOKIE_APPEND_ENV_VAR);
5b8408 
+		return NULL;
5b8408 
+	}
5b8408 
+
5b8408 
+	oidc_debug(r, "cookie append environment variable %s=%s found",
5b8408 
+			OIDC_SET_COOKIE_APPEND_ENV_VAR, env_var_value);
5b8408 
+
5b8408 
+	return env_var_value;
5b8408 
+}
5b8408 
+
5b8408 
 /*
5b8408 
  * set a cookie in the HTTP response headers
5b8408 
  */
5b8408 
@@ -923,6 +944,7 @@ void oidc_util_set_cookie(request_rec *r, const char *cookieName,
5b8408 
 	oidc_cfg *c = ap_get_module_config(r->server->module_config,
5b8408 
 			&auth_openidc_module);
5b8408 
 	char *headerString, *expiresString = NULL;
5b8408 
+	const char *appendString = NULL;
5b8408
5b8408 
 	/* see if we need to clear the cookie */
5b8408 
 	if (apr_strnatcmp(cookieValue, "") == 0)
5b8408 
@@ -961,6 +983,11 @@ void oidc_util_set_cookie(request_rec *r, const char *cookieName,
5b8408 
 	if (ext != NULL)
5b8408 
 		headerString = apr_psprintf(r->pool, "%s; %s", headerString, ext);
5b8408
5b8408 
+	appendString = oidc_util_set_cookie_append_value(r, c);
5b8408 
+	if (appendString != NULL)
5b8408 
+		headerString = apr_psprintf(r->pool, "%s; %s", headerString,
5b8408 
+				appendString);
5b8408 
+
5b8408 
 	/* sanity check on overall cookie value size */
5b8408 
 	if (strlen(headerString) > OIDC_COOKIE_MAX_SIZE) {
5b8408 
 		oidc_warn(r,
5b8408 
--
5b8408 
2.26.2
5b8408

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation