Tree - source-git/mod_auth_mellon

source-git / mod_auth_mellon

Blame auth_mellon_config.c

Blob History Raw

Packit Service	d6b4c9	`/*`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* auth_mellon_config.c: an authentication apache module`
Packit Service	d6b4c9	`* Copyright © 2003-2007 UNINETT (http://www.uninett.no/)`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* This program is free software; you can redistribute it and/or modify`
Packit Service	d6b4c9	`* it under the terms of the GNU General Public License as published by`
Packit Service	d6b4c9	`* the Free Software Foundation; either version 2 of the License, or`
Packit Service	d6b4c9	`* (at your option) any later version.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* This program is distributed in the hope that it will be useful,`
Packit Service	d6b4c9	`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
Packit Service	d6b4c9	`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
Packit Service	d6b4c9	`* GNU General Public License for more details.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* You should have received a copy of the GNU General Public License`
Packit Service	d6b4c9	`* along with this program; if not, write to the Free Software`
Packit Service	d6b4c9	`* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9
Packit Service	d6b4c9	`#include "auth_mellon.h"`
Packit Service	d6b4c9
Packit Service	d6b4c9	`#ifdef APLOG_USE_MODULE`
Packit Service	d6b4c9	`APLOG_USE_MODULE(auth_mellon);`
Packit Service	d6b4c9	`#endif`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This is the default endpoint path. Remember to update the description of`
Packit Service	d6b4c9	`* the MellonEndpointPath configuration directive if you change this.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char *default_endpoint_path = "/mellon/";`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This is the default name of the attribute we use as a username. Remember`
Packit Service	d6b4c9	`* to update the description of the MellonUser configuration directive if`
Packit Service	d6b4c9	`* you change this.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char *default_user_attribute = "NAME_ID";`
Packit Service	d6b4c9
Packit Service	a2b39c	`/* This is the default prefix to use for attributes received from the`
Packit Service	a2b39c	`* server. Customizable using the MellonEnvPrefix option`
Packit Service	a2b39c	`*/`
Packit Service	a2b39c	`static const char *default_env_prefix = "MELLON_";`
Packit Service	a2b39c
Packit Service	d6b4c9	`/* This is the default name of the cookie which mod_auth_mellon will set.`
Packit Service	d6b4c9	`* If you change this, then you should also update the description of the`
Packit Service	d6b4c9	`* MellonVar configuration directive.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char *default_cookie_name = "cookie";`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* The default setting for cookie is to not enforce secure flag`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const int default_secure_cookie = 0;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* The default setting for cookie is to not enforce HttpOnly flag`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const int default_http_only_cookie = 0;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* The default setting for setting MELLON_SESSION`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const int default_dump_session = 0;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* The default setting for setting MELLON_SAML_RESPONSE`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const int default_dump_saml_response = 0;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This is the default IdP initiated login location`
Packit Service	d6b4c9	`* the MellonDefaultLoginPath configuration directive if you change this.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char *default_login_path = "/";`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* saved POST session time to live`
Packit Service	d6b4c9	`* the MellonPostTTL configuration directive if you change this.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const apr_time_t post_ttl = 15 * 60;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* saved POST session maximum size`
Packit Service	d6b4c9	`* the MellonPostSize configuration directive if you change this.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const apr_size_t post_size = 1024 * 1024;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* maximum saved POST sessions`
Packit Service	d6b4c9	`* the MellonPostCount configuration directive if you change this.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const int post_count = 100;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`#ifdef ENABLE_DIAGNOSTICS`
Packit Service	d6b4c9	`/* Default filename for mellon diagnostics log file.`
Packit Service	d6b4c9	`* Relative pathname is relative to server root. */`
Packit Service	d6b4c9	`static const char *default_diag_filename = "logs/mellon_diagnostics";`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* Default state for diagnostics is off */`
Packit Service	d6b4c9	`static am_diag_flags_t default_diag_flags = AM_DIAG_FLAG_DISABLE;`
Packit Service	d6b4c9	`#endif`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* whether to merge env. vars or not`
Packit Service	d6b4c9	`* the MellonMergeEnvVars configuration directive if you change this.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char *default_merge_env_vars = NULL;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* for env. vars with multiple values, the index start`
Packit Service	d6b4c9	`* the MellonEnvVarsIndexStart configuration directive if you change this.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const int default_env_vars_index_start = -1;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* whether to also populate env. var _N with number of values`
Packit Service	d6b4c9	`* the MellonEnvVarsSetCount configuration directive if you change this.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const int default_env_vars_count_in_n = -1;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* The default list of trusted redirect domains. */`
Packit Service	d6b4c9	`static const char * const default_redirect_domains[] = { "[self]", NULL };`
Packit Service	d6b4c9
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles configuration directives which set a`
Packit Service	d6b4c9	`* multivalued string slot in the module configuration (the destination`
Packit Service	d6b4c9	`* strucure is a hash).`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for this configuration`
Packit Service	d6b4c9	`* directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* NULL if we are not in a directory configuration.`
Packit Service	d6b4c9	`* const char *key The string argument following this configuration`
Packit Service	d6b4c9	`* directive in the configuraion file.`
Packit Service	d6b4c9	`* const char *value Optional value to be stored in the hash.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL on success or an error string on failure.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_hash_string_slot(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *key,`
Packit Service	d6b4c9	`const char *value)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`server_rec *s = cmd->server;`
Packit Service	d6b4c9	`apr_pool_t *pconf = s->process->pconf;`
Packit Service	d6b4c9	`am_dir_cfg_rec cfg = (am_dir_cfg_rec )struct_ptr;`
Packit Service	d6b4c9	`int offset;`
Packit Service	d6b4c9	`apr_hash_t **hash;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/*`
Packit Service	d6b4c9	`* If no value is given, we just store the key in the hash.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`if (value == NULL \|\| *value == '\0')`
Packit Service	d6b4c9	`value = key;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`offset = (int)(long)cmd->info;`
Packit Service	d6b4c9	`hash = (apr_hash_t *)((char )cfg + offset);`
Packit Service	d6b4c9	`apr_hash_set(*hash, apr_pstrdup(pconf, key), APR_HASH_KEY_STRING, value);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles configuration directives which set a`
Packit Service	d6b4c9	`* multivalued string slot in the module configuration (the destination`
Packit Service	d6b4c9	`* strucure is a table).`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for this configuration`
Packit Service	d6b4c9	`* directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* NULL if we are not in a directory configuration.`
Packit Service	d6b4c9	`* const char *key The string argument following this configuration`
Packit Service	d6b4c9	`* directive in the configuraion file.`
Packit Service	d6b4c9	`* const char *value Optional value to be stored in the hash.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL on success or an error string on failure.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_table_string_slot(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *key,`
Packit Service	d6b4c9	`const char *value)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`server_rec *s = cmd->server;`
Packit Service	d6b4c9	`apr_pool_t *pconf = s->process->pconf;`
Packit Service	d6b4c9	`am_dir_cfg_rec cfg = (am_dir_cfg_rec )struct_ptr;`
Packit Service	d6b4c9	`int offset;`
Packit Service	d6b4c9	`apr_table_t **table;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/*`
Packit Service	d6b4c9	`* If no value is given, we just store the key in the hash.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`if (value == NULL \|\| *value == '\0')`
Packit Service	d6b4c9	`value = key;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`offset = (int)(long)cmd->info;`
Packit Service	d6b4c9	`table = (apr_table_t *)((char )cfg + offset);`
Packit Service	d6b4c9	`apr_table_set(*table, apr_pstrdup(pconf, key), value);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles configuration directives which set a file slot`
Packit Service	d6b4c9	`* in the module configuration. The file contents are immediately read.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for this configuration`
Packit Service	d6b4c9	`* directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* NULL if we are not in a directory configuration.`
Packit Service	d6b4c9	`* This value isn't used by this function.`
Packit Service	d6b4c9	`* const char *arg The string argument following this configuration`
Packit Service	d6b4c9	`* directive in the configuraion file.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL on success or an error string on failure.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_file_contents_slot(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *arg)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`const char *path;`
Packit Service	d6b4c9	`apr_status_t rv;`
Packit Service	d6b4c9	`am_dir_cfg_rec cfg = (am_dir_cfg_rec )struct_ptr;`
Packit Service	d6b4c9	`int offset;`
Packit Service	d6b4c9	`am_file_data_t *p_file_data, file_data;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`path = ap_server_root_relative(cmd->pool, arg);`
Packit Service	d6b4c9	`if (!path) {`
Packit Service	d6b4c9	`return apr_pstrcat(cmd->pool, cmd->cmd->name,`
Packit Service	d6b4c9	`": Invalid file path ", arg, NULL);`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`offset = (int)(long)cmd->info;`
Packit Service	d6b4c9	`p_file_data = (am_file_data_t *)((char )cfg + offset);`
Packit Service	d6b4c9	`*p_file_data = am_file_data_new(cmd->pool, path);`
Packit Service	d6b4c9	`file_data = *p_file_data;`
Packit Service	d6b4c9	`rv = am_file_read(file_data);`
Packit Service	d6b4c9	`if (rv != APR_SUCCESS) {`
Packit Service	d6b4c9	`return file_data->strerror;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles configuration directives which set a file`
Packit Service	d6b4c9	`* pathname in the module configuration. The file is checked for`
Packit Service	d6b4c9	`* existence.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for this configuration`
Packit Service	d6b4c9	`* directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* NULL if we are not in a directory configuration.`
Packit Service	d6b4c9	`* This value isn't used by this function.`
Packit Service	d6b4c9	`* const char *arg The string argument following this configuration`
Packit Service	d6b4c9	`* directive in the configuraion file.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL on success or an error string on failure.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_file_pathname_slot(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *arg)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`const char *path;`
Packit Service	d6b4c9	`apr_status_t rv;`
Packit Service	d6b4c9	`am_dir_cfg_rec cfg = (am_dir_cfg_rec )struct_ptr;`
Packit Service	d6b4c9	`int offset;`
Packit Service	d6b4c9	`am_file_data_t *p_file_data, file_data;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`path = ap_server_root_relative(cmd->pool, arg);`
Packit Service	d6b4c9	`if (!path) {`
Packit Service	d6b4c9	`return apr_pstrcat(cmd->pool, cmd->cmd->name,`
Packit Service	d6b4c9	`": Invalid file_data path ", arg, NULL);`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`offset = (int)(long)cmd->info;`
Packit Service	d6b4c9	`p_file_data = (am_file_data_t *)((char )cfg + offset);`
Packit Service	d6b4c9	`*p_file_data = am_file_data_new(cmd->pool, path);`
Packit Service	d6b4c9	`file_data = *p_file_data;`
Packit Service	d6b4c9	`rv = am_file_stat(file_data);`
Packit Service	d6b4c9	`if (rv != APR_SUCCESS) {`
Packit Service	d6b4c9	`return file_data->strerror;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9	`if (file_data->finfo.filetype != APR_REG) {`
Packit Service	d6b4c9	`return apr_psprintf(cmd->pool, "file \"%s\" is not a regular file",`
Packit Service	d6b4c9	`file_data->path);`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles configuration directives which use`
Packit Service	d6b4c9	`* a glob pattern, with a second optional argument`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for this configuration`
Packit Service	d6b4c9	`* directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* NULL if we are not in a directory configuration.`
Packit Service	d6b4c9	`* const char *glob_pat glob(3) pattern`
Packit Service	d6b4c9	`* const char *option Optional argument`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL on success or an error string on failure.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_glob_fn12(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *glob_pat,`
Packit Service	d6b4c9	`const char *option)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`const char (take_argv)(cmd_parms , void , const char , const char );`
Packit Service	d6b4c9	`apr_array_header_t *files;`
Packit Service	d6b4c9	`const char *error;`
Packit Service	d6b4c9	`const char *directory;`
Packit Service	d6b4c9	`int i;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`take_argv = cmd->info;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`directory = am_filepath_dirname(cmd->pool, glob_pat);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if (glob_pat == NULL \|\| *glob_pat == '\0')`
Packit Service	d6b4c9	`return apr_psprintf(cmd->pool,`
Packit Service	d6b4c9	`"%s takes one or two arguments",`
Packit Service	d6b4c9	`cmd->cmd->name);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if (apr_match_glob(glob_pat, &files, cmd->pool) != 0)`
Packit Service	d6b4c9	`return take_argv(cmd, struct_ptr, glob_pat, option);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`for (i = 0; i < files->nelts; i++) {`
Packit Service	d6b4c9	`const char *path;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`path = apr_pstrcat(cmd->pool, directory, "/",`
Packit Service	d6b4c9	`((const char **)(files->elts))[i], NULL);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`error = take_argv(cmd, struct_ptr, path, option);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if (error != NULL)`
Packit Service	d6b4c9	`return error;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles configuration directives which set an`
Packit Service	d6b4c9	`* idp related slot in the module configuration.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for this configuration`
Packit Service	d6b4c9	`* directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* NULL if we are not in a directory configuration.`
Packit Service	d6b4c9	`* const char *metadata Path to metadata file for one or multiple IdP`
Packit Service	d6b4c9	`* const char *chain Optional path to validating chain`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL on success or an error string on failure.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_idp_string_slot(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *metadata,`
Packit Service	d6b4c9	`const char *chain)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`server_rec *s = cmd->server;`
Packit Service	d6b4c9	`apr_pool_t *pconf = s->process->pconf;`
Packit Service	d6b4c9	`am_dir_cfg_rec cfg = (am_dir_cfg_rec )struct_ptr;`
Packit Service	d6b4c9	`am_file_data_t *idp_file_data = NULL;`
Packit Service	d6b4c9	`am_file_data_t *chain_file_data = NULL;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`#ifndef HAVE_lasso_server_load_metadata`
Packit Service	d6b4c9	`if (chain != NULL)`
Packit Service	d6b4c9	`return apr_psprintf(cmd->pool, "Cannot specify validating chain "`
Packit Service	d6b4c9	`"for %s since lasso library lacks "`
Packit Service	d6b4c9	`"lasso_server_load_metadata()", cmd->cmd->name);`
Packit Service	d6b4c9	`#endif /* HAVE_lasso_server_load_metadata */`
Packit Service	d6b4c9
Packit Service	d6b4c9	`idp_file_data = am_file_data_new(pconf, metadata);`
Packit Service	d6b4c9	`if (am_file_stat(idp_file_data) != APR_SUCCESS) {`
Packit Service	d6b4c9	`return idp_file_data->strerror;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if (chain) {`
Packit Service	d6b4c9	`chain_file_data = am_file_data_new(pconf, chain);`
Packit Service	d6b4c9	`if (am_file_stat(chain_file_data) != APR_SUCCESS) {`
Packit Service	d6b4c9	`return chain_file_data->strerror;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9	`} else {`
Packit Service	d6b4c9	`chain_file_data = NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`am_metadata_t *idp_metadata = apr_array_push(cfg->idp_metadata);`
Packit Service	d6b4c9	`idp_metadata->metadata = idp_file_data;`
Packit Service	d6b4c9	`idp_metadata->chain = chain_file_data;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles configuration directives which set an`
Packit Service	d6b4c9	`* idp federation blacklist slot in the module configuration.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for this configuration`
Packit Service	d6b4c9	`* directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* NULL if we are not in a directory configuration.`
Packit Service	d6b4c9	`* int argc Number of blacklisted providerId.`
Packit Service	d6b4c9	`* char *const argv[] List of blacklisted providerId.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL on success, or errror string`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_idp_ignore_slot(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`int argc,`
Packit Service	d6b4c9	`char *const argv[])`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`#ifdef HAVE_lasso_server_load_metadata`
Packit Service	d6b4c9	`server_rec *s = cmd->server;`
Packit Service	d6b4c9	`apr_pool_t *pconf = s->process->pconf;`
Packit Service	d6b4c9	`am_dir_cfg_rec cfg = (am_dir_cfg_rec )struct_ptr;`
Packit Service	d6b4c9	`GList *new_idp_ignore;`
Packit Service	d6b4c9	`int i;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if (argc < 1)`
Packit Service	d6b4c9	`return apr_psprintf(cmd->pool, "%s takes at least one arguments",`
Packit Service	d6b4c9	`cmd->cmd->name);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`for (i = 0; i < argc; i++) {`
Packit Service	d6b4c9	`new_idp_ignore = apr_palloc(pconf, sizeof(GList));`
Packit Service	d6b4c9	`new_idp_ignore->data = apr_pstrdup(pconf, argv[i]);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* Prepend it to the list. */`
Packit Service	d6b4c9	`new_idp_ignore->next = cfg->idp_ignore;`
Packit Service	d6b4c9	`if (cfg->idp_ignore != NULL)`
Packit Service	d6b4c9	`cfg->idp_ignore->prev = new_idp_ignore;`
Packit Service	d6b4c9	`cfg->idp_ignore = new_idp_ignore;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`#else /* HAVE_lasso_server_load_metadata */`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return apr_psprintf(cmd->pool, "Cannot use %s since lasso library lacks "`
Packit Service	d6b4c9	`"lasso_server_load_metadata()", cmd->cmd->name);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`#endif /* HAVE_lasso_server_load_metadata */`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles configuration directives which set a file path`
Packit Service	d6b4c9	`* slot in the module configuration.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for this configuration`
Packit Service	d6b4c9	`* directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* NULL if we are not in a directory configuration.`
Packit Service	d6b4c9	`* This value isn't used by this function.`
Packit Service	d6b4c9	`* const char *arg The string argument following this configuration`
Packit Service	d6b4c9	`* directive in the configuraion file.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL on success or an error string on failure.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_module_config_file_slot(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *arg)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`return ap_set_file_slot(cmd, am_get_mod_cfg(cmd->server), arg);`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles configuration directives which set an int`
Packit Service	d6b4c9	`* slot in the module configuration.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for this configuration`
Packit Service	d6b4c9	`* directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* NULL if we are not in a directory configuration.`
Packit Service	d6b4c9	`* This value isn't used by this function.`
Packit Service	d6b4c9	`* const char *arg The string argument following this configuration`
Packit Service	d6b4c9	`* directive in the configuraion file.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL on success or an error string on failure.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_module_config_int_slot(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *arg)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`return ap_set_int_slot(cmd, am_get_mod_cfg(cmd->server), arg);`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles the MellonDiagnosticsFile configuration directive.`
Packit Service	d6b4c9	`* It emits as warning in the log file if Mellon is not built with`
Packit Service	d6b4c9	`* diagnostics enabled.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for this configuration`
Packit Service	d6b4c9	`* directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* NULL if we are not in a directory configuration.`
Packit Service	d6b4c9	`* const char *arg The string argument following this configuration`
Packit Service	d6b4c9	`* directive in the configuraion file.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL on success or an error string on failure.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_module_diag_file_slot(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *arg)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`#ifdef ENABLE_DIAGNOSTICS`
Packit Service	d6b4c9	`return ap_set_file_slot(cmd, am_get_diag_cfg(cmd->server), arg);`
Packit Service	d6b4c9	`#else`
Packit Service	d6b4c9	`ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, cmd->server,`
Packit Service	d6b4c9	`"%s has no effect because Mellon was not compiled with"`
Packit Service	d6b4c9	`" diagnostics enabled, use ./configure --enable-diagnostics"`
Packit Service	d6b4c9	`" at build time to turn this feature on.",`
Packit Service	d6b4c9	`cmd->directive->directive);`
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`#endif`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles configuration directives which sets the`
Packit Service	d6b4c9	`* diagnostics flags in the module configuration.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for this configuration`
Packit Service	d6b4c9	`* directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* NULL if we are not in a directory configuration.`
Packit Service	d6b4c9	`* const char *arg The string argument following this configuration`
Packit Service	d6b4c9	`* directive in the configuraion file.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL on success or an error string on failure.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_module_diag_flags_slot(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *arg)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`#ifdef ENABLE_DIAGNOSTICS`
Packit Service	d6b4c9	`am_diag_cfg_rec *diag_cfg = am_get_diag_cfg(cmd->server);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if (strcasecmp(arg, "on") == 0) {`
Packit Service	d6b4c9	`diag_cfg->flags = AM_DIAG_FLAG_ENABLE_ALL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9	`else if (strcasecmp(arg, "off") == 0) {`
Packit Service	d6b4c9	`diag_cfg->flags = AM_DIAG_FLAG_DISABLE;`
Packit Service	d6b4c9	`} else {`
Packit Service	d6b4c9	`return apr_psprintf(cmd->pool, "%s: must be one of: 'on', 'off'",`
Packit Service	d6b4c9	`cmd->cmd->name);`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`#else`
Packit Service	d6b4c9	`ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, cmd->server,`
Packit Service	d6b4c9	`"%s has no effect because Mellon was not compiled with"`
Packit Service	d6b4c9	`" diagnostics enabled, use ./configure --enable-diagnostics"`
Packit Service	d6b4c9	`" at build time to turn this feature on.",`
Packit Service	d6b4c9	`cmd->directive->directive);`
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`#endif`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles the MellonCookieSameSite configuration directive.`
Packit Service	d6b4c9	`* This directive can be set to "lax" or "strict"`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for this configuration`
Packit Service	d6b4c9	`* directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* const char *arg The string argument following this configuration`
Packit Service	d6b4c9	`* directive in the configuraion file.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL on success or an error string if the argument is wrong.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_samesite_slot(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *arg)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`am_dir_cfg_rec d = (am_dir_cfg_rec )struct_ptr;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if(!strcasecmp(arg, "lax")) {`
Packit Service	d6b4c9	`d->cookie_samesite = am_samesite_lax;`
Packit Service	d6b4c9	`} else if(!strcasecmp(arg, "strict")) {`
Packit Service	d6b4c9	`d->cookie_samesite = am_samesite_strict;`
Packit Service	4d483e	`} else if(!strcasecmp(arg, "none")) {`
Packit Service	4d483e	`d->cookie_samesite = am_samesite_none;`
Packit Service	d6b4c9	`} else {`
Packit Service	d6b4c9	`return "The MellonCookieSameSite parameter must be 'lax' or 'strict'";`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles the MellonEnable configuration directive.`
Packit Service	d6b4c9	`* This directive can be set to "off", "info" or "auth".`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for this configuration`
Packit Service	d6b4c9	`* directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* const char *arg The string argument following this configuration`
Packit Service	d6b4c9	`* directive in the configuraion file.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL on success or an error string if the argument is wrong.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_enable_slot(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *arg)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`am_dir_cfg_rec d = (am_dir_cfg_rec )struct_ptr;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if(!strcasecmp(arg, "auth")) {`
Packit Service	d6b4c9	`d->enable_mellon = am_enable_auth;`
Packit Service	d6b4c9	`} else if(!strcasecmp(arg, "info")) {`
Packit Service	d6b4c9	`d->enable_mellon = am_enable_info;`
Packit Service	d6b4c9	`} else if(!strcasecmp(arg, "off")) {`
Packit Service	d6b4c9	`d->enable_mellon = am_enable_off;`
Packit Service	d6b4c9	`} else {`
Packit Service	d6b4c9	`return "parameter must be 'off', 'info' or 'auth'";`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles the MellonSecureCookie configuration directive.`
Packit Service	d6b4c9	`* This directive can be set to "on", "off", "secure" or "httponly".`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for this configuration`
Packit Service	d6b4c9	`* directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* const char *arg The string argument following this configuration`
Packit Service	d6b4c9	`* directive in the configuraion file.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL on success or an error string if the argument is wrong.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_secure_slots(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *arg)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`am_dir_cfg_rec d = (am_dir_cfg_rec )struct_ptr;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if(!strcasecmp(arg, "on")) {`
Packit Service	d6b4c9	`d->secure = 1;`
Packit Service	d6b4c9	`d->http_only = 1;`
Packit Service	d6b4c9	`} else if(!strcasecmp(arg, "secure")) {`
Packit Service	d6b4c9	`d->secure = 1;`
Packit Service	d6b4c9	`} else if(!strcasecmp(arg, "httponly")) {`
Packit Service	d6b4c9	`d->http_only = 1;`
Packit Service	d6b4c9	`} else if(strcasecmp(arg, "off")) {`
Packit Service	d6b4c9	`return "parameter must be 'on', 'off', 'secure' or 'httponly'";`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles the obsolete MellonDecoder configuration directive.`
Packit Service	d6b4c9	`* It is a no-op.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for this configuration`
Packit Service	d6b4c9	`* directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* const char *arg The string argument following this configuration`
Packit Service	d6b4c9	`* directive in the configuraion file.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_decoder_slot(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *arg)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles the MellonEndpointPath configuration directive.`
Packit Service	d6b4c9	`* If the path doesn't end with a '/', then we will append one.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for the MellonEndpointPath`
Packit Service	d6b4c9	`* configuration directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* NULL if we are not in a directory configuration.`
Packit Service	d6b4c9	`* const char *arg The string argument containing the path of the`
Packit Service	d6b4c9	`* endpoint directory.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* This function will always return NULL.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_endpoint_path(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *arg)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`am_dir_cfg_rec d = (am_dir_cfg_rec )struct_ptr;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* Make sure that the path ends with '/'. */`
Packit Service	d6b4c9	`if(strlen(arg) == 0 \|\| arg[strlen(arg) - 1] != '/') {`
Packit Service	d6b4c9	`d->endpoint_path = apr_pstrcat(cmd->pool, arg, "/", NULL);`
Packit Service	d6b4c9	`} else {`
Packit Service	d6b4c9	`d->endpoint_path = arg;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles the MellonSetEnv configuration directive.`
Packit Service	d6b4c9	`* This directive allows the user to change the name of attributes.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for the MellonSetEnv`
Packit Service	d6b4c9	`* configuration directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* const char *newName The new name of the attribute.`
Packit Service	d6b4c9	`* const char *oldName The old name of the attribute.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* This function will always return NULL.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_setenv_slot(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *newName,`
Packit Service	d6b4c9	`const char *oldName)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`am_dir_cfg_rec d = (am_dir_cfg_rec )struct_ptr;`
Packit Service	d6b4c9	`/* Configure as prefixed attribute name */`
Packit Service	d6b4c9	`am_envattr_conf_t envattr_conf = (am_envattr_conf_t )apr_palloc(cmd->pool, sizeof(am_envattr_conf_t));`
Packit Service	d6b4c9	`envattr_conf->name = newName;`
Packit Service	d6b4c9	`envattr_conf->prefixed = 1;`
Packit Service	d6b4c9	`apr_hash_set(d->envattr, oldName, APR_HASH_KEY_STRING, envattr_conf);`
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles the MellonSetEnvNoPrefix configuration directive.`
Packit Service	d6b4c9	`* This directive allows the user to change the name of attributes without prefixing them with MELLON_.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for the MellonSetEnv`
Packit Service	d6b4c9	`* configuration directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* const char *newName The new name of the attribute.`
Packit Service	d6b4c9	`* const char *oldName The old name of the attribute.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* This function will always return NULL.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_setenv_no_prefix_slot(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *newName,`
Packit Service	d6b4c9	`const char *oldName)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`am_dir_cfg_rec d = (am_dir_cfg_rec )struct_ptr;`
Packit Service	d6b4c9	`/* Configure as not prefixed attribute name */`
Packit Service	d6b4c9	`am_envattr_conf_t envattr_conf = (am_envattr_conf_t )apr_palloc(cmd->pool, sizeof(am_envattr_conf_t));`
Packit Service	d6b4c9	`envattr_conf->name = newName;`
Packit Service	d6b4c9	`envattr_conf->prefixed = 0;`
Packit Service	d6b4c9	`apr_hash_set(d->envattr, oldName, APR_HASH_KEY_STRING, envattr_conf);`
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function decodes MellonCond flags, such as [NOT,REG]`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* const char *arg Pointer to the flags string`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* flags, or -1 on error`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static int am_cond_flags(const char *arg)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`int flags = AM_COND_FLAG_NULL;`
Packit Service	d6b4c9	`static const char * const options[] = {`
Packit Service	d6b4c9	`"OR", /* AM_EXPIRE_FLAG_OR */`
Packit Service	d6b4c9	`"NOT", /* AM_EXPIRE_FLAG_NOT */`
Packit Service	d6b4c9	`"REG", /* AM_EXPIRE_FLAG_REG */`
Packit Service	d6b4c9	`"NC", /* AM_EXPIRE_FLAG_NC */`
Packit Service	d6b4c9	`"MAP", /* AM_EXPIRE_FLAG_MAP */`
Packit Service	d6b4c9	`"REF", /* AM_EXPIRE_FLAG_REF */`
Packit Service	d6b4c9	`"SUB", /* AM_EXPIRE_FLAG_SUB */`
Packit Service	d6b4c9	`/* The other options (IGN, REQ, FSTR, ...) are only internally used */`
Packit Service	d6b4c9	`};`
Packit Service	d6b4c9	`apr_size_t options_count = sizeof(options) / sizeof(*options);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* Skip inital [ */`
Packit Service	d6b4c9	`if (arg[0] == '[')`
Packit Service	d6b4c9	`arg++;`
Packit Service	d6b4c9	`else`
Packit Service	d6b4c9	`return -1;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`do {`
Packit Service	d6b4c9	`apr_size_t i;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`for (i = 0; i < options_count; i++) {`
Packit Service	d6b4c9	`apr_size_t optlen = strlen(options[i]);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if (strncmp(arg, options[i], optlen) == 0) {`
Packit Service	d6b4c9	`/* Make sure we have a separator next */`
Packit Service	d6b4c9	`if (arg[optlen] && !strchr("]\t ,", (int)arg[optlen]))`
Packit Service	d6b4c9	`return -1;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`flags \|= (1 << i);`
Packit Service	d6b4c9	`arg += optlen;`
Packit Service	d6b4c9	`break;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* no match */`
Packit Service	d6b4c9	`if (i == options_count)`
Packit Service	d6b4c9	`return -1;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* skip spaces, tabs and commas */`
Packit Service	d6b4c9	`arg += strspn(arg, " \t,");`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/*`
Packit Service	d6b4c9	`* End of option, but we fire an error if`
Packit Service	d6b4c9	`* there is trailing garbage`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`if (*arg == ']') {`
Packit Service	d6b4c9	`arg++;`
Packit Service	d6b4c9	`return (*arg == '\0') ? flags : -1;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9	`} while (*arg);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* Missing trailing ] */`
Packit Service	d6b4c9	`return -1;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles the MellonCond configuration directive, which`
Packit Service	d6b4c9	`* allows the user to restrict access based on attributes received from`
Packit Service	d6b4c9	`* the IdP.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for the MellonCond`
Packit Service	d6b4c9	`* configuration directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* const char *attribute Pointer to the attribute name`
Packit Service	d6b4c9	`* const char *value Pointer to the attribute value or regex`
Packit Service	d6b4c9	`* const char *options Pointer to options`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL on success or an error string on failure.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_cond_slot(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *attribute,`
Packit Service	d6b4c9	`const char *value,`
Packit Service	d6b4c9	`const char *options)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`am_dir_cfg_rec *d = struct_ptr;`
Packit Service	d6b4c9	`int flags = AM_COND_FLAG_NULL;`
Packit Service	d6b4c9	`am_cond_t *element;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if (attribute == NULL \|\| *attribute == '\0' \|\|`
Packit Service	d6b4c9	`value == NULL \|\| *value == '\0')`
Packit Service	d6b4c9	`return apr_pstrcat(cmd->pool, cmd->cmd->name,`
Packit Service	d6b4c9	`" takes at least two arguments", NULL);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if (options != NULL && *options != '\0')`
Packit Service	d6b4c9	`flags = am_cond_flags(options);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if (flags == -1)`
Packit Service	d6b4c9	`return apr_psprintf(cmd->pool, "%s - invalid flags %s",`
Packit Service	d6b4c9	`cmd->cmd->name, options);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`element = (am_cond_t *)apr_array_push(d->cond);`
Packit Service	d6b4c9	`element->varname = attribute;`
Packit Service	d6b4c9	`element->flags = flags;`
Packit Service	d6b4c9	`element->str = NULL;`
Packit Service	d6b4c9	`element->regex = NULL;`
Packit Service	d6b4c9	`element->directive = apr_pstrcat(cmd->pool, cmd->directive->directive,`
Packit Service	d6b4c9	`" ", cmd->directive->args, NULL);`
Packit Service	d6b4c9	`if (element->flags & AM_COND_FLAG_REG) {`
Packit Service	d6b4c9	`int regex_flags = AP_REG_EXTENDED\|AP_REG_NOSUB;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if (element->flags & AM_COND_FLAG_NC)`
Packit Service	d6b4c9	`regex_flags \|= AP_REG_ICASE;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`element->regex = ap_pregcomp(cmd->pool, value, regex_flags);`
Packit Service	d6b4c9	`if (element->regex == NULL)`
Packit Service	d6b4c9	`return apr_psprintf(cmd->pool, "%s - invalid regex %s",`
Packit Service	d6b4c9	`cmd->cmd->name, value);`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/*`
Packit Service	d6b4c9	`* Flag values containing format strings to that we do`
Packit Service	d6b4c9	`* not have to process the others at runtime.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`if (strchr(value, '%') != NULL)`
Packit Service	d6b4c9	`element->flags \|= AM_COND_FLAG_FSTR;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/*`
Packit Service	d6b4c9	`* We keep the string also for regex, so that we can`
Packit Service	d6b4c9	`* print it for debug purpose and perform substitutions on it.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`element->str = value;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles the MellonRequire configuration directive, which`
Packit Service	d6b4c9	`* allows the user to restrict access based on attributes received from`
Packit Service	d6b4c9	`* the IdP.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for the MellonRequire`
Packit Service	d6b4c9	`* configuration directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* const char *arg Pointer to the configuration string.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL on success or an error string on failure.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_require_slot(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *arg)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`am_dir_cfg_rec *d = struct_ptr;`
Packit Service	d6b4c9	`char attribute, value;`
Packit Service	d6b4c9	`int i;`
Packit Service	d6b4c9	`am_cond_t *element;`
Packit Service	d6b4c9	`am_cond_t *first_element;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`attribute = ap_getword_conf(cmd->pool, &arg;;`
Packit Service	d6b4c9	`value = ap_getword_conf(cmd->pool, &arg;;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if (attribute == '\0' \|\| value == '\0') {`
Packit Service	d6b4c9	`return apr_pstrcat(cmd->pool, cmd->cmd->name,`
Packit Service	d6b4c9	`" takes at least two arguments", NULL);`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/*`
Packit Service	d6b4c9	`* MellonRequire overwrites previous conditions on this attribute`
Packit Service	d6b4c9	`* We just tag the am_cond_t with the ignore flag, as it is`
Packit Service	d6b4c9	`* easier (and probably faster) than to really remove it.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`for (i = 0; i < d->cond->nelts; i++) {`
Packit Service	d6b4c9	`am_cond_t ce = &((am_cond_t )(d->cond->elts))[i];`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if ((strcmp(ce->varname, attribute) == 0) &&`
Packit Service	d6b4c9	`(ce->flags & AM_COND_FLAG_REQ))`
Packit Service	d6b4c9	`ce->flags \|= AM_COND_FLAG_IGN;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`first_element = NULL;`
Packit Service	d6b4c9	`do {`
Packit Service	d6b4c9	`element = (am_cond_t *)apr_array_push(d->cond);`
Packit Service	d6b4c9	`element->varname = attribute;`
Packit Service	d6b4c9	`element->flags = AM_COND_FLAG_OR\|AM_COND_FLAG_REQ;`
Packit Service	d6b4c9	`element->str = value;`
Packit Service	d6b4c9	`element->regex = NULL;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/*`
Packit Service	d6b4c9	`* When multiple values are given, we track the first one`
Packit Service	d6b4c9	`* in order to retreive the directive`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`if (first_element == NULL) {`
Packit Service	d6b4c9	`element->directive = apr_pstrcat(cmd->pool,`
Packit Service	d6b4c9	`cmd->directive->directive, " ",`
Packit Service	d6b4c9	`cmd->directive->args, NULL);`
Packit Service	d6b4c9	`first_element = element;`
Packit Service	d6b4c9	`} else {`
Packit Service	d6b4c9	`element->directive = first_element->directive;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`} while (*(value = ap_getword_conf(cmd->pool, &arg)) != '\0');`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/*`
Packit Service	d6b4c9	`* Remove OR flag on last element`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`element->flags &= ~AM_COND_FLAG_OR;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles the MellonOrganization* directives, which`
Packit Service	d6b4c9	`* which specify language-qualified strings`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms cmd The command structure for the MellonOrganization`
Packit Service	d6b4c9	`* configuration directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* const char *lang Pointer to the language string (optional)`
Packit Service	d6b4c9	`* const char *value Pointer to the data`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL on success or an error string on failure.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_langstring_slot(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *lang,`
Packit Service	d6b4c9	`const char *value)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`apr_hash_t h = (apr_hash_t **)(struct_ptr + (apr_size_t)cmd->info);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if (value == NULL \|\| *value == '\0') {`
Packit Service	d6b4c9	`value = lang;`
Packit Service	d6b4c9	`lang = "";`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`apr_hash_set(h, lang, APR_HASH_KEY_STRING,`
Packit Service	d6b4c9	`apr_pstrdup(cmd->server->process->pconf, value));`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles the MellonAuthnContextClassRef directive.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for the MellonAuthnContextClassRef`
Packit Service	d6b4c9	`* configuration directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* NULL if we are not in a directory configuration.`
Packit Service	d6b4c9	`* const char *arg An URI for an SAMLv2 AuthnContextClassRef`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* This function will always return NULL.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_authn_context_class_ref(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *arg)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`am_dir_cfg_rec d = (am_dir_cfg_rec )struct_ptr;`
Packit Service	d6b4c9	`apr_pool_t *p= cmd->pool;`
Packit Service	d6b4c9	`char **context_class_ref_p;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if(strlen(arg) == 0) {`
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9	`context_class_ref_p = apr_array_push(d->authn_context_class_ref);`
Packit Service	d6b4c9	`*context_class_ref_p = apr_pstrdup(p, arg);`
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles the MellonDoNotVerifyLogoutSignature configuration directive,`
Packit Service	d6b4c9	`* it is identical to the am_set_hash_string_slot function. You can refer to it.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for this configuration`
Packit Service	d6b4c9	`* directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* NULL if we are not in a directory configuration.`
Packit Service	d6b4c9	`* const char *key The string argument following this configuration`
Packit Service	d6b4c9	`* directive in the configuraion file.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL on success or an error string on failure.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_do_not_verify_logout_signature(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *key)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`#ifdef HAVE_lasso_profile_set_signature_verify_hint`
Packit Service	d6b4c9	`return am_set_hash_string_slot(cmd, struct_ptr, key, NULL);`
Packit Service	d6b4c9	`#else`
Packit Service	d6b4c9	`return apr_pstrcat(cmd->pool, cmd->cmd->name,`
Packit Service	d6b4c9	`" is not usable as modmellon was compiled against "`
Packit Service	d6b4c9	`"a version of the lasso library which miss the "`
Packit Service	d6b4c9	`"function lasso_profile_set_signature_verify_hint.",`
Packit Service	d6b4c9	`NULL);`
Packit Service	d6b4c9	`#endif`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles the MellonMergeEnvVars configuration directive,`
Packit Service	d6b4c9	`* it sets merge_env_vars to nonempty separator (default semicolon),`
Packit Service	d6b4c9	`* or empty string to denote no merging.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for this configuration`
Packit Service	d6b4c9	`* directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* NULL if we are not in a directory configuration.`
Packit Service	d6b4c9	`* const char *flag On/Off flag`
Packit Service	d6b4c9	`* const char *sep Optional separator, should be only present with On`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL on success or an error string on failure.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_merge_env_vars(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *flag,`
Packit Service	d6b4c9	`const char *sep)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`am_dir_cfg_rec d = (am_dir_cfg_rec )struct_ptr;`
Packit Service	d6b4c9	`apr_pool_t *p= cmd->pool;`
Packit Service	d6b4c9	`if (strcasecmp(flag, "on") == 0) {`
Packit Service	d6b4c9	`if (sep && *sep) {`
Packit Service	d6b4c9	`/*`
Packit Service	d6b4c9	`* TAKE12 will not give us the second argument if it is`
Packit Service	d6b4c9	`* empty string so we cannot complain about it, we will just`
Packit Service	d6b4c9	`* silently use semicolon`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`d->merge_env_vars = apr_pstrdup(p, sep);`
Packit Service	d6b4c9	`} else {`
Packit Service	d6b4c9	`d->merge_env_vars = ";";`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9	`} else if (strcasecmp(flag, "off") == 0) {`
Packit Service	d6b4c9	`if (sep) {`
Packit Service	d6b4c9	`return apr_pstrcat(cmd->pool, cmd->cmd->name,`
Packit Service	d6b4c9	`" separator should not be used with Off", NULL);`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9	`d->merge_env_vars = "";`
Packit Service	d6b4c9	`} else {`
Packit Service	d6b4c9	`return apr_pstrcat(cmd->pool, cmd->cmd->name,`
Packit Service	d6b4c9	`" first parameer must be On or Off", NULL);`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* Handle MellonRedirectDomains option.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for this configuration`
Packit Service	d6b4c9	`* directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* NULL if we are not in a directory configuration.`
Packit Service	d6b4c9	`* int argc Number of redirect domains.`
Packit Service	d6b4c9	`* char *const argv[] List of redirect domains.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL on success, or errror string on failure.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_redirect_domains(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`int argc,`
Packit Service	d6b4c9	`char *const argv[])`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`am_dir_cfg_rec cfg = (am_dir_cfg_rec )struct_ptr;`
Packit Service	d6b4c9	`const char **redirect_domains;`
Packit Service	d6b4c9	`int i;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if (argc < 1)`
Packit Service	d6b4c9	`return apr_psprintf(cmd->pool, "%s takes at least one arguments",`
Packit Service	d6b4c9	`cmd->cmd->name);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`redirect_domains = apr_palloc(cmd->pool, sizeof(const char ) (argc + 1));`
Packit Service	d6b4c9	`for (i = 0; i < argc; i++) {`
Packit Service	d6b4c9	`redirect_domains[i] = argv[i];`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9	`redirect_domains[argc] = NULL;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`cfg->redirect_domains = redirect_domains;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function handles the MellonSignatureMethod configuration directive.`
Packit Service	d6b4c9	`* This directive can be set to one of:`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* cmd_parms *cmd The command structure for this configuration`
Packit Service	d6b4c9	`* directive.`
Packit Service	d6b4c9	`* void *struct_ptr Pointer to the current directory configuration.`
Packit Service	d6b4c9	`* const char *arg The string argument following this configuration`
Packit Service	d6b4c9	`* directive in the configuraion file.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* NULL on success or an error string if the argument is wrong.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static const char am_set_signature_method_slot(cmd_parms cmd,`
Packit Service	d6b4c9	`void *struct_ptr,`
Packit Service	d6b4c9	`const char *arg)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`am_dir_cfg_rec d = (am_dir_cfg_rec )struct_ptr;`
Packit Service	d6b4c9	`char *valid_methods = "rsa-sha1"`
Packit Service	d6b4c9	`#if HAVE_DECL_LASSO_SIGNATURE_METHOD_RSA_SHA256`
Packit Service	d6b4c9	`" rsa-sha256"`
Packit Service	d6b4c9	`#endif`
Packit Service	d6b4c9	`#if HAVE_DECL_LASSO_SIGNATURE_METHOD_RSA_SHA384`
Packit Service	d6b4c9	`" rsa-sha384"`
Packit Service	d6b4c9	`#endif`
Packit Service	d6b4c9	`#if HAVE_DECL_LASSO_SIGNATURE_METHOD_RSA_SHA512`
Packit Service	d6b4c9	`" rsa-sha512"`
Packit Service	d6b4c9	`#endif`
Packit Service	d6b4c9	`;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if (!strcasecmp(arg, "rsa-sha1")) {`
Packit Service	d6b4c9	`d->signature_method = LASSO_SIGNATURE_METHOD_RSA_SHA1;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9	`#if HAVE_DECL_LASSO_SIGNATURE_METHOD_RSA_SHA256`
Packit Service	d6b4c9	`else if (!strcasecmp(arg, "rsa-sha256")) {`
Packit Service	d6b4c9	`d->signature_method = LASSO_SIGNATURE_METHOD_RSA_SHA256;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9	`#endif`
Packit Service	d6b4c9	`#if HAVE_DECL_LASSO_SIGNATURE_METHOD_RSA_SHA384`
Packit Service	d6b4c9	`else if (!strcasecmp(arg, "rsa-sha384")) {`
Packit Service	d6b4c9	`d->signature_method = LASSO_SIGNATURE_METHOD_RSA_SHA384;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9	`#endif`
Packit Service	d6b4c9	`#if HAVE_DECL_LASSO_SIGNATURE_METHOD_RSA_SHA512`
Packit Service	d6b4c9	`else if (!strcasecmp(arg, "rsa-sha512")) {`
Packit Service	d6b4c9	`d->signature_method = LASSO_SIGNATURE_METHOD_RSA_SHA512;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9	`#endif`
Packit Service	d6b4c9	`else {`
Packit Service	d6b4c9	`return apr_psprintf(cmd->pool,`
Packit Service	d6b4c9	`"%s: Invalid method \"%s\", must be one of: %s",`
Packit Service	d6b4c9	`cmd->cmd->name, arg, valid_methods);`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This array contains all the configuration directive which are handled`
Packit Service	d6b4c9	`* by auth_mellon.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`const command_rec auth_mellon_commands[] = {`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* Global configuration directives. */`
Packit Service	d6b4c9
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonCacheSize",`
Packit Service	d6b4c9	`am_set_module_config_int_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_mod_cfg_rec, cache_size),`
Packit Service	d6b4c9	`RSRC_CONF,`
Packit Service	d6b4c9	`"The number of sessions we can keep track of at once. You must"`
Packit Service	d6b4c9	`" restart the server before any changes to this directive will"`
Packit Service	d6b4c9	`" take effect. The default value is 100."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonCacheEntrySize",`
Packit Service	d6b4c9	`am_set_module_config_int_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_mod_cfg_rec, entry_size),`
Packit Service	d6b4c9	`RSRC_CONF,`
Packit Service	d6b4c9	`"The maximum size for a single session entry. You must"`
Packit Service	d6b4c9	`" restart the server before any changes to this directive will"`
Packit Service	d6b4c9	`" take effect. The default value is 192KiB."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonLockFile",`
Packit Service	d6b4c9	`am_set_module_config_file_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_mod_cfg_rec, lock_file),`
Packit Service	d6b4c9	`RSRC_CONF,`
Packit Service	d6b4c9	`"The lock file for session synchronization."`
Packit Service	d6b4c9	`" Default value is \"/var/run/mod_auth_mellon.lock\"."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonPostDirectory",`
Packit Service	d6b4c9	`am_set_module_config_file_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_mod_cfg_rec, post_dir),`
Packit Service	d6b4c9	`RSRC_CONF,`
Packit Service	d6b4c9	`"The directory for saving POST requests."`
Packit Service	d6b4c9	`" Not set by default."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonPostTTL",`
Packit Service	d6b4c9	`am_set_module_config_int_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_mod_cfg_rec, post_ttl),`
Packit Service	d6b4c9	`RSRC_CONF,`
Packit Service	d6b4c9	`"The time to live for saved POST requests in seconds."`
Packit Service	d6b4c9	`" Default value is 900 (15 minutes)."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonPostCount",`
Packit Service	d6b4c9	`am_set_module_config_int_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_mod_cfg_rec, post_count),`
Packit Service	d6b4c9	`RSRC_CONF,`
Packit Service	d6b4c9	`"The maximum saved POST sessions at once."`
Packit Service	d6b4c9	`" Default value is 100."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonPostSize",`
Packit Service	d6b4c9	`am_set_module_config_int_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_mod_cfg_rec, post_size),`
Packit Service	d6b4c9	`RSRC_CONF,`
Packit Service	d6b4c9	`"The maximum size of a saved POST, in bytes."`
Packit Service	d6b4c9	`" Default value is 1048576 (1 MB)."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonDiagnosticsFile",`
Packit Service	d6b4c9	`am_set_module_diag_file_slot,`
Packit Service	d6b4c9	`#ifdef ENABLE_DIAGNOSTICS`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_diag_cfg_rec, filename),`
Packit Service	d6b4c9	`#else`
Packit Service	d6b4c9	`NULL,`
Packit Service	d6b4c9	`#endif`
Packit Service	d6b4c9	`RSRC_CONF,`
Packit Service	d6b4c9	`"Diagnostics log file. [file\|pipe] "`
Packit Service	d6b4c9	`"If file then file is a filename, relative to the ServerRoot."`
Packit Service	d6b4c9	`"If pipe then the filename is a pipe character \"\|\", "`
Packit Service	d6b4c9	`"followed by the path to a program to receive the log information "`
Packit Service	d6b4c9	`"on its standard input. "`
Packit Service	d6b4c9	`" Default value is \"logs/mellon_diagnostics\"."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_ITERATE(`
Packit Service	d6b4c9	`"MellonDiagnosticsEnable",`
Packit Service	d6b4c9	`am_set_module_diag_flags_slot,`
Packit Service	d6b4c9	`NULL,`
Packit Service	d6b4c9	`RSRC_CONF,`
Packit Service	d6b4c9	`"Diagnostics flags. [on\|off] "`
Packit Service	d6b4c9	`" Default value is \"off\"."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* Per-location configuration directives. */`
Packit Service	d6b4c9
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonEnable",`
Packit Service	d6b4c9	`am_set_enable_slot,`
Packit Service	d6b4c9	`NULL,`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Enable auth_mellon on a location. This can be set to 'off', 'info'"`
Packit Service	d6b4c9	`" and 'auth'. 'off' disables auth_mellon for a location, 'info'"`
Packit Service	d6b4c9	`" will only populate the environment with attributes if the user"`
Packit Service	d6b4c9	`" has logged in already. 'auth' will redirect the user to the IdP"`
Packit Service	d6b4c9	`" if he hasn't logged in yet, but otherwise behaves like 'info'."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonDecoder",`
Packit Service	d6b4c9	`am_set_decoder_slot,`
Packit Service	d6b4c9	`NULL,`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Obsolete option, now a no-op for backwards compatibility."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonVariable",`
Packit Service	d6b4c9	`ap_set_string_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, varname),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"The name of the cookie which auth_mellon will set. Defaults to"`
Packit Service	d6b4c9	`" 'cookie'. This string is appended to 'mellon-' to create the"`
Packit Service	d6b4c9	`" cookie name, and the default name of the cookie will therefore"`
Packit Service	d6b4c9	`" be 'mellon-cookie'."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonSecureCookie",`
Packit Service	d6b4c9	`am_set_secure_slots,`
Packit Service	d6b4c9	`NULL,`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Whether the cookie set by auth_mellon should have HttpOnly and"`
Packit Service	d6b4c9	`" secure flags set. Default is 'off'. Once 'on' - both flags will"`
Packit Service	d6b4c9	`" be set. Values 'httponly' or 'secure' will respectively set only"`
Packit Service	d6b4c9	`" one flag."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonCookieDomain",`
Packit Service	d6b4c9	`ap_set_string_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, cookie_domain),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"The domain of the cookie which auth_mellon will set. Defaults to"`
Packit Service	d6b4c9	`" the domain of the current request."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonCookiePath",`
Packit Service	d6b4c9	`ap_set_string_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, cookie_path),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"The path of the cookie which auth_mellon will set. Defaults to"`
Packit Service	d6b4c9	`" '/'."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonCookieSameSite",`
Packit Service	d6b4c9	`am_set_samesite_slot,`
Packit Service	d6b4c9	`NULL,`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"The SameSite value for the auth_mellon cookie. Defaults to"`
Packit Service	d6b4c9	`" having no SameSite value. Accepts values of Lax or Strict."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonUser",`
Packit Service	d6b4c9	`ap_set_string_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, userattr),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Attribute to set as r->user. Defaults to NAME_ID, which is the"`
Packit Service	d6b4c9	`" attribute we set to the identifier we receive from the IdP."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonIdP",`
Packit Service	d6b4c9	`ap_set_string_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, idpattr),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Attribute we set to the IdP ProviderId."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE2(`
Packit Service	d6b4c9	`"MellonSetEnv",`
Packit Service	d6b4c9	`am_set_setenv_slot,`
Packit Service	d6b4c9	`NULL,`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	a2b39c	`"Renames attributes received from the server while retaining the"`
Packit Service	a2b39c	`" prefix. The prefix defaults to MELLON_ but can be changed with"`
Packit Service	a2b39c	`" MellonEnvPrefix."`
Packit Service	a2b39c	`" The format is MellonSetEnv <old name> <new name>."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE2(`
Packit Service	d6b4c9	`"MellonSetEnvNoPrefix",`
Packit Service	d6b4c9	`am_set_setenv_no_prefix_slot,`
Packit Service	d6b4c9	`NULL,`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Renames attributes received from the server without adding prefix. The format is"`
Packit Service	d6b4c9	`" MellonSetEnvNoPrefix <old name> <new name>."`
Packit Service	d6b4c9	`),`
Packit Service	a2b39c	`AP_INIT_TAKE1(`
Packit Service	a2b39c	`"MellonEnvPrefix",`
Packit Service	a2b39c	`ap_set_string_slot,`
Packit Service	a2b39c	`(void *)APR_OFFSETOF(am_dir_cfg_rec, env_prefix),`
Packit Service	a2b39c	`OR_AUTHCFG,`
Packit Service	a2b39c	`"The prefix to use for attributes received from the server."`
Packit Service	a2b39c	`),`
Packit Service	d6b4c9	`AP_INIT_FLAG(`
Packit Service	d6b4c9	`"MellonSessionDump",`
Packit Service	d6b4c9	`ap_set_flag_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, dump_session),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Dump session in environment. Default is off"`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_FLAG(`
Packit Service	d6b4c9	`"MellonSamlResponseDump",`
Packit Service	d6b4c9	`ap_set_flag_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, dump_saml_response),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Dump SAML authentication response in environment. Default is off"`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_RAW_ARGS(`
Packit Service	d6b4c9	`"MellonRequire",`
Packit Service	d6b4c9	`am_set_require_slot,`
Packit Service	d6b4c9	`NULL,`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Attribute requirements for authorization. Allows you to restrict"`
Packit Service	d6b4c9	`" access based on attributes received from the IdP. If you list"`
Packit Service	d6b4c9	`" several MellonRequire configuration directives, then all of them"`
Packit Service	d6b4c9	`" must match. Every MellonRequire can list several allowed values"`
Packit Service	d6b4c9	`" for the attribute. The syntax is:"`
Packit Service	d6b4c9	`" MellonRequire <attribute> <value1> [value2....]."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE23(`
Packit Service	d6b4c9	`"MellonCond",`
Packit Service	d6b4c9	`am_set_cond_slot,`
Packit Service	d6b4c9	`NULL,`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Attribute requirements for authorization. Allows you to restrict"`
Packit Service	d6b4c9	`" access based on attributes received from the IdP. The syntax is:"`
Packit Service	d6b4c9	`" MellonRequire <attribute> <value> [<options>]."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonSessionLength",`
Packit Service	d6b4c9	`ap_set_int_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, session_length),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Maximum number of seconds a session will be valid for. Defaults"`
Packit Service	d6b4c9	`" to 86400 seconds (1 day)."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonNoCookieErrorPage",`
Packit Service	d6b4c9	`ap_set_string_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, no_cookie_error_page),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Web page to display if the user has disabled cookies. We will"`
Packit Service	d6b4c9	`" return a 400 Bad Request error if this is unset and the user"`
Packit Service	d6b4c9	`" ha disabled cookies."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonNoSuccessErrorPage",`
Packit Service	d6b4c9	`ap_set_string_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, no_success_error_page),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Web page to display if the idp posts with a failed"`
Packit Service	d6b4c9	`" authentication error. We will return a 401 Unauthorized error"`
Packit Service	d6b4c9	`" if this is unset and the idp posts such assertion."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonSPMetadataFile",`
Packit Service	d6b4c9	`am_set_file_contents_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, sp_metadata_file),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Full path to xml file with metadata for the SP."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonSPPrivateKeyFile",`
Packit Service	d6b4c9	`am_set_file_contents_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, sp_private_key_file),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Full path to pem file with the private key for the SP."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonSPCertFile",`
Packit Service	d6b4c9	`am_set_file_contents_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, sp_cert_file),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Full path to pem file with certificate for the SP."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE12(`
Packit Service	d6b4c9	`"MellonIdPMetadataFile",`
Packit Service	d6b4c9	`am_set_idp_string_slot,`
Packit Service	d6b4c9	`NULL,`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Full path to xml metadata file for IdP, "`
Packit Service	d6b4c9	`"with optional validating chain."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE12(`
Packit Service	d6b4c9	`"MellonIdPMetadataGlob",`
Packit Service	d6b4c9	`am_set_glob_fn12,`
Packit Service	d6b4c9	`am_set_idp_string_slot,`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Full path to xml metadata files for IdP, with glob(3) patterns. "`
Packit Service	d6b4c9	`"An optional validating chain can be supplied."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonIdPPublicKeyFile",`
Packit Service	d6b4c9	`am_set_file_pathname_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, idp_public_key_file),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Full path to pem file with the public key for the IdP."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonIdPCAFile",`
Packit Service	d6b4c9	`am_set_file_pathname_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, idp_ca_file),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Full path to pem file with CA chain for the IdP."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE_ARGV(`
Packit Service	d6b4c9	`"MellonIdPIgnore",`
Packit Service	d6b4c9	`am_set_idp_ignore_slot,`
Packit Service	d6b4c9	`NULL,`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"List of IdP entityId to ignore."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonSPentityId",`
Packit Service	d6b4c9	`ap_set_string_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, sp_entity_id),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"SP entity Id to be used for metadata auto generation."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE12(`
Packit Service	d6b4c9	`"MellonOrganizationName",`
Packit Service	d6b4c9	`am_set_langstring_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, sp_org_name),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Language-qualified oranization name."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE12(`
Packit Service	d6b4c9	`"MellonOrganizationDisplayName",`
Packit Service	d6b4c9	`am_set_langstring_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, sp_org_display_name),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Language-qualified oranization name, human redable."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE12(`
Packit Service	d6b4c9	`"MellonOrganizationURL",`
Packit Service	d6b4c9	`am_set_langstring_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, sp_org_url),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Language-qualified oranization URL."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonDefaultLoginPath",`
Packit Service	d6b4c9	`ap_set_string_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, login_path),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"The location where to redirect after IdP initiated login."`
Packit Service	d6b4c9	`" Default value is \"/\"."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonDiscoveryURL",`
Packit Service	d6b4c9	`ap_set_string_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, discovery_url),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"The URL of IdP discovery service. Default is unset."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonProbeDiscoveryTimeout",`
Packit Service	d6b4c9	`ap_set_int_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, probe_discovery_timeout),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"The timeout in seconds of IdP probe discovery service. "`
Packit Service	d6b4c9	`"The default is unset, which means that this feature is disabled."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE12(`
Packit Service	d6b4c9	`"MellonProbeDiscoveryIdP",`
Packit Service	d6b4c9	`am_set_table_string_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, probe_discovery_idp),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"An IdP that can be used for IdP probe discovery."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonEndpointPath",`
Packit Service	d6b4c9	`am_set_endpoint_path,`
Packit Service	d6b4c9	`NULL,`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"The root directory of the SAML2 endpoints, relative to the root"`
Packit Service	d6b4c9	`" of the web server. Default value is \"/mellon/\", which will"`
Packit Service	d6b4c9	`" make mod_mellon to the handler for every request to"`
Packit Service	d6b4c9	`" \"http://<servername>/mellon/*\". The path you specify must"`
Packit Service	d6b4c9	`" be contained within the current Location directive."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonAuthnContextClassRef",`
Packit Service	d6b4c9	`am_set_authn_context_class_ref,`
Packit Service	d6b4c9	`NULL,`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"A list of AuthnContextClassRef to request in the AuthnRequest and "`
Packit Service	d6b4c9	`"to validate upon reception of an Assertion"`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_FLAG(`
Packit Service	d6b4c9	`"MellonSubjectConfirmationDataAddressCheck",`
Packit Service	d6b4c9	`ap_set_flag_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, subject_confirmation_data_address_check),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Check address given in SubjectConfirmationData Address attribute. Default is on."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_FLAG(`
Packit Service	d6b4c9	`"MellonSendCacheControlHeader",`
Packit Service	d6b4c9	`ap_set_flag_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, send_cache_control_header),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Send the cache-control header on responses. Default is on."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonDoNotVerifyLogoutSignature",`
Packit Service	d6b4c9	`am_set_do_not_verify_logout_signature,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, do_not_verify_logout_signature),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"A list of entity of IdP whose logout requests signatures will not "`
Packit Service	d6b4c9	`"be valided"`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_FLAG(`
Packit Service	d6b4c9	`"MellonPostReplay",`
Packit Service	d6b4c9	`ap_set_flag_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, post_replay),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Whether we should replay POST requests that trigger authentication. Default is off."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE12(`
Packit Service	d6b4c9	`"MellonMergeEnvVars",`
Packit Service	d6b4c9	`am_set_merge_env_vars,`
Packit Service	d6b4c9	`NULL,`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Whether to merge environment variables multi-values or not. Default is off."`
Packit Service	d6b4c9	`"When first parameter is on, optional second parameter is the separator, "`
Packit Service	d6b4c9	`"defaulting to semicolon."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonEnvVarsIndexStart",`
Packit Service	d6b4c9	`ap_set_int_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, env_vars_index_start),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Start indexing environment variables for multivalues with 0 or 1. Default is 0."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_FLAG(`
Packit Service	d6b4c9	`"MellonEnvVarsSetCount",`
Packit Service	d6b4c9	`ap_set_flag_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, env_vars_count_in_n),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Whether to also populate environment variable suffixed _N with number of values. Default is off."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_FLAG(`
Packit Service	d6b4c9	`"MellonECPSendIDPList",`
Packit Service	d6b4c9	`ap_set_flag_slot,`
Packit Service	d6b4c9	`(void *)APR_OFFSETOF(am_dir_cfg_rec, ecp_send_idplist),`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Whether to send an ECP client a list of IdP's. Default is off."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE_ARGV(`
Packit Service	d6b4c9	`"MellonRedirectDomains",`
Packit Service	d6b4c9	`am_set_redirect_domains,`
Packit Service	d6b4c9	`NULL,`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"List of domains we can redirect to."`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`AP_INIT_TAKE1(`
Packit Service	d6b4c9	`"MellonSignatureMethod",`
Packit Service	d6b4c9	`am_set_signature_method_slot,`
Packit Service	d6b4c9	`NULL,`
Packit Service	d6b4c9	`OR_AUTHCFG,`
Packit Service	d6b4c9	`"Signature method used to sign SAML messages sent by Mellon"`
Packit Service	d6b4c9	`),`
Packit Service	d6b4c9	`{NULL}`
Packit Service	d6b4c9	`};`
Packit Service	d6b4c9
Packit Service	d6b4c9	`const am_error_map_t auth_mellon_errormap[] = {`
Packit Service	d6b4c9	`{ LASSO_PROFILE_ERROR_STATUS_NOT_SUCCESS, HTTP_UNAUTHORIZED },`
Packit Service	d6b4c9	`#ifdef LASSO_PROFILE_ERROR_REQUEST_DENIED`
Packit Service	d6b4c9	`{ LASSO_PROFILE_ERROR_REQUEST_DENIED, HTTP_UNAUTHORIZED },`
Packit Service	d6b4c9	`#endif`
Packit Service	d6b4c9	`{ 0, 0 }`
Packit Service	d6b4c9	`};`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* Release a lasso_server object associated with this configuration.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* void *data The pointer to the configuration data.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* Always APR_SUCCESS.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static apr_status_t auth_mellon_free_server(void *data)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`am_dir_cfg_rec *dir = data;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if (dir->server != NULL) {`
Packit Service	d6b4c9	`lasso_server_destroy(dir->server);`
Packit Service	d6b4c9	`dir->server = NULL;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return APR_SUCCESS;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function creates and initializes a directory configuration`
Packit Service	d6b4c9	`* object for auth_mellon.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* apr_pool_t *p The pool we should allocate memory from.`
Packit Service	d6b4c9	`* char *d Unused, always NULL.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* The new directory configuration object.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`void auth_mellon_dir_config(apr_pool_t p, char *d)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`am_dir_cfg_rec dir = apr_palloc(p, sizeof(dir));`
Packit Service	d6b4c9
Packit Service	d6b4c9	`apr_pool_cleanup_register(p, dir, auth_mellon_free_server,`
Packit Service	d6b4c9	`auth_mellon_free_server);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`dir->enable_mellon = am_enable_default;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`dir->varname = default_cookie_name;`
Packit Service	d6b4c9	`dir->secure = default_secure_cookie;`
Packit Service	d6b4c9	`dir->http_only = default_http_only_cookie;`
Packit Service	d6b4c9	`dir->merge_env_vars = default_merge_env_vars;`
Packit Service	d6b4c9	`dir->env_vars_index_start = default_env_vars_index_start;`
Packit Service	d6b4c9	`dir->env_vars_count_in_n = default_env_vars_count_in_n;`
Packit Service	d6b4c9	`dir->cond = apr_array_make(p, 0, sizeof(am_cond_t));`
Packit Service	d6b4c9	`dir->cookie_domain = NULL;`
Packit Service	d6b4c9	`dir->cookie_path = NULL;`
Packit Service	d6b4c9	`dir->cookie_samesite = am_samesite_default;`
Packit Service	d6b4c9	`dir->envattr = apr_hash_make(p);`
Packit Service	a2b39c	`dir->env_prefix = default_env_prefix;`
Packit Service	d6b4c9	`dir->userattr = default_user_attribute;`
Packit Service	d6b4c9	`dir->idpattr = NULL;`
Packit Service	d6b4c9	`dir->signature_method = inherit_signature_method;`
Packit Service	d6b4c9	`dir->dump_session = default_dump_session;`
Packit Service	d6b4c9	`dir->dump_saml_response = default_dump_saml_response;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`dir->endpoint_path = default_endpoint_path;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`dir->session_length = -1; /* -1 means use default. */`
Packit Service	d6b4c9
Packit Service	d6b4c9	`dir->no_cookie_error_page = NULL;`
Packit Service	d6b4c9	`dir->no_success_error_page = NULL;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`dir->sp_metadata_file = NULL;`
Packit Service	d6b4c9	`dir->sp_private_key_file = NULL;`
Packit Service	d6b4c9	`dir->sp_cert_file = NULL;`
Packit Service	d6b4c9	`dir->idp_metadata = apr_array_make(p, 0, sizeof(am_metadata_t));`
Packit Service	d6b4c9	`dir->idp_public_key_file = NULL;`
Packit Service	d6b4c9	`dir->idp_ca_file = NULL;`
Packit Service	d6b4c9	`dir->idp_ignore = NULL;`
Packit Service	d6b4c9	`dir->login_path = default_login_path;`
Packit Service	d6b4c9	`dir->discovery_url = NULL;`
Packit Service	d6b4c9	`dir->probe_discovery_timeout = -1; /* -1 means no probe discovery */`
Packit Service	d6b4c9	`dir->probe_discovery_idp = apr_table_make(p, 0);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`dir->sp_entity_id = NULL;`
Packit Service	d6b4c9	`dir->sp_org_name = apr_hash_make(p);`
Packit Service	d6b4c9	`dir->sp_org_display_name = apr_hash_make(p);`
Packit Service	d6b4c9	`dir->sp_org_url = apr_hash_make(p);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`apr_thread_mutex_create(&dir->server_mutex, APR_THREAD_MUTEX_DEFAULT, p);`
Packit Service	d6b4c9	`dir->inherit_server_from = dir;`
Packit Service	d6b4c9	`dir->server = NULL;`
Packit Service	d6b4c9	`dir->authn_context_class_ref = apr_array_make(p, 0, sizeof(char *));`
Packit Service	d6b4c9	`dir->subject_confirmation_data_address_check = inherit_subject_confirmation_data_address_check;`
Packit Service	d6b4c9	`dir->send_cache_control_header = inherit_send_cache_control_header;`
Packit Service	d6b4c9	`dir->do_not_verify_logout_signature = apr_hash_make(p);`
Packit Service	d6b4c9	`dir->post_replay = inherit_post_replay;`
Packit Service	d6b4c9	`dir->redirect_domains = default_redirect_domains;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`dir->ecp_send_idplist = inherit_ecp_send_idplist;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return dir;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* Determine whether this configuration changes anything relevant to the`
Packit Service	d6b4c9	`* lasso_server configuration.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* am_dir_cfg_rec *add_cfg The new configuration.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* true if we can inherit the lasso_server object, false if not.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`static bool cfg_can_inherit_lasso_server(const am_dir_cfg_rec *add_cfg)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`if (add_cfg->endpoint_path != default_endpoint_path)`
Packit Service	d6b4c9	`return false;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if (add_cfg->sp_metadata_file != NULL`
Packit Service	d6b4c9	`\|\| add_cfg->sp_private_key_file != NULL`
Packit Service	d6b4c9	`\|\| add_cfg->sp_cert_file != NULL)`
Packit Service	d6b4c9	`return false;`
Packit Service	d6b4c9	`if (add_cfg->idp_metadata->nelts > 0`
Packit Service	d6b4c9	`\|\| add_cfg->idp_public_key_file != NULL`
Packit Service	d6b4c9	`\|\| add_cfg->idp_ca_file != NULL`
Packit Service	d6b4c9	`\|\| add_cfg->idp_ignore != NULL)`
Packit Service	d6b4c9	`return false;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`if (apr_hash_count(add_cfg->sp_org_name) > 0`
Packit Service	d6b4c9	`\|\| apr_hash_count(add_cfg->sp_org_display_name) > 0`
Packit Service	d6b4c9	`\|\| apr_hash_count(add_cfg->sp_org_url) > 0)`
Packit Service	d6b4c9	`return false;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return true;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function merges two am_dir_cfg_rec structures.`
Packit Service	d6b4c9	`* It will try to inherit from the base where possible.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* apr_pool_t *p The pool we should allocate memory from.`
Packit Service	d6b4c9	`* void *base The original structure.`
Packit Service	d6b4c9	`* void *add The structure we should add to base.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* The merged structure.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`void auth_mellon_dir_merge(apr_pool_t p, void base, void add)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`am_dir_cfg_rec base_cfg = (am_dir_cfg_rec )base;`
Packit Service	d6b4c9	`am_dir_cfg_rec add_cfg = (am_dir_cfg_rec )add;`
Packit Service	d6b4c9	`am_dir_cfg_rec *new_cfg;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg = (am_dir_cfg_rec )apr_palloc(p, sizeof(new_cfg));`
Packit Service	d6b4c9
Packit Service	d6b4c9	`apr_pool_cleanup_register(p, new_cfg, auth_mellon_free_server,`
Packit Service	d6b4c9	`auth_mellon_free_server);`
Packit Service	d6b4c9
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->enable_mellon = (add_cfg->enable_mellon != am_enable_default ?`
Packit Service	d6b4c9	`add_cfg->enable_mellon :`
Packit Service	d6b4c9	`base_cfg->enable_mellon);`
Packit Service	d6b4c9
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->varname = (add_cfg->varname != default_cookie_name ?`
Packit Service	d6b4c9	`add_cfg->varname :`
Packit Service	d6b4c9	`base_cfg->varname);`
Packit Service	d6b4c9
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->secure = (add_cfg->secure != default_secure_cookie ?`
Packit Service	d6b4c9	`add_cfg->secure :`
Packit Service	d6b4c9	`base_cfg->secure);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->http_only = (add_cfg->http_only != default_http_only_cookie ?`
Packit Service	d6b4c9	`add_cfg->http_only :`
Packit Service	d6b4c9	`base_cfg->http_only);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->merge_env_vars = (add_cfg->merge_env_vars != default_merge_env_vars ?`
Packit Service	d6b4c9	`add_cfg->merge_env_vars :`
Packit Service	d6b4c9	`base_cfg->merge_env_vars);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->env_vars_index_start = (add_cfg->env_vars_index_start != default_env_vars_index_start ?`
Packit Service	d6b4c9	`add_cfg->env_vars_index_start :`
Packit Service	d6b4c9	`base_cfg->env_vars_index_start);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->env_vars_count_in_n = (add_cfg->env_vars_count_in_n != default_env_vars_count_in_n ?`
Packit Service	d6b4c9	`add_cfg->env_vars_count_in_n :`
Packit Service	d6b4c9	`base_cfg->env_vars_count_in_n);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->cookie_domain = (add_cfg->cookie_domain != NULL ?`
Packit Service	d6b4c9	`add_cfg->cookie_domain :`
Packit Service	d6b4c9	`base_cfg->cookie_domain);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->cookie_path = (add_cfg->cookie_path != NULL ?`
Packit Service	d6b4c9	`add_cfg->cookie_path :`
Packit Service	d6b4c9	`base_cfg->cookie_path);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->cookie_samesite = (add_cfg->cookie_samesite != am_samesite_default ?`
Packit Service	d6b4c9	`add_cfg->cookie_samesite :`
Packit Service	d6b4c9	`base_cfg->cookie_samesite);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->cond = apr_array_copy(p,`
Packit Service	d6b4c9	`(!apr_is_empty_array(add_cfg->cond)) ?`
Packit Service	d6b4c9	`add_cfg->cond :`
Packit Service	d6b4c9	`base_cfg->cond);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->envattr = apr_hash_copy(p,`
Packit Service	d6b4c9	`(apr_hash_count(add_cfg->envattr) > 0) ?`
Packit Service	d6b4c9	`add_cfg->envattr :`
Packit Service	d6b4c9	`base_cfg->envattr);`
Packit Service	d6b4c9
Packit Service	a2b39c	`new_cfg->env_prefix = (add_cfg->env_prefix != default_env_prefix ?`
Packit Service	a2b39c	`add_cfg->env_prefix :`
Packit Service	a2b39c	`base_cfg->env_prefix);`
Packit Service	a2b39c
Packit Service	d6b4c9	`new_cfg->userattr = (add_cfg->userattr != default_user_attribute ?`
Packit Service	d6b4c9	`add_cfg->userattr :`
Packit Service	d6b4c9	`base_cfg->userattr);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->idpattr = (add_cfg->idpattr != NULL ?`
Packit Service	d6b4c9	`add_cfg->idpattr :`
Packit Service	d6b4c9	`base_cfg->idpattr);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->signature_method = CFG_MERGE(add_cfg, base_cfg, signature_method);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->dump_session = (add_cfg->dump_session != default_dump_session ?`
Packit Service	d6b4c9	`add_cfg->dump_session :`
Packit Service	d6b4c9	`base_cfg->dump_session);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->dump_saml_response =`
Packit Service	d6b4c9	`(add_cfg->dump_saml_response != default_dump_saml_response ?`
Packit Service	d6b4c9	`add_cfg->dump_saml_response :`
Packit Service	d6b4c9	`base_cfg->dump_saml_response);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->endpoint_path = (`
Packit Service	d6b4c9	`add_cfg->endpoint_path != default_endpoint_path ?`
Packit Service	d6b4c9	`add_cfg->endpoint_path :`
Packit Service	d6b4c9	`base_cfg->endpoint_path`
Packit Service	d6b4c9	`);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->session_length = (add_cfg->session_length != -1 ?`
Packit Service	d6b4c9	`add_cfg->session_length :`
Packit Service	d6b4c9	`base_cfg->session_length);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->no_cookie_error_page = (add_cfg->no_cookie_error_page != NULL ?`
Packit Service	d6b4c9	`add_cfg->no_cookie_error_page :`
Packit Service	d6b4c9	`base_cfg->no_cookie_error_page);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->no_success_error_page = (add_cfg->no_success_error_page != NULL ?`
Packit Service	d6b4c9	`add_cfg->no_success_error_page :`
Packit Service	d6b4c9	`base_cfg->no_success_error_page);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->sp_metadata_file = (add_cfg->sp_metadata_file ?`
Packit Service	d6b4c9	`add_cfg->sp_metadata_file :`
Packit Service	d6b4c9	`base_cfg->sp_metadata_file);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->sp_private_key_file = (add_cfg->sp_private_key_file ?`
Packit Service	d6b4c9	`add_cfg->sp_private_key_file :`
Packit Service	d6b4c9	`base_cfg->sp_private_key_file);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->sp_cert_file = (add_cfg->sp_cert_file ?`
Packit Service	d6b4c9	`add_cfg->sp_cert_file :`
Packit Service	d6b4c9	`base_cfg->sp_cert_file);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->idp_metadata = (add_cfg->idp_metadata->nelts ?`
Packit Service	d6b4c9	`add_cfg->idp_metadata :`
Packit Service	d6b4c9	`base_cfg->idp_metadata);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->idp_public_key_file = (add_cfg->idp_public_key_file ?`
Packit Service	d6b4c9	`add_cfg->idp_public_key_file :`
Packit Service	d6b4c9	`base_cfg->idp_public_key_file);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->idp_ca_file = (add_cfg->idp_ca_file ?`
Packit Service	d6b4c9	`add_cfg->idp_ca_file :`
Packit Service	d6b4c9	`base_cfg->idp_ca_file);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->idp_ignore = add_cfg->idp_ignore != NULL ?`
Packit Service	d6b4c9	`add_cfg->idp_ignore :`
Packit Service	d6b4c9	`base_cfg->idp_ignore;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->sp_entity_id = (add_cfg->sp_entity_id ?`
Packit Service	d6b4c9	`add_cfg->sp_entity_id :`
Packit Service	d6b4c9	`base_cfg->sp_entity_id);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->sp_org_name = apr_hash_copy(p,`
Packit Service	d6b4c9	`(apr_hash_count(add_cfg->sp_org_name) > 0) ?`
Packit Service	d6b4c9	`add_cfg->sp_org_name :`
Packit Service	d6b4c9	`base_cfg->sp_org_name);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->sp_org_display_name = apr_hash_copy(p,`
Packit Service	d6b4c9	`(apr_hash_count(add_cfg->sp_org_display_name) > 0) ?`
Packit Service	d6b4c9	`add_cfg->sp_org_display_name :`
Packit Service	d6b4c9	`base_cfg->sp_org_display_name);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->sp_org_url = apr_hash_copy(p,`
Packit Service	d6b4c9	`(apr_hash_count(add_cfg->sp_org_url) > 0) ?`
Packit Service	d6b4c9	`add_cfg->sp_org_url :`
Packit Service	d6b4c9	`base_cfg->sp_org_url);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->login_path = (add_cfg->login_path != default_login_path ?`
Packit Service	d6b4c9	`add_cfg->login_path :`
Packit Service	d6b4c9	`base_cfg->login_path);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->discovery_url = (add_cfg->discovery_url ?`
Packit Service	d6b4c9	`add_cfg->discovery_url :`
Packit Service	d6b4c9	`base_cfg->discovery_url);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->probe_discovery_timeout =`
Packit Service	d6b4c9	`(add_cfg->probe_discovery_timeout != -1 ?`
Packit Service	d6b4c9	`add_cfg->probe_discovery_timeout :`
Packit Service	d6b4c9	`base_cfg->probe_discovery_timeout);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->probe_discovery_idp = apr_table_copy(p,`
Packit Service	d6b4c9	`(!apr_is_empty_table(add_cfg->probe_discovery_idp)) ?`
Packit Service	d6b4c9	`add_cfg->probe_discovery_idp :`
Packit Service	d6b4c9	`base_cfg->probe_discovery_idp);`
Packit Service	d6b4c9
Packit Service	d6b4c9
Packit Service	d6b4c9	`if (cfg_can_inherit_lasso_server(add_cfg)) {`
Packit Service	d6b4c9	`new_cfg->inherit_server_from = base_cfg->inherit_server_from;`
Packit Service	d6b4c9	`} else {`
Packit Service	d6b4c9	`apr_thread_mutex_create(&new_cfg->server_mutex,`
Packit Service	d6b4c9	`APR_THREAD_MUTEX_DEFAULT, p);`
Packit Service	d6b4c9	`new_cfg->inherit_server_from = new_cfg;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->server = NULL;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->authn_context_class_ref = (add_cfg->authn_context_class_ref->nelts ?`
Packit Service	d6b4c9	`add_cfg->authn_context_class_ref :`
Packit Service	d6b4c9	`base_cfg->authn_context_class_ref);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->do_not_verify_logout_signature = apr_hash_copy(p,`
Packit Service	d6b4c9	`(apr_hash_count(add_cfg->do_not_verify_logout_signature) > 0) ?`
Packit Service	d6b4c9	`add_cfg->do_not_verify_logout_signature :`
Packit Service	d6b4c9	`base_cfg->do_not_verify_logout_signature);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->subject_confirmation_data_address_check =`
Packit Service	d6b4c9	`CFG_MERGE(add_cfg, base_cfg, subject_confirmation_data_address_check);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->send_cache_control_header =`
Packit Service	d6b4c9	`CFG_MERGE(add_cfg, base_cfg, send_cache_control_header);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->post_replay = CFG_MERGE(add_cfg, base_cfg, post_replay);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->ecp_send_idplist = CFG_MERGE(add_cfg, base_cfg, ecp_send_idplist);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->redirect_domains =`
Packit Service	d6b4c9	`(add_cfg->redirect_domains != default_redirect_domains ?`
Packit Service	d6b4c9	`add_cfg->redirect_domains :`
Packit Service	d6b4c9	`base_cfg->redirect_domains);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return new_cfg;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function creates a new per-server configuration.`
Packit Service	d6b4c9	`* auth_mellon uses the server configuration to store a pointer`
Packit Service	d6b4c9	`* to the global module configuration.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* apr_pool_t *p The pool we should allocate memory from.`
Packit Service	d6b4c9	`* server_rec *s The server we should add our configuration to.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* The new per-server configuration.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`void auth_mellon_server_config(apr_pool_t p, server_rec *s)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`am_srv_cfg_rec *srv;`
Packit Service	d6b4c9	`am_mod_cfg_rec *mod;`
Packit Service	d6b4c9	`const char key[] = "auth_mellon_server_config";`
Packit Service	d6b4c9
Packit Service	d6b4c9	`srv = apr_palloc(p, sizeof(*srv));`
Packit Service	d6b4c9
Packit Service	d6b4c9	`#ifdef ENABLE_DIAGNOSTICS`
Packit Service	d6b4c9	`srv->diag_cfg.filename = default_diag_filename;`
Packit Service	d6b4c9	`srv->diag_cfg.fd = NULL;`
Packit Service	d6b4c9	`srv->diag_cfg.flags = default_diag_flags;`
Packit Service	d6b4c9	`srv->diag_cfg.dir_cfg_emitted = apr_table_make(p, 0);`
Packit Service	d6b4c9	`#endif`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* we want to keeep our global configuration of shared memory and`
Packit Service	d6b4c9	`* mutexes, so we try to find it in the userdata before doing anything`
Packit Service	d6b4c9	`* else */`
Packit Service	d6b4c9	`apr_pool_userdata_get((void **)&mod, key, p);`
Packit Service	d6b4c9	`if (mod) {`
Packit Service	d6b4c9	`srv->mc = mod;`
Packit Service	d6b4c9	`return srv;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* the module has not been initiated at all */`
Packit Service	d6b4c9	`mod = apr_palloc(p, sizeof(*mod));`
Packit Service	d6b4c9
Packit Service	d6b4c9	`mod->cache_size = 100; /* ought to be enough for everybody */`
Packit Service	d6b4c9	`mod->lock_file = "/var/run/mod_auth_mellon.lock";`
Packit Service	d6b4c9	`mod->post_dir = NULL;`
Packit Service	d6b4c9	`mod->post_ttl = post_ttl;`
Packit Service	d6b4c9	`mod->post_count = post_count;`
Packit Service	d6b4c9	`mod->post_size = post_size;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`mod->entry_size = AM_CACHE_DEFAULT_ENTRY_SIZE;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`mod->init_cache_size = 0;`
Packit Service	d6b4c9	`mod->init_lock_file = NULL;`
Packit Service	d6b4c9	`mod->init_entry_size = 0;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`mod->cache = NULL;`
Packit Service	d6b4c9	`mod->lock = NULL;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`apr_pool_userdata_set(mod, key, apr_pool_cleanup_null, p);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`srv->mc = mod;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return srv;`
Packit Service	d6b4c9	`}`
Packit Service	d6b4c9
Packit Service	d6b4c9	`/* This function merges two am_srv_cfg_rec structures.`
Packit Service	d6b4c9	`* It will try to inherit from the base where possible.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Parameters:`
Packit Service	d6b4c9	`* apr_pool_t *p The pool we should allocate memory from.`
Packit Service	d6b4c9	`* void *base The original structure.`
Packit Service	d6b4c9	`* void *add The structure we should add to base.`
Packit Service	d6b4c9	`*`
Packit Service	d6b4c9	`* Returns:`
Packit Service	d6b4c9	`* The merged structure.`
Packit Service	d6b4c9	`*/`
Packit Service	d6b4c9	`void auth_mellon_srv_merge(apr_pool_t p, void base, void add)`
Packit Service	d6b4c9	`{`
Packit Service	d6b4c9	`am_srv_cfg_rec base_cfg = (am_srv_cfg_rec )base;`
Packit Service	d6b4c9	`am_srv_cfg_rec *new_cfg;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg = (am_srv_cfg_rec )apr_palloc(p, sizeof(new_cfg));`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->mc = base_cfg->mc;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`#ifdef ENABLE_DIAGNOSTICS`
Packit Service	d6b4c9	`am_srv_cfg_rec add_cfg = (am_srv_cfg_rec )add;`
Packit Service	d6b4c9	`new_cfg->diag_cfg.filename = (add_cfg->diag_cfg.filename !=`
Packit Service	d6b4c9	`default_diag_filename ?`
Packit Service	d6b4c9	`add_cfg->diag_cfg.filename :`
Packit Service	d6b4c9	`base_cfg->diag_cfg.filename);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->diag_cfg.fd = NULL;`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->diag_cfg.flags = (add_cfg->diag_cfg.flags !=`
Packit Service	d6b4c9	`default_diag_flags ?`
Packit Service	d6b4c9	`add_cfg->diag_cfg.flags :`
Packit Service	d6b4c9	`base_cfg->diag_cfg.flags);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`new_cfg->diag_cfg.dir_cfg_emitted = apr_table_make(p, 0);`
Packit Service	d6b4c9
Packit Service	d6b4c9	`#endif`
Packit Service	d6b4c9
Packit Service	d6b4c9	`return new_cfg;`
Packit Service	d6b4c9	`}`

source-git / mod_auth_mellon

Source Code

Blame auth_mellon_config.c