entrouvert
/
modmellon
17
0
Fork 0
Code Issues Pull Requests Releases Activity

Replace ap_log_rerror with AM_LOG_RERROR 

If diagnostics is enabled we want error messages written to the
diagnostics log as well as the Apache error_log. AM_LOG_RERROR
replaces the use of ap_log_rerror, it invokes ap_log_rerror as
previously but then also logs the same message to the diagnostics
log. If diagnostics is not enabled it reverts to ap_log_rerror.

Signed-off-by: John Dennis <jdennis@redhat.com>
This commit is contained in:
John Dennis 2017-09-13 18:06:12 -04:00
parent e8579f6387
commit 8d49ab65a1
6 changed files with 235 additions and 220 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
auth_mellon.h
View File

@ -587,6 +587,15 @@ am_diag_rerror(const char *file, int line, int module_index,
char *
am_diag_time_t_to_8601(request_rec *r, apr_time_t t);
/* Define AM_LOG_RERROR log to both the Apache log and diagnostics log */
#define AM_LOG_RERROR(...) AM_LOG_RERROR__(__VA_ARGS__)
/* need additional step to expand macros */
#define AM_LOG_RERROR__(file, line, mi, level, status, r, ...) \
{ \
ap_log_rerror(file, line, mi, level, status, r, __VA_ARGS__); \
am_diag_rerror(file, line, mi, level, status, r, __VA_ARGS__); \
}
#else /* ENABLE_DIAGNOSTICS */
#define am_diag_log_cache_entry(...) do {} while(0)
@ -595,6 +604,12 @@ am_diag_time_t_to_8601(request_rec *r, apr_time_t t);
#define am_diag_log_profile(...) do {} while(0)
#define am_diag_printf(...) do {} while(0)
/* Define AM_LOG_RERROR log only to the Apache log */
#define AM_LOG_RERROR(...) AM_LOG_RERROR__(__VA_ARGS__)
/* need additional step to expand macros */
#define AM_LOG_RERROR__(file, line, mi, level, status, r, ...) \
ap_log_rerror(file, line, mi, level, status, r, __VA_ARGS__);
#endif /* ENABLE_DIAGNOSTICS */
#endif /* MOD_AUTH_MELLON_H */

14
auth_mellon_cache.c
View File

@ -109,7 +109,7 @@ am_cache_entry_t *am_cache_lock(request_rec *r,
/* Lock the table. */
if((rv = apr_global_mutex_lock(mod_cfg->lock)) != APR_SUCCESS) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"apr_global_mutex_lock() failed [%d]: %s",
rv, apr_strerror(rv, buffer, sizeof(buffer)));
return NULL;
@ -309,7 +309,7 @@ am_cache_entry_t *am_cache_new(request_rec *r,
/* Lock the table. */
if((rv = apr_global_mutex_lock(mod_cfg->lock)) != APR_SUCCESS) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"apr_global_mutex_lock() failed [%d]: %s",
rv, apr_strerror(rv, buffer, sizeof(buffer)));
return NULL;
@ -367,7 +367,7 @@ am_cache_entry_t *am_cache_new(request_rec *r,
age = (current_time - t->access) / 1000000;
if(age < 3600) {
ap_log_rerror(APLOG_MARK, APLOG_NOTICE, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_NOTICE, 0, r,
"Dropping LRU entry entry with age = %" APR_TIME_T_FMT
"s, which is less than one hour. It may be a good"
" idea to increase MellonCacheSize.",
@ -403,7 +403,7 @@ am_cache_entry_t *am_cache_new(request_rec *r,
/* For some strange reason our cookie token is too big to fit in the
* session. This should never happen outside of absurd configurations.
*/
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Unable to store cookie token in new session.");
t->key[0] = '\0'; /* Mark the entry as free. */
apr_global_mutex_unlock(mod_cfg->lock);
@ -572,7 +572,7 @@ void am_cache_env_populate(request_rec *r, am_cache_entry_t *t)
value = am_cache_entry_get_string(t, &t->env[i].value);
status = am_cache_entry_store_string(t, &t->user, value);
if (status != 0) {
ap_log_rerror(APLOG_MARK, APLOG_NOTICE, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_NOTICE, 0, r,
"Unable to store the user name because there"
" is no more space in the session. "
"Username = \"%s\".", value);
@ -611,7 +611,7 @@ void am_cache_env_populate(request_rec *r, am_cache_entry_t *t)
(strcasecmp(varname, d->userattr) == 0)) {
status = am_cache_entry_store_string(t, &t->user, value);
if (status != 0) {
ap_log_rerror(APLOG_MARK, APLOG_NOTICE, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_NOTICE, 0, r,
"Unable to store the user name because there"
" is no more space in the session. "
"Username = \"%s\".", value);
@ -679,7 +679,7 @@ void am_cache_env_populate(request_rec *r, am_cache_entry_t *t)
r->ap_auth_type = apr_pstrdup(r->pool, "Mellon");
} else {
/* We don't have a user-"name". Log error. */
ap_log_rerror(APLOG_MARK, APLOG_NOTICE, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_NOTICE, 0, r,
"Didn't find the attribute \"%s\" in the attributes"
" which were received from the IdP. Cannot set a user"
" for this request without a valid user attribute.",

304
auth_mellon_handler.c
View File

File diff suppressed because it is too large Load Diff

38
auth_mellon_httpclient.c
View File

@ -255,7 +255,7 @@ static CURL *am_httpclient_init_curl(request_rec *r, const char *uri,
/* Initialize the curl object. */
curl = curl_easy_init();
if(curl == NULL) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to initialize a curl object.");
return NULL;
}
@ -264,7 +264,7 @@ static CURL *am_httpclient_init_curl(request_rec *r, const char *uri,
/* Set up error reporting. */
res = curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, curl_error);
if(res != CURLE_OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to set curl error buffer: [%u]\n", res);
goto cleanup_fail;
}
@ -272,7 +272,7 @@ static CURL *am_httpclient_init_curl(request_rec *r, const char *uri,
/* Disable progress reporting. */
res = curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 1L);
if(res != CURLE_OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to disable curl progress reporting: [%u] %s",
res, curl_error);
goto cleanup_fail;
@ -281,7 +281,7 @@ static CURL *am_httpclient_init_curl(request_rec *r, const char *uri,
/* Disable use of signals. */
res = curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1L);
if(res != CURLE_OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to disable signals in curl: [%u] %s",
res, curl_error);
goto cleanup_fail;
@ -290,7 +290,7 @@ static CURL *am_httpclient_init_curl(request_rec *r, const char *uri,
/* Set the timeout of the transfer. It is currently set to two minutes. */
res = curl_easy_setopt(curl, CURLOPT_TIMEOUT, 120L);
if(res != CURLE_OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to set the timeout of the curl download:"
" [%u] %s", res, curl_error);
goto cleanup_fail;
@ -300,7 +300,7 @@ static CURL *am_httpclient_init_curl(request_rec *r, const char *uri,
if (cfg->idp_ca_file != NULL) {
res = curl_easy_setopt(curl, CURLOPT_CAINFO, cfg->idp_ca_file->path);
if(res != CURLE_OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to set SSL CA info %s:"
" [%u] %s", cfg->idp_ca_file->path, res, curl_error);
goto cleanup_fail;
@ -310,7 +310,7 @@ static CURL *am_httpclient_init_curl(request_rec *r, const char *uri,
/* Enable fail on http error. */
res = curl_easy_setopt(curl, CURLOPT_FAILONERROR, 1L);
if(res != CURLE_OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to enable failure on http error: [%u] %s",
res, curl_error);
goto cleanup_fail;
@ -319,7 +319,7 @@ static CURL *am_httpclient_init_curl(request_rec *r, const char *uri,
/* Select which uri we should download. */
res = curl_easy_setopt(curl, CURLOPT_URL, uri);
if(res != CURLE_OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to set curl download uri to \"%s\": [%u] %s",
uri, res, curl_error);
goto cleanup_fail;
@ -331,7 +331,7 @@ static CURL *am_httpclient_init_curl(request_rec *r, const char *uri,
/* Set curl write function. */
res = curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, am_hc_data_write);
if(res != CURLE_OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to set the curl write function: [%u] %s",
res, curl_error);
goto cleanup_fail;
@ -340,7 +340,7 @@ static CURL *am_httpclient_init_curl(request_rec *r, const char *uri,
/* Set the curl write function parameter. */
res = curl_easy_setopt(curl, CURLOPT_WRITEDATA, bh);
if(res != CURLE_OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to set the curl write function data: [%u] %s",
res, curl_error);
goto cleanup_fail;
@ -394,7 +394,7 @@ int am_httpclient_get(request_rec *r, const char *uri,
res = curl_easy_setopt(curl, CURLOPT_TIMEOUT, (long)timeout);
if(res != CURLE_OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to download data from the uri \"%s\", "
"cannot set timeout to %ld: [%u] %s",
uri, (long)timeout, res, curl_error);
@ -403,7 +403,7 @@ int am_httpclient_get(request_rec *r, const char *uri,
res = curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, (long)timeout);
if(res != CURLE_OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to download data from the uri \"%s\", "
"cannot set connect timeout to %ld: [%u] %s",
uri, (long)timeout, res, curl_error);
@ -413,7 +413,7 @@ int am_httpclient_get(request_rec *r, const char *uri,
/* Do the download. */
res = curl_easy_perform(curl);
if(res != CURLE_OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to download data from the uri \"%s\", "
"transaction aborted: [%u] %s",
uri, res, curl_error);
@ -423,7 +423,7 @@ int am_httpclient_get(request_rec *r, const char *uri,
if (status != NULL) {
res = curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, status);
if(res != CURLE_OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to download data from the uri \"%s\", "
"no status report: [%u] %s",
uri, res, curl_error);
@ -496,7 +496,7 @@ int am_httpclient_post(request_rec *r, const char *uri,
/* Enable POST request. */
res = curl_easy_setopt(curl, CURLOPT_POST, 1L);
if(res != CURLE_OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to enable POST request: [%u] %s",
res, curl_error);
goto cleanup_fail;
@ -505,7 +505,7 @@ int am_httpclient_post(request_rec *r, const char *uri,
/* Set POST data size. */
res = curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, post_length);
if(res != CURLE_OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to set the POST data length: [%u] %s",
res, curl_error);
goto cleanup_fail;
@ -514,7 +514,7 @@ int am_httpclient_post(request_rec *r, const char *uri,
/* Set POST data. */
res = curl_easy_setopt(curl, CURLOPT_POSTFIELDS, post_data);
if(res != CURLE_OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to set the POST data: [%u] %s",
res, curl_error);
goto cleanup_fail;
@ -540,7 +540,7 @@ int am_httpclient_post(request_rec *r, const char *uri,
/* Set headers. */
res = curl_easy_setopt(curl, CURLOPT_HTTPHEADER, ctheader);
if(res != CURLE_OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to set content-type header to \"%s\": [%u] %s",
content_type, res, curl_error);
goto cleanup_fail;
@ -550,7 +550,7 @@ int am_httpclient_post(request_rec *r, const char *uri,
/* Do the download. */
res = curl_easy_perform(curl);
if(res != CURLE_OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to download data from the uri \"%s\": [%u] %s",
uri, res, curl_error);
goto cleanup_fail;

4
auth_mellon_session.c
View File

@ -57,7 +57,7 @@ am_cache_entry_t *am_lock_and_validate(request_rec *r,
session, &session->cookie_token);
const char *cookie_token_target = am_cookie_token(r);
if (strcmp(cookie_token_session, cookie_token_target)) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Session cookie parameter mismatch. "
"Session created with {%s}, but current "
"request has {%s}.",
@ -123,7 +123,7 @@ am_cache_entry_t *am_new_request_session(request_rec *r)
/* Generate session id. */
session_id = am_generate_id(r);
if(session_id == NULL) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Error creating session id.");
return NULL;
}

80
auth_mellon_util.c
View File

@ -73,7 +73,7 @@ static const char *am_request_hostname(request_rec *r)
ret = apr_uri_parse(r->pool, url, &uri);
if (ret != APR_SUCCESS) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to parse request URL: %s", url);
return NULL;
}
@ -82,7 +82,7 @@ static const char *am_request_hostname(request_rec *r)
/* This shouldn't happen, since the request URL is built with a hostname,
* but log a message to make any debuggin around this code easier.
*/
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"No hostname in request URL: %s", url);
return NULL;
}
@ -109,7 +109,7 @@ int am_validate_redirect_url(request_rec *r, const char *url)
ret = apr_uri_parse(r->pool, url, &uri);
if (ret != APR_SUCCESS) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Invalid redirect URL: %s", url);
return HTTP_BAD_REQUEST;
}
@ -118,7 +118,7 @@ int am_validate_redirect_url(request_rec *r, const char *url)
if (uri.scheme) {
if (strcasecmp(uri.scheme, "http")
&& strcasecmp(uri.scheme, "https")) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Only http or https scheme allowed in redirect URL: %s (%s)",
url, uri.scheme);
return HTTP_BAD_REQUEST;
@ -141,7 +141,7 @@ int am_validate_redirect_url(request_rec *r, const char *url)
return OK;
}
}
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Untrusted hostname (%s) in redirect URL: %s",
uri.hostname, url);
return HTTP_BAD_REQUEST;
@ -334,7 +334,7 @@ const am_cond_t *am_cond_substitue(request_rec *r, const am_cond_t *ce,
c->regex = ap_pregcomp(r->pool, outstr, regex_flags);
if (c->regex == NULL) {
ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_WARNING, 0, r,
"Invalid regular expression \"%s\"", outstr);
return ce;
}
@ -586,7 +586,7 @@ int am_read_post_data(request_rec *r, char **data, apr_size_t *length)
}
if (len >= 1024*1024) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Too large POST data payload (%lu bytes).",
(unsigned long)len);
return HTTP_BAD_REQUEST;
@ -599,7 +599,7 @@ int am_read_post_data(request_rec *r, char **data, apr_size_t *length)
*data = (char *)apr_palloc(r->pool, len + 1);
if (*data == NULL) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to allocate memory for %lu bytes of POST data.",
(unsigned long)len);
return HTTP_INTERNAL_SERVER_ERROR;
@ -627,7 +627,7 @@ int am_read_post_data(request_rec *r, char **data, apr_size_t *length)
break;
}
else if (read_length < 0) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Failed to read POST data from client.");
return HTTP_INTERNAL_SERVER_ERROR;
}
@ -911,7 +911,7 @@ int am_check_url(request_rec *r, const char *url)
for (i = url; *i; i++) {
if (*i >= 0 && *i < ' ') {
/* Deny all control-characters. */
ap_log_rerror(APLOG_MARK, APLOG_ERR, HTTP_BAD_REQUEST, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, HTTP_BAD_REQUEST, r,
"Control character detected in URL.");
return HTTP_BAD_REQUEST;
}
@ -938,7 +938,7 @@ int am_generate_random_bytes(request_rec *r, void *dest, apr_size_t count)
int rc;
rc = RAND_bytes((unsigned char *)dest, (int)count);
if(rc != 1) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Error generating random data: %lu",
ERR_get_error());
return HTTP_INTERNAL_SERVER_ERROR;
@ -1247,7 +1247,7 @@ int am_postdir_cleanup(request_rec *r)
*/
rv = apr_dir_open(&postdir, mod_cfg->post_dir, r->pool);
if (rv != 0) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Unable to open MellonPostDirectory \"%s\": %s",
mod_cfg->post_dir,
apr_strerror(rv, error_buffer, sizeof(error_buffer)));
@ -1278,7 +1278,7 @@ int am_postdir_cleanup(request_rec *r)
(void)apr_dir_close(postdir);
if (count >= mod_cfg->post_count) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Too many saved POST sessions. "
"Increase MellonPostCount directive.");
return HTTP_INTERNAL_SERVER_ERROR;
@ -1382,7 +1382,7 @@ int am_save_post(request_rec *r, const char **relay_state)
mod_cfg = am_get_mod_cfg(r->server);
if (mod_cfg->post_dir == NULL) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"MellonPostReplay enabled but MellonPostDirectory not set "
"-- cannot save post data");
return HTTP_INTERNAL_SERVER_ERROR;
@ -1406,7 +1406,7 @@ int am_save_post(request_rec *r, const char **relay_state)
content_type = "multipart";
} else {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Unknown POST Content-Type \"%s\"", content_type);
return HTTP_INTERNAL_SERVER_ERROR;
}
@ -1415,7 +1415,7 @@ int am_save_post(request_rec *r, const char **relay_state)
}
if ((psf_id = am_generate_id(r)) == NULL) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "cannot generate id");
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r, "cannot generate id");
return HTTP_INTERNAL_SERVER_ERROR;
}
@ -1425,19 +1425,19 @@ int am_save_post(request_rec *r, const char **relay_state)
APR_WRITE|APR_CREATE|APR_BINARY,
APR_FPROT_UREAD|APR_FPROT_UWRITE,
r->pool) != OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"cannot create POST session file");
return HTTP_INTERNAL_SERVER_ERROR;
}
if (am_read_post_data(r, &post_data, &post_data_len) != OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "cannot read POST data");
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r, "cannot read POST data");
(void)apr_file_close(psf);
return HTTP_INTERNAL_SERVER_ERROR;
}
if (post_data_len > mod_cfg->post_size) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"POST data size %" APR_SIZE_T_FMT
" exceeds maximum %" APR_SIZE_T_FMT ". "
"Increase MellonPostSize directive.",
@ -1449,14 +1449,14 @@ int am_save_post(request_rec *r, const char **relay_state)
written = post_data_len;
if ((apr_file_write(psf, post_data, &written) != OK) ||
(written != post_data_len)) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"cannot write to POST session file");
(void)apr_file_close(psf);
return HTTP_INTERNAL_SERVER_ERROR;
}
if (apr_file_close(psf) != OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"cannot close POST session file");
return HTTP_INTERNAL_SERVER_ERROR;
}
@ -1722,7 +1722,7 @@ const char *am_get_mime_body(request_rec *r, const char *mime)
apr_size_t body_len;
if ((body = strstr(mime, lflf)) == NULL) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "No MIME body");
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r, "No MIME body");
return NULL;
}
@ -1757,7 +1757,7 @@ am_get_service_url(request_rec *r, LassoProfile *profile, char *service_name)
provider = lasso_server_get_provider(profile->server,
profile->remote_providerID);
if (LASSO_IS_PROVIDER(provider) == FALSE) {
ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_WARNING, 0, r,
"Cannot find provider service %s, no provider.",
service_name);
return NULL;
@ -1765,7 +1765,7 @@ am_get_service_url(request_rec *r, LassoProfile *profile, char *service_name)
url = lasso_provider_get_metadata_one(provider, service_name);
if (url == NULL) {
ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_WARNING, 0, r,
"Cannot find provider service %s from metadata.",
service_name);
return NULL;
@ -1821,7 +1821,7 @@ static void dump_tokens(request_rec *r, apr_array_header_t *tokens)
for (i = 0; i < tokens->nelts; i++) {
Token token = APR_ARRAY_IDX(tokens, i, Token);
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_DEBUG, 0, r,
"token[%2zd] %s \"%s\" offset=%lu len=%lu ", i,
token_type_str(token.type), token.str,
token.offset, token.len);
@ -2126,7 +2126,7 @@ bool am_parse_paos_header(request_rec *r, const char *header,
apr_size_t i;
char *error;
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_DEBUG, 0, r,
"PAOS header: \"%s\"", header);
tokens = tokenize(r->pool, header, true, &error);
@ -2136,7 +2136,7 @@ bool am_parse_paos_header(request_rec *r, const char *header,
#endif
if (error) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "%s", error);
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r, "%s", error);
goto cleanup;
}
@ -2144,7 +2144,7 @@ bool am_parse_paos_header(request_rec *r, const char *header,
if (!is_token(tokens, 0, TOKEN_IDENTIFIER, "ver") ||
!is_token(tokens, 1, TOKEN_EQUAL, NULL) ||
!is_token(tokens, 2, TOKEN_DBL_QUOTE_STRING, LASSO_PAOS_HREF)) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"invalid PAOS header, "
"expected header to begin with ver=\"%s\", "
"actual header=\"%s\"",
@ -2154,7 +2154,7 @@ bool am_parse_paos_header(request_rec *r, const char *header,
/* Next is the service value, separated from the version by a semicolon */
if (!is_token(tokens, 3, TOKEN_SEMICOLON, NULL)) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"invalid PAOS header, "
"expected semicolon after PAOS version "
"but found %s in header=\"%s\"",
@ -2164,7 +2164,7 @@ bool am_parse_paos_header(request_rec *r, const char *header,
}
if (!is_token(tokens, 4, TOKEN_DBL_QUOTE_STRING, LASSO_ECP_HREF)) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"invalid PAOS header, "
"expected service token to be \"%s\", "
"but found %s in header=\"%s\"",
@ -2184,7 +2184,7 @@ bool am_parse_paos_header(request_rec *r, const char *header,
/* More tokens after the service value, must be options, iterate over them */
for (i = 5; i < tokens->nelts; i++) {
if (!is_token(tokens, i, TOKEN_COMMA, NULL)) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"invalid PAOS header, "
"expected comma after PAOS service "
"but found %s in header=\"%s\"",
@ -2194,7 +2194,7 @@ bool am_parse_paos_header(request_rec *r, const char *header,
}
if (++i > tokens->nelts) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"invalid PAOS header, "
"expected option after comma "
"in header=\"%s\"",
@ -2205,7 +2205,7 @@ bool am_parse_paos_header(request_rec *r, const char *header,
Token token = APR_ARRAY_IDX(tokens, i, Token);
if (token.type != TOKEN_DBL_QUOTE_STRING) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"invalid PAOS header, "
"expected quoted string after comma "
"but found %s in header=\"%s\"",
@ -2226,7 +2226,7 @@ bool am_parse_paos_header(request_rec *r, const char *header,
} else if (g_str_equal(value, LASSO_SAML2_CONDITIONS_DELEGATION)) {
options |= ECP_SERVICE_OPTION_DELEGATION;
} else {
ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_WARNING, 0, r,
"Unknown PAOS service option = \"%s\"",
value);
goto cleanup;
@ -2268,7 +2268,7 @@ bool am_header_has_media_type(request_rec *r, const char *header, const char *me
char *media_range = NULL;
if (header == NULL) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"invalid Accept header, NULL");
goto cleanup;
}
@ -2366,7 +2366,7 @@ int am_get_boolean_query_parameter(request_rec *r, const char *name,
if (value_str != NULL) {
ret = am_urldecode(value_str);
if (ret != OK) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Error urldecoding \"%s\" boolean query parameter, "
"value=\"%s\"", name, value_str);
return ret;
@ -2376,7 +2376,7 @@ int am_get_boolean_query_parameter(request_rec *r, const char *name,
} else if(!strcmp(value_str, "false")) {
*return_value = FALSE;
} else {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"Invalid value for \"%s\" boolean query parameter, "
"value=\"%s\"", name, value_str);
ret = HTTP_BAD_REQUEST;
@ -2596,7 +2596,7 @@ bool am_is_paos_request(request_rec *r, int *error_code)
if (valid_paos_header) {
is_paos = true;
} else {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"request supplied PAOS media type in Accept header "
"but omitted valid PAOS header");
if (*error_code == 0)
@ -2604,14 +2604,14 @@ bool am_is_paos_request(request_rec *r, int *error_code)
}
} else {
if (valid_paos_header) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_ERR, 0, r,
"request supplied valid PAOS header "
"but omitted PAOS media type in Accept header");
if (*error_code == 0)
*error_code = AM_ERROR_MISSING_PAOS_MEDIA_TYPE;
}
}
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
AM_LOG_RERROR(APLOG_MARK, APLOG_DEBUG, 0, r,
"have_paos_media_type=%s valid_paos_header=%s is_paos=%s "
"error_code=%d ecp options=[%s]",
have_paos_media_type ? "True" : "False",