If diagnostics is enabled we want error messages written to the
diagnostics log as well as the Apache error_log. AM_LOG_RERROR
replaces the use of ap_log_rerror, it invokes ap_log_rerror as
previously but then also logs the same message to the diagnostics
log. If diagnostics is not enabled it reverts to ap_log_rerror.
Signed-off-by: John Dennis <jdennis@redhat.com>
File information was handled inconsistently. Some configuration
directives which specified a file path replaced the file path with the
contents of the file. This made it impossible to report where the data
was read from. Other file configuration simply recorded the path. The
directives which immediately read the file contents would generate a
configuration error if the file wasn't readable, but those directives
which simply recorded the file path didn't check on the validity of
the path and relied on Lasso to report an error, however these errors
come significantly after configuration parsing because they are
evaluated in a lazy fashion on first use. The Lasso error reporting
can sometimes be cryptic making it difficult to realize the problem is
due to a improperly specified path in a configuration directive.
We want to be able to log the file pathnames where various files are
read from for diagnostic logging purposes.
This patch introduces a new struct am_file_data_t that encapsulates
all information concerning a file including it's pathname, it's stat
information, optionally it's content, when it was read, etc. as well
as maintaing error codes and an error description.
All file specifications and operations now use this mechanism for
consistency.
Signed-off-by: John Dennis <jdennis@redhat.com>
The `am_hc_block_write()` used recursion when writing multiple blocks
of data. This patch changes it to a simple loop. This ensures that
there is no way that we can end up in a situation where recursion
overflows the stack here.
(curl would only call this function with 16 KiB of data, which isn't
enough to overflow the stack, but this patch makes it safe in case
curl at any point changes its behavior.)
Use APLOG_USE_MODULE if available.
This will also add the module name to its error log messages,
e.g. "[auth_mellon:error]" instead of just "[:error]".
No change for Apache 2.2.
Curl timeouts in auth_mellon_httpclient should be given as long
values and have semantic meaning of seconds.
The code currently passes them in as apr_time_t type which
contains seconds, although apr_time_t should contain
microseconds.
I suggest to not use apr_time_t here, because it is misleading,
and instead use a plain int. The code calling httpclient already
prepares the value as an int. Furthermore convert the value to a
long when curl_easy_setopt() is being called.
Recent versions of libcurl do not allow CUROPT_SSL_VERIFYHOST to be
set to 1.
The default in cURL has been to validate both the certificate and the
host since 2002. Setting these options is therefore unnecessary.
Thanks to Nikola Ivačič for notifying us about this problem!
git-svn-id: https://modmellon.googlecode.com/svn/trunk@216 a716ebb1-153a-0410-b759-cfb97c6a1b53
- IdP discovery service
- add a dimple built-in IdP discovery mechanism: send HTTP GET on ProviderID
URL. If we get HTTP 200, the IdP is selected
git-svn-id: https://modmellon.googlecode.com/svn/trunk@44 a716ebb1-153a-0410-b759-cfb97c6a1b53