Date: Tue, 27 Jan 2015 03:23:08 +0000 (UTC) From: Jun Kuriyama <kuriyama@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r377974 - in head/www/mod_auth_tkt: . files Message-ID: <201501270323.t0R3N8Sx053517@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: kuriyama Date: Tue Jan 27 03:23:08 2015 New Revision: 377974 URL: https://svnweb.freebsd.org/changeset/ports/377974 QAT: https://qat.redports.org/buildarchive/r377974/ Log: - Support apache 2.4.x. - Split out non-related to QuerySeparator directive to normal patches. Added: head/www/mod_auth_tkt/files/patch-cgi_logout.cgi (contents, props changed) head/www/mod_auth_tkt/files/patch-mod_auth_tkt.c (contents, props changed) head/www/mod_auth_tkt/files/patch-mod_auth_tkt.pod (contents, props changed) head/www/mod_auth_tkt/files/patch-t_extra.conf.1.in (contents, props changed) head/www/mod_auth_tkt/files/patch-t_extra.conf.2.in (contents, props changed) Modified: head/www/mod_auth_tkt/Makefile head/www/mod_auth_tkt/files/extra-patch-query-separator head/www/mod_auth_tkt/pkg-plist Modified: head/www/mod_auth_tkt/Makefile ============================================================================== --- head/www/mod_auth_tkt/Makefile Tue Jan 27 03:03:28 2015 (r377973) +++ head/www/mod_auth_tkt/Makefile Tue Jan 27 03:23:08 2015 (r377974) @@ -2,7 +2,7 @@ PORTNAME= mod_auth_tkt PORTVERSION= 2.1.0 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= www MASTER_SITES= ${MASTER_SITE_LOCAL} \ http://www.openfusion.com.au/labs/dist/mod_auth_tkt/ @@ -11,7 +11,7 @@ MASTER_SITE_SUBDIR= kuriyama MAINTAINER= kuriyama@FreeBSD.org COMMENT= Lightweight single-sign-on authentication module for apache -USE_APACHE= 22 +USE_APACHE= 22+ WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION}/src PATCH_WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION} PATCH_STRIP= -p1 Modified: head/www/mod_auth_tkt/files/extra-patch-query-separator ============================================================================== --- head/www/mod_auth_tkt/files/extra-patch-query-separator Tue Jan 27 03:03:28 2015 (r377973) +++ head/www/mod_auth_tkt/files/extra-patch-query-separator Tue Jan 27 03:23:08 2015 (r377974) @@ -1,40 +1,5 @@ -diff --git a/cgi/logout.cgi b/cgi/logout.cgi -index b2a830c..41fa7e1 100755 ---- a/cgi/logout.cgi -+++ b/cgi/logout.cgi -@@ -33,16 +33,19 @@ $back ||= $q->cookie($at->back_cookie_name) if $at->back_cookie_name; - $back ||= $q->param($at->back_arg_name) if $at->back_arg_name; - $back = $AuthTktConfig::DEFAULT_BACK_LOCATION if $AuthTktConfig::DEFAULT_BACK_LOCATION; - $back ||= $ENV{HTTP_REFERER} if $ENV{HTTP_REFERER} && $AuthTktConfig::BACK_REFERER; --if ($back && $back =~ m!^/!) { -- my $hostname = $server_name; -- my $port = $server_port; -- $hostname .= ':' . $port if $port && $port != 80 && $port != 443; -- $back = sprintf "http%s://%s%s", ($port == 443 ? 's' : ''), $hostname, $back; --} elsif ($back && $back !~ m/^http/i) { -- $back = 'http://' . $back; -+my $back_html = ''; -+if ($back) { -+ if ($back =~ m!^/!) { -+ my $hostname = $server_name; -+ my $port = $server_port; -+ $hostname .= ':' . $port if $port && $port != 80 && $port != 443; -+ $back = sprintf "http%s://%s%s", ($port == 443 ? 's' : ''), $hostname, $back; -+ } elsif ($back !~ m/^http/i) { -+ $back = 'http://' . $back; -+ } -+ $back = uri_unescape($back) if $back =~ m/^https?%3A%2F%2F/; -+ $back_html = escapeHTML($back); - } --$back = uri_unescape($back) if $back =~ m/^https?%3A%2F%2F/; --my $back_html = escapeHTML($back) if $back; - - # Logout by resetting the auth cookie - my @cookies = cookie(-name => $at->cookie_name, -value => '', -expires => '-1h', -diff --git a/conf/auth_tkt_cgi.conf b/conf/auth_tkt_cgi.conf -index e2546bc..e969c44 100644 ---- a/conf/auth_tkt_cgi.conf -+++ b/conf/auth_tkt_cgi.conf +--- ../conf/auth_tkt_cgi.conf.orig 2009-03-04 05:22:06.000000000 +0900 ++++ ../conf/auth_tkt_cgi.conf 2015-01-27 12:07:43.628422498 +0900 @@ -13,6 +13,9 @@ # Digest type to use - default is MD5, alternatives are SHA256 or SHA512 #TKTAuthDigestType MD5 @@ -45,74 +10,8 @@ index e2546bc..e969c44 100644 # Used by sample CGI scripts to locate this config file SetEnv MOD_AUTH_TKT_CONF "/etc/httpd/conf.d/auth_tkt_cgi.conf" -diff --git a/doc/mod_auth_tkt.pod b/doc/mod_auth_tkt.pod -index dd7d85c..edf0590 100644 ---- a/doc/mod_auth_tkt.pod -+++ b/doc/mod_auth_tkt.pod -@@ -227,7 +227,9 @@ the ticket hashing, so you should always set a TKTAuthTimeout in - addition to using an expiry. Cookie expiries are refreshed with - tickets if TKTAuthTimeoutRefresh is set. - --Default: none. Examples: -+Default: none (not used). -+ -+e.g. - - TKTAuthCookieExpires 86400 - TKTAuthCookieExpires 1w -@@ -245,6 +247,11 @@ http://www.example.com/index.html and TKTAuthBackArgName is set to - - to the TKTAuthLoginURL it redirects to, allowing your login script - to redirect back to the requested page upon successful login. -+ -+To omit altogether, set to the string B<None> i.e. -+ -+ TKTAuthBackArgName None -+ - Default: 'back'. - - =item TKTAuthBackCookieName <name> -@@ -252,7 +259,9 @@ Default: 'back'. - The cookie name to use for the back cookie. If this is set, - mod_auth_tkt will set a back cookie containing a URI-escaped version - of current requested page when redirecting (see TKTAuthBackArgName --above). Default: none. -+above), instead of using a GET parameter. -+ -+Default: none (not used). - - =item TKTAuthToken <token> - -@@ -267,7 +276,9 @@ Note that this directive can be repeated, and the semantics are that - B<any> of the required tokens is sufficient for access i.e. the tokens - are ORed. - --Default: none. e.g. -+Default: none (not used). -+ -+e.g. - - TKTAuthToken finance - TKTAuthToken admin -@@ -281,8 +292,12 @@ this as well, setting the client IP address to 0.0.0.0). This is - often required out on the open internet, especially if you are - using an HTTPS login page (as you should) and are dealing with - more than a handful of users (the typical problem being --transparent HTTP proxies at ISPs). Default: 'off' i.e. ticket --is only valid from the originating IP address. e.g. -+transparent HTTP proxies at ISPs). -+ -+Default: 'off' i.e. ticket is only valid from the originating -+IP address. -+ -+e.g. - - TKTAuthIgnoreIP on - -diff --git a/src/mod_auth_tkt.c b/src/mod_auth_tkt.c -index c2609e9..74bb669 100644 ---- a/src/mod_auth_tkt.c -+++ b/src/mod_auth_tkt.c +--- ../src/mod_auth_tkt.c.orig 2009-07-10 16:46:51.000000000 +0900 ++++ ../src/mod_auth_tkt.c 2015-01-27 12:07:43.631422016 +0900 @@ -38,6 +38,7 @@ #define REMOTE_USER_TOKENS_ENV "REMOTE_USER_TOKENS" #define DEFAULT_TIMEOUT_SEC 7200 @@ -121,7 +20,7 @@ index c2609e9..74bb669 100644 #define FORCE_REFRESH 1 #define CHECK_REFRESH 0 -@@ -68,6 +69,7 @@ typedef struct { +@@ -68,6 +69,7 @@ char *guest_user; int guest_fallback; int debug; @@ -129,51 +28,15 @@ index c2609e9..74bb669 100644 } auth_tkt_dir_conf; /* Per-server configuration */ -@@ -99,24 +101,24 @@ void - auth_tkt_version(server_rec *s, pool *p) - { - ap_add_version_component("mod_auth_tkt/" TKT_AUTH_VERSION); -- ap_log_error(APLOG_MARK, APLOG_INFO, APR_SUCCESS, s, -+ ap_log_error(APLOG_MARK, APLOG_INFO, APR_SUCCESS, s, - "mod_auth_tkt: version %s", TKT_AUTH_VERSION); - } - - #else - static int --auth_tkt_version(apr_pool_t *p, -+auth_tkt_version(apr_pool_t *p, - apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s) - { - ap_add_version_component(p, "mod_auth_tkt/" TKT_AUTH_VERSION); -- ap_log_error(APLOG_MARK, APLOG_INFO, APR_SUCCESS, s, -+ ap_log_error(APLOG_MARK, APLOG_INFO, APR_SUCCESS, s, - "mod_auth_tkt: version %s", TKT_AUTH_VERSION); - return DECLINED; - } - #endif - - /* Create per-dir config structures */ --static void * -+static void * - create_auth_tkt_config(apr_pool_t *p, char* path) - { - auth_tkt_dir_conf *conf = apr_palloc(p, sizeof(*conf)); -@@ -142,11 +144,12 @@ create_auth_tkt_config(apr_pool_t *p, char* path) +@@ -142,6 +144,7 @@ conf->guest_user = NULL; conf->guest_fallback = -1; conf->debug = -1; -- return conf; + conf->query_separator = (char *)QUERY_SEPARATOR; -+ return conf; + return conf; } - /* Merge per-dir config structures */ --static void * -+static void * - merge_auth_tkt_config(apr_pool_t *p, void* parent_dirv, void* subdirv) - { - auth_tkt_dir_conf *parent = (auth_tkt_dir_conf *) parent_dirv; -@@ -174,6 +177,7 @@ merge_auth_tkt_config(apr_pool_t *p, void* parent_dirv, void* subdirv) +@@ -174,6 +177,7 @@ conf->guest_user = (subdir->guest_user) ? subdir->guest_user : parent->guest_user; conf->guest_fallback = (subdir->guest_fallback >= 0) ? subdir->guest_fallback : parent->guest_fallback; conf->debug = (subdir->debug >= 0) ? subdir->debug : parent->debug; @@ -181,122 +44,7 @@ index c2609e9..74bb669 100644 return conf; } -@@ -188,7 +192,7 @@ create_auth_tkt_serv_config(apr_pool_t *p, server_rec* s) - sconf->digest_type = NULL; - sconf->digest_sz = 0; - return sconf; --} -+} - - /* Merge per-server config structures */ - static void * -@@ -203,7 +207,7 @@ merge_auth_tkt_serv_config(apr_pool_t *p, void* parent_dirv, void* subdirv) - sconf->digest_type = (subdir->digest_type) ? subdir->digest_type : parent->digest_type; - sconf->digest_sz = (subdir->digest_sz) ? subdir->digest_sz : parent->digest_sz; - return sconf; --} -+} - - /* ----------------------------------------------------------------------- */ - /* Command-specific functions */ -@@ -243,8 +247,8 @@ convert_to_seconds (cmd_parms *cmd, const char *param, int *seconds) - multiplier = 30 * 24 * 60 * 60; - else if (unit == 'y') - multiplier = 365 * 24 * 60 * 60; -- else -- return apr_psprintf(cmd->pool, -+ else -+ return apr_psprintf(cmd->pool, - "Bad time string - unrecognised unit '%c'", unit); - } - -@@ -256,7 +260,7 @@ convert_to_seconds (cmd_parms *cmd, const char *param, int *seconds) - static const char * - set_auth_tkt_token (cmd_parms *cmd, void *cfg, const char *param) - { -- char **new; -+ char **new; - auth_tkt_dir_conf *conf = (auth_tkt_dir_conf *) cfg; - - new = (char **) apr_array_push(conf->auth_token); -@@ -270,12 +274,12 @@ set_auth_tkt_timeout (cmd_parms *cmd, void *cfg, const char *param) - auth_tkt_dir_conf *conf = (auth_tkt_dir_conf *)cfg; - int seconds = conf->timeout_sec; - const char *error; -- -+ - /* Easy case - looks like all digits */ - if (apr_isdigit(param[0]) && apr_isdigit(param[strlen(param) - 1])) { - seconds = atoi(param); - } -- -+ - /* Harder case - convert units to seconds */ - else { - error = convert_to_seconds(cmd, param, &seconds); -@@ -286,7 +290,7 @@ set_auth_tkt_timeout (cmd_parms *cmd, void *cfg, const char *param) - if (seconds == INT_MAX) return ("Integer overflow or invalid number"); - - conf->timeout_sec = seconds; -- -+ - return NULL; - } - -@@ -294,14 +298,14 @@ static const char * - set_auth_tkt_timeout_min (cmd_parms *cmd, void *cfg, const char *param) - { - auth_tkt_dir_conf *conf = (auth_tkt_dir_conf *)cfg; -- -+ - int minutes = atoi(param); -- -+ - if (minutes < 0) return ("Timeout must be positive"); - if (minutes == INT_MAX) return ("Integer overflow or invalid number"); -- -+ - conf->timeout_sec = minutes * 60; -- -+ - return NULL; - } - -@@ -309,21 +313,21 @@ static const char * - set_auth_tkt_timeout_refresh (cmd_parms *cmd, void *cfg, const char *param) - { - auth_tkt_dir_conf *conf = (auth_tkt_dir_conf *)cfg; -- -+ - double refresh = atof(param); - -- if (refresh < 0 || refresh > 1) -+ if (refresh < 0 || refresh > 1) - return "Refresh flag must be between 0 and 1"; -- -+ - conf->timeout_refresh = refresh; -- -+ - return NULL; - } - - static const char * - setup_secret (cmd_parms *cmd, void *cfg, const char *param) - { -- auth_tkt_serv_conf *sconf = -+ auth_tkt_serv_conf *sconf = - ap_get_module_config(cmd->server->module_config, &auth_tkt_module); - sconf->secret = param; - return NULL; -@@ -332,12 +336,22 @@ setup_secret (cmd_parms *cmd, void *cfg, const char *param) - static const char * - setup_old_secret (cmd_parms *cmd, void *cfg, const char *param) - { -- auth_tkt_serv_conf *sconf = ap_get_module_config(cmd->server->module_config, -+ auth_tkt_serv_conf *sconf = ap_get_module_config(cmd->server->module_config, - &auth_tkt_module); - sconf->old_secret = param; +@@ -338,6 +342,16 @@ return NULL; } @@ -313,144 +61,27 @@ index c2609e9..74bb669 100644 void setup_digest_sz (auth_tkt_serv_conf *sconf) { -@@ -355,10 +369,10 @@ setup_digest_sz (auth_tkt_serv_conf *sconf) - static const char * - setup_digest_type (cmd_parms *cmd, void *cfg, const char *param) - { -- auth_tkt_serv_conf *sconf = -+ auth_tkt_serv_conf *sconf = - ap_get_module_config(cmd->server->module_config, &auth_tkt_module); - -- if (strcmp(param, "MD5") != 0 && -+ if (strcmp(param, "MD5") != 0 && - strcmp(param, "SHA256") != 0 && - strcmp(param, "SHA512") != 0) - return "Digest type must be one of: MD5 | SHA256 | SHA512."; -@@ -391,7 +405,7 @@ set_cookie_expires (cmd_parms *cmd, void *cfg, const char *param) - if (seconds == INT_MAX) return ("Integer overflow or invalid number"); - - conf->cookie_expires = seconds; -- -+ - return NULL; - } - -@@ -399,90 +413,93 @@ static const char * - set_auth_tkt_debug (cmd_parms *cmd, void *cfg, const char *param) - { - auth_tkt_dir_conf *conf = (auth_tkt_dir_conf *)cfg; -- -+ - int debug = atoi(param); -- -+ - if (debug < 0) return ("Debug level must be positive"); - if (debug == INT_MAX) return ("Integer overflow or invalid number"); -- -+ - conf->debug = debug; -- -+ - return NULL; - } - - /* Command table */ - static const command_rec auth_tkt_cmds[] = - { -- AP_INIT_TAKE1("TKTAuthLoginURL", ap_set_string_slot, -+ AP_INIT_TAKE1("TKTAuthLoginURL", ap_set_string_slot, - (void *)APR_OFFSETOF(auth_tkt_dir_conf, login_url), - OR_AUTHCFG, "URL to redirect to if authentication fails"), -- AP_INIT_TAKE1("TKTAuthTimeoutURL", ap_set_string_slot, -+ AP_INIT_TAKE1("TKTAuthTimeoutURL", ap_set_string_slot, - (void *)APR_OFFSETOF(auth_tkt_dir_conf, timeout_url), - OR_AUTHCFG, "URL to redirect to if cookie times-out"), -- AP_INIT_TAKE1("TKTAuthPostTimeoutURL", ap_set_string_slot, -+ AP_INIT_TAKE1("TKTAuthPostTimeoutURL", ap_set_string_slot, - (void *)APR_OFFSETOF(auth_tkt_dir_conf, post_timeout_url), - OR_AUTHCFG, "URL to redirect to if cookie times-out doing a POST"), -- AP_INIT_TAKE1("TKTAuthUnauthURL", ap_set_string_slot, -+ AP_INIT_TAKE1("TKTAuthUnauthURL", ap_set_string_slot, - (void *)APR_OFFSETOF(auth_tkt_dir_conf, unauth_url), - OR_AUTHCFG, "URL to redirect to if valid user without required token"), -- AP_INIT_TAKE1("TKTAuthCookieName", ap_set_string_slot, -+ AP_INIT_TAKE1("TKTAuthCookieName", ap_set_string_slot, - (void *)APR_OFFSETOF(auth_tkt_dir_conf, auth_cookie_name), - OR_AUTHCFG, "name to use for ticket cookie"), -- AP_INIT_TAKE1("TKTAuthDomain", ap_set_string_slot, -+ AP_INIT_TAKE1("TKTAuthDomain", ap_set_string_slot, - (void *)APR_OFFSETOF(auth_tkt_dir_conf, auth_domain), - OR_AUTHCFG, "domain to use in cookies"), - #ifndef APACHE13 - /* TKTAuthCookieExpires is not supported under Apache 1.3 */ -- AP_INIT_ITERATE("TKTAuthCookieExpires", set_cookie_expires, -+ AP_INIT_ITERATE("TKTAuthCookieExpires", set_cookie_expires, - (void *)APR_OFFSETOF(auth_tkt_dir_conf, cookie_expires), - OR_AUTHCFG, "cookie expiry period, in seconds or units [smhdwMy]"), - #endif -- AP_INIT_TAKE1("TKTAuthBackCookieName", ap_set_string_slot, -+ AP_INIT_TAKE1("TKTAuthBackCookieName", ap_set_string_slot, - (void *)APR_OFFSETOF(auth_tkt_dir_conf, back_cookie_name), -- OR_AUTHCFG, "name to use for back cookie (NULL for none)"), -- AP_INIT_TAKE1("TKTAuthBackArgName", ap_set_string_slot, -+ OR_AUTHCFG, "name to use for back cookie (default: none)"), -+ AP_INIT_TAKE1("TKTAuthBackArgName", ap_set_string_slot, - (void *)APR_OFFSETOF(auth_tkt_dir_conf, back_arg_name), -- OR_AUTHCFG, "name to use for back url argument (NULL for none)"), -- AP_INIT_FLAG("TKTAuthIgnoreIP", ap_set_flag_slot, -+ OR_AUTHCFG, "name to use for back url argument ('None' to not use)"), -+ AP_INIT_FLAG("TKTAuthIgnoreIP", ap_set_flag_slot, - (void *)APR_OFFSETOF(auth_tkt_dir_conf, ignore_ip), - OR_AUTHCFG, "whether to ignore remote IP address in ticket"), -- AP_INIT_FLAG("TKTAuthRequireSSL", ap_set_flag_slot, -+ AP_INIT_FLAG("TKTAuthRequireSSL", ap_set_flag_slot, - (void *)APR_OFFSETOF(auth_tkt_dir_conf, require_ssl), - OR_AUTHCFG, "whether to refuse non-HTTPS requests"), -- AP_INIT_FLAG("TKTAuthCookieSecure", ap_set_flag_slot, -+ AP_INIT_FLAG("TKTAuthCookieSecure", ap_set_flag_slot, - (void *)APR_OFFSETOF(auth_tkt_dir_conf, secure_cookie), - OR_AUTHCFG, "whether to set secure flag on ticket cookies"), -- AP_INIT_ITERATE("TKTAuthToken", set_auth_tkt_token, -+ AP_INIT_ITERATE("TKTAuthToken", set_auth_tkt_token, - (void *)APR_OFFSETOF(auth_tkt_dir_conf, auth_token), - OR_AUTHCFG, "token required to access this area (NULL for none)"), -- AP_INIT_ITERATE("TKTAuthTimeout", set_auth_tkt_timeout, -+ AP_INIT_ITERATE("TKTAuthTimeout", set_auth_tkt_timeout, - (void *)APR_OFFSETOF(auth_tkt_dir_conf, timeout_sec), - OR_AUTHCFG, "ticket inactivity timeout, in seconds or units [smhdwMy]"), -- AP_INIT_TAKE1("TKTAuthTimeoutMin", set_auth_tkt_timeout_min, -+ AP_INIT_TAKE1("TKTAuthTimeoutMin", set_auth_tkt_timeout_min, - NULL, OR_AUTHCFG, "ticket inactivity timeout, in minutes (deprecated)"), -- AP_INIT_TAKE1("TKTAuthTimeoutRefresh", set_auth_tkt_timeout_refresh, -+ AP_INIT_TAKE1("TKTAuthTimeoutRefresh", set_auth_tkt_timeout_refresh, - NULL, OR_AUTHCFG, "ticket timeout refresh flag (0-1)"), -- AP_INIT_TAKE1("TKTAuthSecret", setup_secret, -+ AP_INIT_TAKE1("TKTAuthSecret", setup_secret, - NULL, RSRC_CONF, "secret key to use in digest"), -- AP_INIT_TAKE1("TKTAuthSecretOld", setup_old_secret, -+ AP_INIT_TAKE1("TKTAuthSecretOld", setup_old_secret, +@@ -467,22 +481,25 @@ + AP_INIT_TAKE1("TKTAuthSecretOld", setup_old_secret, NULL, RSRC_CONF, "old/alternative secret key to check in digests"), -- AP_INIT_TAKE1("TKTAuthDigestType", setup_digest_type, + AP_INIT_TAKE1("TKTAuthDigestType", setup_digest_type, - NULL, RSRC_CONF, "digest type to use [MD5|SHA256|SHA512], default MD5"), -+ AP_INIT_TAKE1("TKTAuthDigestType", setup_digest_type, -+ NULL, RSRC_CONF, "digest type to use [MD5|SHA256|SHA512], default: MD5"), ++ NULL, RSRC_CONF, "digest type to use [MD5|SHA256|SHA512], default MD5"), AP_INIT_FLAG("TKTAuthGuestLogin", ap_set_flag_slot, (void *)APR_OFFSETOF(auth_tkt_dir_conf, guest_login), OR_AUTHCFG, "whether to log people in as guest if no other auth available"), AP_INIT_FLAG("TKTAuthGuestCookie", ap_set_flag_slot, (void *)APR_OFFSETOF(auth_tkt_dir_conf, guest_cookie), - OR_AUTHCFG, "whether to set a cookie when accepting guest users (default off)"), -- AP_INIT_TAKE1("TKTAuthGuestUser", ap_set_string_slot, -+ OR_AUTHCFG, "whether to set a cookie when accepting guest users (default: off)"), -+ AP_INIT_TAKE1("TKTAuthGuestUser", ap_set_string_slot, ++ OR_AUTHCFG, "whether to set a cookie when accepting guest users (default off)"), + AP_INIT_TAKE1("TKTAuthGuestUser", ap_set_string_slot, (void *)APR_OFFSETOF(auth_tkt_dir_conf, guest_user), OR_AUTHCFG, "username to use for guest logins"), AP_INIT_FLAG("TKTAuthGuestFallback", ap_set_flag_slot, (void *)APR_OFFSETOF(auth_tkt_dir_conf, guest_fallback), - OR_AUTHCFG, "whether to fall back to guest on an expired ticket (default off)"), -- AP_INIT_ITERATE("TKTAuthDebug", set_auth_tkt_debug, -+ OR_AUTHCFG, "whether to fall back to guest on an expired ticket (default: off)"), -+ AP_INIT_ITERATE("TKTAuthDebug", set_auth_tkt_debug, ++ OR_AUTHCFG, "whether to fall back to guest on an expired ticket (default off)"), + AP_INIT_ITERATE("TKTAuthDebug", set_auth_tkt_debug, (void *)APR_OFFSETOF(auth_tkt_dir_conf, debug), OR_AUTHCFG, "debug level (1-3, higher for more debug output)"), + AP_INIT_TAKE1("TKTAuthQuerySeparator", setup_query_separator, @@ -459,625 +90,7 @@ index c2609e9..74bb669 100644 {NULL}, }; -@@ -490,28 +507,28 @@ static const command_rec auth_tkt_cmds[] = - /* Support functions */ - - /* Parse cookie. Returns 1 if valid, and details in *parsed; 0 if not */ --static int -+static int - parse_ticket(request_rec *r, char **magic, auth_tkt *parsed) - { - int sepidx, sep2idx; - char *ticket = *magic; - int len = strlen(ticket); -- auth_tkt_serv_conf *sconf = -+ auth_tkt_serv_conf *sconf = - ap_get_module_config(r->server->module_config, &auth_tkt_module); -- auth_tkt_dir_conf *conf = -+ auth_tkt_dir_conf *conf = - ap_get_module_config(r->per_dir_config, &auth_tkt_module); -- -+ - /* For some reason (some clients?), tickets sometimes come in quoted */ - if (ticket[len-1] == '"') ticket[len-1] = 0; - if (ticket[0] == '"') *magic = ++ticket; - - /* Basic length check for min size */ - if (len <= (sconf->digest_sz + TSTAMP_SZ)) -- return 0; -- -+ return 0; -+ - /* See if there is a uid/data separator */ - sepidx = ap_ind(ticket, SEPARATOR); -- if (sepidx == -1) { -+ if (sepidx == -1) { - /* Ticket either uri-escaped, base64-escaped, or bogus */ - if (strstr(ticket, SEPARATOR_HEX)) { - ap_unescape_url(ticket); -@@ -519,7 +536,7 @@ parse_ticket(request_rec *r, char **magic, auth_tkt *parsed) - } - else { - /* base64 encoded string always longer than original, so len+1 sufficient */ -- char *buf = (char *) apr_palloc(r->pool, len+1); -+ char *buf = (char *) apr_palloc(r->pool, len+1); - apr_base64_decode(buf, ticket); - sepidx = ap_ind(buf, SEPARATOR); - /* If still no sepidx, must be bogus */ -@@ -532,26 +549,26 @@ parse_ticket(request_rec *r, char **magic, auth_tkt *parsed) - } - - /* Recheck length */ -- if (len <= (sconf->digest_sz + TSTAMP_SZ) || -- sepidx < (sconf->digest_sz + TSTAMP_SZ)) -- return 0; -+ if (len <= (sconf->digest_sz + TSTAMP_SZ) || -+ sepidx < (sconf->digest_sz + TSTAMP_SZ)) -+ return 0; - - if (conf->debug >= 1) { -- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, -+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, - "TKT parse_ticket decoded ticket: '%s'", ticket); - } -- -+ - /* Get the user id */ - parsed->uid = apr_palloc(r->pool, sepidx - (sconf->digest_sz + TSTAMP_SZ) + 1); -- memcpy(parsed->uid, &ticket[(sconf->digest_sz + TSTAMP_SZ)], -+ memcpy(parsed->uid, &ticket[(sconf->digest_sz + TSTAMP_SZ)], - sepidx - (sconf->digest_sz + TSTAMP_SZ)); - parsed->uid[sepidx - (sconf->digest_sz + TSTAMP_SZ)] = '\0'; -- -+ - /* Check for tokens */ - sep2idx = ap_ind(&ticket[sepidx+1], SEPARATOR); - if (sep2idx == -1) { - if (conf->debug >= 2) { -- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, -+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, - "TKT parse_ticket: no tokens"); - } - parsed->tokens = apr_palloc(r->pool, 1); -@@ -563,15 +580,15 @@ parse_ticket(request_rec *r, char **magic, auth_tkt *parsed) - sepidx = tmp + sep2idx + 1; - sep2idx = tmp; - if (conf->debug >= 2) { -- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, -- "TKT parse_ticket: tokens found - sep2=%d, sep=%d, len=%d", -- sep2idx, sepidx, len); -+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, -+ "TKT parse_ticket: tokens found - sep2=%d, sep=%d, len=%d", -+ sep2idx, sepidx, len); - } - /* Copy tokens to parsed->tokens */ - parsed->tokens = apr_palloc(r->pool, sepidx-sep2idx); - apr_snprintf(parsed->tokens, sepidx-sep2idx, "%s", &ticket[sep2idx+1]); - if (conf->debug >= 2) { -- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, -+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, - "TKT parse_ticket tokens: '%s'", parsed->tokens); - } - } -@@ -579,25 +596,25 @@ parse_ticket(request_rec *r, char **magic, auth_tkt *parsed) - /* Copy user data to parsed->user_data */ - parsed->user_data = apr_palloc(r->pool, len-sepidx+1); - apr_snprintf(parsed->user_data, len-sepidx+1, "%s", &ticket[sepidx+1]); -- -+ - /* Copy timestamp to parsed->timestamp */ - sscanf(&ticket[sconf->digest_sz], "%8x", &(parsed->timestamp)); -- -+ - return 1; - } - - /* Search cookie headers for our ticket */ --static int -+static int - cookie_match(void *result, const char *key, const char *cookie) - { - cookie_res * cr = (cookie_res *) result; -- auth_tkt_dir_conf *conf = -+ auth_tkt_dir_conf *conf = - ap_get_module_config(cr->r->per_dir_config, &auth_tkt_module); -- -+ - if (cookie != NULL) { - char *cookie_name, *value, *cookiebuf, *end; - if (conf->debug >= 2) { -- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, cr->r, -+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, cr->r, - "TKT cookie_match, key %s against <%s> (name=%s)", - key, cookie, cr->cookie_name); - } -@@ -623,7 +640,7 @@ cookie_match(void *result, const char *key, const char *cookie) - if (strlen(cookiebuf)) { - cr->cookie = cookiebuf; - if (conf->debug >= 1) { -- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, cr->r, -+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, cr->r, - "TKT cookie_match: found '%s'", cookiebuf); - } - return(0); -@@ -631,7 +648,7 @@ cookie_match(void *result, const char *key, const char *cookie) - } - } - if (conf->debug >= 2) { -- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, cr->r, -+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, cr->r, - "TKT cookie_match: NOT found"); - } - return (1); -@@ -639,7 +656,7 @@ cookie_match(void *result, const char *key, const char *cookie) - - /* Return the domain to use in cookies */ - char * --get_domain(request_rec *r, auth_tkt_dir_conf *conf) -+get_domain(request_rec *r, auth_tkt_dir_conf *conf) - { - /* Set the cookie domain to the first set of TKTAuthDomain, - X-Forwarded-Host, Host, or server hostname. Viljo Viitanen -@@ -665,7 +682,7 @@ get_domain(request_rec *r, auth_tkt_dir_conf *conf) - static void - send_auth_cookie(request_rec *r, char *value) - { -- auth_tkt_dir_conf *conf = -+ auth_tkt_dir_conf *conf = - ap_get_module_config(r->per_dir_config, &auth_tkt_module); - char *cookie, *expires; - char *domain = get_domain(r,conf); -@@ -679,12 +696,12 @@ send_auth_cookie(request_rec *r, char *value) - #ifndef APACHE13 - if (conf->cookie_expires > 0) { - apr_time_exp_t tms; -- apr_time_exp_gmt(&tms, r->request_time + -+ apr_time_exp_gmt(&tms, r->request_time + - apr_time_from_sec(conf->cookie_expires)); -- expires = -+ expires = - apr_psprintf(r->pool, "; expires=%s, %.2d-%s-%.2d %.2d:%.2d:%.2d GMT", - apr_day_snames[tms.tm_wday], -- tms.tm_mday, -+ tms.tm_mday, - apr_month_snames[tms.tm_mon], - tms.tm_year % 100, - tms.tm_hour, tms.tm_min, tms.tm_sec -@@ -693,12 +710,12 @@ send_auth_cookie(request_rec *r, char *value) - #endif - - /* Send the cookie */ -- cookie = apr_psprintf(r->pool, "%s=%s; path=/%s%s%s", -+ cookie = apr_psprintf(r->pool, "%s=%s; path=/%s%s%s", - conf->auth_cookie_name, value, domain, expires, secure_cookie); - apr_table_setn(r->err_headers_out, "Set-Cookie", cookie); - - if (conf->debug >= 1) { -- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, -+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, - "TKT: sending cookie: %s=%s; path=/%s%s%s", - conf->auth_cookie_name, value, domain, expires, secure_cookie); - } -@@ -708,7 +725,7 @@ send_auth_cookie(request_rec *r, char *value) - static char * - get_url_ticket(request_rec *r) - { -- auth_tkt_dir_conf *conf = -+ auth_tkt_dir_conf *conf = - ap_get_module_config(r->per_dir_config, &auth_tkt_module); - const char *args = NULL; /* url arguments string */ - const char *key, *val; -@@ -717,12 +734,12 @@ get_url_ticket(request_rec *r) - /* Use main request args if subrequest */ - request_rec *r_main = r->main == NULL ? r : r->main; - if (r_main->args != NULL) { -- args = apr_pstrdup(r->pool, r_main->args); -+ args = apr_pstrdup(r->pool, r_main->args); - } - - if (args != NULL) { - if (conf->debug >= 1) { -- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, -+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, - "TKT: looking for ticket in url: <%s>", args); - } - -@@ -731,12 +748,12 @@ get_url_ticket(request_rec *r) - - if (strcmp(key,conf->auth_cookie_name) == 0) { - if (conf->debug >= 1) { -- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, -+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, - "TKT: found url ticket: <%s>", val); - } - - /* Setup auth cookie using ticket value */ -- send_auth_cookie(r, (char *) val); -+ send_auth_cookie(r, (char *) val); - - /* Found ticket - ignore rest of arguments */ - ticket = (char *) val; -@@ -749,12 +766,12 @@ get_url_ticket(request_rec *r) - } - - /* Look for a cookie ticket */ --static char * -+static char * - get_cookie_ticket(request_rec *r) - { -- auth_tkt_serv_conf *sconf = -+ auth_tkt_serv_conf *sconf = - ap_get_module_config(r->server->module_config, &auth_tkt_module); -- auth_tkt_dir_conf *conf = -+ auth_tkt_dir_conf *conf = - ap_get_module_config(r->per_dir_config, &auth_tkt_module); - - /* Walk cookie headers looking for matching ticket */ -@@ -770,7 +787,7 @@ get_cookie_ticket(request_rec *r) - } - if (strlen(cr->cookie) < sconf->digest_sz + TSTAMP_SZ) { - if (conf->debug >= 1) { -- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, -+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, - "TKT get_cookie_tkt: found cookie ticket, " - "but it's too short for a %s digest (%zu < %d)", - sconf->digest_type, strlen(cr->cookie), sconf->digest_sz + TSTAMP_SZ); -@@ -782,18 +799,18 @@ get_cookie_ticket(request_rec *r) - } - - /* Generate a ticket digest string from the given details */ --static char * -+static char * - ticket_digest(request_rec *r, auth_tkt *parsed, unsigned int timestamp, const char *secret) - { -- auth_tkt_serv_conf *sconf = -+ auth_tkt_serv_conf *sconf = - ap_get_module_config(r->server->module_config, &auth_tkt_module); -- auth_tkt_dir_conf *conf = -+ auth_tkt_dir_conf *conf = - ap_get_module_config(r->per_dir_config, &auth_tkt_module); - char *uid = parsed->uid; - char *tokens = parsed->tokens; - char *user_data = parsed->user_data; - -- unsigned char *buf = apr_palloc(r->pool, -+ unsigned char *buf = apr_palloc(r->pool, - TSTAMP_SZ + strlen(secret) + strlen(uid) + 1 + strlen(tokens) + 1 + strlen(user_data) + 1); - unsigned char *buf2 = apr_palloc(r->pool, sconf->digest_sz + strlen(secret)); - int len = 0; -@@ -812,7 +829,7 @@ ticket_digest(request_rec *r, auth_tkt *parsed, unsigned int timestamp, const ch - if (timestamp == 0) timestamp = parsed->timestamp; - - if (conf->debug >= 2) { -- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, -+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, - "TKT ticket_digest: using secret '%s', ip '%s', ts '%d'", secret, remote_ip, timestamp); - } - -@@ -824,13 +841,13 @@ ticket_digest(request_rec *r, auth_tkt *parsed, unsigned int timestamp, const ch - buf[0] = (unsigned char ) ((ip & 0xff000000) >> 24); - buf[1] = (unsigned char ) ((ip & 0xff0000) >> 16); - buf[2] = (unsigned char ) ((ip & 0xff00) >> 8); -- buf[3] = (unsigned char ) ((ip & 0xff)); -- buf[4] = (unsigned char ) ((timestamp & 0xff000000) >> 24); -- buf[5] = (unsigned char ) ((timestamp & 0xff0000) >> 16); -- buf[6] = (unsigned char ) ((timestamp & 0xff00) >> 8); -- buf[7] = (unsigned char ) ((timestamp & 0xff)); -+ buf[3] = (unsigned char ) ((ip & 0xff)); -+ buf[4] = (unsigned char ) ((timestamp & 0xff000000) >> 24); -+ buf[5] = (unsigned char ) ((timestamp & 0xff0000) >> 16); -+ buf[6] = (unsigned char ) ((timestamp & 0xff00) >> 8); -+ buf[7] = (unsigned char ) ((timestamp & 0xff)); - len = 8; -- -+ - /* Append remaining components to buf */ - strcpy((char *)&buf[len], secret); - len += strlen(secret); -@@ -857,7 +874,7 @@ ticket_digest(request_rec *r, auth_tkt *parsed, unsigned int timestamp, const ch - digest = ap_md5_binary(r->pool, buf, len); - } - if (conf->debug >= 3) { -- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, -+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, - "TKT ticket_digest: digest0: '%s' (input length %d)", digest, len); - } - -@@ -879,7 +896,7 @@ ticket_digest(request_rec *r, auth_tkt *parsed, unsigned int timestamp, const ch - digest = ap_md5_binary(r->pool, buf2, len); - } - if (conf->debug >= 3) { -- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, -+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, - "TKT ticket_digest: digest: '%s'", digest); - } - -@@ -897,21 +914,21 @@ valid_ticket(request_rec *r, const char *source, char *ticket, auth_tkt *parsed, - char *digest; - auth_tkt_serv_conf *sconf = - ap_get_module_config(r->server->module_config, &auth_tkt_module); -- auth_tkt_dir_conf *conf = -+ auth_tkt_dir_conf *conf = - ap_get_module_config(r->per_dir_config, &auth_tkt_module); - - /* Attempt to parse ticket */ - if (! parse_ticket(r, &ticket, parsed)) { - if (conf->debug >= 1) { -- ap_log_rerror(APLOG_MARK, APLOG_WARNING, APR_SUCCESS, r, -+ ap_log_rerror(APLOG_MARK, APLOG_WARNING, APR_SUCCESS, r, - "TKT valid_ticket: unparseable %s ticket found ('%s')", source, ticket); - } - return 0; - } - - if (conf->debug >= 1) { -- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, -- "TKT valid_ticket: (parsed) uid '%s', tokens '%s', user_data '%s', ts '%d'", -+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, -+ "TKT valid_ticket: (parsed) uid '%s', tokens '%s', user_data '%s', ts '%d'", - parsed->uid, parsed->tokens, parsed->user_data, parsed->timestamp); - } - -@@ -921,9 +938,9 @@ valid_ticket(request_rec *r, const char *source, char *ticket, auth_tkt *parsed, - - /* Digest mismatch - if no old secret set, fail */ - if(sconf->old_secret == NULL) { -- ap_log_rerror(APLOG_MARK, APLOG_WARNING, APR_SUCCESS, r, -+ ap_log_rerror(APLOG_MARK, APLOG_WARNING, APR_SUCCESS, r, - "TKT valid_ticket: ticket hash (current secret) is invalid, and no old secret set " -- "- digest '%s', ticket '%s'", -+ "- digest '%s', ticket '%s'", - digest, ticket); - return 0; - } -@@ -931,13 +948,13 @@ valid_ticket(request_rec *r, const char *source, char *ticket, auth_tkt *parsed, - /* Digest mismatch - if old_secret is set, recalculate using that */ - else { - if (conf->debug >= 1) { -- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, -+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, - "TKT valid_ticket: ticket hash (current secret) is invalid, but old_secret is set - checking ticket digest against that"); - } - digest = ticket_digest(r, parsed, 0, sconf->old_secret); - if (memcmp(ticket, digest, sconf->digest_sz) != 0) { -- ap_log_rerror(APLOG_MARK, APLOG_WARNING, APR_SUCCESS, r, -- "TKT valid_ticket: ticket hash (old secret) is also invalid - digest '%s', ticket '%s'", -+ ap_log_rerror(APLOG_MARK, APLOG_WARNING, APR_SUCCESS, r, -+ "TKT valid_ticket: ticket hash (old secret) is also invalid - digest '%s', ticket '%s'", - digest, ticket); - return 0; - } -@@ -946,7 +963,7 @@ valid_ticket(request_rec *r, const char *source, char *ticket, auth_tkt *parsed, - else { - if (force_refresh != NULL) { - if (conf->debug >= 1) { -- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, -+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, - "TKT valid_ticket: ticket_digest validated with old_secret - forcing a cookie refresh"); - } - *force_refresh = 1; -@@ -958,31 +975,31 @@ valid_ticket(request_rec *r, const char *source, char *ticket, auth_tkt *parsed, - return 1; - } - --/* Check for required auth tokens -+/* Check for required auth tokens - * Returns 1 on success, 0 on failure */ - static int - check_tokens(request_rec *r, char *tokens) - { -- auth_tkt_dir_conf *conf = -+ auth_tkt_dir_conf *conf = - ap_get_module_config(r->per_dir_config, &auth_tkt_module); - char *next_parsed_token; - const char *t = NULL; -- int match = 0; -+ int match = 0; - - /* Success if no tokens required */ -- if (conf->auth_token->nelts == 0 || -+ if (conf->auth_token->nelts == 0 || - strcmp(((char **) conf->auth_token->elts)[0], "NULL") == 0) { - return 1; - } - /* Failure if required and no user tokens found */ - if (tokens == NULL || strlen(tokens) == 0) { -- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, -+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, - "TKT: no matching tokens! (no user tokens found)"); - return 0; - } - -- t = apr_pstrdup(r->pool, tokens); -- -+ t = apr_pstrdup(r->pool, tokens); -+ - while (*t && (next_parsed_token = ap_getword(r->pool, &t, ','))) { - char ** auth_tokens = (char **) conf->auth_token->elts; - int i; -@@ -990,16 +1007,16 @@ check_tokens(request_rec *r, char *tokens) - for (i=0; i < conf->auth_token->nelts; i++) { - int token_len = strlen(auth_tokens[i]); - if (strncmp(auth_tokens[i], next_parsed_token, token_len) == 0 && -- next_parsed_token[token_len] == 0) { -- match = 1; -- break; -+ next_parsed_token[token_len] == 0) { -+ match = 1; -+ break; - } - } - if (match) break; - } - - if (conf->debug >= 1 && ! match) { -- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, -+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, - "TKT: no matching tokens! (user tokens '%s')", tokens); - } - -@@ -1010,24 +1027,24 @@ check_tokens(request_rec *r, char *tokens) - static void - refresh_cookie(request_rec *r, auth_tkt *parsed, int timeout, int force_flag) - { -- auth_tkt_serv_conf *sconf = -+ auth_tkt_serv_conf *sconf = - ap_get_module_config(r->server->module_config, &auth_tkt_module); -- auth_tkt_dir_conf *conf = -+ auth_tkt_dir_conf *conf = - ap_get_module_config(r->per_dir_config, &auth_tkt_module); - - /* The timeout refresh is a double between 0 and 1, signifying what -- * proportion of the timeout should be left before we refresh i.e. -+ * proportion of the timeout should be left before we refresh i.e. - * 0 means never refresh (hard timeouts); 1 means always refresh; -- * .33 means only refresh if less than a third of the timeout -- * period remains. */ -+ * .33 means only refresh if less than a third of the timeout -+ * period remains. */ - unsigned int now = time(NULL); - int remainder = parsed->timestamp + timeout - now; - double refresh_sec = conf->timeout_refresh * timeout; - - if (conf->debug >= 1) { -- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, -+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, - "TKT refresh_cookie: timeout %d, refresh %.3f, remainder %d, refresh_sec %.3f, force_flag %d", -- timeout, conf->timeout_refresh, remainder, refresh_sec, force_flag); -+ timeout, conf->timeout_refresh, remainder, refresh_sec, force_flag); - } - - /* If less than our refresh_sec threshold, freshen the cookie */ -@@ -1036,29 +1053,29 @@ refresh_cookie(request_rec *r, auth_tkt *parsed, int timeout, int force_flag) - char *digest = ticket_digest(r, parsed, now, sconf->secret); - if (parsed->tokens) { - ticket = apr_psprintf(r->pool, -- "%s%08x%s%c%s%c%s", -- digest, now, parsed->uid, -- SEPARATOR, parsed->tokens, -- SEPARATOR, parsed->user_data); -+ "%s%08x%s%c%s%c%s", -+ digest, now, parsed->uid, -+ SEPARATOR, parsed->tokens, -+ SEPARATOR, parsed->user_data); - } - else { - ticket = apr_psprintf(r->pool, -- "%s%08x%s%c%s", -+ "%s%08x%s%c%s", - digest, now, parsed->uid, SEPARATOR, parsed->user_data); - } - ticket_base64 = ap_pbase64encode(r->pool, ticket); - -- send_auth_cookie(r, ticket_base64); -+ send_auth_cookie(r, ticket_base64); - } *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201501270323.t0R3N8Sx053517>