commit apache2-mod_auth_openidc for openSUSE:Factory

Source-Sync Mon, 30 Aug 2021 04:56:12 -0700

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package apache2-mod_auth_openidc for 
openSUSE:Factory checked in at 2021-08-30 13:55:18
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/apache2-mod_auth_openidc (Old)
 and      /work/SRC/openSUSE:Factory/.apache2-mod_auth_openidc.new.1899 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "apache2-mod_auth_openidc"

Mon Aug 30 13:55:18 2021 rev:22 rq:914953 version:2.4.9.3

Changes:
--------
--- 
/work/SRC/openSUSE:Factory/apache2-mod_auth_openidc/apache2-mod_auth_openidc.changes
        2021-08-24 10:55:51.144243104 +0200
+++ 
/work/SRC/openSUSE:Factory/.apache2-mod_auth_openidc.new.1899/apache2-mod_auth_openidc.changes
      2021-08-30 13:55:39.101856550 +0200
@@ -1,0 +2,7 @@
+Fri Aug 27 09:50:50 UTC 2021 - Michael Str??der <[email protected]>
+
+- update to 2.4.9.3
+  * Bugfixes
+    - don't apply authz to the redirect URI; fixes ac56864
+
+-------------------------------------------------------------------

Old:
----
  mod_auth_openidc-2.4.9.2.tar.gz

New:
----
  mod_auth_openidc-2.4.9.3.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ apache2-mod_auth_openidc.spec ++++++
--- /var/tmp/diff_new_pack.LbIGuk/_old  2021-08-30 13:55:39.729857356 +0200
+++ /var/tmp/diff_new_pack.LbIGuk/_new  2021-08-30 13:55:39.733857361 +0200
@@ -17,7 +17,7 @@
 
 
 Name:           apache2-mod_auth_openidc
-Version:        2.4.9.2
+Version:        2.4.9.3
 Release:        0
 Summary:        Apache2.x module for an OpenID Connect enabled Identity 
Provider
 License:        Apache-2.0

++++++ mod_auth_openidc-2.4.9.2.tar.gz -> mod_auth_openidc-2.4.9.3.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/mod_auth_openidc-2.4.9.2/ChangeLog 
new/mod_auth_openidc-2.4.9.3/ChangeLog
--- old/mod_auth_openidc-2.4.9.2/ChangeLog      2021-08-20 19:25:39.000000000 
+0200
+++ new/mod_auth_openidc-2.4.9.3/ChangeLog      2021-08-26 18:44:21.000000000 
+0200
@@ -1,3 +1,6 @@
+08/26/2021
+- don't apply authz to the redirect URI; fixes 
ac5686495a51bc93e257e42bfdc9c9c46252feb1
+
 08/20/2021
 - fix graceful restart (regression); see #458; thanks @Foxite
 - bump to 2.4.9.2
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/mod_auth_openidc-2.4.9.2/configure 
new/mod_auth_openidc-2.4.9.3/configure
--- old/mod_auth_openidc-2.4.9.2/configure      2021-08-23 15:33:22.000000000 
+0200
+++ new/mod_auth_openidc-2.4.9.3/configure      2021-08-26 18:48:28.000000000 
+0200
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.71 for mod_auth_openidc 2.4.9.2.
+# Generated by GNU Autoconf 2.71 for mod_auth_openidc 2.4.9.3.
 #
 # Report bugs to <[email protected]>.
 #
@@ -610,8 +610,8 @@
 # Identity of this package.
 PACKAGE_NAME='mod_auth_openidc'
 PACKAGE_TARNAME='mod_auth_openidc'
-PACKAGE_VERSION='2.4.9.2'
-PACKAGE_STRING='mod_auth_openidc 2.4.9.2'
+PACKAGE_VERSION='2.4.9.3'
+PACKAGE_STRING='mod_auth_openidc 2.4.9.3'
 PACKAGE_BUGREPORT='[email protected]'
 PACKAGE_URL=''
 
@@ -1301,7 +1301,7 @@
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures mod_auth_openidc 2.4.9.2 to adapt to many kinds of 
systems.
+\`configure' configures mod_auth_openidc 2.4.9.3 to adapt to many kinds of 
systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1364,7 +1364,7 @@
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of mod_auth_openidc 2.4.9.2:";;
+     short | recursive ) echo "Configuration of mod_auth_openidc 2.4.9.3:";;
    esac
   cat <<\_ACEOF
 
@@ -1478,7 +1478,7 @@
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-mod_auth_openidc configure 2.4.9.2
+mod_auth_openidc configure 2.4.9.3
 generated by GNU Autoconf 2.71
 
 Copyright (C) 2021 Free Software Foundation, Inc.
@@ -1634,7 +1634,7 @@
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by mod_auth_openidc $as_me 2.4.9.2, which was
+It was created by mod_auth_openidc $as_me 2.4.9.3, which was
 generated by GNU Autoconf 2.71.  Invocation command line was
 
   $ $0$ac_configure_args_raw
@@ -2292,7 +2292,7 @@
 
 
 
-NAMEVER=mod_auth_openidc-2.4.9.2
+NAMEVER=mod_auth_openidc-2.4.9.3
 
 
 # This section defines the --with-apxs2 option.
@@ -4952,7 +4952,7 @@
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by mod_auth_openidc $as_me 2.4.9.2, which was
+This file was extended by mod_auth_openidc $as_me 2.4.9.3, which was
 generated by GNU Autoconf 2.71.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -5007,7 +5007,7 @@
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config='$ac_cs_config_escaped'
 ac_cs_version="\\
-mod_auth_openidc config.status 2.4.9.2
+mod_auth_openidc config.status 2.4.9.3
 configured by $0, generated by GNU Autoconf 2.71,
   with options \\"\$ac_cs_config\\"
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/mod_auth_openidc-2.4.9.2/configure.ac 
new/mod_auth_openidc-2.4.9.3/configure.ac
--- old/mod_auth_openidc-2.4.9.2/configure.ac   2021-08-20 19:25:46.000000000 
+0200
+++ new/mod_auth_openidc-2.4.9.3/configure.ac   2021-08-26 18:46:49.000000000 
+0200
@@ -1,4 +1,4 @@
-AC_INIT([mod_auth_openidc],[2.4.9.2],[[email protected]])
+AC_INIT([mod_auth_openidc],[2.4.9.3],[[email protected]])
 
 AC_SUBST(NAMEVER, AC_PACKAGE_TARNAME()-AC_PACKAGE_VERSION())
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/mod_auth_openidc-2.4.9.2/src/mod_auth_openidc.c 
new/mod_auth_openidc-2.4.9.3/src/mod_auth_openidc.c
--- old/mod_auth_openidc-2.4.9.2/src/mod_auth_openidc.c 2021-08-19 
19:58:34.000000000 +0200
+++ new/mod_auth_openidc-2.4.9.3/src/mod_auth_openidc.c 2021-08-26 
18:39:11.000000000 +0200
@@ -4030,11 +4030,16 @@
 
        oidc_debug(r, "enter: require_args=\"%s\"", require_args);
 
+       oidc_cfg *c = ap_get_module_config(r->server->module_config,
+                       &auth_openidc_module);
+
        /* check for anonymous access and PASS mode */
        if (r->user != NULL && strlen(r->user) == 0) {
                r->user = NULL;
                if (oidc_dir_cfg_unauth_action(r) == OIDC_UNAUTH_PASS)
                        return AUTHZ_GRANTED;
+               if (oidc_util_request_matches_url(r, oidc_get_redirect_uri(r, 
c)) == TRUE)
+                       return AUTHZ_GRANTED;
        }
 
        /* get the set of claims from the request state (they've been set in 
the authentication part earlier */
@@ -4114,11 +4119,16 @@
  */
 int oidc_auth_checker(request_rec *r) {
 
+       oidc_cfg *c = ap_get_module_config(r->server->module_config,
+                       &auth_openidc_module);
+
        /* check for anonymous access and PASS mode */
        if (r->user != NULL && strlen(r->user) == 0) {
                r->user = NULL;
                if (oidc_dir_cfg_unauth_action(r) == OIDC_UNAUTH_PASS)
                        return OK;
+               if (oidc_util_request_matches_url(r, oidc_get_redirect_uri(r, 
c)) == TRUE)
+                       return OK;
        }
 
        /* get the set of claims from the request state (they've been set in 
the authentication part earlier */

commit apache2-mod_auth_openidc for openSUSE:Factory

Reply via email to