[shibboleth-sp2] 40/89: SSPCPP-696 - Config schema prevents use of SHIBSP_LISTENER_ADDRESS

Ferenc Wágner wferi at moszumanska.debian.org
Thu Sep 1 09:24:07 UTC 2016 

This is an automated email from the git hooks/post-receive script.

wferi pushed a commit to branch master
in repository shibboleth-sp2.

commit 8e0d0eea188799255a45a3c06e579ea3f91b5b83
Author: Scott Cantor <cantor.2 at osu.edu>
Date:   Wed Jun 1 20:04:54 2016 -0400

    SSPCPP-696 - Config schema prevents use of SHIBSP_LISTENER_ADDRESS
    
    https://issues.shibboleth.net/jira/browse/SSPCPP-696
    
    Add clientAddress/clientPort attributes for split deployments.
---
 schemas/shibboleth-2.0-native-sp-config.xsd |  3 +++
 shibsp/remoting/impl/TCPListener.cpp        | 37 ++++++++++++++++++++---------
 shibsp/remoting/impl/UnixListener.cpp       | 19 +++++++++++----
 3 files changed, 44 insertions(+), 15 deletions(-)

diff --git a/schemas/shibboleth-2.0-native-sp-config.xsd b/schemas/shibboleth-2.0-native-sp-config.xsd
index 13c4a98..ce7f468 100644
--- a/schemas/shibboleth-2.0-native-sp-config.xsd
+++ b/schemas/shibboleth-2.0-native-sp-config.xsd
@@ -786,6 +786,7 @@
           <element name="UnixListener">
             <complexType>
               <attribute name="address" type="conf:string"/>
+              <attribute name="clientAddress" type="conf:string"/>
               <attribute name="stackSize" type="unsignedInt"/>
             </complexType>
           </element>
@@ -793,6 +794,8 @@
             <complexType>
               <attribute name="address" type="conf:string"/>
               <attribute name="port" type="unsignedInt"/>
+              <attribute name="clientAddress" type="conf:string"/>
+              <attribute name="clientPort" type="unsignedInt"/>
               <attribute name="acl" type="conf:listOfStrings"/>
               <attribute name="stackSize" type="unsignedInt"/>
             </complexType>
diff --git a/shibsp/remoting/impl/TCPListener.cpp b/shibsp/remoting/impl/TCPListener.cpp
index f99fa41..f4b91e1 100644
--- a/shibsp/remoting/impl/TCPListener.cpp
+++ b/shibsp/remoting/impl/TCPListener.cpp
@@ -105,28 +105,43 @@ namespace shibsp {
     static const XMLCh address[] = UNICODE_LITERAL_7(a,d,d,r,e,s,s);
     static const XMLCh port[] = UNICODE_LITERAL_4(p,o,r,t);
     static const XMLCh acl[] = UNICODE_LITERAL_3(a,c,l);
+    static const XMLCh clientAddress[] = UNICODE_LITERAL_13(c,l,i,e,n,t,A,d,d,r,e,s,s);
+    static const XMLCh clientPort[] = UNICODE_LITERAL_10(c,l,i,e,n,t,P,o,r,t);
 };
 
-TCPListener::TCPListener(const DOMElement* e)
-    : SocketListener(e),
-      m_address(XMLHelper::getAttrString(e, getenv("SHIBSP_LISTENER_ADDRESS"), address)),
-      m_port(XMLHelper::getAttrInt(e, 0, port))
+TCPListener::TCPListener(const DOMElement* e) : SocketListener(e), m_port(0)
 {
+    // In-process, check the clientAddress/clientPort settings first.
+    if (SPConfig::getConfig().isEnabled(SPConfig::InProcess)) {
+        m_address = XMLHelper::getAttrString(e, nullptr, clientAddress);
+        m_port = XMLHelper::getAttrInt(e, 0, clientPort);
+    }
+
+    // Back-off to address setting, environment, or default.
     if (m_address.empty()) {
-        m_address = "127.0.0.1";
-        log->info("defaulting socket address to %s", m_address.c_str());
+        m_address = XMLHelper::getAttrString(e, getenv("SHIBSP_LISTENER_ADDRESS"), address);
+        if (m_address.empty()) {
+            m_address = "127.0.0.1";
+        }
     }
 
+    log->info("using socket address: %s", m_address.c_str());
+
+    // Back-off to port setting, environment, or default.
     if (m_port == 0) {
-        const char* p = getenv("SHIBSP_LISTENER_PORT");
-        if (p && *p)
-            m_port = atoi(p);
+        m_port = XMLHelper::getAttrInt(e, 0, port);
         if (m_port == 0) {
-            m_port = 1600;
-            log->info("defaulting socket port to %u", m_port);
+            const char* p = getenv("SHIBSP_LISTENER_PORT");
+            if (p && *p)
+                m_port = atoi(p);
+            if (m_port == 0) {
+                m_port = 1600;
+            }
         }
     }
 
+    log->info("using socket port: %u", m_port);
+
     vector<string> rawacls;
     string aclbuf = XMLHelper::getAttrString(e, "127.0.0.1", acl);
     boost::trim(aclbuf);
diff --git a/shibsp/remoting/impl/UnixListener.cpp b/shibsp/remoting/impl/UnixListener.cpp
index 95dd28b..0e52720 100644
--- a/shibsp/remoting/impl/UnixListener.cpp
+++ b/shibsp/remoting/impl/UnixListener.cpp
@@ -85,15 +85,26 @@ namespace shibsp {
     }
 
     static const XMLCh address[] = UNICODE_LITERAL_7(a,d,d,r,e,s,s);
+    static const XMLCh clientAddress[] = UNICODE_LITERAL_13(c,l,i,e,n,t,A,d,d,r,e,s,s);
 };
 
-UnixListener::UnixListener(const DOMElement* e)
-    : SocketListener(e), m_address(XMLHelper::getAttrString(e, getenv("SHIBSP_LISTENER_ADDRESS"), address)), m_bound(false)
+UnixListener::UnixListener(const DOMElement* e) : SocketListener(e), m_bound(false)
 {
+    // In-process, check the clientAddress/clientPort settings first.
+    if (SPConfig::getConfig().isEnabled(SPConfig::InProcess)) {
+        m_address = XMLHelper::getAttrString(e, nullptr, clientAddress);
+    }
+
+    // Back-off to address setting, environment, or default.
     if (m_address.empty()) {
-        m_address = "shibd.sock";
-        m_log->info("defaulting socket address to %s", m_address.c_str());
+        m_address = XMLHelper::getAttrString(e, getenv("SHIBSP_LISTENER_ADDRESS"), address);
+        if (m_address.empty()) {
+            m_address = "shibd.sock";
+        }
     }
+
+    log->info("using socket address: %s", m_address.c_str());
+
     XMLToolingConfig::getConfig().getPathResolver()->resolve(m_address, PathResolver::XMLTOOLING_RUN_FILE);
 }
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-shibboleth/shibboleth-sp2.git

More information about the Pkg-shibboleth-devel mailing list