[FFe] build mellon with --enable-diagnostics to ease up SSO debugging

Bug #1820279 reported by Dmitrii Shcherbakov on 2019-03-15
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
libapache2-mod-auth-mellon (Ubuntu)
Undecided
Unassigned

Bug Description

[Rationale]
This change to mod_auth_mellon adds a very useful capability for enabling diagnostics output from the module:
https://github.com/Uninett/mod_auth_mellon/commit/e8579f6387d9841ce619d836110050fb18117753

It is available as of v0.14.0 (present in Cosmic):

git --no-pager tag --contains=e8579f6387d9841ce619d836110050fb18117753
v0.14.0
v0.14.1

This is generally useful for field engineering and operations teams and other users as SAML exchanges are difficult to debug.

[Build Verification]
https://paste.ubuntu.com/p/2kt3BsxJKn/

[Installation]
https://paste.ubuntu.com/p/VcfcgyPHqH/

"MellonDiagnosticsEnable Off" is the default setting and it results in am_diag_open_log returning 1 which does NOT result in an error returned from am_diag_log_init. Also installed a package and verified that setting this to off explicitly or implicitly (default) does not result in errors on startup or page access.

https://git.launchpad.net/ubuntu/+source/libapache2-mod-auth-mellon/tree/auth_mellon_diagnostics.c?h=ubuntu/disco&id=49c8ccfedca2db17d76348573e6daa862e104f6d#n311

int am_diag_log_init(apr_pool_t *pc, apr_pool_t *p, apr_pool_t *pt, server_rec *s)
{
    for ( ; s ; s = s->next) {
        if (!am_diag_open_log(s, p)) {
            return HTTP_INTERNAL_SERVER_ERROR;
        }
    }

// ...
static int am_diag_open_log(server_rec *s, apr_pool_t *p) {
// ...
    if (!(diag_cfg->flags & AM_DIAG_FLAG_ENABLED)) {
        ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s,
                     "mellon diagnostics disabled for %s", server_desc);
        return 1;
// ...

[Upgrades]
No impact

Related branches

description: updated
summary: - consider building with --enable-diagnostics as of v0.14.0 (cosmic) to
- ease up SSO debugging
+ [FFe] build mellon with --enable-diagnostics to ease up SSO debugging
description: updated
description: updated
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers