[FFe] build mellon with --enable-diagnostics to ease up SSO debugging

Bug #1820279 reported by Dmitrii Shcherbakov on 2019-03-15
This bug affects 1 person
Affects Status Importance Assigned to Milestone
libapache2-mod-auth-mellon (Ubuntu)

Bug Description

This change to mod_auth_mellon adds a very useful capability for enabling diagnostics output from the module:

It is available as of v0.14.0 (present in Cosmic):

git --no-pager tag --contains=e8579f6387d9841ce619d836110050fb18117753

This is generally useful for field engineering and operations teams and other users as SAML exchanges are difficult to debug.

[Build Verification]


"MellonDiagnosticsEnable Off" is the default setting and it results in am_diag_open_log returning 1 which does NOT result in an error returned from am_diag_log_init. Also installed a package and verified that setting this to off explicitly or implicitly (default) does not result in errors on startup or page access.


int am_diag_log_init(apr_pool_t *pc, apr_pool_t *p, apr_pool_t *pt, server_rec *s)
    for ( ; s ; s = s->next) {
        if (!am_diag_open_log(s, p)) {
            return HTTP_INTERNAL_SERVER_ERROR;

// ...
static int am_diag_open_log(server_rec *s, apr_pool_t *p) {
// ...
    if (!(diag_cfg->flags & AM_DIAG_FLAG_ENABLED)) {
        ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s,
                     "mellon diagnostics disabled for %s", server_desc);
        return 1;
// ...

No impact

Related branches

description: updated
summary: - consider building with --enable-diagnostics as of v0.14.0 (cosmic) to
- ease up SSO debugging
+ [FFe] build mellon with --enable-diagnostics to ease up SSO debugging
description: updated
description: updated
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers