[Bug 260482] security/shibboleth-sp: Silence bogus apache 1.3 warning

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 16 Dec 2021 22:14:11 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260482

            Bug ID: 260482
           Summary: security/shibboleth-sp:  Silence bogus apache 1.3
                    warning
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: girgen@FreeBSD.org
          Reporter: leres@freebsd.org
          Assignee: girgen@FreeBSD.org
             Flags: maintainer-feedback?(girgen@FreeBSD.org)

While looking into an unrelated problem we noticed a system running a django
app under apache that used shibboleth for authentication would repeatedly log:

    [Thu Dec 16 14:03:14.499450 2021] [mod_shib:warn] DEPRECATED: Apache 1.3
module, please upgrade to Apache 2.4+

Further investigation determined that (a) security/shibboleth-sp can only be
built for use with apache 2.4+ and (b) the log message should be protected by
the nearby SHIB_APACHE_13 ifdef. In addition our IDM guy found that the issue
had already been fixed upstream but not until after shibboleth 3.3.0 was
released:

    https://shibboleth.atlassian.net/browse/SSPCPP-948
   
https://git.shibboleth.net/view/?p=cpp-sp.git;a=commitdiff;h=7b5c7aced15c0be5404bcba0bcec4c586323fba9

Here's a patch for the port.

-- 
You are receiving this mail because:
You are the assignee for the bug.