Forgot the case when domain does NOT begin with dot

[queo-composer]

In the case when domain does NOT begin with a dot, no domain will be sent in the Cookie. This will happen since Crowd 3.2 (see https://jira.atlassian.com/browse/CWD-5141)

Patch here:

--- mod_authnz_crowd.c.1 2019-06-07 10:11:58.840568628 +0200 +++ mod_authnz_crowd.c.2 2019-06-07 10:12:12.708600882 +0200 @@ -486,6 +486,9 @@ domain = apr_psprintf(r->pool, ";Domain=%s", cookie_config->domain); } }

• else {
• domain = apr_psprintf(r->pool, ";Domain=%s", cookie_config->domain);

• }

           char *cookie = log_ralloc(r,
               apr_psprintf(r->pool, "%s=%s%s%s%s;Version=1;Path=/", cookie_config->cookie_name, token,
               domain, cookie_config->secure ? ";Secure" : "", config->set_http_only ? ";HttpOnly" : ""));

[ferstl]

Hi Thanks for the patch. But doesn't it miss the cookie_config->domain != NULL case?

So it should be rather something like this?

if (cookie_config->domain != NULL) {
    if(cookie_config->domain[0] == '.') {
        size_t domainlen = strlen(cookie_config->domain);
        size_t hostlen = strlen(r->hostname);
        if (hostlen > domainlen
            && strcmp(cookie_config->domain, r->hostname + hostlen - domainlen) == 0) {
            domain = apr_psprintf(r->pool, ";Domain=%s", cookie_config->domain);
        }
    } else {
        domain = apr_psprintf(r->pool, ";Domain=%s", cookie_config->domain);
    }
}