While looking into an unrelated problem we noticed a system running a django app under apache that used shibboleth for authentication would repeatedly log: [Thu Dec 16 14:03:14.499450 2021] [mod_shib:warn] DEPRECATED: Apache 1.3 module, please upgrade to Apache 2.4+ Further investigation determined that (a) security/shibboleth-sp can only be built for use with apache 2.4+ and (b) the log message should be protected by the nearby SHIB_APACHE_13 ifdef. In addition our IDM guy found that the issue had already been fixed upstream but not until after shibboleth 3.3.0 was released: https://shibboleth.atlassian.net/browse/SSPCPP-948 https://git.shibboleth.net/view/?p=cpp-sp.git;a=commitdiff;h=7b5c7aced15c0be5404bcba0bcec4c586323fba9 Here's a patch for the port.
Created attachment 230188 [details] patch
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=d4c09351b85fa9f3fce34923ed1e8b1cddb0bd38 commit d4c09351b85fa9f3fce34923ed1e8b1cddb0bd38 Author: Palle Girgensohn <girgen@FreeBSD.org> AuthorDate: 2021-12-20 13:19:55 +0000 Commit: Palle Girgensohn <girgen@FreeBSD.org> CommitDate: 2021-12-20 14:02:27 +0000 security/shibboleth-sp: Silence bogus apache 1.3 warning PR: 260482 Submitted by: Craig Leres security/shibboleth-sp/Makefile | 1 + .../files/patch-apache__mod_shib_cpp (new) | 26 ++++++++++++++++++++++ 2 files changed, 27 insertions(+)
Committed. Thanks!