$NetBSD: patch-aj,v 1.1 2013/04/15 15:35:02 manu Exp $ 

MellonSPentityId option to control entityID in autogenerated metadata
(patch from upstream)

Index: auth_mellon_config.c
===================================================================
--- auth_mellon_config.c	(revision 204)
+++ auth_mellon_config.c	(working copy)
@@ -1064,6 +1064,13 @@
         OR_AUTHCFG,
         "List of IdP entityId to ignore."
         ),
+    AP_INIT_TAKE1(
+        "MellonSPentityId",
+        ap_set_string_slot,
+        (void *)APR_OFFSETOF(am_dir_cfg_rec, sp_entity_id),
+        OR_AUTHCFG,
+        "SP entity Id to be used for metadata auto generation."
+        ),
     AP_INIT_TAKE12(
         "MellonOrganizationName",
         am_set_langstring_slot,
@@ -1231,6 +1238,7 @@
     dir->probe_discovery_timeout = -1; /* -1 means no probe discovery */
     dir->probe_discovery_idp = apr_table_make(p, 0);
 
+    dir->sp_entity_id = NULL;
     dir->sp_org_name = apr_hash_make(p);
     dir->sp_org_display_name = apr_hash_make(p);
     dir->sp_org_url = apr_hash_make(p);
@@ -1400,6 +1408,10 @@
                           add_cfg->idp_ignore :
                           base_cfg->idp_ignore;
 
+    new_cfg->sp_entity_id = (add_cfg->sp_entity_id ?
+                             add_cfg->sp_entity_id :
+                             base_cfg->sp_entity_id);
+
     new_cfg->sp_org_name = apr_hash_copy(p,
                           (apr_hash_count(add_cfg->sp_org_name) > 0) ?
                            add_cfg->sp_org_name : 
Index: auth_mellon_handler.c
===================================================================
--- auth_mellon_handler.c	(revision 204)
+++ auth_mellon_handler.c	(working copy)
@@ -117,7 +117,10 @@
     am_dir_cfg_rec *cfg = am_get_dir_cfg(r);
     char *url = am_get_endpoint_url(r);
     char *cert = "";
+    const char *sp_entity_id;
 
+    sp_entity_id = cfg->sp_entity_id ? cfg->sp_entity_id : url;
+
     if (cfg->sp_cert_file) {
 	char *sp_cert_file;
         char *cp;
@@ -171,7 +174,7 @@
     return apr_psprintf(p,
       "<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>\n\
 <EntityDescriptor\n\
- entityID=\"%smetadata\"\n\
+ entityID=\"%s%s\"\n\
  xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\">\n\
  <SPSSODescriptor\n\
    AuthnRequestsSigned=\"true\"\n\
@@ -197,7 +200,8 @@
  </SPSSODescriptor>\n\
  %s\n\
 </EntityDescriptor>",
-      url, cert, url, url, url, url, am_optional_metadata(p, r));
+      sp_entity_id, cfg->sp_entity_id ? "" : "metadata", 
+      cert, url, url, url, url, am_optional_metadata(p, r));
 }
 #endif /* HAVE_lasso_server_new_from_buffers */
 
Index: auth_mellon.h
===================================================================
--- auth_mellon.h	(revision 204)
+++ auth_mellon.h	(working copy)
@@ -195,6 +195,7 @@
     GList *idp_ignore;
 
     /* metadata autogeneration helper */
+    char *sp_entity_id;
     apr_hash_t *sp_org_name;
     apr_hash_t *sp_org_display_name;
     apr_hash_t *sp_org_url;
Index: README
===================================================================
--- README	(revision 204)
+++ README	(working copy)
@@ -332,7 +332,11 @@
         # Default: None set.
         MellonSPMetadataFile /etc/apache2/mellon/sp-metadata.xml
 
-        # If you choose to autogenerate metadata, these option 
+        # If you choose to autogenerate metadata, this option
+        # can be used to control the SP entityId
+        # MellonSPentityId "https://www.example.net/foo"
+        #
+        # If you choose to autogenerate metadata, these options 
         # can be used to fill the <Organization> element. They
         # all follow the syntax "option [lang] value":
         # MellonOrganizationName "random-service"
