summaryrefslogtreecommitdiff
path: root/main/apache-mod-auth-kerb
diff options
context:
space:
mode:
authorFrancesco Colista <francesco.colista@gmail.com>2013-06-05 07:43:06 +0000
committerFrancesco Colista <francesco.colista@gmail.com>2013-06-05 07:43:06 +0000
commite3f7797be741908e9adee8c8c788dbf6d575a140 (patch)
tree2eeaa79187a40ac6969a02b97a1875b3797d00a5 /main/apache-mod-auth-kerb
parent73d4342a55fe1b676a8931710cdd5685bd57479b (diff)
downloadaports-e3f7797be741908e9adee8c8c788dbf6d575a140.zip
main/apache-mod-auth-kerb: moved from main
Diffstat (limited to 'main/apache-mod-auth-kerb')
-rw-r--r--main/apache-mod-auth-kerb/APKBUILD59
-rw-r--r--main/apache-mod-auth-kerb/mod-auth-kerb.conf26
-rw-r--r--main/apache-mod-auth-kerb/mod_auth_kerb-5.4-httpd24.patch62
-rw-r--r--main/apache-mod-auth-kerb/mod_auth_kerb.patch13
-rw-r--r--main/apache-mod-auth-kerb/mod_auth_kerb_compile.patch10
5 files changed, 170 insertions, 0 deletions
diff --git a/main/apache-mod-auth-kerb/APKBUILD b/main/apache-mod-auth-kerb/APKBUILD
new file mode 100644
index 00000000000..9e4dfd66aed
--- /dev/null
+++ b/main/apache-mod-auth-kerb/APKBUILD
@@ -0,0 +1,59 @@
+# Contributor: Francesco Colista <francesco.colista@gmail.com>
+# Maintainer: Francesco Colista <francesco.colista@gmail.com>
+pkgname=apache-mod-auth-kerb
+_pkgname=mod_auth_kerb
+pkgver=5.4
+pkgrel=2
+pkgdesc="A Kerberos authentication module for the Apache Http Server"
+url="http://sourceforge.net/projects/mod_auth_kerb/"
+arch="all"
+license="custom"
+depends="apache2 heimdal"
+makedepends="apache2-dev heimdal-dev"
+source="http://downloads.sourceforge.net/project/modauthkerb/$_pkgname/$_pkgname-$pkgver/$_pkgname-$pkgver.tar.gz
+ mod_auth_kerb-5.4-httpd24.patch
+ mod_auth_kerb_compile.patch
+ mod-auth-kerb.conf"
+
+_builddir="$srcdir"/$_pkgname-$pkgver
+
+prepare() {
+ local i
+ cd "$_builddir"
+ for i in $source; do
+ case $i in
+ *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
+ esac
+ done
+}
+
+build() {
+ cd $srcdir/$_pkgname-$pkgver
+ ./configure --prefix=/usr \
+ --with-krb5=/usr \
+ --without-krb4 \
+ --with-apache=/usr
+ make -j1 || return 1
+}
+
+package() {
+ cd $srcdir/$_pkgname-$pkgver
+# make DESTDIR="$pkgdir" install || return 1
+ mkdir -p "$pkgdir"/etc/apache2/conf.d
+ mkdir -p "$pkgdir"/usr/lib/apache2
+ install -D -m755 ./src/.libs/*.so "$pkgdir"/usr/lib/apache2
+ install -D -m644 ../../mod-auth-kerb.conf "$pkgdir"/etc/apache2/conf.d/mod-auth-kerb.conf
+}
+
+md5sums="642b81763ad3ca81dba359cb952da5e3 mod_auth_kerb-5.4.tar.gz
+3df80322c5697404b4e9a6ea53a7799a mod_auth_kerb-5.4-httpd24.patch
+9b238dc704dd06cd6c2880d83ca38cc8 mod_auth_kerb_compile.patch
+7f9a0976ff101226fae4fd9b811b21a4 mod-auth-kerb.conf"
+sha256sums="690ddd66c6d941e2fa2dada46588329a6f57d0a3b9b2fd9bf055ebc427558265 mod_auth_kerb-5.4.tar.gz
+dffaa66925dab20d2d4b84beb171f0c3ab195a294d422e5ca6e8867e48df24a1 mod_auth_kerb-5.4-httpd24.patch
+bbd036788971a6f9cf97f00870ca83e214f043279ee9fa52c241abc7ece1a587 mod_auth_kerb_compile.patch
+2601c080a091b0fc598e542d754a9a8f5909fadc8f91c4433ed6f5002b36a41d mod-auth-kerb.conf"
+sha512sums="93fdf0e43af1c24e8c8204d09240b708747068ef99dd8d21b45cb4d132d31e6d582d49ea5e23b905f55cb0d4a20b1ecb58de1bcbfdad1d016e536fc622b63214 mod_auth_kerb-5.4.tar.gz
+15100aee410f899fae41d921c1016bc901602871fd387834b4d486521db7ffeb6e917bfcdc5841c8cb2828497e230aa9f04071e36c31ccc8ed5ede3fb0a286dd mod_auth_kerb-5.4-httpd24.patch
+f8fd9cce15593592995a53374a7dbbf6171c4f5e9e82d5bf59953fcfa6fa81cf6890ec4c9ddc2e0963060ea34e98b590f037b1f0274c284085350e6bc4792748 mod_auth_kerb_compile.patch
+b6cfa12dbfd37f98de4d5b23f16462efbfa394d4e9dd6a15772aa18fbec0704c3d9f6e5d242d501a8f1c3091abf893de261115ee54ea31d9d9e0a4d1724473a4 mod-auth-kerb.conf"
diff --git a/main/apache-mod-auth-kerb/mod-auth-kerb.conf b/main/apache-mod-auth-kerb/mod-auth-kerb.conf
new file mode 100644
index 00000000000..24310d6cf95
--- /dev/null
+++ b/main/apache-mod-auth-kerb/mod-auth-kerb.conf
@@ -0,0 +1,26 @@
+#
+# The mod_auth_kerb module implements Kerberos authentication over
+# HTTP, following the "Negotiate" protocol.
+#
+
+LoadModule auth_kerb_module modules/mod_auth_kerb.so
+
+#
+# Sample configuration: Kerberos authentication must only be
+# used over SSL to prevent replay attacks. The keytab file
+# configured must be readable only by the "apache" user, and
+# must contain service keys for "HTTP/www.example.com", where
+# "www.example.com" is the FQDN of this server.
+#
+
+#<Location /private>
+# SSLRequireSSL
+# AuthType Kerberos
+# AuthName "Kerberos Login"
+# KrbMethodNegotiate On
+# KrbMethodK5Passwd Off
+# KrbAuthRealms EXAMPLE.COM
+# Krb5KeyTab /etc/httpd/conf/keytab
+# require valid-user
+#</Location>
+
diff --git a/main/apache-mod-auth-kerb/mod_auth_kerb-5.4-httpd24.patch b/main/apache-mod-auth-kerb/mod_auth_kerb-5.4-httpd24.patch
new file mode 100644
index 00000000000..4f2c0887222
--- /dev/null
+++ b/main/apache-mod-auth-kerb/mod_auth_kerb-5.4-httpd24.patch
@@ -0,0 +1,62 @@
+--- mod_auth_kerb-5.4/src/mod_auth_kerb.c.httpd24
++++ mod_auth_kerb-5.4/src/mod_auth_kerb.c
+@@ -179,6 +179,16 @@ static apr_global_mutex_t *s4u2proxy_loc
+ #define PROXYREQ_PROXY STD_PROXY
+ #endif
+
++#if MODULE_MAGIC_NUMBER_MAJOR >= 20100606
++/* 2.4.x or later */
++#define WITH_HTTPD24 1
++#define client_ip(r) ((r)->useragent_ip)
++APLOG_USE_MODULE(auth_kerb);
++#else
++#define client_ip(r) ((r)->connection->remote_ip)
++#define ap_unixd_set_global_mutex_perms unixd_set_global_mutex_perms
++#endif
++
+ /***************************************************************************
+ Auth Configuration Structure
+ ***************************************************************************/
+@@ -383,7 +393,11 @@ cmd_delegationlock(cmd_parms *cmd, void
+ }
+
+ static void
+-log_rerror(const char *file, int line, int level, int status,
++log_rerror(const char *file, int line,
++#ifdef WITH_HTTPD24
++ int module_index,
++#endif
++ int level, int status,
+ const request_rec *r, const char *fmt, ...)
+ {
+ char errstr[1024];
+@@ -394,7 +408,9 @@ log_rerror(const char *file, int line, i
+ va_end(ap);
+
+
+-#ifdef STANDARD20_MODULE_STUFF
++#if defined(WITH_HTTPD24)
++ ap_log_rerror(file, line, module_index, level, status, r, "%s", errstr);
++#elif defined(STANDARD20_MODULE_STUFF)
+ ap_log_rerror(file, line, level | APLOG_NOERRNO, status, r, "%s", errstr);
+ #else
+ ap_log_rerror(file, line, level | APLOG_NOERRNO, r, "%s", errstr);
+@@ -1860,8 +1876,8 @@ already_succeeded(request_rec *r, char *
+ char keyname[1024];
+
+ snprintf(keyname, sizeof(keyname) - 1,
+- "mod_auth_kerb::connection::%s::%ld", r->connection->remote_ip,
+- r->connection->id);
++ "mod_auth_kerb::connection::%s::%ld", client_ip(r),
++ r->connection->id);
+
+ if (apr_pool_userdata_get((void**)&conn_data, keyname, r->connection->pool) != 0)
+ return NULL;
+@@ -2014,7 +2030,7 @@ kerb_authenticate_user(request_rec *r)
+ prevauth->last_return = ret;
+ snprintf(keyname, sizeof(keyname) - 1,
+ "mod_auth_kerb::connection::%s::%ld",
+- r->connection->remote_ip, r->connection->id);
++ client_ip(r), r->connection->id);
+ apr_pool_userdata_set(prevauth, keyname, NULL, r->connection->pool);
+ }
diff --git a/main/apache-mod-auth-kerb/mod_auth_kerb.patch b/main/apache-mod-auth-kerb/mod_auth_kerb.patch
new file mode 100644
index 00000000000..350a393cd46
--- /dev/null
+++ b/main/apache-mod-auth-kerb/mod_auth_kerb.patch
@@ -0,0 +1,13 @@
+diff --git a/Makefile.in b/Makefile.in
+index 36f6046..41d4887 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -13,7 +13,7 @@ CFLAGS =
+ all: src/mod_auth_kerb.so
+
+ src/mod_auth_kerb.so: src/mod_auth_kerb.c $(SPNEGO_SRCS)
+- ./apxs.sh "${CPPFLAGS}" "${LDFLAGS}" "${SPNEGO_SRCS}" "${APXS}" "-c" "src/mod_auth_kerb.c"
++ apxs -c ${CPPFLAGS} ${LDFLAGS} mod_auth_kerb.s
+
+ install:
+ ./apxs.sh "${CPPFLAGS}" "${LDFLAGS}" "${SPNEGO_SRCS}" "${APXS}" "-c -i" "src/mod_auth_kerb.c"
diff --git a/main/apache-mod-auth-kerb/mod_auth_kerb_compile.patch b/main/apache-mod-auth-kerb/mod_auth_kerb_compile.patch
new file mode 100644
index 00000000000..f3230881d08
--- /dev/null
+++ b/main/apache-mod-auth-kerb/mod_auth_kerb_compile.patch
@@ -0,0 +1,10 @@
+--- mod_auth_kerb-5.4/src/mod_auth_kerb.c 2008-12-04 03:14:03.000000000 -0700
++++ mod_auth_kerb-5.4a/src/mod_auth_kerb.c 2011-01-25 17:35:31.466666669 -0700
+@@ -89,6 +89,7 @@
+ #include <krb5.h>
+ #ifdef HEIMDAL
+ # include <gssapi.h>
++# include <gssapi/gssapi_krb5.h>
+ #else
+ # include <gssapi/gssapi.h>
+ # include <gssapi/gssapi_generic.h>