diff options
author | Francesco Colista <francesco.colista@gmail.com> | 2013-06-05 07:43:06 +0000 |
---|---|---|
committer | Francesco Colista <francesco.colista@gmail.com> | 2013-06-05 07:43:06 +0000 |
commit | e3f7797be741908e9adee8c8c788dbf6d575a140 (patch) | |
tree | 2eeaa79187a40ac6969a02b97a1875b3797d00a5 /main/apache-mod-auth-kerb | |
parent | 73d4342a55fe1b676a8931710cdd5685bd57479b (diff) | |
download | aports-e3f7797be741908e9adee8c8c788dbf6d575a140.zip |
main/apache-mod-auth-kerb: moved from main
Diffstat (limited to 'main/apache-mod-auth-kerb')
-rw-r--r-- | main/apache-mod-auth-kerb/APKBUILD | 59 | ||||
-rw-r--r-- | main/apache-mod-auth-kerb/mod-auth-kerb.conf | 26 | ||||
-rw-r--r-- | main/apache-mod-auth-kerb/mod_auth_kerb-5.4-httpd24.patch | 62 | ||||
-rw-r--r-- | main/apache-mod-auth-kerb/mod_auth_kerb.patch | 13 | ||||
-rw-r--r-- | main/apache-mod-auth-kerb/mod_auth_kerb_compile.patch | 10 |
5 files changed, 170 insertions, 0 deletions
diff --git a/main/apache-mod-auth-kerb/APKBUILD b/main/apache-mod-auth-kerb/APKBUILD new file mode 100644 index 00000000000..9e4dfd66aed --- /dev/null +++ b/main/apache-mod-auth-kerb/APKBUILD @@ -0,0 +1,59 @@ +# Contributor: Francesco Colista <francesco.colista@gmail.com> +# Maintainer: Francesco Colista <francesco.colista@gmail.com> +pkgname=apache-mod-auth-kerb +_pkgname=mod_auth_kerb +pkgver=5.4 +pkgrel=2 +pkgdesc="A Kerberos authentication module for the Apache Http Server" +url="http://sourceforge.net/projects/mod_auth_kerb/" +arch="all" +license="custom" +depends="apache2 heimdal" +makedepends="apache2-dev heimdal-dev" +source="http://downloads.sourceforge.net/project/modauthkerb/$_pkgname/$_pkgname-$pkgver/$_pkgname-$pkgver.tar.gz + mod_auth_kerb-5.4-httpd24.patch + mod_auth_kerb_compile.patch + mod-auth-kerb.conf" + +_builddir="$srcdir"/$_pkgname-$pkgver + +prepare() { + local i + cd "$_builddir" + for i in $source; do + case $i in + *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; + esac + done +} + +build() { + cd $srcdir/$_pkgname-$pkgver + ./configure --prefix=/usr \ + --with-krb5=/usr \ + --without-krb4 \ + --with-apache=/usr + make -j1 || return 1 +} + +package() { + cd $srcdir/$_pkgname-$pkgver +# make DESTDIR="$pkgdir" install || return 1 + mkdir -p "$pkgdir"/etc/apache2/conf.d + mkdir -p "$pkgdir"/usr/lib/apache2 + install -D -m755 ./src/.libs/*.so "$pkgdir"/usr/lib/apache2 + install -D -m644 ../../mod-auth-kerb.conf "$pkgdir"/etc/apache2/conf.d/mod-auth-kerb.conf +} + +md5sums="642b81763ad3ca81dba359cb952da5e3 mod_auth_kerb-5.4.tar.gz +3df80322c5697404b4e9a6ea53a7799a mod_auth_kerb-5.4-httpd24.patch +9b238dc704dd06cd6c2880d83ca38cc8 mod_auth_kerb_compile.patch +7f9a0976ff101226fae4fd9b811b21a4 mod-auth-kerb.conf" +sha256sums="690ddd66c6d941e2fa2dada46588329a6f57d0a3b9b2fd9bf055ebc427558265 mod_auth_kerb-5.4.tar.gz +dffaa66925dab20d2d4b84beb171f0c3ab195a294d422e5ca6e8867e48df24a1 mod_auth_kerb-5.4-httpd24.patch +bbd036788971a6f9cf97f00870ca83e214f043279ee9fa52c241abc7ece1a587 mod_auth_kerb_compile.patch +2601c080a091b0fc598e542d754a9a8f5909fadc8f91c4433ed6f5002b36a41d mod-auth-kerb.conf" +sha512sums="93fdf0e43af1c24e8c8204d09240b708747068ef99dd8d21b45cb4d132d31e6d582d49ea5e23b905f55cb0d4a20b1ecb58de1bcbfdad1d016e536fc622b63214 mod_auth_kerb-5.4.tar.gz +15100aee410f899fae41d921c1016bc901602871fd387834b4d486521db7ffeb6e917bfcdc5841c8cb2828497e230aa9f04071e36c31ccc8ed5ede3fb0a286dd mod_auth_kerb-5.4-httpd24.patch +f8fd9cce15593592995a53374a7dbbf6171c4f5e9e82d5bf59953fcfa6fa81cf6890ec4c9ddc2e0963060ea34e98b590f037b1f0274c284085350e6bc4792748 mod_auth_kerb_compile.patch +b6cfa12dbfd37f98de4d5b23f16462efbfa394d4e9dd6a15772aa18fbec0704c3d9f6e5d242d501a8f1c3091abf893de261115ee54ea31d9d9e0a4d1724473a4 mod-auth-kerb.conf" diff --git a/main/apache-mod-auth-kerb/mod-auth-kerb.conf b/main/apache-mod-auth-kerb/mod-auth-kerb.conf new file mode 100644 index 00000000000..24310d6cf95 --- /dev/null +++ b/main/apache-mod-auth-kerb/mod-auth-kerb.conf @@ -0,0 +1,26 @@ +# +# The mod_auth_kerb module implements Kerberos authentication over +# HTTP, following the "Negotiate" protocol. +# + +LoadModule auth_kerb_module modules/mod_auth_kerb.so + +# +# Sample configuration: Kerberos authentication must only be +# used over SSL to prevent replay attacks. The keytab file +# configured must be readable only by the "apache" user, and +# must contain service keys for "HTTP/www.example.com", where +# "www.example.com" is the FQDN of this server. +# + +#<Location /private> +# SSLRequireSSL +# AuthType Kerberos +# AuthName "Kerberos Login" +# KrbMethodNegotiate On +# KrbMethodK5Passwd Off +# KrbAuthRealms EXAMPLE.COM +# Krb5KeyTab /etc/httpd/conf/keytab +# require valid-user +#</Location> + diff --git a/main/apache-mod-auth-kerb/mod_auth_kerb-5.4-httpd24.patch b/main/apache-mod-auth-kerb/mod_auth_kerb-5.4-httpd24.patch new file mode 100644 index 00000000000..4f2c0887222 --- /dev/null +++ b/main/apache-mod-auth-kerb/mod_auth_kerb-5.4-httpd24.patch @@ -0,0 +1,62 @@ +--- mod_auth_kerb-5.4/src/mod_auth_kerb.c.httpd24 ++++ mod_auth_kerb-5.4/src/mod_auth_kerb.c +@@ -179,6 +179,16 @@ static apr_global_mutex_t *s4u2proxy_loc + #define PROXYREQ_PROXY STD_PROXY + #endif + ++#if MODULE_MAGIC_NUMBER_MAJOR >= 20100606 ++/* 2.4.x or later */ ++#define WITH_HTTPD24 1 ++#define client_ip(r) ((r)->useragent_ip) ++APLOG_USE_MODULE(auth_kerb); ++#else ++#define client_ip(r) ((r)->connection->remote_ip) ++#define ap_unixd_set_global_mutex_perms unixd_set_global_mutex_perms ++#endif ++ + /*************************************************************************** + Auth Configuration Structure + ***************************************************************************/ +@@ -383,7 +393,11 @@ cmd_delegationlock(cmd_parms *cmd, void + } + + static void +-log_rerror(const char *file, int line, int level, int status, ++log_rerror(const char *file, int line, ++#ifdef WITH_HTTPD24 ++ int module_index, ++#endif ++ int level, int status, + const request_rec *r, const char *fmt, ...) + { + char errstr[1024]; +@@ -394,7 +408,9 @@ log_rerror(const char *file, int line, i + va_end(ap); + + +-#ifdef STANDARD20_MODULE_STUFF ++#if defined(WITH_HTTPD24) ++ ap_log_rerror(file, line, module_index, level, status, r, "%s", errstr); ++#elif defined(STANDARD20_MODULE_STUFF) + ap_log_rerror(file, line, level | APLOG_NOERRNO, status, r, "%s", errstr); + #else + ap_log_rerror(file, line, level | APLOG_NOERRNO, r, "%s", errstr); +@@ -1860,8 +1876,8 @@ already_succeeded(request_rec *r, char * + char keyname[1024]; + + snprintf(keyname, sizeof(keyname) - 1, +- "mod_auth_kerb::connection::%s::%ld", r->connection->remote_ip, +- r->connection->id); ++ "mod_auth_kerb::connection::%s::%ld", client_ip(r), ++ r->connection->id); + + if (apr_pool_userdata_get((void**)&conn_data, keyname, r->connection->pool) != 0) + return NULL; +@@ -2014,7 +2030,7 @@ kerb_authenticate_user(request_rec *r) + prevauth->last_return = ret; + snprintf(keyname, sizeof(keyname) - 1, + "mod_auth_kerb::connection::%s::%ld", +- r->connection->remote_ip, r->connection->id); ++ client_ip(r), r->connection->id); + apr_pool_userdata_set(prevauth, keyname, NULL, r->connection->pool); + } diff --git a/main/apache-mod-auth-kerb/mod_auth_kerb.patch b/main/apache-mod-auth-kerb/mod_auth_kerb.patch new file mode 100644 index 00000000000..350a393cd46 --- /dev/null +++ b/main/apache-mod-auth-kerb/mod_auth_kerb.patch @@ -0,0 +1,13 @@ +diff --git a/Makefile.in b/Makefile.in +index 36f6046..41d4887 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -13,7 +13,7 @@ CFLAGS = + all: src/mod_auth_kerb.so + + src/mod_auth_kerb.so: src/mod_auth_kerb.c $(SPNEGO_SRCS) +- ./apxs.sh "${CPPFLAGS}" "${LDFLAGS}" "${SPNEGO_SRCS}" "${APXS}" "-c" "src/mod_auth_kerb.c" ++ apxs -c ${CPPFLAGS} ${LDFLAGS} mod_auth_kerb.s + + install: + ./apxs.sh "${CPPFLAGS}" "${LDFLAGS}" "${SPNEGO_SRCS}" "${APXS}" "-c -i" "src/mod_auth_kerb.c" diff --git a/main/apache-mod-auth-kerb/mod_auth_kerb_compile.patch b/main/apache-mod-auth-kerb/mod_auth_kerb_compile.patch new file mode 100644 index 00000000000..f3230881d08 --- /dev/null +++ b/main/apache-mod-auth-kerb/mod_auth_kerb_compile.patch @@ -0,0 +1,10 @@ +--- mod_auth_kerb-5.4/src/mod_auth_kerb.c 2008-12-04 03:14:03.000000000 -0700 ++++ mod_auth_kerb-5.4a/src/mod_auth_kerb.c 2011-01-25 17:35:31.466666669 -0700 +@@ -89,6 +89,7 @@ + #include <krb5.h> + #ifdef HEIMDAL + # include <gssapi.h> ++# include <gssapi/gssapi_krb5.h> + #else + # include <gssapi/gssapi.h> + # include <gssapi/gssapi_generic.h> |