sync/ports
1
0
Fork 0
mirror of https://git.freebsd.org/ports.git synced 2025-04-28 09:36:41 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

www/mod_auth_kerb2: Refactor

Browse source 
- Replace @exec with @postexec/@postunexec
- Replace PORTVERSION with DISTVERSION
- Pet portclippy
- Refresh patches
This commit is contained in:
Muhammad Moinur Rahman 2025-04-27 22:01:14 +02:00
parent 713838842f
commit da3985ecfc
No known key found for this signature in database
GPG key ID: BDB9B5A617C0BC91
5 changed files with 44 additions and 41 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
www/mod_auth_kerb2/Makefile
View file

@ -1,6 +1,6 @@
PORTNAME= mod_auth_kerb PORTNAME= mod_auth_kerb
PORTVERSION= 5.4 DISTVERSION= 5.4
PORTREVISION= 8 PORTREVISION= 9
CATEGORIES= www CATEGORIES= www
MASTER_SITES= SF/modauthkerb/${PORTNAME}/${PORTNAME}-${PORTVERSION} MASTER_SITES= SF/modauthkerb/${PORTNAME}/${PORTNAME}-${PORTVERSION}
PKGNAMEPREFIX= ${APACHE_PKGNAMEPREFIX} PKGNAMEPREFIX= ${APACHE_PKGNAMEPREFIX}
@ -12,22 +12,25 @@ WWW= https://modauthkerb.sourceforge.net/
LICENSE= MIT BSD3CLAUSE LICENSE= MIT BSD3CLAUSE
LICENSE_COMB= multi LICENSE_COMB= multi
LICENSE_FILE_MIT= ${WRKSRC}/LICENSE
LICENSE_FILE_BSD3CLAUSE= ${WRKSRC}/LICENSE LICENSE_FILE_BSD3CLAUSE= ${WRKSRC}/LICENSE
LICENSE_FILE_MIT= ${WRKSRC}/LICENSE
PORTSCOUT= limit:^5.4
USES= apache USES= apache
GNU_CONFIGURE= yes GNU_CONFIGURE= yes
CONFIGURE_ARGS= -with-krb5=${GSSAPIBASEDIR} --without-krb4 CONFIGURE_ARGS= -with-krb5=${GSSAPIBASEDIR} --without-krb4
OPTIONS_SINGLE= GSSAPI PORTSCOUT= limit:^5.4
OPTIONS_DEFAULT= GSSAPI_BASE OPTIONS_DEFAULT= GSSAPI_BASE
OPTIONS_SINGLE= GSSAPI
OPTIONS_SINGLE_GSSAPI= GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT OPTIONS_SINGLE_GSSAPI= GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT
GSSAPI_BASE_DESC= Use Base version of GSS API GSSAPI_BASE_DESC= Use Base version of GSS API
GSSAPI_DESC= Use Base version of GSS API
GSSAPI_HEIMDAL_DESC= Use Heimdal implementation of GSS API GSSAPI_HEIMDAL_DESC= Use Heimdal implementation of GSS API
GSSAPI_MIT_DESC= Use MIT implementation of GSS API GSSAPI_MIT_DESC= Use MIT implementation of GSS API
GSSAPI_DESC= Use Base version of GSS API
GSSAPI_BASE_USES= gssapi GSSAPI_BASE_USES= gssapi
GSSAPI_HEIMDAL_USES= gssapi:heimdal GSSAPI_HEIMDAL_USES= gssapi:heimdal
GSSAPI_MIT_USES= gssapi:mit GSSAPI_MIT_USES= gssapi:mit

6
www/mod_auth_kerb2/files/patch-Makefile.in
View file

@ -1,6 +1,6 @@
--- Makefile.in.orig 2008-12-02 23:07:10.000000000 +0900 --- Makefile.in.orig 2008-12-02 14:07:10 UTC
+++ Makefile.in 2014-11-22 19:29:08.000000000 +0900 +++ Makefile.in
@@ -16,7 +16,9 @@ @@ -16,7 +16,9 @@ install:
./apxs.sh "${CPPFLAGS}" "${LDFLAGS}" "${SPNEGO_SRCS}" "${APXS}" "-c" "src/mod_auth_kerb.c" ./apxs.sh "${CPPFLAGS}" "${LDFLAGS}" "${SPNEGO_SRCS}" "${APXS}" "-c" "src/mod_auth_kerb.c"
install: install:

4
www/mod_auth_kerb2/files/patch-spnegokrb5__spnegokrb5_locl.h
View file

@ -1,5 +1,5 @@
--- spnegokrb5/spnegokrb5_locl.h.orig 2008-01-27 20:59:03.000000000 +0000 --- spnegokrb5/spnegokrb5_locl.h.orig 2008-11-26 16:51:05 UTC
+++ spnegokrb5/spnegokrb5_locl.h 2008-01-27 20:59:19.000000000 +0000 +++ spnegokrb5/spnegokrb5_locl.h
@@ -1,6 +1,7 @@ @@ -1,6 +1,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <errno.h> #include <errno.h>

54
www/mod_auth_kerb2/files/patch-src__mod_auth_kerb.c
View file

@ -6,8 +6,8 @@
# Patch to fix a bug in KrbSaveCredentials: # Patch to fix a bug in KrbSaveCredentials:
# https://bugzilla.redhat.com/show_bug.cgi?id=688210 # https://bugzilla.redhat.com/show_bug.cgi?id=688210
# #
--- src/mod_auth_kerb.c.orig 2008-12-04 19:14:03.000000000 +0900 --- src/mod_auth_kerb.c.orig 2008-12-04 10:14:03 UTC
+++ src/mod_auth_kerb.c 2014-11-22 19:34:12.000000000 +0900 +++ src/mod_auth_kerb.c
@@ -11,6 +11,12 @@ @@ -11,6 +11,12 @@
*/ */
@ -64,7 +64,7 @@
module AP_MODULE_DECLARE_DATA auth_kerb_module; module AP_MODULE_DECLARE_DATA auth_kerb_module;
#else #else
module auth_kerb_module; module auth_kerb_module;
@@ -176,6 +191,7 @@ @@ -176,6 +191,7 @@ typedef struct krb5_conn_data {
char *authline; char *authline;
char *user; char *user;
char *mech; char *mech;
@ -72,7 +72,7 @@
int last_return; int last_return;
} krb5_conn_data; } krb5_conn_data;
@@ -298,7 +314,7 @@ @@ -298,7 +314,7 @@ mod_auth_kerb_rc_store(krb5_context context, krb5_rcac
} }
/* And this is the operations vector for our replay cache */ /* And this is the operations vector for our replay cache */
@ -81,7 +81,7 @@
0, 0,
"dfl", "dfl",
krb5_rc_dfl_init, krb5_rc_dfl_init,
@@ -329,7 +345,7 @@ @@ -329,7 +345,7 @@ static void *kerb_dir_create_config(MK_POOL *p, char *
((kerb_auth_config *)rec)->krb_ssl_preauthentication = 0; ((kerb_auth_config *)rec)->krb_ssl_preauthentication = 0;
#endif #endif
#ifdef KRB5 #ifdef KRB5
@ -90,23 +90,23 @@
((kerb_auth_config *)rec)->krb_method_k5pass = 1; ((kerb_auth_config *)rec)->krb_method_k5pass = 1;
((kerb_auth_config *)rec)->krb_method_gssapi = 1; ((kerb_auth_config *)rec)->krb_method_gssapi = 1;
#endif #endif
@@ -347,9 +363,15 @@ @@ -347,9 +363,15 @@ krb5_save_realms(cmd_parms *cmd, void *vsec, const cha
return NULL; return NULL;
} }
+#ifdef APLOG_USE_MODULE +#ifdef APLOG_USE_MODULE
+static void static void
+log_rerror(const char *file, int line, int module_index, int level, int status, +log_rerror(const char *file, int line, int module_index, int level, int status,
+ const request_rec *r, const char *fmt, ...) + const request_rec *r, const char *fmt, ...)
+#else +#else
static void +static void
log_rerror(const char *file, int line, int level, int status, log_rerror(const char *file, int line, int level, int status,
const request_rec *r, const char *fmt, ...) const request_rec *r, const char *fmt, ...)
+#endif +#endif
{ {
char errstr[1024]; char errstr[1024];
va_list ap; va_list ap;
@@ -359,7 +381,9 @@ @@ -359,7 +381,9 @@ log_rerror(const char *file, int line, int level, int
va_end(ap); va_end(ap);
@ -117,7 +117,7 @@
ap_log_rerror(file, line, level | APLOG_NOERRNO, status, r, "%s", errstr); ap_log_rerror(file, line, level | APLOG_NOERRNO, status, r, "%s", errstr);
#else #else
ap_log_rerror(file, line, level | APLOG_NOERRNO, r, "%s", errstr); ap_log_rerror(file, line, level | APLOG_NOERRNO, r, "%s", errstr);
@@ -527,7 +551,7 @@ @@ -527,7 +551,7 @@ authenticate_user_krb4pwd(request_rec *r,
user = apr_pstrcat(r->pool, user, "@", realm, NULL); user = apr_pstrcat(r->pool, user, "@", realm, NULL);
MK_USER = user; MK_USER = user;
@ -126,7 +126,7 @@
apr_table_setn(r->subprocess_env, "KRBTKFILE", tkt_file_p); apr_table_setn(r->subprocess_env, "KRBTKFILE", tkt_file_p);
if (!conf->krb_save_credentials) if (!conf->krb_save_credentials)
@@ -677,7 +701,8 @@ @@ -677,7 +701,8 @@ verify_krb5_user(request_rec *r, krb5_context context,
static krb5_error_code static krb5_error_code
verify_krb5_user(request_rec *r, krb5_context context, krb5_principal principal, verify_krb5_user(request_rec *r, krb5_context context, krb5_principal principal,
const char *password, krb5_principal server, const char *password, krb5_principal server,
@ -136,7 +136,7 @@
{ {
krb5_creds creds; krb5_creds creds;
krb5_get_init_creds_opt options; krb5_get_init_creds_opt options;
@@ -869,8 +894,8 @@ @@ -869,8 +894,8 @@ create_krb5_ccache(krb5_context kcontext,
} }
apr_table_setn(r->subprocess_env, "KRB5CCNAME", ccname); apr_table_setn(r->subprocess_env, "KRB5CCNAME", ccname);
@ -147,7 +147,7 @@
*ccache = tmp_ccache; *ccache = tmp_ccache;
tmp_ccache = NULL; tmp_ccache = NULL;
@@ -926,7 +951,6 @@ @@ -926,7 +951,6 @@ store_krb5_creds(krb5_context kcontext,
return OK; return OK;
} }
@ -155,7 +155,7 @@
static int static int
authenticate_user_krb5pwd(request_rec *r, authenticate_user_krb5pwd(request_rec *r,
kerb_auth_config *conf, kerb_auth_config *conf,
@@ -1061,7 +1085,7 @@ @@ -1061,7 +1085,7 @@ authenticate_user_krb5pwd(request_rec *r,
goto end; goto end;
} }
MK_USER = apr_pstrdup (r->pool, name); MK_USER = apr_pstrdup (r->pool, name);
@ -164,7 +164,7 @@
free(name); free(name);
if (conf->krb_save_credentials) if (conf->krb_save_credentials)
@@ -1280,6 +1304,7 @@ @@ -1280,6 +1304,7 @@ get_gss_creds(request_rec *r,
return 0; return 0;
} }
@ -172,7 +172,7 @@
static int static int
cmp_gss_type(gss_buffer_t token, gss_OID oid) cmp_gss_type(gss_buffer_t token, gss_OID oid)
{ {
@@ -1306,6 +1331,7 @@ @@ -1306,6 +1331,7 @@ cmp_gss_type(gss_buffer_t token, gss_OID oid)
return memcmp(p, oid->elements, oid->length); return memcmp(p, oid->elements, oid->length);
} }
@ -180,7 +180,7 @@
static int static int
authenticate_user_gss(request_rec *r, kerb_auth_config *conf, authenticate_user_gss(request_rec *r, kerb_auth_config *conf,
@@ -1438,15 +1464,15 @@ @@ -1438,15 +1464,15 @@ authenticate_user_gss(request_rec *r, kerb_auth_config
goto end; goto end;
} }
@ -201,7 +201,7 @@
major_status = gss_display_name(&minor_status, client_name, &output_token, NULL); major_status = gss_display_name(&minor_status, client_name, &output_token, NULL);
gss_release_name(&minor_status, &client_name); gss_release_name(&minor_status, &client_name);
@@ -1549,28 +1575,52 @@ @@ -1549,28 +1575,52 @@ static krb5_conn_data *
#endif /* KRB5 */ #endif /* KRB5 */
static krb5_conn_data * static krb5_conn_data *
@ -261,7 +261,7 @@
set_kerb_auth_headers(request_rec *r, const kerb_auth_config *conf, set_kerb_auth_headers(request_rec *r, const kerb_auth_config *conf,
int use_krb4, int use_krb5pwd, char *negotiate_ret_value) int use_krb4, int use_krb5pwd, char *negotiate_ret_value)
{ {
@@ -1607,51 +1657,16 @@ @@ -1607,51 +1657,16 @@ static int
} }
static int static int
@ -320,16 +320,16 @@
if (!auth_line) { if (!auth_line) {
set_kerb_auth_headers(r, conf, use_krb4, use_krb5, set_kerb_auth_headers(r, conf, use_krb4, use_krb5,
(use_krb5) ? "\0" : NULL); (use_krb5) ? "\0" : NULL);
@@ -1669,60 +1684,110 @@ @@ -1669,60 +1684,110 @@ kerb_authenticate_user(request_rec *r)
#endif #endif
(strcasecmp(auth_type, "Basic") == 0)) (strcasecmp(auth_type, "Basic") == 0))
return DECLINED; return DECLINED;
-
- if ( (prevauth = already_succeeded(r, auth_line)) == NULL) {
- ret = HTTP_UNAUTHORIZED;
+ if ((prevauth = already_authorized(r, auth_line)) == NULL) { + if ((prevauth = already_authorized(r, auth_line)) == NULL) {
+ ret = HTTP_UNAUTHORIZED; + ret = HTTP_UNAUTHORIZED;
- if ( (prevauth = already_succeeded(r, auth_line)) == NULL) {
- ret = HTTP_UNAUTHORIZED;
-
#ifdef KRB5 #ifdef KRB5
if (use_krb5 && conf->krb_method_gssapi && if (use_krb5 && conf->krb_method_gssapi &&
strcasecmp(auth_type, MECH_NEGOTIATE) == 0) { strcasecmp(auth_type, MECH_NEGOTIATE) == 0) {
@ -400,7 +400,8 @@
+ type = ap_auth_type(r); + type = ap_auth_type(r);
+ auth_line = ap_pbase64encode (r->pool, apr_psprintf(r->pool, "%s:%s", user, password)); + auth_line = ap_pbase64encode (r->pool, apr_psprintf(r->pool, "%s:%s", user, password));
+ auth_line = apr_psprintf(r->pool, "Basic %s", auth_line); + auth_line = apr_psprintf(r->pool, "Basic %s", auth_line);
+
- last_return = ret;
+ ret = authenticate_user(r, auth_line, type, 1, 1); + ret = authenticate_user(r, auth_line, type, 1, 1);
+ +
+ if (ret == OK) return AUTH_GRANTED; + if (ret == OK) return AUTH_GRANTED;
@ -448,8 +449,7 @@
+ ? "Proxy-Authorization" + ? "Proxy-Authorization"
+ : "Authorization"); + : "Authorization");
+ ret = authenticate_user(r, auth_line, type, use_krb4, use_krb5); + ret = authenticate_user(r, auth_line, type, use_krb4, use_krb5);
+
- last_return = ret;
return ret; return ret;
} }
@ -458,7 +458,7 @@
have_rcache_type(const char *type) have_rcache_type(const char *type)
{ {
krb5_error_code ret; krb5_error_code ret;
@@ -1805,6 +1870,12 @@ @@ -1805,6 +1870,12 @@ kerb_register_hooks(apr_pool_t *p)
static void static void
kerb_register_hooks(apr_pool_t *p) kerb_register_hooks(apr_pool_t *p)
{ {

4
www/mod_auth_kerb2/pkg-plist
View file

@ -1,3 +1,3 @@
%%APACHEMODDIR%%/%%AP_MODULE%% %%APACHEMODDIR%%/%%AP_MODULE%%
@exec %D/sbin/apxs -e -a -n %%AP_NAME%% %D/%F @postexec %D/sbin/apxs -e -a -n %%AP_NAME%% %D/%F
@unexec %D/sbin/apxs -e -A -n %%AP_NAME%% %D/%F @postunexec %D/sbin/apxs -e -A -n %%AP_NAME%% %D/%F