From 3a926d467892f38232ded14829e8254cefda2988 Mon Sep 17 00:00:00 2001 From: Brian Read Date: Fri, 14 Jul 2023 13:53:03 +0100 Subject: [PATCH] initial commit of file from CVS for mod_auth_tkt on Fri 14 Jul 13:53:03 BST 2023 --- .gitattributes | 1 + .gitignore | 3 + Makefile | 19 ++ README.md | 10 +- contriborbase | 1 + mod_auth_tkt-2.3.99b1-betterredirection.patch | 22 ++ mod_auth_tkt-2.3.99b1.tar.gz | 3 + mod_auth_tkt.spec | 192 ++++++++++++++++++ 8 files changed, 250 insertions(+), 1 deletion(-) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 Makefile create mode 100644 contriborbase create mode 100644 mod_auth_tkt-2.3.99b1-betterredirection.patch create mode 100644 mod_auth_tkt-2.3.99b1.tar.gz create mode 100644 mod_auth_tkt.spec diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..f087b42 --- /dev/null +++ b/.gitattributes @@ -0,0 +1 @@ +*.tar.gz filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..1534ba5 --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +*.rpm +*.log +*spec-20* diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..e2064ac --- /dev/null +++ b/Makefile @@ -0,0 +1,19 @@ +NAME := mod_auth_tkt +SPECFILE = $(firstword $(wildcard *.spec)) + +define find-makefile-common +for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done +endef + +MAKEFILE_COMMON := $(shell $(find-makefile-common)) + +ifeq ($(MAKEFILE_COMMON),) +# attept a checkout +define checkout-makefile-common +test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2 +endef + +MAKEFILE_COMMON := $(shell $(checkout-makefile-common)) +endif + +include $(MAKEFILE_COMMON) diff --git a/README.md b/README.md index 772cb3a..0b9d129 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,11 @@ # mod_auth_tkt -3rd Party (Maintained by Koozali) git repo for mod_auth_tkt smeserver \ No newline at end of file +3rd Party (Maintained by Koozali) git repo for mod_auth_tkt smeserver + +## Description + +
*This description has been generated by an LLM AI system and cannot be relied on to be fully correct.* +*Once it has been checked, then this comment will be deleted* +
+ +Mod_auth_tkt is an Apache module for providing single sign-on authentication capabilities using a secure ticket-based system. The module authenticates web users based on a secure shared secret key and an authentication ticket stored either in a cookie or as part of the URL. It is compatible with both Apache 1.3 and Apache 2.x. diff --git a/contriborbase b/contriborbase new file mode 100644 index 0000000..ef36a67 --- /dev/null +++ b/contriborbase @@ -0,0 +1 @@ +sme10 diff --git a/mod_auth_tkt-2.3.99b1-betterredirection.patch b/mod_auth_tkt-2.3.99b1-betterredirection.patch new file mode 100644 index 0000000..fec05ca --- /dev/null +++ b/mod_auth_tkt-2.3.99b1-betterredirection.patch @@ -0,0 +1,22 @@ +diff -Nur mod_auth_tkt-2.3.99b1.old/src/mod_auth_tkt.c mod_auth_tkt-2.3.99b1/src/mod_auth_tkt.c +--- mod_auth_tkt-2.3.99b1.old/src/mod_auth_tkt.c 2015-07-31 00:12:55.000000000 -0400 ++++ mod_auth_tkt-2.3.99b1/src/mod_auth_tkt.c 2016-06-13 01:54:03.994000000 -0400 +@@ -1225,6 +1225,7 @@ + char *url = location; + char *cookie, *back; + const char *hostinfo = 0; ++ char *xproto = 0 ; + int port; + + /* Get the scheme we use (http or https) */ +@@ -1243,6 +1244,9 @@ + /* Use X-Forward-Host header for host:port info if available */ + /* Failing that, use Host header */ + hostinfo = apr_table_get(r->headers_in, "X-Forwarded-Host"); ++ xproto = apr_table_get(r->headers_in, "X-Forwarded-Proto"); ++ if ( xproto && (strncasecmp(xproto, "http", 4) == 0) ) { ++ scheme= xproto;} + if (! hostinfo) hostinfo = apr_table_get(r->headers_in, "Host"); + if (! hostinfo) { + /* Fallback to using r->hostname and the server port. This usually + diff --git a/mod_auth_tkt-2.3.99b1.tar.gz b/mod_auth_tkt-2.3.99b1.tar.gz new file mode 100644 index 0000000..c383862 --- /dev/null +++ b/mod_auth_tkt-2.3.99b1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1bc061ff508bde27d57d22ce55c7b2c54e003fa5531ea3abb529daca85792e97 +size 70084 diff --git a/mod_auth_tkt.spec b/mod_auth_tkt.spec new file mode 100644 index 0000000..6fe49d4 --- /dev/null +++ b/mod_auth_tkt.spec @@ -0,0 +1,192 @@ + +# Use "--define='apache 1'" to build a 'mod_auth_tkt1' package for apache1 +%define httpd httpd +%define name mod_auth_tkt +%define apxs /usr/bin/apxs +%{?apache:%define httpd apache} +%{?apache:%define name mod_auth_tkt1} +%{?apache:%define apxs /usr/sbin/apxs1} + +%define perl_vendorlib %(eval "`perl -V:installvendorlib`"; echo $installvendorlib) + +Summary: Lightweight ticket-based authentication module for Apache. +Name: %{name} +Version: 2.3.99b1 +Release: 3%{?dist} +License: Apache +Group: Applications/System +Source: http://www.openfusion.com.au/labs/dist/mod_auth_tkt-%{version}.tar.gz +Patch0: mod_auth_tkt-2.3.99b1-betterredirection.patch +URL: http://www.openfusion.com.au/labs/mod_auth_tkt/ +Buildroot: %_tmppath/%{name}-%{version} +Requires: %{httpd} +BuildRequires: %{httpd}-devel + +%description +mod_auth_tkt provides lightweight, repository-agnostic, ticket-based +authentication for Apache. It implements a single-signon framework that +works across multiple apache instances and multiple machines. The actual +authentication requires a user-supplied CGI or script of some kind - see +the mod_auth_tkt-cgi package for perl cgi versions. + +%package cgi +Release: 1%{?org_tag}%{?dist} +Summary: CGI scripts for mod_auth_tkt apache authentication modules. +Group: Applications/System +Requires: %{name} = %{version} + +%description cgi +Perl CGI scripts for use with mod_auth_tkt. + + +%prep +%setup -n mod_auth_tkt-%{version} +%patch0 -p1 + +%build +test %{debug} == 1 && DEBUG='--debug' +MOD_PERL=`rpm -q mod_perl | grep '^mod_perl' || /bin/true` +if [ -n "$MOD_PERL" -a %{test} == 1 ]; then + ./configure --apxs=%{apxs} --test $DEBUG + make + make test +else + ./configure --apxs=%{apxs} $DEBUG + make +fi + +%install +test "$RPM_BUILD_ROOT" != "/" && rm -rf $RPM_BUILD_ROOT +mkdir -p $RPM_BUILD_ROOT%{_libdir}/%{httpd}/modules +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/%{httpd}/conf.d +#mkdir -p $RPM_BUILD_ROOT/usr/share/doc/%{name}-%{version}/cgi +mkdir -p $RPM_BUILD_ROOT/usr/share/doc/%{name}-%{version}/contrib +mkdir -p $RPM_BUILD_ROOT/var/www/auth +#mkdir -p $RPM_BUILD_ROOT/%{perl_vendorlib}/Apache +if [ %{httpd} == apache ]; then + %{apxs} -i -n "auth_tkt" -S LIBEXECDIR=$RPM_BUILD_ROOT%{_libdir}/%{httpd}/modules src/mod_auth_tkt.so +else + %{apxs} -i -n "auth_tkt" -S LIBEXECDIR=$RPM_BUILD_ROOT%{_libdir}/%{httpd}/modules src/mod_auth_tkt.la +fi +install -m 644 conf/02_auth_tkt.conf $RPM_BUILD_ROOT%{_sysconfdir}/%{httpd}/conf.d/ +install -m 644 conf/auth_tkt_cgi.conf $RPM_BUILD_ROOT%{_sysconfdir}/%{httpd}/conf.d/ +#cp cgi/Apache/* $RPM_BUILD_ROOT/%{perl_vendorlib}/Apache +#cp -pr cgi/* $RPM_BUILD_ROOT/usr/share/doc/%{name}-%{version}/cgi +#rm -rf $RPM_BUILD_ROOT/usr/share/doc/%{name}-%{version}/cgi/Apache +cp -pr cgi/* $RPM_BUILD_ROOT/var/www/auth +rm -rf $RPM_BUILD_ROOT/var/www/auth/Apache +cp -pr contrib/* $RPM_BUILD_ROOT/usr/share/doc/%{name}-%{version}/contrib +rm -rf $RPM_BUILD_ROOT/usr/share/doc/%{name}-%{version}/contrib/t +cp -pr README* INSTALL LICENSE CREDITS $RPM_BUILD_ROOT/usr/share/doc/%{name}-%{version} +cd doc +make DESTDIR=$RPM_BUILD_ROOT install + +%clean +test "$RPM_BUILD_ROOT" != "/" && rm -rf $RPM_BUILD_ROOT + +%files +%defattr(-,root,root) +%{_libdir}/%{httpd} +#%{perl_vendorlib}/Apache/AuthTkt.pm +%doc /usr/share/doc/%{name}-%{version} +%attr(0640,root,apache) %config(noreplace) %{_sysconfdir}/%{httpd}/conf.d/02_auth_tkt.conf +/usr/share/man/*/* + +%files cgi +%defattr(-,root,root) +%attr(0640,root,apache) %config(noreplace) %{_sysconfdir}/%{httpd}/conf.d/auth_tkt_cgi.conf +%config(noreplace)/var/www/auth/AuthTktConfig.pm +%config(noreplace)/var/www/auth/tkt.css +/var/www/auth/*.cgi + +%changelog +* Fri Jul 14 2023 BogusDateBot +- Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday, + by assuming the date is correct and changing the weekday. + Thu Feb 21 2005 --> Thu Feb 17 2005 or Mon Feb 21 2005 or Thu Feb 24 2005 or .... + Wed Nov 28 2006 --> Wed Nov 22 2006 or Tue Nov 28 2006 or Wed Nov 29 2006 or .... + +* Mon Jun 13 2016 JP Pialasse 2.3.99b1-3 +- fix redirection when proxy ssl [SME: 8825] [SME: 9583] + +* Tue Mar 15 2016 Daniel Berteaud 2.3.99b1-2 +- Tweaks in spec file so it can build in mock/plague [SME: 9310] + +* Fri Jul 31 2015 Gavin Carr 2.3.99b1-1 +- Update to version 2.3.99b1, 2.4 release beta1. + +* Fri Jul 10 2009 Gavin Carr 2.1.0 +- Bump version number to 2.1.0 for final 2.1 release. + +* Sat Mar 28 2009 Gavin Carr 2.0.99b2 +- Bump version number to 2.0.99b2, second beta release of 2.1 branch. +- Fix bug with partial-cookie-names incorrectly matching. + +* Thu Mar 05 2009 Gavin Carr 2.0.99b1 +- Bump version number to 2.0.99b1, first beta release of 2.1 branch. +- Add support for SHA256 digests. +- Add TKTAuthSecretOld support. + +* Fri Feb 27 2009 Gavin Carr 2.0.0-1 +- Bump to final version 2.0.0. + +* Fri Feb 27 2009 Gavin Carr 2.0.0-1 +- Bump to final version 2.0.0. + +* Tue Mar 04 2008 Gavin Carr 2.0.0rc4-1 +- Bump to version 2.0.0rc4. + +* Tue Mar 04 2008 Gavin Carr 2.0.0rc3-1 +- Set explicit servername in t/TESTS to fix general test failures. +- Add explicit Apache 2.2 support. +- Add separate mod_auth_tkt-cgi package containing /var/www/auth CGI scripts. +- Factor out cgi config settings into AuthTktConfig.pm. +- Bump to version 2.0.0rc3. + +* Tue Nov 28 2006 Gavin Carr 2.0.0rc2 + Wed Nov 28 2006 --> Wed Nov 22 2006 or Tue Nov 28 2006 or Wed Nov 29 2006 or .... +- Bump to version 2.0.0rc2. + +* Wed Nov 01 2006 Charlie Brady 2.0.0rc1-2 +- Move Apache::AuthTkt into perl's vendorarch directory. + +* Mon Apr 10 2006 Gavin Carr 2.0.0rc1 +- Add mod_auth_tkt man page. +- Add TKTAuthDebug support, instead of compile-time debug flag. +- Add TKTAuthPostTimeoutURL support (Michael Peters). + +* Mon Oct 24 2005 Gavin Carr 2.0.0b7 +- Deprecate TKTAuthTimeoutMin, replacing with TKTAuthTimeout, using units like + TKTAuthCookieExpires. +- Split out TKTAuthCookieSecure functionality from TKTAuthRequireSSL (Larry + Lansing). +- Add TKTAuthCookieExpires directive for guest cookies and refreshes. +- Add TKTAuthGuestUser %U format support for UUIDs with Apache 2. +- Add TKTAuthGuestUser support for setting guest user explicitly. +- Fix URI and HTML escaping issues with cgi scripts (Viljo Viitanen). +- Update CGI scripts to get local settings via Apache::AuthTkt parse_conf values. +- Update Apache::AuthTkt to new version (0.03) with parse_conf support. +- Add server config merge support to allow global secrets with vhosts. + +* Mon Aug 01 2005 Gavin Carr 2.0.0b6 +- Update specfile to support basic building against apache 1. +- Fixed bug with non-base64 quoted ticket values not being parsed correctly. + +* Tue Jun 14 2005 Gavin Carr 2.0.0b5 +- Change back url formation to use Host header, not server name/port. +- Get cookie_match to skip empty cookies it finds (e.g. logout misconfigs). +- Add Ian Bicking's AuthTicket python class in contrib. +- Add TKTAuthGuestLogin support based on patch from Ian Bicking. +- Add DEBUG_VERBOSE support based on patch from Ian Bicking. +- Fixed bug with test harness not generating local module correctly. + +* Mon May 30 2005 Gavin Carr 2.0.0b4 +- Change build to include 'make test' only if mod_perl is available. + +* Sat Apr 30 2005 Gavin Carr 2.0.0b3 + +* Mon Feb 21 2005 Gavin Carr 2.0.0b2 + Thu Feb 21 2005 --> Thu Feb 17 2005 or Mon Feb 21 2005 or Thu Feb 24 2005 or .... +- Initial release. + +