Miroirs/slackbuilds_ponce
1
0
Fork 0
mirror of https://github.com/Ponce/slackbuilds synced 2024-10-01 06:32:51 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

network/mod_auth_kerb: Removed (build failure)

Browse source 
This is likely related to httpd-2.4.x, but I did a
cursory search for patches via Google and was not
successful, so...

Signed-off-by: Robby Workman <rworkman@slackbuilds.org>
This commit is contained in:
Robby Workman 2012-09-21 21:10:45 -05:00
parent 89719373d1
commit 1154b8fc6f
8 changed files with 84 additions and 175 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
network/mod_auth_kerb/README
View file

@ -1,11 +0,0 @@
Mod_auth_kerb is an Apache module designed to provide Kerberos
authentication to the Apache web server. The module also supports
the Negotiate authentication method, which performs full Kerberos
authentication based on ticket exchanges, and does not require
users to insert their passwords to the browser.
You will need to add the following line to /etc/httpd/httpd.conf:
Include /etc/httpd/extra/mod_auth_kerb.conf
Mod_auth_kerb can be further configured through the Apache configuration file;
see the README in the package's documentation directory for details.

13
network/mod_auth_kerb/doinst.sh
View file

@ -1,13 +0,0 @@
config() {
NEW="$1"
OLD="$(dirname $NEW)/$(basename $NEW .new)"
# If there's no config file by that name, mv it over:
if [ ! -r $OLD ]; then
mv $NEW $OLD
elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then
# toss the redundant copy
rm $NEW
fi
# Otherwise, we leave the .new copy for the admin to consider...
}
config etc/httpd/extra/mod_auth_kerb.conf.new

85
network/mod_auth_kerb/mod_auth_kerb.SlackBuild
View file

@ -1,85 +0,0 @@
#!/bin/sh
# Slackware build script for mod_auth_kerb
# Written by Thibaut Notteboom (tib at tibux dot org)
PRGNAM=mod_auth_kerb
VERSION=${VERSION:-5.4}
BUILD=${BUILD:-1}
TAG=${TAG:-_SBo}
if [ -z "$ARCH" ]; then
case "$( uname -m )" in
i?86) ARCH=i486 ;;
arm*) ARCH=arm ;;
*) ARCH=$( uname -m ) ;;
esac
fi
CWD=$(pwd)
TMP=${TMP:-/tmp/SBo}
PKG=$TMP/package-$PRGNAM
OUTPUT=${OUTPUT:-/tmp}
if [ "$ARCH" = "i486" ]; then
SLKCFLAGS="-O2 -march=i486 -mtune=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "i686" ]; then
SLKCFLAGS="-O2 -march=i686 -mtune=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "x86_64" ]; then
SLKCFLAGS="-O2 -fPIC"
LIBDIRSUFFIX="64"
else
SLKCFLAGS="-O2"
LIBDIRSUFFIX=""
fi
set -e
rm -rf $PKG
mkdir -p $TMP $PKG $OUTPUT
cd $TMP
rm -rf $PRGNAM-$VERSION
tar xvf $CWD/$PRGNAM-$VERSION.tar.gz
cd $PRGNAM-$VERSION
chown -R root:root .
find . \
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
-exec chmod 755 {} \; -o \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \;
patch -p0 < $CWD/mod_auth_kerb.c.patch
CFLAGS="$SLKCFLAGS" \
CXXFLAGS="$SLKCFLAGS" \
./configure \
--prefix=/usr \
--without-krb4 \
--with-krb5=/usr/heimdal \
--build=$ARCH-slackware-linux
make
mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/httpd/modules
install -m 0755 src/.libs/mod_auth_kerb.so \
$PKG/usr/lib${LIBDIRSUFFIX}/httpd/modules/mod_auth_kerb.so
mkdir -p $PKG/etc/httpd/extra
sed "s%@baselibdir@%lib${LIBDIRSUFFIX}%" $CWD/mod_auth_kerb.conf > \
$PKG/etc/httpd/extra/mod_auth_kerb.conf.new
find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \
| cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
cp -a ChangeLog INSTALL LICENSE README $PKG/usr/doc/$PRGNAM-$VERSION
cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
mkdir -p $PKG/install
cat $CWD/slack-desc > $PKG/install/slack-desc
cat $CWD/doinst.sh > $PKG/install/doinst.sh
cd $PKG
/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz}

10
network/mod_auth_kerb/mod_auth_kerb.c.patch
View file

@ -1,10 +0,0 @@
--- src/mod_auth_kerb.c.orig 2011-11-14 22:54:54.457955883 +0100
+++ src/mod_auth_kerb.c 2011-11-14 22:55:42.060334084 +0100
@@ -89,6 +89,7 @@
#include <krb5.h>
#ifdef HEIMDAL
# include <gssapi.h>
+# include <gssapi/gssapi_krb5.h>
#else
# include <gssapi/gssapi.h>
# include <gssapi/gssapi_generic.h>

27
network/mod_auth_kerb/mod_auth_kerb.conf
View file

@ -1,27 +0,0 @@
# The mod_auth_kerb module implements Kerberos authentication over
# HTTP, following the "Negotiate" protocol.
#
LoadModule auth_kerb_module @baselibdir@/httpd/modules/mod_auth_kerb.so
#
# Sample configuration: Kerberos authentication must only be
# used over SSL to prevent replay attacks. The keytab file
# configured must be readable only by the "apache" user, and
# must contain service keys for "HTTP/www.example.com", where
# "www.example.com" is the FQDN of this server.
#
#<Location /private>
# SSLRequireSSL
# AuthType Kerberos
# AuthName "Kerberos Login"
# KrbMethodNegotiate On
# KrbMethodK5Passwd Off
# KrbAuthRealms EXAMPLE.COM
# Krb5KeyTab /etc/httpd/krb5.keytab
# require valid-user
#</Location>

10
network/mod_auth_kerb/mod_auth_kerb.info
View file

@ -1,10 +0,0 @@
PRGNAM="mod_auth_kerb"
VERSION="5.4"
HOMEPAGE="http://modauthkerb.sourceforge.net/"
DOWNLOAD="http://fossies.org/unix/www/apache_httpd_modules/mod_auth_kerb-5.4.tar.gz"
MD5SUM="642b81763ad3ca81dba359cb952da5e3"
DOWNLOAD_x86_64=""
MD5SUM_x86_64=""
REQUIRES="heimdal"
MAINTAINER="Thibaut Notteboom"
EMAIL="tib@tibux.org"

19
network/mod_auth_kerb/slack-desc
View file

@ -1,19 +0,0 @@
# HOW TO EDIT THIS FILE:
# The "handy ruler" below makes it easier to edit a package description. Line
# up the first '|' above the ':' following the base package name, and the '|'
# on the right side marks the last column you can put a character in. You must
# make exactly 11 lines for the formatting to be correct. It's also
# customary to leave one space after the ':' except on otherwise blank lines.
|-----handy-ruler------------------------------------------------------|
mod_auth_kerb: mod_auth_kerb (Kerberos Module for Apache)
mod_auth_kerb:
mod_auth_kerb: Mod_auth_kerb is an Apache module designed to provide Kerberos
mod_auth_kerb: authentication to the Apache web server. The module also supports
mod_auth_kerb: the Negotiate authentication method, which performs full Kerberos
mod_auth_kerb: authentication based on ticket exchanges, and does not require
mod_auth_kerb: users to insert their passwords to the browser.
mod_auth_kerb:
mod_auth_kerb: Homepage: http://modauthkerb.sourceforge.net/
mod_auth_kerb:
mod_auth_kerb:

84
network/mod_evasive/fixup-for-httpd24.diff Normal file
View file

@ -0,0 +1,84 @@
diff -Nur mod_evasive.orig/mod_evasive20.c mod_evasive/mod_evasive20.c
--- mod_evasive.orig/mod_evasive20.c 2005-10-08 14:01:18.000000000 -0500
+++ mod_evasive/mod_evasive20.c 2012-09-21 21:22:19.732985740 -0500
@@ -139,11 +139,11 @@
time_t t = time(NULL);
/* Check whitelist */
- if (is_whitelisted(r->connection->remote_ip))
+ if (is_whitelisted(r->useragent_ip))
return OK;
/* First see if the IP itself is on "hold" */
- n = ntt_find(hit_list, r->connection->remote_ip);
+ n = ntt_find(hit_list, r->useragent_ip);
if (n != NULL && t-n->timestamp<blocking_period) {
@@ -155,14 +155,14 @@
} else {
/* Has URI been hit too much? */
- snprintf(hash_key, 2048, "%s_%s", r->connection->remote_ip, r->uri);
+ snprintf(hash_key, 2048, "%s_%s", r->useragent_ip, r->uri);
n = ntt_find(hit_list, hash_key);
if (n != NULL) {
/* If URI is being hit too much, add to "hold" list and 403 */
if (t-n->timestamp<page_interval && n->count>=page_count) {
ret = HTTP_FORBIDDEN;
- ntt_insert(hit_list, r->connection->remote_ip, time(NULL));
+ ntt_insert(hit_list, r->useragent_ip, time(NULL));
} else {
/* Reset our hit count list as necessary */
@@ -177,14 +177,14 @@
}
/* Has site been hit too much? */
- snprintf(hash_key, 2048, "%s_SITE", r->connection->remote_ip);
+ snprintf(hash_key, 2048, "%s_SITE", r->useragent_ip);
n = ntt_find(hit_list, hash_key);
if (n != NULL) {
/* If site is being hit too much, add to "hold" list and 403 */
if (t-n->timestamp<site_interval && n->count>=site_count) {
ret = HTTP_FORBIDDEN;
- ntt_insert(hit_list, r->connection->remote_ip, time(NULL));
+ ntt_insert(hit_list, r->useragent_ip, time(NULL));
} else {
/* Reset our hit count list as necessary */
@@ -205,27 +205,27 @@
struct stat s;
FILE *file;
- snprintf(filename, sizeof(filename), "%s/dos-%s", log_dir != NULL ? log_dir : DEFAULT_LOG_DIR, r->connection->remote_ip);
+ snprintf(filename, sizeof(filename), "%s/dos-%s", log_dir != NULL ? log_dir : DEFAULT_LOG_DIR, r->useragent_ip);
if (stat(filename, &s)) {
file = fopen(filename, "w");
if (file != NULL) {
fprintf(file, "%ld\n", getpid());
fclose(file);
- LOG(LOG_ALERT, "Blacklisting address %s: possible DoS attack.", r->connection->remote_ip);
+ LOG(LOG_ALERT, "Blacklisting address %s: possible DoS attack.", r->useragent_ip);
if (email_notify != NULL) {
snprintf(filename, sizeof(filename), MAILER, email_notify);
file = popen(filename, "w");
if (file != NULL) {
fprintf(file, "To: %s\n", email_notify);
- fprintf(file, "Subject: HTTP BLACKLIST %s\n\n", r->connection->remote_ip);
- fprintf(file, "mod_evasive HTTP Blacklisted %s\n", r->connection->remote_ip);
+ fprintf(file, "Subject: HTTP BLACKLIST %s\n\n", r->useragent_ip);
+ fprintf(file, "mod_evasive HTTP Blacklisted %s\n", r->useragent_ip);
pclose(file);
}
}
if (system_command != NULL) {
- snprintf(filename, sizeof(filename), system_command, r->connection->remote_ip);
+ snprintf(filename, sizeof(filename), system_command, r->useragent_ip);
system(filename);
}