--- rpms/mod_auth_tkt/sme9/mod_auth_tkt.spec 2016/06/13 08:36:43 1.2 +++ rpms/mod_auth_tkt/sme9/mod_auth_tkt.spec 2016/06/13 08:50:13 1.3 @@ -1,186 +1,103 @@ - -# Use "--define='apache 1'" to build a 'mod_auth_tkt1' package for apache1 -%define httpd httpd -%define name mod_auth_tkt -%define apxs /usr/sbin/apxs -%{?apache:%define httpd apache} -%{?apache:%define name mod_auth_tkt1} -%{?apache:%define apxs /usr/sbin/apxs1} - -%define perl_vendorlib %(eval "`perl -V:installvendorlib`"; echo $installvendorlib) - -Summary: Lightweight ticket-based authentication module for Apache. -Name: %{name} -Version: 2.3.99b1 -Release: 3%{?dist} -License: Apache -Group: Applications/System -Source: http://www.openfusion.com.au/labs/dist/mod_auth_tkt-%{version}.tar.gz -Patch0: mod_auth_tkt-2.3.99b1-betterredirection.patch +# $Id: mod_auth_tkt.spec 8700 2010-03-23 13:48:00Z shuff $ +# Authority: shuff +# Upstream: +# ExcludeDist: el3 el4 + +Summary: Single-sign-on authentication module for Apache +Name: mod_auth_tkt +Version: 2.1.0 +Release: 2%{?dist} +License: GPL +Group: System Environment/Daemons URL: http://www.openfusion.com.au/labs/mod_auth_tkt/ -Buildroot: %_tmppath/%{name}-%{version} -Requires: %{httpd} -BuildRequires: %{httpd}-devel + +Packager: Steve Huff +Vendor: Dag Apt Repository, http://dag.wieers.com/apt/ + +Source: http://www.openfusion.com.au/labs/dist/mod_auth_tkt/mod_auth_tkt-%{version}.tar.gz +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root + +BuildRequires: httpd-devel +Requires: httpd %description -mod_auth_tkt provides lightweight, repository-agnostic, ticket-based -authentication for Apache. It implements a single-signon framework that -works across multiple apache instances and multiple machines. The actual -authentication requires a user-supplied CGI or script of some kind - see -the mod_auth_tkt-cgi package for perl cgi versions. +mod_auth_tkt is a lightweight single-sign-on authentication module for apache, +supporting versions 2.0.x and 2.2.x. It uses secure cookie-based tickets to +implement a single-signon framework that works across multiple apache instances +and servers. + +mod_auth_tkt itself is completely repository-agnostic, as the actual +authentication is done by a user-supplied CGI or script in your language of +choice (examples are provided in Perl, with contrib libraries for use with +python and PHP). This allows authentication against virtually any kind of user +repository you can imagine (password files, ldap directories, databases, etc.) + +mod_auth_tkt supports inactivity timeouts (including the ability to control how +aggressively the ticket is refreshed), the ability to include arbitrary user +data within the cookie, configurable cookie names and domains, and token-based +access to subsections of a site. + +mod_auth_tkt works by checking incoming Apache requests for a (user-defined) +cookie containing a valid authentication ticket. The ticket is checked by +generating an MD5 checksum for the username and any (optional) user data from +the ticket together with the requesting IP address and a shared secret +available to the server. If the generated MD5 checksum matches the ticket's +checksum, the ticket is valid and the request is authorised. Requests without a +valid ticket are redirected to a configurable URL which is expected to validate +the user and generate a ticket for them. This package includes a Perl module +and working CGI scripts for generating the cookies, as well as contributed +classes for PHP and Python environments. %package cgi -Release: 1%{?org_tag}%{?dist} -Summary: CGI scripts for mod_auth_tkt apache authentication modules. +Summary: CGI scripts for mod_auth_tkt Group: Applications/System Requires: %{name} = %{version} +Requires: perl(Apache::Htpasswd) %description cgi Perl CGI scripts for use with mod_auth_tkt. - %prep -%setup -n mod_auth_tkt-%{version} -%patch0 -p1 +%setup -n %{name}-%{version} %build -test %{debug} == 1 && DEBUG='--debug' -MOD_PERL=`rpm -q mod_perl | grep '^mod_perl' || /bin/true` -if [ -n "$MOD_PERL" -a %{test} == 1 ]; then - ./configure --apxs=%{apxs} --test $DEBUG - make - make test -else - ./configure --apxs=%{apxs} $DEBUG - make -fi +./configure --apxs="%{_sbindir}/apxs" --apachever="2.2" +%{__make} %{?_smp_mflags} %install -test "$RPM_BUILD_ROOT" != "/" && rm -rf $RPM_BUILD_ROOT -mkdir -p $RPM_BUILD_ROOT%{_libdir}/%{httpd}/modules -mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/%{httpd}/conf.d -#mkdir -p $RPM_BUILD_ROOT/usr/share/doc/%{name}-%{version}/cgi -mkdir -p $RPM_BUILD_ROOT/usr/share/doc/%{name}-%{version}/contrib +%{__rm} -rf %{buildroot} +mkdir -p $RPM_BUILD_ROOT%{_libdir}/httpd/modules +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d mkdir -p $RPM_BUILD_ROOT/var/www/auth -#mkdir -p $RPM_BUILD_ROOT/%{perl_vendorlib}/Apache -if [ %{httpd} == apache ]; then - %{apxs} -i -n "auth_tkt" -S LIBEXECDIR=$RPM_BUILD_ROOT%{_libdir}/%{httpd}/modules src/mod_auth_tkt.so -else - %{apxs} -i -n "auth_tkt" -S LIBEXECDIR=$RPM_BUILD_ROOT%{_libdir}/%{httpd}/modules src/mod_auth_tkt.la -fi -install -m 644 conf/02_auth_tkt.conf $RPM_BUILD_ROOT%{_sysconfdir}/%{httpd}/conf.d/ -install -m 644 conf/auth_tkt_cgi.conf $RPM_BUILD_ROOT%{_sysconfdir}/%{httpd}/conf.d/ -#cp cgi/Apache/* $RPM_BUILD_ROOT/%{perl_vendorlib}/Apache -#cp -pr cgi/* $RPM_BUILD_ROOT/usr/share/doc/%{name}-%{version}/cgi -#rm -rf $RPM_BUILD_ROOT/usr/share/doc/%{name}-%{version}/cgi/Apache +/usr/sbin/apxs -i -n "auth_tkt" -S LIBEXECDIR=$RPM_BUILD_ROOT%{_libdir}/httpd/modules src/mod_auth_tkt.la +install -m 644 conf/02_auth_tkt.conf $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/ +install -m 644 conf/auth_tkt_cgi.conf $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/ cp -pr cgi/* $RPM_BUILD_ROOT/var/www/auth rm -rf $RPM_BUILD_ROOT/var/www/auth/Apache -cp -pr contrib/* $RPM_BUILD_ROOT/usr/share/doc/%{name}-%{version}/contrib -rm -rf $RPM_BUILD_ROOT/usr/share/doc/%{name}-%{version}/contrib/t -cp -pr README* INSTALL LICENSE CREDITS $RPM_BUILD_ROOT/usr/share/doc/%{name}-%{version} -cd doc +pushd doc make DESTDIR=$RPM_BUILD_ROOT install +popd %clean -test "$RPM_BUILD_ROOT" != "/" && rm -rf $RPM_BUILD_ROOT +%{__rm} -rf %{buildroot} %files -%defattr(-,root,root) -%{_libdir}/%{httpd} -#%{perl_vendorlib}/Apache/AuthTkt.pm -%doc /usr/share/doc/%{name}-%{version} -%attr(0640,root,apache) %config(noreplace) %{_sysconfdir}/%{httpd}/conf.d/02_auth_tkt.conf -/usr/share/man/*/* +%defattr(-, root, root) +%doc README* INSTALL LICENSE ChangeLog CREDITS contrib/ +%doc %{_mandir}/man?/* +%config(noreplace) %{_sysconfdir}/httpd/conf.d/02_auth_tkt.conf +%{_libdir}/httpd/modules/* %files cgi -%defattr(-,root,root) -%attr(0640,root,apache) %config(noreplace) %{_sysconfdir}/%{httpd}/conf.d/auth_tkt_cgi.conf +%defattr(-, root, root) +%attr(0640,root,apache) %config(noreplace) %{_sysconfdir}/httpd/conf.d/auth_tkt_cgi.conf %config(noreplace)/var/www/auth/AuthTktConfig.pm %config(noreplace)/var/www/auth/tkt.css /var/www/auth/*.cgi %changelog -* Mon Jun 13 2016 JP Pialasse 2.3.99b1-3 -- backport to SME9 -- fix redirection when proxy ssl [SME: 8825] -- update apxs path for SME9 (sbin) - -* Tue Mar 15 2016 Daniel Berteaud 2.3.99b1-2 -- Tweaks in spec file so it can build in mock/plague [SME: 9310] - -* Fri Jul 31 2015 Gavin Carr 2.3.99b1-1 -- Update to version 2.3.99b1, 2.4 release beta1. - -* Fri Jul 10 2009 Gavin Carr 2.1.0 -- Bump version number to 2.1.0 for final 2.1 release. - -* Sat Mar 28 2009 Gavin Carr 2.0.99b2 -- Bump version number to 2.0.99b2, second beta release of 2.1 branch. -- Fix bug with partial-cookie-names incorrectly matching. - -* Thu Mar 05 2009 Gavin Carr 2.0.99b1 -- Bump version number to 2.0.99b1, first beta release of 2.1 branch. -- Add support for SHA256 digests. -- Add TKTAuthSecretOld support. - -* Fri Feb 27 2009 Gavin Carr 2.0.0-1 -- Bump to final version 2.0.0. - -* Fri Feb 27 2009 Gavin Carr 2.0.0-1 -- Bump to final version 2.0.0. - -* Tue Mar 04 2008 Gavin Carr 2.0.0rc4-1 -- Bump to version 2.0.0rc4. - -* Tue Mar 04 2008 Gavin Carr 2.0.0rc3-1 -- Set explicit servername in t/TESTS to fix general test failures. -- Add explicit Apache 2.2 support. -- Add separate mod_auth_tkt-cgi package containing /var/www/auth CGI scripts. -- Factor out cgi config settings into AuthTktConfig.pm. -- Bump to version 2.0.0rc3. - -* Wed Nov 28 2006 Gavin Carr 2.0.0rc2 -- Bump to version 2.0.0rc2. - -* Wed Nov 01 2006 Charlie Brady 2.0.0rc1-2 -- Move Apache::AuthTkt into perl's vendorarch directory. - -* Mon Apr 10 2006 Gavin Carr 2.0.0rc1 -- Add mod_auth_tkt man page. -- Add TKTAuthDebug support, instead of compile-time debug flag. -- Add TKTAuthPostTimeoutURL support (Michael Peters). - -* Mon Oct 24 2005 Gavin Carr 2.0.0b7 -- Deprecate TKTAuthTimeoutMin, replacing with TKTAuthTimeout, using units like - TKTAuthCookieExpires. -- Split out TKTAuthCookieSecure functionality from TKTAuthRequireSSL (Larry - Lansing). -- Add TKTAuthCookieExpires directive for guest cookies and refreshes. -- Add TKTAuthGuestUser %U format support for UUIDs with Apache 2. -- Add TKTAuthGuestUser support for setting guest user explicitly. -- Fix URI and HTML escaping issues with cgi scripts (Viljo Viitanen). -- Update CGI scripts to get local settings via Apache::AuthTkt parse_conf values. -- Update Apache::AuthTkt to new version (0.03) with parse_conf support. -- Add server config merge support to allow global secrets with vhosts. - -* Mon Aug 01 2005 Gavin Carr 2.0.0b6 -- Update specfile to support basic building against apache 1. -- Fixed bug with non-base64 quoted ticket values not being parsed correctly. - -* Tue Jun 14 2005 Gavin Carr 2.0.0b5 -- Change back url formation to use Host header, not server name/port. -- Get cookie_match to skip empty cookies it finds (e.g. logout misconfigs). -- Add Ian Bicking's AuthTicket python class in contrib. -- Add TKTAuthGuestLogin support based on patch from Ian Bicking. -- Add DEBUG_VERBOSE support based on patch from Ian Bicking. -- Fixed bug with test harness not generating local module correctly. - -* Mon May 30 2005 Gavin Carr 2.0.0b4 -- Change build to include 'make test' only if mod_perl is available. - -* Sat Apr 30 2005 Gavin Carr 2.0.0b3 - -* Thu Feb 21 2005 Gavin Carr 2.0.0b2 -- Initial release. - +* Tue Mar 23 2010 Steve Huff - 2.1.0-2 - 8700/shuff +- The CGI Apache config file goes in the cgi package. +* Wed Feb 10 2010 Steve Huff - 2.1.0-1 +- Initial package.