rpms/mod_auth_gssapi
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import mod_auth_gssapi-1.6.1-6.el8

Browse Source
This commit is contained in:
CentOS Sources 2019-08-02 04:30:06 -04:00 committed by Stepan Oksanichenko
commit 5f6ca65d6a
7 changed files with 339 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
SOURCES/mod_auth_gssapi-1.6.1.tar.gz

1
.mod_auth_gssapi.metadata Normal file
View File

@ -0,0 +1 @@
5dfc4eef25efad5313724bd6a1e55266a6667302 SOURCES/mod_auth_gssapi-1.6.1.tar.gz

38
SOURCES/Fix-integer-sizes-used-with-ap_set_flag_slot.patch Normal file
View File

@ -0,0 +1,38 @@
From d681fe586a4f4258c5d61237511dd19c1fa84904 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Tue, 19 Feb 2019 13:55:12 -0500
Subject: [PATCH] Fix integer sizes used with ap_set_flag_slot()
ap_set_flag_slot() requires a field of type `int`. Previously we
passed type `bool` in two places, causing test failures on s390x
because logging was not correctly configured.
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit f89b876be5619d750e6ab4ea6e730a9a26b1cac4)
(cherry picked from commit 73c690ca9bd1d470c603f5e1ee48d2384941ae55)
---
src/mod_auth_gssapi.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/mod_auth_gssapi.h b/src/mod_auth_gssapi.h
index 71404ff..8c0b972 100644
--- a/src/mod_auth_gssapi.h
+++ b/src/mod_auth_gssapi.h
@@ -79,7 +79,7 @@ struct mag_config {
gid_t deleg_ccache_gid;
gss_key_value_set_desc *cred_store;
bool deleg_ccache_unique;
- bool s4u2self;
+ int s4u2self;
char *ccname_envvar;
#endif
struct seal_key *mag_skey;
@@ -90,7 +90,7 @@ struct mag_config {
bool negotiate_once;
struct mag_name_attributes *name_attributes;
const char *required_na_expr;
- bool enverrs;
+ int enverrs;
gss_name_t acceptor_name;
bool acceptor_name_from_req;
};

47
SOURCES/Fix-tests-to-work-with-python3.patch Normal file
View File

@ -0,0 +1,47 @@
From 613933383aa352bb8f350f43ecb393a0604016cc Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Fri, 21 Dec 2018 11:50:16 -0500
Subject: [PATCH] Fix tests to work with python3
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit 751eb09e7abf38f49fc525e1616d48a6f951673f)
(cherry picked from commit d2748e79d31f153505f944b09a4790c6231dcd79)
---
tests/magtests.py | 3 ++-
tests/t_spnego_proxy.py | 2 +-
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/tests/magtests.py b/tests/magtests.py
index 6414503..f14f47a 100755
--- a/tests/magtests.py
+++ b/tests/magtests.py
@@ -431,7 +431,7 @@ def kinit_user(testdir, kdcenv):
stdin=subprocess.PIPE,
stdout=logfile, stderr=logfile,
env=testenv, preexec_fn=os.setsid)
- kinit.communicate('%s\n' % USR_PWD)
+ kinit.communicate(('%s\n' % USR_PWD).encode("utf8"))
kinit.wait()
if kinit.returncode != 0:
raise ValueError('kinit failed')
@@ -495,6 +495,7 @@ def test_spnego_auth(testdir, testenv, logfile):
else:
sys.stderr.write('SPNEGO No Auth: SUCCESS\n')
+
return error_count
diff --git a/tests/t_spnego_proxy.py b/tests/t_spnego_proxy.py
index 6219721..c47558b 100755
--- a/tests/t_spnego_proxy.py
+++ b/tests/t_spnego_proxy.py
@@ -17,7 +17,7 @@ def getAuthToken(target):
ctx = gssapi.SecurityContext(name=name, mech=spnego_mech)
token = ctx.step()
- return 'Negotiate %s' % b64encode(token)
+ return 'Negotiate %s' % b64encode(token).decode()
if __name__ == '__main__':

43
SOURCES/In-tests-show-the-exception-on-failure.patch Normal file
View File

@ -0,0 +1,43 @@
From 3fc1f9f5d7f5a33900572b419ecdfd2d3672ceca Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Fri, 21 Dec 2018 10:50:49 -0500
Subject: [PATCH] In tests, show the exception on failure
Otherwise, the user might get nothing at all out, depending on what failed.
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit 881f98ee08f6d8d7a2352ab2f3e8e38845cf8039)
(cherry picked from commit 1de81677f1878ea1667b56169fe714d685771b4e)
---
tests/magtests.py | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/tests/magtests.py b/tests/magtests.py
index 576e88f..6414503 100755
--- a/tests/magtests.py
+++ b/tests/magtests.py
@@ -8,6 +8,7 @@ import shutil
import signal
import subprocess
import sys
+import traceback
# check that we can import requests (for use in test scripts)
import requests
@@ -207,7 +208,6 @@ def setup_test_certs(testdir, testenv, logfile):
with open(opensslcnf, 'w+') as f:
f.write(text)
- print(pkinit_key)
cmd = subprocess.Popen(["openssl", "genrsa", "-out", pkinit_key,
"2048"], stdout=logfile,
stderr=logfile, env=testenv,
@@ -718,6 +718,8 @@ if __name__ == '__main__':
errs += test_basic_auth_krb5(testdir, testenv, logfile)
errs += test_no_negotiate(testdir, testenv, logfile)
+ except Exception:
+ traceback.print_exc()
finally:
for name in processes:
logfile.write("Killing %s\n" % name)

40
SOURCES/tests-Test-suite-fixes-for-virtualenv-and-clang.patch Normal file
View File

@ -0,0 +1,40 @@
From ce83aa116397fb71143e5b1363ce7563f7a4444d Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Mon, 11 Mar 2019 14:56:31 -0400
Subject: [PATCH] [tests] Test suite fixes for virtualenv and clang
- Typo fix - VIRTUAL_ENV in magtests.py
- testenv object manipulation fix in magtests.py
- Work around -fstack-clash-protection problems in clang
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit 6aa0a5bfe9d60a50cf36c561268c5d7c1fdb2f0e)
[rharwood@redhat.com: drop Travis goo]
(cherry picked from commit 11c966cc630393e322ef6b88df91d16247bbfc37)
---
tests/magtests.py | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/tests/magtests.py b/tests/magtests.py
index f14f47a..a4842a0 100755
--- a/tests/magtests.py
+++ b/tests/magtests.py
@@ -687,7 +687,7 @@ if __name__ == '__main__':
# support virtualenv
testenv['PATH'] = os.environ.get('PATH', '')
- testenv['ViRTUAL_ENV'] = os.environ.get('VIRTUAL_ENV', '')
+ testenv['VIRTUAL_ENV'] = os.environ.get('VIRTUAL_ENV', '')
testenv['DELEGCCACHE'] = os.path.join(testdir, 'httpd',
USR_NAME + '@' + TESTREALM)
@@ -716,6 +716,9 @@ if __name__ == '__main__':
'MAG_USER_NAME_2': USR_NAME_2,
'MAG_USER_PASSWORD_2': USR_PWD_2}
testenv.update(kdcenv)
+ testenv['PATH'] = os.environ.get('PATH', '')
+ testenv['VIRTUAL_ENV'] = os.environ.get('VIRTUAL_ENV', '')
+
errs += test_basic_auth_krb5(testdir, testenv, logfile)
errs += test_no_negotiate(testdir, testenv, logfile)

169
SPECS/mod_auth_gssapi.spec Normal file
View File

@ -0,0 +1,169 @@
Name: mod_auth_gssapi
Version: 1.6.1
Release: 6%{?dist}
Summary: A GSSAPI Authentication module for Apache
Group: System Environment/Daemons
License: MIT
URL: https://github.com/modauthgssapi/mod_auth_gssapi
Source0: https://github.com/modauthgssapi/%{name}/releases/download/v%{version}/%name-%{version}.tar.gz
Patch0: In-tests-show-the-exception-on-failure.patch
Patch1: Fix-tests-to-work-with-python3.patch
Patch2: tests-Test-suite-fixes-for-virtualenv-and-clang.patch
Patch3: Fix-integer-sizes-used-with-ap_set_flag_slot.patch
BuildRequires: httpd-devel, krb5-devel, openssl-devel, autoconf, automake, libtool
BuildRequires: gssntlmssp-devel
BuildRequires: git
Requires: httpd-mmn = %{_httpd_mmn}
Requires: krb5-libs >= 1.11.5
%description
The mod_auth_gssapi module is an authentication service that implements the
SPNEGO based HTTP Authentication protocol defined in RFC4559.
%prep
%autosetup -S git
%build
export APXS=%{_httpd_apxs}
autoreconf -fi
%configure
make %{?_smp_mflags}
%install
mkdir -p %{buildroot}%{_httpd_moddir}
install -m 755 src/.libs/%{name}.so %{buildroot}%{_httpd_moddir}
# Apache configuration for the module
echo "LoadModule auth_gssapi_module modules/mod_auth_gssapi.so" > 10-auth_gssapi.conf
mkdir -p %{buildroot}%{_httpd_modconfdir}
install -m 644 10-auth_gssapi.conf %{buildroot}%{_httpd_modconfdir}
%files
%doc
%defattr(-,root,root)
%doc README COPYING
%config(noreplace) %{_httpd_modconfdir}/10-auth_gssapi.conf
%{_httpd_moddir}/mod_auth_gssapi.so
%changelog
* Fri Mar 22 2019 Robbie Harwood <rharwood@redhat.com> - 1.6.1-6
- Gating update
- Resolves: #1682259
* Mon Mar 18 2019 Robbie Harwood <rharwood@redhat.com> - 1.6.1-5
- Fix integer sizes used with ap_set_flag_slot()
- Resolves: #1674501
* Mon Mar 18 2019 Robbie Harwood <rharwood@redhat.com> - 1.6.1-4
- Fix virtualenv logic and add gating
- Resolves: #1682259
* Thu Mar 14 2019 Robbie Harwood <rharwood@redhat.com> - 1.6.1-3
- Fix tests to work with python3
- Resolves: #1661589
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Mon Apr 23 2018 Robbie Harwood <rharwood@redhat.com> - 1.6.1-1
- Release 1.6.1
- Resolves: #1570271
* Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Mon Nov 06 2017 Robbie Harwood <rharwood@redhat.com> - 1.6.0-1
- Release 1.6.0
* Fri Oct 27 2017 Robbie Harwood <rharwood@redhat.com> - 1.5.1-6
- Document gssapi-no-negotiate
* Tue Oct 03 2017 Robbie Harwood <rharwood@redhat.com> - 1.5.1-5
- Handle extra large NSS entries
- Resolves: #1498175
* Mon Oct 02 2017 Robbie Harwood <rharwood@redhat.com> - 1.5.1-4
- Allow admins to selectively suppress negotiation
- Migrate to autosetup
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Thu Mar 9 2017 Simo Sorce <simo@redhat.com> - 1.5.1-1
- Korabl-Sputnik 4 launch (1.5.1)
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Mon Jan 16 2017 Simo Sorce <simo@redhat.com> - 1.5.0-1
- Last listoff of Space Shuttle Columbia release (1.5.0)
* Mon Nov 14 2016 Joe Orton <jorton@redhat.com> - 1.4.1-2
- rebuild for new OpenSSL
* Mon Aug 15 2016 Robbie Harwood <rharwood@redhat.com> 1.4.1-1
- Mishka & Chizhik fly on a rocket release (1.4.1)
- Fix bogus changelog date
* Fri Jun 17 2016 Simo Sorce <simo@redhat.com> 1.4.0-1
- Lunar Reconnaissance Orbiter (2009) release (1.4.0)
* Mon Feb 22 2016 Simo Sorce <simo@redhat.com> 1.3.2-1
- NEAR Shoemaker launch (1996) release (1.3.2)
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Thu Sep 3 2015 Simo Sorce <simo@redhat.com> 1.3.1-1
- Viking 2 landing (1976) release (1.3.1)
* Tue Jul 7 2015 Simo Sorce <simo@redhat.com> 1.3.0-2
- Fix annoying incorrect behavior with simple configuration where
GssapiAllowedMech is not used.
* Sat Jul 4 2015 Simo Sorce <simo@redhat.com> 1.3.0-1
- US Independence Day Release
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Tue Apr 21 2015 Simo Sorce <simo@redhat.com> 1.2.0-1
- New minor release 1.2.0
- Adds delegation support on Basic Auth
- Response fix, send last auth token on successful auth
* Tue Mar 31 2015 Simo Sorce <simo@redhat.com> 1.1.0-3
- Fix some authentication issues
* Thu Mar 26 2015 Simo Sorce <simo@redhat.com> 1.1.0-2
- Fix saving delegated credentials for SPNs
* Thu Mar 12 2015 Simo Sorce <simo@redhat.com> 1.1.0-1
- New minor release 1.1.0
- New feature: Basic Auth support
- Improvements: Better crypto for sesison cookies
* Sat Nov 8 2014 Simo Sorce <simo@redhat.com> 1.0.4-1
- Patch release 1.0.4
- logging initialization fixes
- additional build fixes
* Sat Oct 11 2014 Simo Sorce <simo@redhat.com> 1.0.3-1
- Patch release 1.0.3
- fixes some build issues on various distros
* Wed Aug 27 2014 Simo Sorce <simo@redhat.com> 1.0.2-1
- Adds documntation to README
- fixes bad bug that crippled configuration
* Thu Aug 14 2014 Simo Sorce <simo@redhat.com> 1.0.1-1
- Patch release 1.0.1
* Mon Aug 4 2014 Simo Sorce <simo@redhat.com> 1.0.0-1
- First release