From owner-freebsd-ports-bugs@FreeBSD.ORG Fri Aug 8 15:20:17 2003 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 050CB37B401 for ; Fri, 8 Aug 2003 15:20:17 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id C000643FDF for ; Fri, 8 Aug 2003 15:20:15 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h78MKFUp025236 for ; Fri, 8 Aug 2003 15:20:15 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h78MKFdw025235; Fri, 8 Aug 2003 15:20:15 -0700 (PDT) Resent-Date: Fri, 8 Aug 2003 15:20:15 -0700 (PDT) Resent-Message-Id: <200308082220.h78MKFdw025235@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, David Sze Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0873A37B401 for ; Fri, 8 Aug 2003 15:12:40 -0700 (PDT) Received: from pooh.distrust.net (CPE00a0cce2b1a4-CM0010952260cb.cpe.net.cable.rogers.com [63.138.67.69]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0588F43FCB for ; Fri, 8 Aug 2003 15:12:39 -0700 (PDT) (envelope-from dsze@pooh.distrust.net) Received: from pooh.distrust.net (dsze@localhost [127.0.0.1]) by pooh.distrust.net (8.12.8p1/8.12.8) with ESMTP id h78MCUtp090340 for ; Fri, 8 Aug 2003 18:12:37 -0400 (EDT) (envelope-from dsze@pooh.distrust.net) Received: (from dsze@localhost) by pooh.distrust.net (8.12.8p1/8.12.8/Submit) id h78MCTcb090339; Fri, 8 Aug 2003 18:12:29 -0400 (EDT) Message-Id: <200308082212.h78MCTcb090339@pooh.distrust.net> Date: Fri, 8 Aug 2003 18:12:29 -0400 (EDT) From: David Sze To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Subject: ports/55401: mod_auth_digest for ports/www/apache13 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: David Sze List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Aug 2003 22:20:17 -0000 >Number: 55401 >Category: ports >Synopsis: mod_auth_digest for ports/www/apache13 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Fri Aug 08 15:20:15 PDT 2003 >Closed-Date: >Last-Modified: >Originator: David Sze >Release: FreeBSD 4.8-RELEASE i386 >Organization: >Environment: System: FreeBSD abc.example.com 4.8-RELEASE FreeBSD 4.8-RELEASE #0: Mon Apr 21 21:11:07 EDT 2003 root@abc.example.com:/usr/src/sys/compile/ABC i386 >Description: Patch for ports/www/apache13 to compile and install the experimental mod_auth_digest, since according to http://httpd.apache.org/docs/howto/auth.html#digest the mod_digest that is already included implements and older version of the digest authentication spec, and does not work with newer browsers. >How-To-Repeat: >Fix: The following patch should be applied to the ports/www/apache13 directory. In addition to modifying Makefile and pkg-plist, the following two patches are added to the files/ directory: 1. patch-src:modules:experimental:mod_auth_digest.c 2. auth-digest-ie-patch The first is mandatory and renames the module export name from 'digest_auth_module' to 'auth_digest_module' since the latter is what Apache's automatic install script expects. The second patch is optional (conditional on WITH_IE_AUTH_DIGEST_HACK) and is only required if Internet Explorer is being used with digest authentication and a website that uses query strings. --- apache13.mod_auth_digest.patch begins here --- --- Makefile.orig Fri Aug 8 16:10:04 2003 +++ Makefile Fri Aug 8 17:37:40 2003 @@ -7,6 +7,7 @@ PORTNAME= apache PORTVERSION= 1.3.28 +PORTREVISION= 1 CATEGORIES= www MASTER_SITES= ${MASTER_SITE_APACHE_HTTPD} DISTNAME= apache_${PORTVERSION} @@ -76,6 +77,7 @@ --enable-module=most \ --enable-module=auth_db \ --enable-module=mmap_static \ + --enable-module=auth_digest \ --disable-module=auth_dbm \ --enable-shared=max \ ${SUEXEC_CONF} \ @@ -114,9 +116,31 @@ MAN8= ab.8 apachectl.8 apxs.8 httpd.8 logresolve.8 rotatelogs.8 \ ${SUEXEC_MAN} +.if !defined(WITH_IE_AUTH_DIGEST_HACK) +pre-fetch: + @${ECHO} + @${ECHO} If you plan to use HTTP digest authentication with content + @${ECHO} that uses query strings \(e.g. \"GET\" forms\), and you need + @${ECHO} to support Internet Explorer, then define the variable + @${ECHO} WITH_IE_AUTH_DIGEST_HACK + @${ECHO} + @/bin/sleep 2 +.endif + post-extract: @${SED} -e "s=%%PREFIX%%=${PREFIX}=g" ${FILESDIR}/apache.sh \ > ${WRKSRC}/apache.sh + +.if defined(WITH_IE_AUTH_DIGEST_HACK) +post-patch: + @${ECHO_MSG} "===> Applying IE mod_auth_digest hack to ignore query string" + @if ${PATCH} ${PATCH_ARGS} < ${PATCHDIR}/auth-digest-ie-patch; then \ + ${ECHO_MSG} "===> Patch auth-digest-ie-patch applied successfully"; \ + else \ + ${ECHO_MSG} ">>Patch auth-digest-ie-patch failed to apply cleanly"; \ + ${FALSE}; \ + fi +.endif pre-install: PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL --- pkg-plist.orig Fri Aug 8 16:47:11 2003 +++ pkg-plist Fri Aug 8 12:06:46 2003 @@ -75,6 +75,7 @@ libexec/apache/mod_auth.so libexec/apache/mod_auth_anon.so libexec/apache/mod_auth_db.so +libexec/apache/mod_auth_digest.so libexec/apache/mod_autoindex.so libexec/apache/mod_cern_meta.so libexec/apache/mod_cgi.so diff -N -u files.orig/auth-digest-ie-patch files/auth-digest-ie-patch --- files.orig/auth-digest-ie-patch Wed Dec 31 19:00:00 1969 +++ files/auth-digest-ie-patch Fri Aug 8 16:45:00 2003 @@ -0,0 +1,15 @@ +--- src/modules/experimental/mod_auth_digest.c.orig Fri Aug 8 16:35:39 2003 ++++ src/modules/experimental/mod_auth_digest.c Fri Aug 8 16:44:50 2003 +@@ -1632,10 +1632,12 @@ + /* or '*' matches empty path in scheme://host */ + && !(d_uri.path && !r_uri.path && resp->psd_request_uri->hostname + && d_uri.path[0] == '*' && d_uri.path[1] == '\0')) ++#if 0 + /* check that query matches */ + || (d_uri.query != r_uri.query + && (!d_uri.query || !r_uri.query + || strcmp(d_uri.query, r_uri.query))) ++#endif + ) { + ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, + "Digest: uri mismatch - <%s> does not match " diff -N -u files.orig/patch-src:modules:experimental:mod_auth_digest.c files/patch-src:modules:experimental:mod_auth_digest.c --- files.orig/patch-src:modules:experimental:mod_auth_digest.c Wed Dec 31 19:00:00 1969 +++ files/patch-src:modules:experimental:mod_auth_digest.c Fri Aug 8 16:44:03 2003 @@ -0,0 +1,86 @@ +--- src/modules/experimental/mod_auth_digest.c.orig Sat Feb 15 23:42:24 2003 ++++ src/modules/experimental/mod_auth_digest.c Fri Aug 8 16:35:39 2003 +@@ -97,7 +97,7 @@ + + /* The section for the Configure script: + * MODULE-DEFINITION-START +- * Name: digest_auth_module ++ * Name: auth_digest_module + * ConfigStart + + RULE_DEV_RANDOM=`./helpers/CutRule DEV_RANDOM $file` +@@ -262,7 +262,7 @@ + static void *client_mm = NULL; + #endif /* HAVE_SHMEM_MM */ + +-module MODULE_VAR_EXPORT digest_auth_module; ++module MODULE_VAR_EXPORT auth_digest_module; + + /* + * initialization code +@@ -980,7 +980,7 @@ + resp->raw_request_uri = r->unparsed_uri; + resp->psd_request_uri = &r->parsed_uri; + resp->needed_auth = 0; +- ap_set_module_config(r->request_config, &digest_auth_module, resp); ++ ap_set_module_config(r->request_config, &auth_digest_module, resp); + + res = get_digest_rec(r, resp); + resp->client = get_client(resp->opaque_num, r); +@@ -1554,14 +1554,14 @@ + while (mainreq->main != NULL) mainreq = mainreq->main; + while (mainreq->prev != NULL) mainreq = mainreq->prev; + resp = (digest_header_rec *) ap_get_module_config(mainreq->request_config, +- &digest_auth_module); ++ &auth_digest_module); + resp->needed_auth = 1; + + + /* get our conf */ + + conf = (digest_config_rec *) ap_get_module_config(r->per_dir_config, +- &digest_auth_module); ++ &auth_digest_module); + + + /* check for existence and syntax of Auth header */ +@@ -1787,7 +1787,7 @@ + { + const digest_config_rec *conf = + (digest_config_rec *) ap_get_module_config(r->per_dir_config, +- &digest_auth_module); ++ &auth_digest_module); + const char *user = r->connection->user; + int m = r->method_number; + int method_restricted = 0; +@@ -1857,7 +1857,7 @@ + + note_digest_auth_failure(r, conf, + (digest_header_rec *) ap_get_module_config(r->request_config, +- &digest_auth_module), ++ &auth_digest_module), + 0); + return AUTH_REQUIRED; + } +@@ -1882,10 +1882,10 @@ + { + const digest_config_rec *conf = + (digest_config_rec *) ap_get_module_config(r->per_dir_config, +- &digest_auth_module); ++ &auth_digest_module); + digest_header_rec *resp = + (digest_header_rec *) ap_get_module_config(r->request_config, +- &digest_auth_module); ++ &auth_digest_module); + const char *ai = NULL, *digest = NULL, *nextnonce = ""; + + if (resp == NULL || !resp->needed_auth || conf == NULL) +@@ -2024,7 +2024,7 @@ + } + + +-module MODULE_VAR_EXPORT digest_auth_module = ++module MODULE_VAR_EXPORT auth_digest_module = + { + STANDARD_MODULE_STUFF, + initialize_module, /* initializer */ --- apache13.mod_auth_digest.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted: