From nobody Sun Apr 27 20:02:48 2025 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ZlyDT0xChz5vGyP; Sun, 27 Apr 2025 20:02:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4ZlyDS4m8Yz47Py; Sun, 27 Apr 2025 20:02:48 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1745784168; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=M07jh7EfMYgspF5luACfUa0ntNQkDjE75TKslx02SaI=; b=KpSSzdgD52HPBiczu84RwRXnAERhtqkDhIBsJ8ND4fQ3+1xjrATDANDc0BXzjdHxlTprar mYYluhisG4voAGjPpMjAhyN8MBU85D0zRGloqCU11ko8Jm4Vg0j8FyK08j7d5eMdqVtgPP 0fj85js0DXAMbrozGIV6qHKGmP8OifjYuIRjijYNqgN+ZUp/hJAzNsxZgCoXIlyJrWv5KP SBua440eiJATsYIZXlnaQfBfVo1iAaJn6D4pI+TQDOQLdAVy5kVahX4A0g/B6LNOoIeFeV h5neeo+yn8/XPeZDv2F1RXcmgruaaaPOEmi5A8PClhuBXogNsnDmBbkz1/6a/Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1745784168; a=rsa-sha256; cv=none; b=W0H/Dwi9dL1fxLIn5MVLsIW/FNCSqu3yGELJAIHSdKTSxSntkHeD7F+uWncZICbxccBfhY rUFt17TSfQRz8ER9DF5wWUO1jAY7/T2nHglRkbrnQEBckWQBEpawFuTcbf/RJa3ynnrpew 19WMELDcvkNBYM56h4VS/va9oyAuyryIrgnZPoJso+AdrhY/u5KjHRHYTg3InbCYqgyJzd FO0WnM2ukbYQdYUwxlfRbUPgWE550ApmyGCO/PLwqqV0te+6u7LaaBLs8Mfcyc2ttnars8 Y6r5lxAoqADZq/mrk5WeJwodhrcArSb4sRW83Dld7TCJKCTIK0BEYnXDS2l1yQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1745784168; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=M07jh7EfMYgspF5luACfUa0ntNQkDjE75TKslx02SaI=; b=meMpPSO1IZcwlG3w0FvAnU8UawsFnoSAKNlctsS5BoCNYK2Ggw+CF6sqkbBFl+m/s8s4zI +nU5/wK2F5tbRx0tCbqmRH/rSXYnhhbmV1z7muxpt4SHymTuEeOInIrErFi27AO33E/vEL 0V3qVCkLC2Xf9krkrYSJ36FJLVISwc93jvxYWeIf9wVE9+p/V617hOLzCFjc4ABedi/uQ9 M3VzHN1QPrksDV1c9olVi5Nkw3WQOKZ9wR4/XQvmdaJwKBrVJFbRWIvc355vJi9Q42o1kt CzaBPLsVsjwiq1H3Hswhkw0sLHCUIUyPToV+8XYsdDYNhLKdLMiTXIyO4t0PiA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4ZlyDS4LGhz1Jln; Sun, 27 Apr 2025 20:02:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 53RK2mGt088896; Sun, 27 Apr 2025 20:02:48 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 53RK2mi0088892; Sun, 27 Apr 2025 20:02:48 GMT (envelope-from git) Date: Sun, 27 Apr 2025 20:02:48 GMT Message-Id: <202504272002.53RK2mi0088892@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Muhammad Moinur Rahman Subject: git: da3985ecfc4e - main - www/mod_auth_kerb2: Refactor List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-ports-main@freebsd.org Sender: owner-dev-commits-ports-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: bofh X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: da3985ecfc4e6fe022a6fe1890724755c76b3fe4 Auto-Submitted: auto-generated The branch main has been updated by bofh: URL: https://cgit.FreeBSD.org/ports/commit/?id=da3985ecfc4e6fe022a6fe1890724755c76b3fe4 commit da3985ecfc4e6fe022a6fe1890724755c76b3fe4 Author: Muhammad Moinur Rahman AuthorDate: 2025-04-27 20:01:14 +0000 Commit: Muhammad Moinur Rahman CommitDate: 2025-04-27 20:02:35 +0000 www/mod_auth_kerb2: Refactor - Replace @exec with @postexec/@postunexec - Replace PORTVERSION with DISTVERSION - Pet portclippy - Refresh patches --- www/mod_auth_kerb2/Makefile | 17 ++++--- www/mod_auth_kerb2/files/patch-Makefile.in | 6 +-- .../files/patch-spnegokrb5__spnegokrb5_locl.h | 4 +- .../files/patch-src__mod_auth_kerb.c | 54 +++++++++++----------- www/mod_auth_kerb2/pkg-plist | 4 +- 5 files changed, 44 insertions(+), 41 deletions(-) diff --git a/www/mod_auth_kerb2/Makefile b/www/mod_auth_kerb2/Makefile index e43a2e6bd601..0d4a0df8a6a3 100644 --- a/www/mod_auth_kerb2/Makefile +++ b/www/mod_auth_kerb2/Makefile @@ -1,6 +1,6 @@ PORTNAME= mod_auth_kerb -PORTVERSION= 5.4 -PORTREVISION= 8 +DISTVERSION= 5.4 +PORTREVISION= 9 CATEGORIES= www MASTER_SITES= SF/modauthkerb/${PORTNAME}/${PORTNAME}-${PORTVERSION} PKGNAMEPREFIX= ${APACHE_PKGNAMEPREFIX} @@ -12,22 +12,25 @@ WWW= https://modauthkerb.sourceforge.net/ LICENSE= MIT BSD3CLAUSE LICENSE_COMB= multi -LICENSE_FILE_MIT= ${WRKSRC}/LICENSE LICENSE_FILE_BSD3CLAUSE= ${WRKSRC}/LICENSE - -PORTSCOUT= limit:^5.4 +LICENSE_FILE_MIT= ${WRKSRC}/LICENSE USES= apache + GNU_CONFIGURE= yes CONFIGURE_ARGS= -with-krb5=${GSSAPIBASEDIR} --without-krb4 -OPTIONS_SINGLE= GSSAPI +PORTSCOUT= limit:^5.4 + OPTIONS_DEFAULT= GSSAPI_BASE +OPTIONS_SINGLE= GSSAPI OPTIONS_SINGLE_GSSAPI= GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT + GSSAPI_BASE_DESC= Use Base version of GSS API +GSSAPI_DESC= Use Base version of GSS API GSSAPI_HEIMDAL_DESC= Use Heimdal implementation of GSS API GSSAPI_MIT_DESC= Use MIT implementation of GSS API -GSSAPI_DESC= Use Base version of GSS API + GSSAPI_BASE_USES= gssapi GSSAPI_HEIMDAL_USES= gssapi:heimdal GSSAPI_MIT_USES= gssapi:mit diff --git a/www/mod_auth_kerb2/files/patch-Makefile.in b/www/mod_auth_kerb2/files/patch-Makefile.in index 0261485a0892..8d91ba790423 100644 --- a/www/mod_auth_kerb2/files/patch-Makefile.in +++ b/www/mod_auth_kerb2/files/patch-Makefile.in @@ -1,6 +1,6 @@ ---- Makefile.in.orig 2008-12-02 23:07:10.000000000 +0900 -+++ Makefile.in 2014-11-22 19:29:08.000000000 +0900 -@@ -16,7 +16,9 @@ +--- Makefile.in.orig 2008-12-02 14:07:10 UTC ++++ Makefile.in +@@ -16,7 +16,9 @@ install: ./apxs.sh "${CPPFLAGS}" "${LDFLAGS}" "${SPNEGO_SRCS}" "${APXS}" "-c" "src/mod_auth_kerb.c" install: diff --git a/www/mod_auth_kerb2/files/patch-spnegokrb5__spnegokrb5_locl.h b/www/mod_auth_kerb2/files/patch-spnegokrb5__spnegokrb5_locl.h index 4233afc2a435..524b747890b2 100644 --- a/www/mod_auth_kerb2/files/patch-spnegokrb5__spnegokrb5_locl.h +++ b/www/mod_auth_kerb2/files/patch-spnegokrb5__spnegokrb5_locl.h @@ -1,5 +1,5 @@ ---- spnegokrb5/spnegokrb5_locl.h.orig 2008-01-27 20:59:03.000000000 +0000 -+++ spnegokrb5/spnegokrb5_locl.h 2008-01-27 20:59:19.000000000 +0000 +--- spnegokrb5/spnegokrb5_locl.h.orig 2008-11-26 16:51:05 UTC ++++ spnegokrb5/spnegokrb5_locl.h @@ -1,6 +1,7 @@ #include #include diff --git a/www/mod_auth_kerb2/files/patch-src__mod_auth_kerb.c b/www/mod_auth_kerb2/files/patch-src__mod_auth_kerb.c index 54971802be39..163be6df75a5 100644 --- a/www/mod_auth_kerb2/files/patch-src__mod_auth_kerb.c +++ b/www/mod_auth_kerb2/files/patch-src__mod_auth_kerb.c @@ -6,8 +6,8 @@ # Patch to fix a bug in KrbSaveCredentials: # https://bugzilla.redhat.com/show_bug.cgi?id=688210 # ---- src/mod_auth_kerb.c.orig 2008-12-04 19:14:03.000000000 +0900 -+++ src/mod_auth_kerb.c 2014-11-22 19:34:12.000000000 +0900 +--- src/mod_auth_kerb.c.orig 2008-12-04 10:14:03 UTC ++++ src/mod_auth_kerb.c @@ -11,6 +11,12 @@ */ @@ -64,7 +64,7 @@ module AP_MODULE_DECLARE_DATA auth_kerb_module; #else module auth_kerb_module; -@@ -176,6 +191,7 @@ +@@ -176,6 +191,7 @@ typedef struct krb5_conn_data { char *authline; char *user; char *mech; @@ -72,7 +72,7 @@ int last_return; } krb5_conn_data; -@@ -298,7 +314,7 @@ +@@ -298,7 +314,7 @@ mod_auth_kerb_rc_store(krb5_context context, krb5_rcac } /* And this is the operations vector for our replay cache */ @@ -81,7 +81,7 @@ 0, "dfl", krb5_rc_dfl_init, -@@ -329,7 +345,7 @@ +@@ -329,7 +345,7 @@ static void *kerb_dir_create_config(MK_POOL *p, char * ((kerb_auth_config *)rec)->krb_ssl_preauthentication = 0; #endif #ifdef KRB5 @@ -90,23 +90,23 @@ ((kerb_auth_config *)rec)->krb_method_k5pass = 1; ((kerb_auth_config *)rec)->krb_method_gssapi = 1; #endif -@@ -347,9 +363,15 @@ +@@ -347,9 +363,15 @@ krb5_save_realms(cmd_parms *cmd, void *vsec, const cha return NULL; } +#ifdef APLOG_USE_MODULE -+static void + static void +log_rerror(const char *file, int line, int module_index, int level, int status, + const request_rec *r, const char *fmt, ...) +#else - static void ++static void log_rerror(const char *file, int line, int level, int status, const request_rec *r, const char *fmt, ...) +#endif { char errstr[1024]; va_list ap; -@@ -359,7 +381,9 @@ +@@ -359,7 +381,9 @@ log_rerror(const char *file, int line, int level, int va_end(ap); @@ -117,7 +117,7 @@ ap_log_rerror(file, line, level | APLOG_NOERRNO, status, r, "%s", errstr); #else ap_log_rerror(file, line, level | APLOG_NOERRNO, r, "%s", errstr); -@@ -527,7 +551,7 @@ +@@ -527,7 +551,7 @@ authenticate_user_krb4pwd(request_rec *r, user = apr_pstrcat(r->pool, user, "@", realm, NULL); MK_USER = user; @@ -126,7 +126,7 @@ apr_table_setn(r->subprocess_env, "KRBTKFILE", tkt_file_p); if (!conf->krb_save_credentials) -@@ -677,7 +701,8 @@ +@@ -677,7 +701,8 @@ verify_krb5_user(request_rec *r, krb5_context context, static krb5_error_code verify_krb5_user(request_rec *r, krb5_context context, krb5_principal principal, const char *password, krb5_principal server, @@ -136,7 +136,7 @@ { krb5_creds creds; krb5_get_init_creds_opt options; -@@ -869,8 +894,8 @@ +@@ -869,8 +894,8 @@ create_krb5_ccache(krb5_context kcontext, } apr_table_setn(r->subprocess_env, "KRB5CCNAME", ccname); @@ -147,7 +147,7 @@ *ccache = tmp_ccache; tmp_ccache = NULL; -@@ -926,7 +951,6 @@ +@@ -926,7 +951,6 @@ store_krb5_creds(krb5_context kcontext, return OK; } @@ -155,7 +155,7 @@ static int authenticate_user_krb5pwd(request_rec *r, kerb_auth_config *conf, -@@ -1061,7 +1085,7 @@ +@@ -1061,7 +1085,7 @@ authenticate_user_krb5pwd(request_rec *r, goto end; } MK_USER = apr_pstrdup (r->pool, name); @@ -164,7 +164,7 @@ free(name); if (conf->krb_save_credentials) -@@ -1280,6 +1304,7 @@ +@@ -1280,6 +1304,7 @@ get_gss_creds(request_rec *r, return 0; } @@ -172,7 +172,7 @@ static int cmp_gss_type(gss_buffer_t token, gss_OID oid) { -@@ -1306,6 +1331,7 @@ +@@ -1306,6 +1331,7 @@ cmp_gss_type(gss_buffer_t token, gss_OID oid) return memcmp(p, oid->elements, oid->length); } @@ -180,7 +180,7 @@ static int authenticate_user_gss(request_rec *r, kerb_auth_config *conf, -@@ -1438,15 +1464,15 @@ +@@ -1438,15 +1464,15 @@ authenticate_user_gss(request_rec *r, kerb_auth_config goto end; } @@ -201,7 +201,7 @@ major_status = gss_display_name(&minor_status, client_name, &output_token, NULL); gss_release_name(&minor_status, &client_name); -@@ -1549,28 +1575,52 @@ +@@ -1549,28 +1575,52 @@ static krb5_conn_data * #endif /* KRB5 */ static krb5_conn_data * @@ -261,7 +261,7 @@ set_kerb_auth_headers(request_rec *r, const kerb_auth_config *conf, int use_krb4, int use_krb5pwd, char *negotiate_ret_value) { -@@ -1607,51 +1657,16 @@ +@@ -1607,51 +1657,16 @@ static int } static int @@ -320,16 +320,16 @@ if (!auth_line) { set_kerb_auth_headers(r, conf, use_krb4, use_krb5, (use_krb5) ? "\0" : NULL); -@@ -1669,60 +1684,110 @@ +@@ -1669,60 +1684,110 @@ kerb_authenticate_user(request_rec *r) #endif (strcasecmp(auth_type, "Basic") == 0)) return DECLINED; -- -- if ( (prevauth = already_succeeded(r, auth_line)) == NULL) { -- ret = HTTP_UNAUTHORIZED; + if ((prevauth = already_authorized(r, auth_line)) == NULL) { + ret = HTTP_UNAUTHORIZED; +- if ( (prevauth = already_succeeded(r, auth_line)) == NULL) { +- ret = HTTP_UNAUTHORIZED; +- #ifdef KRB5 if (use_krb5 && conf->krb_method_gssapi && strcasecmp(auth_type, MECH_NEGOTIATE) == 0) { @@ -400,7 +400,8 @@ + type = ap_auth_type(r); + auth_line = ap_pbase64encode (r->pool, apr_psprintf(r->pool, "%s:%s", user, password)); + auth_line = apr_psprintf(r->pool, "Basic %s", auth_line); -+ + +- last_return = ret; + ret = authenticate_user(r, auth_line, type, 1, 1); + + if (ret == OK) return AUTH_GRANTED; @@ -448,8 +449,7 @@ + ? "Proxy-Authorization" + : "Authorization"); + ret = authenticate_user(r, auth_line, type, use_krb4, use_krb5); - -- last_return = ret; ++ return ret; } @@ -458,7 +458,7 @@ have_rcache_type(const char *type) { krb5_error_code ret; -@@ -1805,6 +1870,12 @@ +@@ -1805,6 +1870,12 @@ kerb_register_hooks(apr_pool_t *p) static void kerb_register_hooks(apr_pool_t *p) { diff --git a/www/mod_auth_kerb2/pkg-plist b/www/mod_auth_kerb2/pkg-plist index fb691e0a0509..49c9c63f0208 100644 --- a/www/mod_auth_kerb2/pkg-plist +++ b/www/mod_auth_kerb2/pkg-plist @@ -1,3 +1,3 @@ %%APACHEMODDIR%%/%%AP_MODULE%% -@exec %D/sbin/apxs -e -a -n %%AP_NAME%% %D/%F -@unexec %D/sbin/apxs -e -A -n %%AP_NAME%% %D/%F +@postexec %D/sbin/apxs -e -a -n %%AP_NAME%% %D/%F +@postunexec %D/sbin/apxs -e -A -n %%AP_NAME%% %D/%F