ports/55401: mod_auth_digest for ports/www/apache13
David Sze
dsze at distrust.net
Fri Aug 8 22:20:17 UTC 2003
>Number: 55401
>Category: ports
>Synopsis: mod_auth_digest for ports/www/apache13
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Fri Aug 08 15:20:15 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator: David Sze <dsze at distrust.net>
>Release: FreeBSD 4.8-RELEASE i386
>Organization:
>Environment:
System: FreeBSD abc.example.com 4.8-RELEASE FreeBSD 4.8-RELEASE #0: Mon Apr 21 21:11:07 EDT 2003 root at abc.example.com:/usr/src/sys/compile/ABC i386
>Description:
Patch for ports/www/apache13 to compile and install the experimental
mod_auth_digest, since according to
http://httpd.apache.org/docs/howto/auth.html#digest
the mod_digest that is already included implements and older version
of the digest authentication spec, and does not work with newer
browsers.
>How-To-Repeat:
>Fix:
The following patch should be applied to the ports/www/apache13
directory. In addition to modifying Makefile and pkg-plist, the
following two patches are added to the files/ directory:
1. patch-src:modules:experimental:mod_auth_digest.c
2. auth-digest-ie-patch
The first is mandatory and renames the module export name from
'digest_auth_module' to 'auth_digest_module' since the latter is
what Apache's automatic install script expects.
The second patch is optional (conditional on WITH_IE_AUTH_DIGEST_HACK)
and is only required if Internet Explorer is being used with digest
authentication and a website that uses query strings.
--- apache13.mod_auth_digest.patch begins here ---
--- Makefile.orig Fri Aug 8 16:10:04 2003
+++ Makefile Fri Aug 8 17:37:40 2003
@@ -7,6 +7,7 @@
PORTNAME= apache
PORTVERSION= 1.3.28
+PORTREVISION= 1
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_APACHE_HTTPD}
DISTNAME= apache_${PORTVERSION}
@@ -76,6 +77,7 @@
--enable-module=most \
--enable-module=auth_db \
--enable-module=mmap_static \
+ --enable-module=auth_digest \
--disable-module=auth_dbm \
--enable-shared=max \
${SUEXEC_CONF} \
@@ -114,9 +116,31 @@
MAN8= ab.8 apachectl.8 apxs.8 httpd.8 logresolve.8 rotatelogs.8 \
${SUEXEC_MAN}
+.if !defined(WITH_IE_AUTH_DIGEST_HACK)
+pre-fetch:
+ @${ECHO}
+ @${ECHO} If you plan to use HTTP digest authentication with content
+ @${ECHO} that uses query strings \(e.g. \"GET\" forms\), and you need
+ @${ECHO} to support Internet Explorer, then define the variable
+ @${ECHO} WITH_IE_AUTH_DIGEST_HACK
+ @${ECHO}
+ @/bin/sleep 2
+.endif
+
post-extract:
@${SED} -e "s=%%PREFIX%%=${PREFIX}=g" ${FILESDIR}/apache.sh \
> ${WRKSRC}/apache.sh
+
+.if defined(WITH_IE_AUTH_DIGEST_HACK)
+post-patch:
+ @${ECHO_MSG} "===> Applying IE mod_auth_digest hack to ignore query string"
+ @if ${PATCH} ${PATCH_ARGS} < ${PATCHDIR}/auth-digest-ie-patch; then \
+ ${ECHO_MSG} "===> Patch auth-digest-ie-patch applied successfully"; \
+ else \
+ ${ECHO_MSG} ">>Patch auth-digest-ie-patch failed to apply cleanly"; \
+ ${FALSE}; \
+ fi
+.endif
pre-install:
PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
--- pkg-plist.orig Fri Aug 8 16:47:11 2003
+++ pkg-plist Fri Aug 8 12:06:46 2003
@@ -75,6 +75,7 @@
libexec/apache/mod_auth.so
libexec/apache/mod_auth_anon.so
libexec/apache/mod_auth_db.so
+libexec/apache/mod_auth_digest.so
libexec/apache/mod_autoindex.so
libexec/apache/mod_cern_meta.so
libexec/apache/mod_cgi.so
diff -N -u files.orig/auth-digest-ie-patch files/auth-digest-ie-patch
--- files.orig/auth-digest-ie-patch Wed Dec 31 19:00:00 1969
+++ files/auth-digest-ie-patch Fri Aug 8 16:45:00 2003
@@ -0,0 +1,15 @@
+--- src/modules/experimental/mod_auth_digest.c.orig Fri Aug 8 16:35:39 2003
++++ src/modules/experimental/mod_auth_digest.c Fri Aug 8 16:44:50 2003
+@@ -1632,10 +1632,12 @@
+ /* or '*' matches empty path in scheme://host */
+ && !(d_uri.path && !r_uri.path && resp->psd_request_uri->hostname
+ && d_uri.path[0] == '*' && d_uri.path[1] == '\0'))
++#if 0
+ /* check that query matches */
+ || (d_uri.query != r_uri.query
+ && (!d_uri.query || !r_uri.query
+ || strcmp(d_uri.query, r_uri.query)))
++#endif
+ ) {
+ ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r,
+ "Digest: uri mismatch - <%s> does not match "
diff -N -u files.orig/patch-src:modules:experimental:mod_auth_digest.c files/patch-src:modules:experimental:mod_auth_digest.c
--- files.orig/patch-src:modules:experimental:mod_auth_digest.c Wed Dec 31 19:00:00 1969
+++ files/patch-src:modules:experimental:mod_auth_digest.c Fri Aug 8 16:44:03 2003
@@ -0,0 +1,86 @@
+--- src/modules/experimental/mod_auth_digest.c.orig Sat Feb 15 23:42:24 2003
++++ src/modules/experimental/mod_auth_digest.c Fri Aug 8 16:35:39 2003
+@@ -97,7 +97,7 @@
+
+ /* The section for the Configure script:
+ * MODULE-DEFINITION-START
+- * Name: digest_auth_module
++ * Name: auth_digest_module
+ * ConfigStart
+
+ RULE_DEV_RANDOM=`./helpers/CutRule DEV_RANDOM $file`
+@@ -262,7 +262,7 @@
+ static void *client_mm = NULL;
+ #endif /* HAVE_SHMEM_MM */
+
+-module MODULE_VAR_EXPORT digest_auth_module;
++module MODULE_VAR_EXPORT auth_digest_module;
+
+ /*
+ * initialization code
+@@ -980,7 +980,7 @@
+ resp->raw_request_uri = r->unparsed_uri;
+ resp->psd_request_uri = &r->parsed_uri;
+ resp->needed_auth = 0;
+- ap_set_module_config(r->request_config, &digest_auth_module, resp);
++ ap_set_module_config(r->request_config, &auth_digest_module, resp);
+
+ res = get_digest_rec(r, resp);
+ resp->client = get_client(resp->opaque_num, r);
+@@ -1554,14 +1554,14 @@
+ while (mainreq->main != NULL) mainreq = mainreq->main;
+ while (mainreq->prev != NULL) mainreq = mainreq->prev;
+ resp = (digest_header_rec *) ap_get_module_config(mainreq->request_config,
+- &digest_auth_module);
++ &auth_digest_module);
+ resp->needed_auth = 1;
+
+
+ /* get our conf */
+
+ conf = (digest_config_rec *) ap_get_module_config(r->per_dir_config,
+- &digest_auth_module);
++ &auth_digest_module);
+
+
+ /* check for existence and syntax of Auth header */
+@@ -1787,7 +1787,7 @@
+ {
+ const digest_config_rec *conf =
+ (digest_config_rec *) ap_get_module_config(r->per_dir_config,
+- &digest_auth_module);
++ &auth_digest_module);
+ const char *user = r->connection->user;
+ int m = r->method_number;
+ int method_restricted = 0;
+@@ -1857,7 +1857,7 @@
+
+ note_digest_auth_failure(r, conf,
+ (digest_header_rec *) ap_get_module_config(r->request_config,
+- &digest_auth_module),
++ &auth_digest_module),
+ 0);
+ return AUTH_REQUIRED;
+ }
+@@ -1882,10 +1882,10 @@
+ {
+ const digest_config_rec *conf =
+ (digest_config_rec *) ap_get_module_config(r->per_dir_config,
+- &digest_auth_module);
++ &auth_digest_module);
+ digest_header_rec *resp =
+ (digest_header_rec *) ap_get_module_config(r->request_config,
+- &digest_auth_module);
++ &auth_digest_module);
+ const char *ai = NULL, *digest = NULL, *nextnonce = "";
+
+ if (resp == NULL || !resp->needed_auth || conf == NULL)
+@@ -2024,7 +2024,7 @@
+ }
+
+
+-module MODULE_VAR_EXPORT digest_auth_module =
++module MODULE_VAR_EXPORT auth_digest_module =
+ {
+ STANDARD_MODULE_STUFF,
+ initialize_module, /* initializer */
--- apache13.mod_auth_digest.patch ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list