Bug#666811: libapache-mod-auth-kerb: sourceful transition towards Apache 2.4

Sun, 02 Jun 2013 19:07:21 -0700 

Package: libapache2-mod-auth-kerb
Followup-For: Bug #666811
Control: tag 666811 patch

Attached is a tested patch that ports this package and the upstream
code to Apache 2.4.  The patch is in a form that should be acceptable
upstream and should continue to work with Apache 2.2, although I've
not personally tested.

I only tested with SPNEGO authentication, but I see no reason to
believe that Basic authentication wouldn't also work.

There were two issues: first, the connection->request_ip struct member
had to be changed as mentioned in the bug report, and second, the
internal logging function needed adapting to the new logging parameter
in the current version of Apache.  I also switched to the new module
declaration syntax so that the messages from this module would be
properly tagged, and switched the package build system to dh_apache2
(which simplifies a number of things).

BTW, please let me know if you'd like a co-maintainer.  It doesn't look
like the package has had a lot of recent love, and we use it heavily at
Stanford.  I'd be happy to help look after it.  There are various things
that probably should be cleaned up (stray debhelper.log file, some
Lintian tags, an old-style build system, etc.).

I can also upload this as an NMU to help with the Apache transition if
you don't have time to look at it for a bit.  I will probably do that
in the absence of a reply if we start getting towards the end of the
Apache transition to avoid having the package kicked out of testing.

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 3.8-2-686-pae (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libapache2-mod-auth-kerb depends on:
ii  apache2-bin [apache2-api-20120211]  2.4.4-5
ii  krb5-config                         2.3
ii  libc6                               2.17-3
ii  libcomerr2                          1.42.5-1.1
ii  libgssapi-krb5-2                    1.10.1+dfsg-5
ii  libk5crypto3                        1.10.1+dfsg-5
ii  libkrb5-3                           1.10.1+dfsg-5

libapache2-mod-auth-kerb recommends no packages.

libapache2-mod-auth-kerb suggests no packages.

-- no debconf information

reverted:
--- libapache-mod-auth-kerb-5.4/debian/libapache2-mod-auth-kerb.postinst
+++ libapache-mod-auth-kerb-5.4.orig/debian/libapache2-mod-auth-kerb.postinst
@@ -1,11 +0,0 @@
-#!/bin/sh
-
-set -e
-
-#DEBHELPER#
-if [ "$1" = "configure" ]; then
-        a2enmod auth_kerb || true
-fi
-
-exit 0
-		
diff -u libapache-mod-auth-kerb-5.4/debian/control libapache-mod-auth-kerb-5.4/debian/control
--- libapache-mod-auth-kerb-5.4/debian/control
+++ libapache-mod-auth-kerb-5.4/debian/control
@@ -2,12 +2,12 @@
 Section: net
 Priority: optional
 Maintainer: Ghe Rivero <g...@debian.org>
-Build-Depends: debhelper (>= 4), autotools-dev, libkrb5-dev (>= 1.4.0), autoconf, apache2-threaded-dev (>= 2.2.3), quilt
+Build-Depends: debhelper (>= 4), autotools-dev, libkrb5-dev (>= 1.4.0), autoconf, apache2-dev (>= 2.4), dh-apache2, quilt
 Standards-Version: 3.9.3
 
 Package: libapache2-mod-auth-kerb
 Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}, apache2.2-common, krb5-config
+Depends: ${shlibs:Depends}, ${misc:Depends}, krb5-config
 Description:  apache2 module for Kerberos authentication
  An apache2 module for authenticating users in a Kerberos realm.
  It supports basic user and password authentication or a
reverted:
--- libapache-mod-auth-kerb-5.4/debian/libapache2-mod-auth-kerb.prerm
+++ libapache-mod-auth-kerb-5.4.orig/debian/libapache2-mod-auth-kerb.prerm
@@ -1,11 +0,0 @@
-#!/bin/sh
-
-set -e
-
-#DEBHELPER#
-
-if [ "$1" = "remove" ]; then
-        a2dismod auth_kerb || true
-		fi
-
-exit 0
diff -u libapache-mod-auth-kerb-5.4/debian/rules libapache-mod-auth-kerb-5.4/debian/rules
--- libapache-mod-auth-kerb-5.4/debian/rules
+++ libapache-mod-auth-kerb-5.4/debian/rules
@@ -38,12 +38,7 @@
 
 ## -------- INSTALL TARGETS
 apache20: build-apache20
-	mkdir -p $(CURDIR)/debian/libapache2-mod-auth-kerb/usr/lib/apache2/modules/ \
-		$(CURDIR)/debian/libapache2-mod-auth-kerb/usr/share/doc/libapache2-mod-auth-kerb \
-		$(CURDIR)/debian/libapache2-mod-auth-kerb/etc/apache2/mods-available
-	install -s -m 644 $(CURDIR)/src/.libs/mod_auth_kerb.so $(CURDIR)/debian/libapache2-mod-auth-kerb/usr/lib/apache2/modules/mod_auth_kerb.so
-	install $(CURDIR)/src/.libs/mod_auth_kerb.so $(CURDIR)/debian/libapache2-mod-auth-kerb/usr/lib/apache2/modules/mod_auth_kerb.so
-	install -m644 $(CURDIR)/debian/auth_kerb.load $(CURDIR)/debian/libapache2-mod-auth-kerb/etc/apache2/mods-available
+	mkdir -p $(CURDIR)/debian/libapache2-mod-auth-kerb/usr/share/doc/libapache2-mod-auth-kerb
 	install -m 644 $(CURDIR)/README \
 		$(CURDIR)/debian/libapache2-mod-auth-kerb/usr/share/doc/libapache2-mod-auth-kerb/
 
@@ -84,6 +79,7 @@
 binary-arch: build apache20
 	dh_testdir -a 
 	dh_testroot -a
+	dh_apache2
 	dh_installchangelogs
 	dh_installdocs
 	dh_installexamples
diff -u libapache-mod-auth-kerb-5.4/debian/patches/series libapache-mod-auth-kerb-5.4/debian/patches/series
--- libapache-mod-auth-kerb-5.4/debian/patches/series
+++ libapache-mod-auth-kerb-5.4/debian/patches/series
@@ -3,0 +4 @@
+apache24.patch
only in patch2:
unchanged:
--- libapache-mod-auth-kerb-5.4.orig/debian/libapache2-mod-auth-kerb.apache2
+++ libapache-mod-auth-kerb-5.4/debian/libapache2-mod-auth-kerb.apache2
@@ -0,0 +1,2 @@
+mod debian/auth_kerb.load
+mod src/.libs/mod_auth_kerb.so
only in patch2:
unchanged:
--- libapache-mod-auth-kerb-5.4.orig/debian/patches/apache24.patch
+++ libapache-mod-auth-kerb-5.4/debian/patches/apache24.patch
@@ -0,0 +1,62 @@
+--- libapache-mod-auth-kerb-5.4.orig/src/mod_auth_kerb.c
++++ libapache-mod-auth-kerb-5.4/src/mod_auth_kerb.c
+@@ -125,10 +125,14 @@
+ #  endif
+ #endif
+ 
+-#ifdef STANDARD20_MODULE_STUFF
++#if defined(APLOG_USE_MODULE)
++APLOG_USE_MODULE(auth_kerb);
++#elif defined(STANDARD20_MODULE_STUFF)
+ module AP_MODULE_DECLARE_DATA auth_kerb_module;
++# define useragent_ip connection->remote_ip
+ #else
+ module auth_kerb_module;
++# define useragent_ip connection->remote_ip
+ #endif
+ 
+ /*************************************************************************** 
+@@ -352,9 +356,14 @@
+    return NULL;
+ }
+ 
++#ifdef APLOG_USE_MODULE
+ static void
++log_rerror(const char *file, int line, int module_index, int level, int status,
++           const request_rec *r, const char *fmt, ...)
++#else
+ log_rerror(const char *file, int line, int level, int status,
+            const request_rec *r, const char *fmt, ...)
++#endif
+ {
+    char errstr[1024];
+    va_list ap;
+@@ -364,7 +373,9 @@
+    va_end(ap);
+ 
+    
+-#ifdef STANDARD20_MODULE_STUFF
++#if defined(APLOG_USE_MODULE)
++   ap_log_rerror(file, line, module_index, level, status, r, "%s", errstr);
++#elif defined(STANDARD20_MODULE_STUFF)
+    ap_log_rerror(file, line, level | APLOG_NOERRNO, status, r, "%s", errstr);
+ #else
+    ap_log_rerror(file, line, level | APLOG_NOERRNO, r, "%s", errstr);
+@@ -1568,7 +1579,7 @@
+    char keyname[1024];
+ 
+    snprintf(keyname, sizeof(keyname) - 1,
+-	"mod_auth_kerb::connection::%s::%ld", r->connection->remote_ip, 
++	"mod_auth_kerb::connection::%s::%ld", r->useragent_ip,
+ 	r->connection->id);
+ 
+    if (apr_pool_userdata_get((void**)&conn_data, keyname, r->connection->pool) != 0)
+@@ -1722,7 +1733,7 @@
+        prevauth->last_return = ret;
+        snprintf(keyname, sizeof(keyname) - 1,
+            "mod_auth_kerb::connection::%s::%ld", 
+-	   r->connection->remote_ip, r->connection->id);
++	   r->useragent_ip, r->connection->id);
+        apr_pool_userdata_set(prevauth, keyname, NULL, r->connection->pool);
+    }
+

Reply via email to