Control: tag -1 patch pending Dear maintainer,
I've prepared an NMU for libapache-mod-auth-radius (versioned as 1.5.8-1.2) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Apologies for the rush; but I gather that the release team is trying to get Apache 2.4 into testing this weekend, and there's been no sign of activity on this bug. I wondered whether this should be using r->useragent_ip rather than c->client_ip; this would, I think, address the comments about proxies and firewalls immediately above. However, I thought it better to preserve existing behaviour as far as possible and let a proper maintainer deal with that kind of thing. Regards, -- Colin Watson [cjwat...@debian.org]
diff -u libapache-mod-auth-radius-1.5.8/debian/rules libapache-mod-auth-radius-1.5.8/debian/rules --- libapache-mod-auth-radius-1.5.8/debian/rules +++ libapache-mod-auth-radius-1.5.8/debian/rules @@ -8,6 +8,7 @@ build-stamp: dh_testdir apxs2 -c mod_auth_radius-2.0.c + ln -f .libs/mod_auth_radius-2.0.so .libs/mod_auth_radius.so touch build-stamp patch: @@ -27,16 +28,14 @@ dh_testdir dh_testroot $(MAKE) clean - dh_clean build-stamp + dh_clean build-stamp .libs/mod_auth_radius.so install: build dh_testdir dh_testroot dh_clean -k - dh_installdirs usr/lib/apache2/modules etc/apache2/mods-available - - cp -a debian/auth_radius.load $(tmp)/etc/apache2/mods-available/auth_radius.load - install -p -m 644 .libs/mod_auth_radius-2.0.so $(tmp)/usr/lib/apache2/modules/mod_auth_radius.so + dh_installdirs + dh_apache2 binary-indep: #nothing to do reverted: --- libapache-mod-auth-radius-1.5.8/debian/prerm +++ libapache-mod-auth-radius-1.5.8.orig/debian/prerm @@ -1,11 +0,0 @@ -#!/bin/sh -e - -#DEBHELPER# - -if [ "$1" = "remove" -o "$1" = "purge" ]; then - if [ -e /etc/apache2/apache2.conf ]; then - a2dismod auth_radius || true - fi -fi - -exit 0 reverted: --- libapache-mod-auth-radius-1.5.8/debian/postinst +++ libapache-mod-auth-radius-1.5.8.orig/debian/postinst @@ -1,26 +0,0 @@ -#!/bin/sh -e - -#DEBHELPER# - -reload_apache() { - if apache2ctl configtest 2>/dev/null; then - invoke-rc.d apache2 force-reload || true - else - echo "Your apache2 configuration is broken, so we're not restarting it for you." - fi -} - -if [ -n "$2" ]; then -# we're upgrading. test if we're enabled, and if so, restart to reload the module. - if [ -e /etc/apache2/mods-enabled/auth_radius.load ]; then - reload_apache - fi - exit 0 -elif [ -e /etc/apache2/apache2.conf ]; then -# we're not upgrading, so enable the module, but hide a2enmod's misleading -# message about apachectl and force-reload the thing ourselves. - a2enmod auth_radius >/dev/null || true - reload_apache -fi - -exit 0 diff -u libapache-mod-auth-radius-1.5.8/debian/control libapache-mod-auth-radius-1.5.8/debian/control --- libapache-mod-auth-radius-1.5.8/debian/control +++ libapache-mod-auth-radius-1.5.8/debian/control @@ -4,11 +4,11 @@ Section: web Priority: optional Standards-Version: 3.6.1 -Build-Depends: debhelper (>= 5), apache2-threaded-dev +Build-Depends: debhelper (>= 5), dh-apache2, apache2-dev Package: libapache2-mod-auth-radius Architecture: any -Depends: apache2.2-common, ${shlibs:Depends}, ${misc:Depends} +Depends: ${shlibs:Depends}, ${misc:Depends} Suggests: radius-server, apache2 Description: Apache 2.x module for RADIUS authentication mod_auth_radius is an Apache 2.x module for authenticating users diff -u libapache-mod-auth-radius-1.5.8/debian/changelog libapache-mod-auth-radius-1.5.8/debian/changelog --- libapache-mod-auth-radius-1.5.8/debian/changelog +++ libapache-mod-auth-radius-1.5.8/debian/changelog @@ -1,3 +1,10 @@ +libapache-mod-auth-radius (1.5.8-1.2) unstable; urgency=low + + * Non-maintainer upload. + * Port to Apache 2.4 (closes: #666852). + + -- Colin Watson <cjwat...@debian.org> Thu, 11 Jul 2013 13:17:38 +0100 + libapache-mod-auth-radius (1.5.8-1.1) unstable; urgency=low * Non-maintainer upload. only in patch2: unchanged: --- libapache-mod-auth-radius-1.5.8.orig/mod_auth_radius-2.0.c +++ libapache-mod-auth-radius-1.5.8/mod_auth_radius-2.0.c @@ -290,12 +290,16 @@ #include <netdb.h> #include <openssl/md5.h> #include <sys/stat.h> +#include <sys/socket.h> +#include <netinet/in.h> +#include <arpa/inet.h> #include "httpd.h" #include "http_config.h" #include "http_core.h" #include "http_log.h" #include "http_protocol.h" +#include "http_request.h" #include "util_md5.h" #include "apr_general.h" #include "apr_tables.h" @@ -304,6 +308,10 @@ #include "ap_provider.h" #include "mod_auth.h" +#ifdef APLOG_USE_MODULE +APLOG_USE_MODULE(radius_auth); +#endif + module AP_MODULE_DECLARE_DATA radius_auth_module; @@ -366,6 +374,12 @@ #define TRUE !FALSE #endif +#if AP_MODULE_MAGIC_AT_LEAST(20111130,0) +#define CLIENT_IP(conn) ((conn)->client_ip) +#else +#define CLIENT_IP(conn) ((conn)->remote_ip) +#endif + /* per-server configuration structure */ typedef struct radius_server_config_struct { struct in_addr *radius_ip; /* server IP address */ @@ -680,7 +694,7 @@ * benefit here. */ apr_snprintf(one, COOKIE_SIZE, "%s%s%s%s%s%08x", scr->secret, - r->user, passwd, c->remote_ip, hostname, expires); + r->user, passwd, CLIENT_IP(c), hostname, expires); /* if you're REALLY worried about what's going on */ @@ -688,7 +702,7 @@ ap_log_error(APLOG_MARK, APLOG_NOERRNO | APLOG_DEBUG, 0, r->server," secret = %s\n", scr->secret); ap_log_error(APLOG_MARK, APLOG_NOERRNO | APLOG_DEBUG, 0, r->server," user = %s\n", r->user); ap_log_error(APLOG_MARK, APLOG_NOERRNO | APLOG_DEBUG, 0, r->server," passwd = %s\n", passwd); - ap_log_error(APLOG_MARK, APLOG_NOERRNO | APLOG_DEBUG, 0, r->server," remote ip = %s\n", c->remote_ip); + ap_log_error(APLOG_MARK, APLOG_NOERRNO | APLOG_DEBUG, 0, r->server," remote ip = %s\n", CLIENT_IP(c)); ap_log_error(APLOG_MARK, APLOG_NOERRNO | APLOG_DEBUG, 0, r->server," hostname = %s\n", hostname); ap_log_error(APLOG_MARK, APLOG_NOERRNO | APLOG_DEBUG, 0, r->server," expiry = %08x\n", expires); #endif only in patch2: unchanged: --- libapache-mod-auth-radius-1.5.8.orig/debian/apache2 +++ libapache-mod-auth-radius-1.5.8/debian/apache2 @@ -0,0 +1,2 @@ +mod debian/auth_radius.load +mod .libs/mod_auth_radius.so