--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package mod-authz-securepass.
It fixes the RC bug #773777 [1] which fixes an incompatibility with Apache 2.4
due to the use of the ap_requires function.
The package has built fine on all architectures too.
I'm attaching the debdiff, thanks for considering.
Cheers!
unblock mod-authz-securepass/0~20140715+0git93f271f5-3
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773777
-- System Information:
Debian Release: jessie/sid
APT prefers utopic-updates
APT policy: (500, 'utopic-updates'), (500, 'utopic-security'), (500, 'utopic'), (100, 'utopic-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.16.0-28-generic (SMP w/20 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru mod-authz-securepass-0~20140715+0git93f271f5/debian/changelog mod-authz-securepass-0~20140715+0git93f271f5/debian/changelog
--- mod-authz-securepass-0~20140715+0git93f271f5/debian/changelog 2014-10-23 01:23:07.000000000 +0100
+++ mod-authz-securepass-0~20140715+0git93f271f5/debian/changelog 2015-01-07 10:03:46.000000000 +0000
@@ -1,3 +1,11 @@
+mod-authz-securepass (0~20140715+0git93f271f5-3) unstable; urgency=medium
+
+ * Fix incompatibility with Apache 2.4 due to the use of
+ ap_requires. (Closes: #773777)
+ * Fix Vcs browser field.
+
+ -- Alessio Treglia <alessio@debian.org> Wed, 07 Jan 2015 10:01:22 +0000
+
mod-authz-securepass (0~20140715+0git93f271f5-2) unstable; urgency=medium
* Set Maintainer to Debian SecurePass.
diff -Nru mod-authz-securepass-0~20140715+0git93f271f5/debian/control mod-authz-securepass-0~20140715+0git93f271f5/debian/control
--- mod-authz-securepass-0~20140715+0git93f271f5/debian/control 2014-10-23 01:16:50.000000000 +0100
+++ mod-authz-securepass-0~20140715+0git93f271f5/debian/control 2015-01-07 10:01:13.000000000 +0000
@@ -11,7 +11,7 @@
Standards-Version: 3.9.6
Homepage: https://github.com/gplll/mod_authz_securepass
Vcs-Git: git://anonscm.debian.org/pkg-securepass/mod-authz-securepass.git
-Vcs-Browser: https://alioth.debian.org/anonscm/git/pkg-securepass/mod-authz-securepass.git
+Vcs-Browser: http://anonscm.debian.org/cgit/pkg-securepass/mod-authz-securepass.git
Package: libapache2-mod-authz-securepass
Architecture: any
diff -Nru mod-authz-securepass-0~20140715+0git93f271f5/debian/patches/9001-ap_requires.patch mod-authz-securepass-0~20140715+0git93f271f5/debian/patches/9001-ap_requires.patch
--- mod-authz-securepass-0~20140715+0git93f271f5/debian/patches/9001-ap_requires.patch 1970-01-01 01:00:00.000000000 +0100
+++ mod-authz-securepass-0~20140715+0git93f271f5/debian/patches/9001-ap_requires.patch 2015-01-07 09:59:41.000000000 +0000
@@ -0,0 +1,233 @@
+From 5de1382b159cc8e6648ace7cab52dd02c04ae3e7 Mon Sep 17 00:00:00 2001
+From: gplll <gplll1818@gmail.com>
+Date: Sun, 28 Dec 2014 07:33:23 +0100
+Subject: [PATCH] Added support for Apache 2.4 through introduction of authz
+ providers for sprealm and spgroups - see ap_register_auth_provider()
+
+---
+ INSTALL | 11 +--
+ Makefile | 2
+ README.md | 2
+ mod_authz_securepass.c | 136 +++++++++++++++++++++++++++++++++++++++++++++++--
+ 4 files changed, 138 insertions(+), 13 deletions(-)
+
+--- mod-authz-securepass.orig/INSTALL
++++ mod-authz-securepass/INSTALL
+@@ -18,21 +18,16 @@ For RedHat distro install apxs with
+
+ 3)
+ Download the source from git from the stable branch:
+- git clone https://github.com/gplll/mod_authz_securepass.git -b master
++ git clone https://github.com/garlsecurity/mod_authz_securepass.git -b master
+ cd mod_authz_securepass
+
+ 4)
+ Compile the module and install it:
+
+-debian distro:
+- make install_debian
+- a2enmod securepass
+-
+-redhat distro:
+- make install_redhat
++make install
+
+ 5)
+-configure mod_auth_securepass using the following directives:
++configure mod_authz_securepass using the following directives:
+
+ Valid Server/VirtualHost Directives
+ -----------------------------------
+--- mod-authz-securepass.orig/README.md
++++ mod-authz-securepass/README.md
+@@ -1,7 +1,7 @@
+ Apache authorization module for SecurePass
+ ==========================================
+
+-This is an Apache (2.2) module for authorizing SecurePass users.
++This is an Apache (2.2 and 2.4) module for authorizing SecurePass users.
+ SecurePass provides web single sign-on through the CAS protocol.
+
+ This module enhances the Apache authorization features by introducing two rules to restrict access
+--- mod-authz-securepass.orig/mod_authz_securepass.c
++++ mod-authz-securepass/mod_authz_securepass.c
+@@ -569,9 +569,9 @@ static void *create_authz_securepass_ser
+
+ static void *merge_authz_securepass_server_config (apr_pool_t *pool, void *BASE, void *ADD)
+ {
+- sp_cfg *c = apr_pcalloc(pool, sizeof(sp_cfg));
+- sp_cfg *base = BASE;
+- sp_cfg *add = ADD;
++ sp_cfg *c = apr_pcalloc(pool, sizeof(sp_cfg));
++ sp_cfg *base = BASE;
++ sp_cfg *add = ADD;
+
+ c->check_group =(add->check_group != TRUE ? add->check_group : base->check_group);
+ c->debug =(add->debug != FALSE ? add->debug : base->debug);
+@@ -761,6 +761,109 @@ static const command_rec authz_securepas
+ { NULL }
+ };
+
++#if APACHE_2_4
++static const char *sp_parse_config(cmd_parms *cmd, const char *require_line,
++ const void **parsed_require_line) {
++ const char *expr_err = NULL;
++ ap_expr_info_t *expr;
++
++ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, cmd->server,
++ "SecurePass: entering sp_parse_config(), require_line=%s", require_line);
++ expr = ap_expr_parse_cmd(cmd, require_line, AP_EXPR_FLAG_STRING_RESULT, &expr_err, NULL);
++ if (expr_err)
++ return (apr_pstrcat(cmd->temp_pool, "Cannot parse expression in require line: ", expr_err, NULL));
++ *parsed_require_line = expr;
++ return NULL;
++}
++
++static authz_status sprealm_check_authorization(request_rec *r,
++ const char *require_args,
++ const void *parsed_require_args) {
++
++ authz_securepass_dir_config_rec *dir= (authz_securepass_dir_config_rec *)
++ ap_get_module_config(r->per_dir_config, &authz_securepass_module);
++ sp_cfg *c = (sp_cfg *) ap_get_module_config(r->server->module_config, &authz_securepass_module);
++
++ const char *err = NULL;
++ const ap_expr_info_t *expr = parsed_require_args;
++ const char *require;
++
++#if MYDEBUG
++ /* this is only used during module development to simulate CAS user */
++ if (dir->forced_user) {
++ r->user = apr_pcalloc(r->pool, 100);
++ strcpy (r->user, dir->forced_user);
++ }
++#endif
++
++ if (c->debug) {
++ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, "SecurePass checking user %s, required_sprealms=%s",
++ r->user, require_args);
++ dump_config (r, dir, c);
++ }
++ if (!r->user) {
++ return AUTHZ_DENIED_NO_USER;
++ }
++ require = ap_expr_str_exec(r, expr, &err);
++ if (err) {
++ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "SecurePass: Can't evaluate expression: %s", err);
++ return AUTHZ_DENIED;
++ }
++ if (c->debug) {
++ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, "SecurePass: require=%s", require);
++ }
++ if (check_securepass_realm (r, require)) {
++ /* a Realm has been found */
++ return AUTHZ_GRANTED;
++ } else {
++ return AUTHZ_DENIED;
++ }
++}
++
++static authz_status spgroup_check_authorization(request_rec *r,
++ const char *require_args,
++ const void *parsed_require_args) {
++
++ authz_securepass_dir_config_rec *dir= (authz_securepass_dir_config_rec *)
++ ap_get_module_config(r->per_dir_config, &authz_securepass_module);
++ sp_cfg *c = (sp_cfg *) ap_get_module_config(r->server->module_config, &authz_securepass_module);
++
++ const char *err = NULL;
++ const ap_expr_info_t *expr = parsed_require_args;
++ const char *require;
++
++#if MYDEBUG
++ /* this is only used during module development to simulate CAS user */
++ if (dir->forced_user) {
++ r->user = apr_pcalloc(r->pool, 100);
++ strcpy (r->user, dir->forced_user);
++ }
++#endif
++
++ if (c->debug) {
++ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, "SecurePass checking user %s, required_spgroups=%s",
++ r->user, require_args);
++ }
++ if (!r->user) {
++ return AUTHZ_DENIED_NO_USER;
++ }
++ require = ap_expr_str_exec(r, expr, &err);
++ if (err) {
++ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "SecurePass: Can't evaluate expression: %s", err);
++ return AUTHZ_DENIED;
++ }
++ if (c->debug) {
++ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, "SecurePass: require=%s", require);
++ }
++ if (check_sp_group (r, require)) {
++ return AUTHZ_GRANTED;
++ } else {
++ return AUTHZ_DENIED;
++ }
++
++}
++
++#else /* APACHE_2_4 */
+
+ static int authz_securepass_check_user_access(request_rec *r)
+ {
+@@ -846,6 +949,7 @@ static int authz_securepass_check_user_a
+ ap_note_basic_auth_failure(r);
+ return HTTP_UNAUTHORIZED;
+ }
++#endif
+
+ static int authz_sp_post_config(apr_pool_t *pool, apr_pool_t *p1, apr_pool_t *p2, server_rec *s)
+ {
+@@ -884,11 +988,37 @@ static int authz_sp_post_config(apr_pool
+ return status;
+ }
+
++#if APACHE_2_4
++static const authz_provider authz_sprealm_provider =
++{
++ &sprealm_check_authorization,
++ &sp_parse_config,
++};
++
++static const authz_provider authz_spgroup_provider =
++{
++ &spgroup_check_authorization,
++ &sp_parse_config,
++};
++#endif
++
+ static void authz_securepass_register_hooks(apr_pool_t *p)
+ {
+ ap_hook_post_config(authz_sp_post_config, NULL, NULL, APR_HOOK_LAST);
++#if APACHE_2_4
++ /* Register authz providers */
++ ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "sprealm",
++ AUTHZ_PROVIDER_VERSION,
++ &authz_sprealm_provider,
++ AP_AUTH_INTERNAL_PER_CONF);
++ ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "spgroup",
++ AUTHZ_PROVIDER_VERSION,
++ &authz_spgroup_provider,
++ AP_AUTH_INTERNAL_PER_CONF);
++#else
+ ap_hook_auth_checker(authz_securepass_check_user_access, NULL, NULL,
+ APR_HOOK_MIDDLE);
++#endif
+ }
+
+ module AP_MODULE_DECLARE_DATA authz_securepass_module = {
+--- mod-authz-securepass.orig/Makefile
++++ mod-authz-securepass/Makefile
+@@ -9,7 +9,7 @@ endif
+
+ # Note that gcc flags are passed through apxs, so preface with -Wc
+ MY_LDFLAGS=-lcurl
+-MY_CFLAGS=-Wc,-I. -Wc,-Wall
++MY_CFLAGS=-Wc,-I. -Wc,-Wall -DAPACHE_2_4=1
+ SRCS=mod_authz_securepass.c jsmn.c
+ HDRS=jsmn.h
+ BUILDDIR := build
diff -Nru mod-authz-securepass-0~20140715+0git93f271f5/debian/patches/series mod-authz-securepass-0~20140715+0git93f271f5/debian/patches/series
--- mod-authz-securepass-0~20140715+0git93f271f5/debian/patches/series 2014-10-23 01:15:17.000000000 +0100
+++ mod-authz-securepass-0~20140715+0git93f271f5/debian/patches/series 2015-01-07 09:55:25.000000000 +0000
@@ -1 +1,2 @@
0001-buildsystem.patch
+9001-ap_requires.patch
--- End Message ---