Debian pkg: added files.

diff --git a/.gitignore b/.gitignore
index 9396cd5c5e53502245ea1d336268f2eb3bc8ed50..7c6723474638a94ad0b2244e66eb099dd12b2a67 100644 (file)
--- a/.gitignore
+++ b/.gitignore
@@ -51,4 +51,5 @@ intltool-*
 Rules-quot
 *.exe
 *.csv
-*.~*~
\ No newline at end of file
+*.~*~
+build/
\ No newline at end of file

diff --git a/debian/authz_zakautho.load b/debian/authz_zakautho.load
new file mode 100644 (file)
index 0000000..e9b6da5
--- /dev/null
+++ b/debian/authz_zakautho.load
@@ -0,0 +1 @@
+LoadModule authz_zakautho_module /usr/lib/apache2/modules/mod_authz_zakautho.so
\ No newline at end of file

diff --git a/debian/changelog b/debian/changelog
new file mode 100644 (file)
index 0000000..a0a3fd1
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,11 @@
+libapache2-mod-authz-zakautho (0.0.1-1~6.gbp6ad437) UNRELEASED; urgency=medium
+
+  ** SNAPSHOT build @6ad437d13fa4616358e7605bea6535d19042e557 **
+
+  [ Andrea Zagli ]
+  ** SNAPSHOT build @99cea452a9bc102436b3195e6241e49ee956cc8d **
+
+  * Mandatory configuration parameters.
+  * Debian pkg: added files.
+
+ -- tux <tux@develop64.example.tst>  Thu, 11 Jan 2018 11:51:33 +0100

diff --git a/debian/compat b/debian/compat
new file mode 100644 (file)
index 0000000..ec63514
--- /dev/null
+++ b/debian/compat
@@ -0,0 +1 @@
+9

diff --git a/debian/control b/debian/control
new file mode 100644 (file)
index 0000000..62c9162
--- /dev/null
+++ b/debian/control
@@ -0,0 +1,15 @@
+Source: libapache2-mod-authz-zakautho
+Priority: optional
+Maintainer: Andrea Zagli <azagli@libero.it>
+Build-Depends: debhelper (>= 9), intltool, pkg-config, libzakautho-dev, apache2-prefork-dev
+Standards-Version: 3.9.8
+Section: web
+Homepage: http://saetta.ns0.it
+#Vcs-Git: https://anonscm.debian.org/collab-maint/libapache2_mod_authz_zakautho.git
+#Vcs-Browser: https://anonscm.debian.org/cgit/collab-maint/libapache2_mod_authz_zakautho.git
+
+Package: libapache2-mod-authz-zakautho
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}, libzakautho
+Description: Provider for apache2 basic authorization to interface with libzakautho
+ Provider for apache2 basic authorization to interface with libzakautho.

diff --git a/debian/copyright b/debian/copyright
new file mode 100644 (file)
index 0000000..2a7c903
--- /dev/null
+++ b/debian/copyright
@@ -0,0 +1,34 @@
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: libapache2-mod-authz-zakautho
+Source: <url://example.com>
+
+Files: *
+Copyright: <years> <put author's name and email here>
+           <years> <likewise for another author>
+License: GPL-2.0+
+
+Files: debian/*
+Copyright: 2017 Andrea Zagli <azagli@libero.it>
+License: GPL-2.0+
+
+License: GPL-2.0+
+ This package is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+ .
+ This package is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <https://www.gnu.org/licenses/>
+ .
+ On Debian systems, the complete text of the GNU General
+ Public License version 2 can be found in "/usr/share/common-licenses/GPL-2".
+
+# Please also look if there are files or directories which have a
+# different copyright/license attached and list them here.
+# Please avoid picking licenses with terms that are more restrictive than the
+# packaged work, as it may make Debian's contributions unacceptable upstream.

diff --git a/debian/gbp.conf b/debian/gbp.conf
new file mode 100644 (file)
index 0000000..f36585b
--- /dev/null
+++ b/debian/gbp.conf
@@ -0,0 +1,10 @@
+[buildpackage]
+export-dir=./build/wheezy
+debian-branch=debian/wheezy
+ignore-new=True
+upstream-tree=BRANCH
+upstream-branch=master
+force-create=True
+export=WC
+dist=wheezy
+pbuilder=True

diff --git a/debian/libapache2-mod-authz-zakautho.install b/debian/libapache2-mod-authz-zakautho.install
new file mode 100644 (file)
index 0000000..9b86b97
--- /dev/null
+++ b/debian/libapache2-mod-authz-zakautho.install
@@ -0,0 +1,2 @@
+usr/lib/apache2/modules/mod_authz_zakautho.so
+etc/apache2/mods-available

diff --git a/debian/patches/0001-autogen.sh-aclocal-missing-I.patch b/debian/patches/0001-autogen.sh-aclocal-missing-I.patch
new file mode 100644 (file)
index 0000000..10d887f
--- /dev/null
+++ b/debian/patches/0001-autogen.sh-aclocal-missing-I.patch
@@ -0,0 +1,21 @@
+From: Andrea Zagli <azagli@libero.it>
+Date: Sun, 3 Dec 2017 23:50:46 +0100
+Subject: autogen.sh: aclocal missing -I.
+
+---
+ autogen.sh | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/autogen.sh b/autogen.sh
+index 07457a5..b350a2c 100755
+--- a/autogen.sh
++++ b/autogen.sh
+@@ -22,7 +22,7 @@ if [ "$#" = 0 -a "x$NOCONFIGURE" = "x" ]; then
+ fi
+ 
+ set -x
+-aclocal --install || exit 1
++aclocal -I m4 --install || exit 1
+ #glib-gettextize --force --copy || exit 1
+ #gtkdocize --copy || exit 1
+ #intltoolize --force --copy --automake || exit 1

diff --git a/debian/patches/0002-Forced-glib-type-init.patch b/debian/patches/0002-Forced-glib-type-init.patch
new file mode 100644 (file)
index 0000000..ee960cd
--- /dev/null
+++ b/debian/patches/0002-Forced-glib-type-init.patch
@@ -0,0 +1,21 @@
+From: Andrea Zagli <azagli@libero.it>
+Date: Sun, 7 Jan 2018 10:39:53 +0100
+Subject: Forced glib type init.
+
+---
+ src/mod_authz_zakautho.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/mod_authz_zakautho.c b/src/mod_authz_zakautho.c
+index 3a439bf..3599d84 100644
+--- a/src/mod_authz_zakautho.c
++++ b/src/mod_authz_zakautho.c
+@@ -268,6 +268,8 @@ static const authz_provider authz_zakautho_provider =
+ static void
+ register_hooks (apr_pool_t *pool)
+ {
++      g_type_init ();
++
+       ap_register_auth_provider (pool, AUTHZ_PROVIDER_GROUP, "zakautho",
+                                  AUTHZ_PROVIDER_VERSION,
+                                  &authz_zakautho_provider, AP_AUTH_INTERNAL_PER_CONF);

diff --git a/debian/patches/0003-Apache-old-api.patch b/debian/patches/0003-Apache-old-api.patch
new file mode 100644 (file)
index 0000000..c8907a3
--- /dev/null
+++ b/debian/patches/0003-Apache-old-api.patch
@@ -0,0 +1,251 @@
+From: Andrea Zagli <azagli@libero.it>
+Date: Sun, 7 Jan 2018 11:24:43 +0100
+Subject: Apache old api.
+
+---
+ src/mod_authz_zakautho.c | 126 ++++++++++++++++++++---------------------------
+ 1 file changed, 54 insertions(+), 72 deletions(-)
+
+diff --git a/src/mod_authz_zakautho.c b/src/mod_authz_zakautho.c
+index 3599d84..57f6bea 100644
+--- a/src/mod_authz_zakautho.c
++++ b/src/mod_authz_zakautho.c
+@@ -19,7 +19,6 @@
+ #include "apr_strings.h"
+ 
+ #include "ap_config.h"
+-#include "ap_provider.h"
+ #include "httpd.h"
+ #include "http_config.h"
+ #include "http_core.h"
+@@ -27,8 +26,6 @@
+ #include "http_protocol.h"
+ #include "http_request.h"
+ 
+-#include "mod_auth.h"
+-
+ #ifdef HAVE_CONFIG_H
+       #include <config.h>
+ #endif
+@@ -94,14 +91,15 @@ module AP_DECLARE_DATA authz_zakautho_module =
+       register_hooks                   /* register hooks */
+ };
+ 
+-static authz_status
+-check_authorization (request_rec *r,
+-                     const char *require_args,
+-                     const void *parsed_require_args)
++static int
++check_authorization (request_rec *r)
+ {
+       const char *err = NULL;
+-      const ap_expr_info_t *expr = parsed_require_args;
+-      const char *require;
++
++      const apr_array_header_t *reqs_arr = ap_requires (r);
++      require_line *reqs;
++      int m = r->method_number;
++      register int x;
+ 
+       const char *t;
+       const char *w;
+@@ -121,26 +119,23 @@ check_authorization (request_rec *r,
+ 
+       if (!r->user)
+               {
+-                      return AUTHZ_DENIED_NO_USER;
++                      return DECLINED;
+               }
+ 
+-      require = ap_expr_str_exec (r, expr, &err);
+-      if (err)
++      if (!reqs_arr)
+               {
+-                      ap_log_rerror (APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02594)
+-                                     "authz_zakautho authorize: require user: Can't "
+-                                     "evaluate require expression: %s", err);
+-                      return AUTHZ_DENIED;
++                      return DECLINED;
+               }
++      reqs = (require_line *)reqs_arr->elts;
+ 
+       config = (zakautho_config *)ap_get_module_config (r->per_dir_config, &authz_zakautho_module);
+ 
+       autho = zak_autho_new ();
+       if (autho == NULL)
+               {
+-                      ap_log_rerror (APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02594)
++                      ap_log_rerror (APLOG_MARK, APLOG_ERR, 0, r,
+                                      "Unable to create the libzakautho object.");
+-                      return AUTHZ_DENIED;
++                      return DECLINED;
+               }
+ 
+       if (config->xml_filename != NULL)
+@@ -148,19 +143,19 @@ check_authorization (request_rec *r,
+                       xdoc = xmlParseFile (config->xml_filename);
+                       if (xdoc != NULL)
+                               {
+-                                      ap_log_rerror (APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02594)
++                                      ap_log_rerror (APLOG_MARK, APLOG_ERR, 0, r,
+                                                      "Unable to parse the libzakautho configuration from xml file «%s».",
+                                                      config->xml_filename);
+-                                      return AUTHZ_DENIED;
++                                      return DECLINED;
+                               }
+ 
+                       xnode = xmlDocGetRootElement (xdoc);
+                       if (!zak_autho_load_from_xml (autho, xnode, TRUE))
+                               {
+-                                      ap_log_rerror (APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02594)
++                                      ap_log_rerror (APLOG_MARK, APLOG_ERR, 0, r,
+                                                      "Unable to load the libzakautho configuration from xml file «%s».",
+                                                      config->xml_filename);
+-                                      return AUTHZ_DENIED;
++                                      return DECLINED;
+                               }
+               }
+       else if (config->db_cnc_string != NULL)
+@@ -169,36 +164,36 @@ check_authorization (request_rec *r,
+                       gdacon = gda_connection_open_from_string (NULL, config->db_cnc_string, NULL, 0, &error);
+                       if (gdacon == NULL || error != NULL)
+                               {
+-                                      ap_log_rerror (APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02594)
++                                      ap_log_rerror (APLOG_MARK, APLOG_ERR, 0, r,
+                                                      "Unable to create connection to db: %s.",
+                                                      error != NULL && error->message != NULL ? error->message : "no details");
+-                                      return AUTHZ_DENIED;
++                                      return DECLINED;
+                               }
+ 
+                       if (!zak_autho_load_from_db_with_monitor (autho, gdacon,
+                                                                 config->db_table_name_prefix != NULL ? config->db_table_name_prefix : NULL,
+                                                                 TRUE))
+                               {
+-                                      ap_log_rerror (APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02594)
++                                      ap_log_rerror (APLOG_MARK, APLOG_ERR, 0, r,
+                                                      "Unable to load the libzakautho configuration from db.");
+-                                      return AUTHZ_DENIED;
++                                      return DECLINED;
+                               }
+               }
+       else
+               {
+-                      ap_log_rerror (APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02594)
++                      ap_log_rerror (APLOG_MARK, APLOG_ERR, 0, r,
+                                      "libzakautho configuration must be loaded from xml file or from database. "
+                                      "Please use AuthZakAuthoXmlFilename or AuthZakAuthoDbCncString in apache configuration.");
+-                      return AUTHZ_DENIED;
++                      return DECLINED;
+               }
+ 
+       _user = g_strdup_printf (config->user_decoration != NULL ? config->user_decoration : "%s", r->user);
+       role_user = zak_autho_get_role_from_id (autho, _user);
+       if (role_user == NULL)
+               {
+-                      ap_log_rerror (APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02594)
++                      ap_log_rerror (APLOG_MARK, APLOG_ERR, 0, r,
+                                      "User «%s» not found on libzakautho configuration.", _user);
+-                      return AUTHZ_DENIED;
++                      return DECLINED;
+               }
+       g_free (_user);
+ 
+@@ -211,68 +206,55 @@ check_authorization (request_rec *r,
+                       zak_autho_set_resource_name_prefix (autho, config->resource_name_prefix);
+               }
+ 
+-      t = require;
+-      while ((w = ap_getword_conf (r->pool, &t)) && w[0])
++      for (x = 0; x < reqs_arr->nelts; x++)
+               {
+-                      ZakAuthoIResource *resource;
+-
+-                      resource = zak_autho_get_resource_from_id (autho, w);
+-                      if (resource == NULL)
++                      if (!(reqs[x].method_mask & (AP_METHOD_BIT << m)))
+                               {
+-                                      ap_log_rerror (APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(02594)
+-                                                     "Resource «%s» not found on libzakautho configuration.", w);
++                                      continue;
+                               }
+-                      else
++
++                      t = reqs[x].requirement;
++                      w = ap_getword_white (r->pool, &t);
++
++                      if (!strcasecmp (w, "zakautho"))
+                               {
+-                                      if (zak_autho_is_allowed (autho, role_user, resource, FALSE))
++                                      while (t[0])
+                                               {
+-                                                      return AUTHZ_GRANTED;
++                                                      ZakAuthoIResource *resource;
++
++                                                      w = ap_getword_conf (r->pool, &t);
++
++                                                      resource = zak_autho_get_resource_from_id (autho, w);
++                                                      if (resource == NULL)
++                                                              {
++                                                                      ap_log_rerror (APLOG_MARK, APLOG_WARNING, 0, r,
++                                                                                     "Resource «%s» not found on libzakautho configuration.", w);
++                                                              }
++                                                      else
++                                                              {
++                                                                      if (zak_autho_is_allowed (autho, role_user, resource, FALSE))
++                                                                              {
++                                                                                      return OK;
++                                                                              }
++                                                              }
+                                               }
+                               }
+               }
+ 
+-      ap_log_rerror (APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01663)
++      ap_log_rerror (APLOG_MARK, APLOG_DEBUG, 0, r,
+                      "access to %s failed, reason: user '%s' does not meet "
+                      "'require'ments for user to be allowed access",
+                      r->uri, r->user);
+ 
+-      return AUTHZ_DENIED;
++      return HTTP_UNAUTHORIZED;
+ }
+ 
+-static const char
+-*parse_config (cmd_parms *cmd, const char *require_line,
+-               const void **parsed_require_line)
+-{
+-      const char *expr_err = NULL;
+-      ap_expr_info_t *expr;
+-
+-      expr = ap_expr_parse_cmd(cmd, require_line, AP_EXPR_FLAG_STRING_RESULT,
+-                               &expr_err, NULL);
+-
+-      if (expr_err)
+-              return apr_pstrcat(cmd->temp_pool,
+-                                 "Cannot parse expression in require line: ",
+-                                 expr_err, NULL);
+-
+-      *parsed_require_line = expr;
+-
+-      return NULL;
+-}
+-
+-static const authz_provider authz_zakautho_provider =
+-      {
+-              &check_authorization,
+-              &parse_config,
+-      };
+-
+ static void
+ register_hooks (apr_pool_t *pool)
+ {
+       g_type_init ();
+ 
+-      ap_register_auth_provider (pool, AUTHZ_PROVIDER_GROUP, "zakautho",
+-                                 AUTHZ_PROVIDER_VERSION,
+-                                 &authz_zakautho_provider, AP_AUTH_INTERNAL_PER_CONF);
++      ap_hook_auth_checker (check_authorization, NULL, NULL, APR_HOOK_MIDDLE);
+ }
+ 
+ /*

diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644 (file)
index 0000000..d53cbec
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1,3 @@
+0001-autogen.sh-aclocal-missing-I.patch
+0002-Forced-glib-type-init.patch
+0003-Apache-old-api.patch

diff --git a/debian/rules b/debian/rules
new file mode 100755 (executable)
index 0000000..a6f76d0
--- /dev/null
+++ b/debian/rules
@@ -0,0 +1,39 @@
+#!/usr/bin/make -f
+# See debhelper(7) (uncomment to enable)
+# output every command that modifies files on the build system.
+#export DH_VERBOSE = 1
+
+
+# see FEATURE AREAS in dpkg-buildflags(1)
+#export DEB_BUILD_MAINT_OPTIONS = hardening=+all
+
+# see ENVIRONMENT in dpkg-buildflags(1)
+# package maintainers to append CFLAGS
+#export DEB_CFLAGS_MAINT_APPEND  = -Wall -pedantic
+# package maintainers to append LDFLAGS
+#export DEB_LDFLAGS_MAINT_APPEND = -Wl,--as-needed
+
+
+export DEB_CFLAGS_MAINT_STRIP = -Werror=format-security
+export DEB_CPPFLAGS_MAINT_STRIP = -Werror=format-security
+export DEB_CXXFLAGS_MAINT_STRIP = -Werror=format-security
+
+
+%:
+       dh $@
+
+
+override_dh_auto_configure:
+       NOCONFIGURE="X" ./autogen.sh
+       dh_auto_configure
+
+override_dh_auto_install:
+       $(MAKE) DESTDIR=$$(pwd)/debian/tmp prefix=/usr install
+       install -d $$(pwd)/debian/tmp/etc/apache2/mods-available
+       install $(CURDIR)/debian/authz_zakautho.load $$(pwd)/debian/tmp/etc/apache2/mods-available
+
+
+# dh_make generated override targets
+# This is example for Cmake (See https://bugs.debian.org/641051 )
+#override_dh_auto_configure:
+#      dh_auto_configure -- #  -DCMAKE_LIBRARY_PATH=$(DEB_HOST_MULTIARCH)

diff --git a/debian/source/format b/debian/source/format
new file mode 100644 (file)
index 0000000..163aaf8
--- /dev/null
+++ b/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)