diff options
-rw-r--r-- | auth_xradius.conf | 50 | ||||
-rw-r--r-- | mod_auth_xradius-0.4.6-ha.patch | 31 | ||||
-rw-r--r-- | mod_auth_xradius-0.4.6-libnss_libxradius.patch | 331 | ||||
-rw-r--r-- | mod_auth_xradius-0.4.6-memcache.patch | 47 | ||||
-rw-r--r-- | mod_auth_xradius-0.4.6-share_libxradius.patch | 62 | ||||
-rw-r--r-- | mod_auth_xradius-0.4.6-unixd.patch | 15 | ||||
-rw-r--r-- | mod_auth_xradius.spec | 168 |
7 files changed, 704 insertions, 0 deletions
diff --git a/auth_xradius.conf b/auth_xradius.conf new file mode 100644 index 0000000..2a2128e --- /dev/null +++ b/auth_xradius.conf @@ -0,0 +1,50 @@ +LoadModule auth_xradius_module modules/mod_auth_xradius.so + +<IfModule mod_auth_xradius.c> + + + ## The Cache for mod_auth_xradius must be configured globally. + ## If you do not want Authentication Caching, set: + # AuthXRadiusCache none - + + ## A Local DBM Based Cache (low performance) + # AuthXRadiusCache dbm "conf/auth_xradius_cache" + + ## Only a Single memcached Server + AuthXRadiusCache memcache "127.0.0.1" + ## Multiple memcached Servers + # AuthXRadiusCache memcache "127.0.0.1 10.0.0.10 10.0.0.11 10.0.0.11:11212" + + ## Time in Seconds that an entry will be cached. + AuthXRadiusCacheTimeout 300 + + <Directory "/path/to/my/docroot"> + ## All of the directives inside the <Directory> block can be placed + ## inside '.htaccess' files. + + ## This is what the client sees in their Prompt. + AuthName "Private Area" + + ## Type of authentication to use. + AuthType basic + + ## Address and the Shared Secret of the RADIUS Server to contact. + AuthXRadiusAddServer "localhost:1812" "super-secret" + ## Multiple Servers can be added in the same context. + # AuthXRadiusAddServer "10.0.0.10:1812" "2secrets" + # AuthXRadiusAddServer "10.0.0.11:1812" "secret1" + + ## Time in Seconds to wait for replies from the RADIUS Servers + AuthXRadiusTimeout 2 + + ## Number of times to resend a request to a server if no reply is received. + AuthXRadiusRetries 2 + + ## This tells apache that we want a valid user and password. + require valid-user + + AuthBasicProvider xradius + </Directory> + +</IfModule> + diff --git a/mod_auth_xradius-0.4.6-ha.patch b/mod_auth_xradius-0.4.6-ha.patch new file mode 100644 index 0000000..3658108 --- /dev/null +++ b/mod_auth_xradius-0.4.6-ha.patch @@ -0,0 +1,31 @@ +diff -Naur mod_auth_xradius-0.4.6.old/src/mod_auth_xradius.c mod_auth_xradius-0.4.6/src/mod_auth_xradius.c +--- mod_auth_xradius-0.4.6.old/src/mod_auth_xradius.c 2012-05-14 16:52:32.687289979 +0200 ++++ mod_auth_xradius-0.4.6/src/mod_auth_xradius.c 2012-05-14 16:55:13.251720474 +0200 +@@ -125,15 +125,15 @@ + rctx = xrad_auth_open(); + + /* Loop through the array of RADIUS Servers, adding them to the rctx object */ +- sr = (xrad_server_info *) dc->servers->elts; + for (i = 0; i < dc->servers->nelts; ++i) { +- rc = xrad_add_server(rctx, sr[i].hostname, sr[i].port, sr[i].secret, ++ sr = &(((xrad_server_info*)dc->servers->elts)[i]); ++ rc = xrad_add_server(rctx, sr->hostname, sr->port, sr->secret, + dc->timeout, dc->maxtries); + + if (rc != 0) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, + "xradius: Failed to add server '%s:%d': (%d) %s", +- sr[i].hostname, sr[i].port, rc, xrad_strerror(rctx)); ++ sr->hostname, sr->port, rc, xrad_strerror(rctx)); + goto run_cleanup; + } + } +@@ -294,7 +294,7 @@ + /* To properly use the Pools, this array is allocated from the here, instead of + inside the directory configuration creation function. */ + if (dc->servers == NULL) { +- dc->servers = apr_array_make(parms->pool, 4, sizeof(xrad_server_info*)); ++ dc->servers = apr_array_make(parms->pool, 4, sizeof(xrad_server_info)); + } + + sr = apr_array_push(dc->servers); diff --git a/mod_auth_xradius-0.4.6-libnss_libxradius.patch b/mod_auth_xradius-0.4.6-libnss_libxradius.patch new file mode 100644 index 0000000..de26df8 --- /dev/null +++ b/mod_auth_xradius-0.4.6-libnss_libxradius.patch @@ -0,0 +1,331 @@ +diff -Naur mod_auth_xradius-0.4.6.old/configure.ac mod_auth_xradius-0.4.6/configure.ac +--- mod_auth_xradius-0.4.6.old/configure.ac 2012-07-13 16:14:18.597720284 +0200 ++++ mod_auth_xradius-0.4.6/configure.ac 2012-07-13 16:15:15.348824052 +0200 +@@ -35,6 +35,17 @@ + MODULE_CFLAGS="${LIBRADIUS_CFLAGS} ${APR_MEMCACHE_CFLAGS} ${APXS_CFLAGS} ${AP_INCLUDES} ${APR_INCLUDES} ${APU_INCLUDES}" + MODULE_LIBS="${APR_MEMCACHE_LIBS}" + ++dnl NSS_InitContext() was introduced in NSS 3.12.5 and helps to prevent ++dnl collisions on NSS initialization/shutdown with other libraries ++LIBS="$LIBS -lnss3" ++AC_CHECK_FUNC(NSS_InitContext, ++[ ++ AC_DEFINE(HAVE_NSS_INITCONTEXT, 1, [if you have the NSS_InitContext function]) ++ AC_SUBST(HAVE_NSS_INITCONTEXT, [1]) ++], ++AC_MSG_ERROR([Missing NSS_InitContext])) ++ ++ + AC_SUBST(MODULE_CFLAGS) + AC_SUBST(MODULE_LIBS) + +diff -Naur mod_auth_xradius-0.4.6.old/libradius/porting.h mod_auth_xradius-0.4.6/libradius/porting.h +--- mod_auth_xradius-0.4.6.old/libradius/porting.h 2012-07-13 16:14:18.599720322 +0200 ++++ mod_auth_xradius-0.4.6/libradius/porting.h 2012-07-13 16:14:36.172062002 +0200 +@@ -15,7 +15,7 @@ + + #else + +-#include "md5.h" ++#include "sechash.h" + #define MD5_DIGEST_LENGTH 16 + #define MD5Final xrad_MD5Final + #define MD5Init xrad_MD5Init +diff -Naur mod_auth_xradius-0.4.6.old/libradius/radlib.c mod_auth_xradius-0.4.6/libradius/radlib.c +--- mod_auth_xradius-0.4.6.old/libradius/radlib.c 2012-07-13 16:14:18.599720322 +0200 ++++ mod_auth_xradius-0.4.6/libradius/radlib.c 2012-07-13 16:15:15.349824040 +0200 +@@ -40,6 +40,7 @@ + #include <stdlib.h> + #include <string.h> + #include <unistd.h> ++#include <nss3/nss.h> + + #include "porting.h" + #include "radlib_private.h" +@@ -87,6 +88,24 @@ + } + #endif + ++static NSSInitContext *xrad_nss_init(void) ++{ ++ NSSInitContext *nctx = NULL; ++ NSSInitParameters initparams; ++ ++ memset((void *) &initparams, '\0', sizeof(initparams)); ++ initparams.length = sizeof(initparams); ++ ++ return NSS_InitContext("", "", "", "", &initparams, ++ NSS_INIT_READONLY ++ | NSS_INIT_NOCERTDB ++ | NSS_INIT_NOMODDB ++ | NSS_INIT_FORCEOPEN ++ | NSS_INIT_NOROOTINIT ++ | NSS_INIT_OPTIMIZESPACE ++ | NSS_INIT_PK11RELOAD); ++} ++ + static void + clear_password(struct xrad_handle *h) + { +@@ -110,24 +129,32 @@ + static void + insert_scrambled_password(struct xrad_handle *h, int srv) + { +- MD5_CTX ctx; ++ NSSInitContext *nctx; ++ HASHContext *md5_ctx; + unsigned char md5[MD5_DIGEST_LENGTH]; + const struct xrad_server *srvp; + int padded_len; + int pos; ++ unsigned int len; + + srvp = &h->servers[srv]; + padded_len = h->pass_len == 0 ? 16 : (h->pass_len+15) & ~0xf; + ++ nctx = xrad_nss_init(); ++ md5_ctx = HASH_Create(HASH_AlgMD5); ++ + memcpy(md5, &h->request[POS_AUTH], LEN_AUTH); + for (pos = 0; pos < padded_len; pos += 16) { + int i; + + /* Calculate the new scrambler */ +- MD5Init(&ctx); +- MD5Update(&ctx, srvp->secret, strlen(srvp->secret)); +- MD5Update(&ctx, md5, 16); +- MD5Final(md5, &ctx); ++ HASH_Begin(md5_ctx); ++ HASH_Update(md5_ctx, ++ (const unsigned char *)srvp->secret, ++ strlen(srvp->secret)); ++ HASH_Update(md5_ctx, md5, 16); ++ HASH_End(md5_ctx, md5, &len, sizeof(md5)); ++ + + /* + * Mix in the current chunk of the password, and copy +@@ -139,24 +166,43 @@ + h->request[h->pass_pos + pos + i] = + md5[i] ^= h->pass[pos + i]; + } ++ ++ HASH_Destroy(md5_ctx); ++ ++ NSS_ShutdownContext(nctx); + } + + static void + insert_request_authenticator(struct xrad_handle *h, int srv) + { +- MD5_CTX ctx; ++ NSSInitContext *nctx; ++ HASHContext *md5_ctx; + const struct xrad_server *srvp; ++ unsigned int len; + + srvp = &h->servers[srv]; + + /* Create the request authenticator */ +- MD5Init(&ctx); +- MD5Update(&ctx, &h->request[POS_CODE], POS_AUTH - POS_CODE); +- apr_generate_random_bytes(&h->request[POS_AUTH], LEN_AUTH); +- MD5Update(&ctx, &h->request[POS_AUTH], LEN_AUTH); +- MD5Update(&ctx, &h->request[POS_ATTRS], h->req_len - POS_ATTRS); +- MD5Update(&ctx, srvp->secret, strlen(srvp->secret)); +- MD5Final(&h->request[POS_AUTH], &ctx); ++ nctx = xrad_nss_init(); ++ md5_ctx = HASH_Create(HASH_AlgMD5); ++ ++ HASH_Begin(md5_ctx); ++ HASH_Update(md5_ctx, &h->request[POS_CODE], POS_AUTH - POS_CODE); ++ apr_generate_random_bytes(&h->request[POS_AUTH], LEN_AUTH); ++ HASH_Update(md5_ctx, ++ (const unsigned char *)&h->request[POS_AUTH], ++ LEN_AUTH); ++ HASH_Update(md5_ctx, ++ (const unsigned char *)&h->request[POS_ATTRS], ++ h->req_len - POS_ATTRS); ++ HASH_Update(md5_ctx, ++ (const unsigned char *)srvp->secret, ++ strlen(srvp->secret)); ++ HASH_End(md5_ctx, &h->request[POS_AUTH], &len, sizeof(h->request[POS_AUTH])); ++ ++ HASH_Destroy(md5_ctx); ++ ++ NSS_ShutdownContext(nctx); + } + + static void +@@ -192,10 +238,12 @@ + is_valid_response(struct xrad_handle *h, int srv, + const struct sockaddr_in *from) + { +- MD5_CTX ctx; ++ NSSInitContext *nctx; ++ HASHContext *md5_ctx; + unsigned char md5[MD5_DIGEST_LENGTH]; + const struct xrad_server *srvp; + int len; ++ unsigned int hash_len; + #ifdef WITH_SSL + HMAC_CTX hctx; + u_char resp[MSGSIZE], md[EVP_MAX_MD_SIZE]; +@@ -218,12 +266,19 @@ + return 0; + + /* Check the response authenticator */ +- MD5Init(&ctx); +- MD5Update(&ctx, &h->response[POS_CODE], POS_AUTH - POS_CODE); +- MD5Update(&ctx, &h->request[POS_AUTH], LEN_AUTH); +- MD5Update(&ctx, &h->response[POS_ATTRS], len - POS_ATTRS); +- MD5Update(&ctx, srvp->secret, strlen(srvp->secret)); +- MD5Final(md5, &ctx); ++ nctx = xrad_nss_init(); ++ md5_ctx = HASH_Create(HASH_AlgMD5); ++ HASH_Begin(md5_ctx); ++ HASH_Update(md5_ctx, &h->response[POS_CODE], POS_AUTH - POS_CODE); ++ HASH_Update(md5_ctx, &h->request[POS_AUTH], LEN_AUTH); ++ HASH_Update(md5_ctx, &h->response[POS_ATTRS], len - POS_ATTRS); ++ HASH_Update(md5_ctx, ++ (const unsigned char *)srvp->secret, ++ strlen(srvp->secret)); ++ HASH_End(md5_ctx, md5, &hash_len, sizeof(md5)); ++ HASH_Destroy(md5_ctx); ++ NSS_ShutdownContext(nctx); ++ + if (memcmp(&h->response[POS_AUTH], md5, sizeof md5) != 0) + return 0; + +@@ -1128,7 +1183,9 @@ + char R[LEN_AUTH]; + const char *S; + int i, Ppos; +- MD5_CTX Context; ++ int hash_len; ++ NSSInitContext *nctx; ++ HASHContext *md5_ctx; + u_char b[MD5_DIGEST_LENGTH], *C, *demangled; + + if ((mlen % 16 != 0) || mlen > 128) { +@@ -1152,10 +1209,14 @@ + if (!demangled) + return NULL; + +- MD5Init(&Context); +- MD5Update(&Context, S, strlen(S)); +- MD5Update(&Context, R, LEN_AUTH); +- MD5Final(b, &Context); ++ nctx = xrad_nss_init(); ++ md5_ctx = HASH_Create(HASH_AlgMD5); ++ HASH_Begin(md5_ctx); ++ HASH_Update(md5_ctx, S, strlen(S)); ++ HASH_Update(md5_ctx, R, LEN_AUTH); ++ HASH_End(md5_ctx, b, &hash_len, sizeof(b)); ++ HASH_Destroy(md5_ctx); ++ + Ppos = 0; + while (mlen) { + +@@ -1164,15 +1225,19 @@ + demangled[Ppos++] = C[i] ^ b[i]; + + if (mlen) { +- MD5Init(&Context); +- MD5Update(&Context, S, strlen(S)); +- MD5Update(&Context, C, 16); +- MD5Final(b, &Context); ++ md5_ctx = HASH_Create(HASH_AlgMD5); ++ HASH_Begin(md5_ctx); ++ HASH_Update(md5_ctx, S, strlen(S)); ++ HASH_Update(md5_ctx, C, 16); ++ HASH_End(md5_ctx, b, &hash_len, sizeof(b)); ++ HASH_Destroy(md5_ctx); + } + + C += 16; + } + ++ NSS_ShutdownContext(nctx); ++ + return demangled; + } + +@@ -1184,9 +1249,11 @@ + const char *S; + u_char b[MD5_DIGEST_LENGTH], *demangled; + const u_char *A, *C; +- MD5_CTX Context; ++ NSSInitContext *nctx; ++ HASHContext *md5_ctx; + int Slen, i, Clen, Ppos; + u_char *P; ++ unsigned int hash_len; + + if (mlen % 16 != SALT_LEN) { + generr(h, "Cannot interpret mangled data of length %lu", +@@ -1207,11 +1274,15 @@ + Slen = strlen(S); + P = alloca(Clen); /* We derive our plaintext */ + +- MD5Init(&Context); +- MD5Update(&Context, S, Slen); +- MD5Update(&Context, R, LEN_AUTH); +- MD5Update(&Context, A, SALT_LEN); +- MD5Final(b, &Context); ++ nctx = xrad_nss_init(); ++ md5_ctx = HASH_Create(HASH_AlgMD5); ++ HASH_Begin(md5_ctx); ++ HASH_Update(md5_ctx, S, Slen); ++ HASH_Update(md5_ctx, R, LEN_AUTH); ++ HASH_Update(md5_ctx, A, SALT_LEN); ++ HASH_End(md5_ctx, b, &hash_len, sizeof(b)); ++ HASH_Destroy(md5_ctx); ++ + Ppos = 0; + + while (Clen) { +@@ -1221,15 +1292,20 @@ + P[Ppos++] = C[i] ^ b[i]; + + if (Clen) { +- MD5Init(&Context); +- MD5Update(&Context, S, Slen); +- MD5Update(&Context, C, 16); +- MD5Final(b, &Context); ++ md5_ctx = HASH_Create(HASH_AlgMD5); ++ HASH_Begin(md5_ctx); ++ HASH_Update(md5_ctx, S, Slen); ++ HASH_Update(md5_ctx, C, 16); ++ HASH_Update(md5_ctx, A, SALT_LEN); ++ HASH_End(md5_ctx, b, &hash_len, sizeof(b)); ++ HASH_Destroy(md5_ctx); + } + + C += 16; + } + ++ NSS_ShutdownContext(nctx); ++ + /* + * The resulting plain text consists of a one-byte length, the text and + * maybe some padding. +diff -Naur mod_auth_xradius-0.4.6.old/Makefile.am mod_auth_xradius-0.4.6/Makefile.am +--- mod_auth_xradius-0.4.6.old/Makefile.am 2012-07-13 16:14:18.598720303 +0200 ++++ mod_auth_xradius-0.4.6/Makefile.am 2012-07-13 16:14:36.179062137 +0200 +@@ -24,12 +24,11 @@ + apachemoddir=${AP_LIBEXECDIR} + + lib_LTLIBRARIES = libxradius.la +-libxradius_la_SOURCES = libradius/radlib.c libradius/md5c.c +-libxradius_la_CFLAGS = ${MODULE_CFLAGS} +-libxradius_la_LDFLAGS = ${MODULE_LIBS} ++libxradius_la_SOURCES = libradius/radlib.c ++libxradius_la_CFLAGS = ${MODULE_CFLAGS} -I${includedir}/nss3 -I${includedir}/nspr4 ++libxradius_la_LDFLAGS = ${MODULE_LIBS} -lnss3 -lnspr4 + + include_HEADERS = \ +- libradius/md5.h \ + libradius/porting.h \ + libradius/radlib.h \ + libradius/radlib_private.h \ diff --git a/mod_auth_xradius-0.4.6-memcache.patch b/mod_auth_xradius-0.4.6-memcache.patch new file mode 100644 index 0000000..0a93dd9 --- /dev/null +++ b/mod_auth_xradius-0.4.6-memcache.patch @@ -0,0 +1,47 @@ +diff -Naur mod_auth_xradius-0.4.6.old/configure mod_auth_xradius-0.4.6.memcache/configure +--- mod_auth_xradius-0.4.6.old/configure 2012-05-30 10:27:39.230465050 +0200 ++++ mod_auth_xradius-0.4.6.memcache/configure 2012-05-30 11:06:40.236546705 +0200 +@@ -4476,8 +4476,8 @@ + echo "${ECHO_T}$ac_cv_lib_apr_memcache_apr_memcache_create" >&6 + if test $ac_cv_lib_apr_memcache_apr_memcache_create = yes; then + +- APR_MEMCACHE_LIBS="-R$x/lib -L$x/lib -lapr_memcache" +- APR_MEMCACHE_CFLAGS="-I$x/include/apr_memcache-0" ++ APR_MEMCACHE_LIBS="`apu-1-config --link-ld`" ++ APR_MEMCACHE_CFLAGS="`apu-1-config --includes`" + + fi + +diff -Naur mod_auth_xradius-0.4.6.old/m4/apr_memcache.m4 mod_auth_xradius-0.4.6.memcache/m4/apr_memcache.m4 +--- mod_auth_xradius-0.4.6.old/m4/apr_memcache.m4 2012-05-30 10:27:39.228465017 +0200 ++++ mod_auth_xradius-0.4.6.memcache/m4/apr_memcache.m4 2012-05-30 11:11:30.271831333 +0200 +@@ -20,23 +20,19 @@ + test_paths="${mc_path}" + fi + +-if test -n ${AP_PREFIX}; then +- test_paths="${AP_PREFIX} ${test_paths}" +-fi +- + for x in $test_paths ; do +- amc_shlib="${x}/libapr_memcache${shrext_cmds}" +- AC_MSG_CHECKING([for apr_memcache library in ${x}/lib]) ++ amc_shlib="${x}/libaprutil-1${shrext_cmds}" ++ AC_MSG_CHECKING([for apr_memcache library in ${libdir}]) + if test -f ${amc_shlib}; then + AC_MSG_RESULT([yes]) + save_CFLAGS=$CFLAGS + save_LDFLAGS=$LDFLAGS + CFLAGS="$CFLAGS" +- LDFLAGS="-L$x/lib $LDFLAGS" +- AC_CHECK_LIB(apr_memcache, apr_memcache_create, ++ LDFLAGS="-L${libdir} $LDFLAGS" ++ AC_CHECK_LIB(aprutil-1, apr_memcache_create, + [ +- APR_MEMCACHE_LIBS="-R$x/lib -L$x/lib -lapr_memcache" +- APR_MEMCACHE_CFLAGS="-I$x/include/apr_memcache-0" ++ APR_MEMCACHE_LIBS="`apu-1-config --link-ld`" ++ APR_MEMCACHE_CFLAGS="`apu-1-config --includes`" + ]) + CFLAGS=$save_CFLAGS + LDFLAGS=$save_LDFLAGS diff --git a/mod_auth_xradius-0.4.6-share_libxradius.patch b/mod_auth_xradius-0.4.6-share_libxradius.patch new file mode 100644 index 0000000..3ae6ef2 --- /dev/null +++ b/mod_auth_xradius-0.4.6-share_libxradius.patch @@ -0,0 +1,62 @@ +diff -Naur mod_auth_xradius-0.4.6.old/configure.ac mod_auth_xradius-0.4.6/configure.ac +--- mod_auth_xradius-0.4.6.old/configure.ac 2012-06-12 11:08:55.776153937 +0200 ++++ mod_auth_xradius-0.4.6/configure.ac 2012-06-12 11:09:08.798400381 +0200 +@@ -4,6 +4,8 @@ + AC_PREREQ(2.53) + AC_CONFIG_SRCDIR([src/mod_auth_xradius.c]) + AC_CONFIG_AUX_DIR(config) ++AC_CONFIG_MACRO_DIR([m4]) ++LT_INIT + OOO_MAINTAIN_MODE + AM_MAINTAINER_MODE + AC_CANONICAL_TARGET +@@ -15,7 +17,6 @@ + AC_PROG_CC + AC_PROG_LD + AC_PROG_INSTALL +-AC_PROG_RANLIB + + AP_VERSION=2.0.40 + CHECK_APACHE(,$AP_VERSION, +diff -Naur mod_auth_xradius-0.4.6.old/Makefile.am mod_auth_xradius-0.4.6/Makefile.am +--- mod_auth_xradius-0.4.6.old/Makefile.am 2012-06-12 11:08:55.777153955 +0200 ++++ mod_auth_xradius-0.4.6/Makefile.am 2012-06-12 11:09:08.799400399 +0200 +@@ -1,3 +1,4 @@ ++ACLOCAL_AMFLAGS = -I m4 + AUTOMAKE_OPTIONS = foreign dist-bzip2 + + LIBRADIUS_EXTRA = libradius/md5.h libradius/radlib.h \ +@@ -17,19 +18,28 @@ + mod_auth_xradius_la_SOURCES = src/mod_auth_xradius.c src/xradius_cache.c + mod_auth_xradius_la_CFLAGS = -Wall ${MODULE_CFLAGS} + mod_auth_xradius_la_LDFLAGS = -rpath ${AP_LIBEXECDIR} -module -avoid-version ${MODULE_LIBS} +-mod_auth_xradius_la_LIBADD = libradius.la ++mod_auth_xradius_la_LIBADD = libxradius.la + + apachemod_LTLIBRARIES = mod_auth_xradius.la + apachemoddir=${AP_LIBEXECDIR} + +-noinst_LTLIBRARIES = libradius.la +-libradius_la_SOURCES = libradius/radlib.c libradius/md5c.c +-libradius_la_CFLAGS = ${MODULE_CFLAGS} +-libradius_la_LDFLAGS = ${MODULE_LIBS} ++lib_LTLIBRARIES = libxradius.la ++libxradius_la_SOURCES = libradius/radlib.c libradius/md5c.c ++libxradius_la_CFLAGS = ${MODULE_CFLAGS} ++libxradius_la_LDFLAGS = ${MODULE_LIBS} ++ ++include_HEADERS = \ ++ libradius/md5.h \ ++ libradius/porting.h \ ++ libradius/radlib.h \ ++ libradius/radlib_private.h \ ++ libradius/radlib_vs.h + + install: install-am + rm -f $(DESTDIR)${AP_LIBEXECDIR}/mod_auth_xradius.a + rm -f $(DESTDIR)${AP_LIBEXECDIR}/mod_auth_xradius.la ++ rm -f $(DESTDIR)${libdir}/libxradius.a ++ rm -f $(DESTDIR)${libdir}/libxradius.la + @echo "" + @echo "***********************************************" + @echo "" diff --git a/mod_auth_xradius-0.4.6-unixd.patch b/mod_auth_xradius-0.4.6-unixd.patch new file mode 100644 index 0000000..8b675e8 --- /dev/null +++ b/mod_auth_xradius-0.4.6-unixd.patch @@ -0,0 +1,15 @@ +diff -Naur mod_auth_xradius-0.4.6.old/src/xradius_cache.c mod_auth_xradius-0.4.6/src/xradius_cache.c +--- mod_auth_xradius-0.4.6.old/src/xradius_cache.c 2005-04-27 01:49:25.000000000 -0500 ++++ mod_auth_xradius-0.4.6/src/xradius_cache.c 2012-05-15 11:52:34.464238207 -0500 +@@ -143,9 +143,9 @@ + /* Running as Root */ + if (geteuid() == 0) { + /* Allow the configured Apache use to read/write to the DBM */ +- chown(path1, unixd_config.user_id, -1); ++ chown(path1, ap_unixd_config.user_id, -1); + if (path2 != NULL) { +- chown(path2, unixd_config.user_id, -1); ++ chown(path2, ap_unixd_config.user_id, -1); + } + } + #endif diff --git a/mod_auth_xradius.spec b/mod_auth_xradius.spec new file mode 100644 index 0000000..e94bd7b --- /dev/null +++ b/mod_auth_xradius.spec @@ -0,0 +1,168 @@ +Summary: Apache module that provides authentication against RADIUS Servers +Name: mod_auth_xradius +Version: 0.4.6 +Release: 16%{?dist} +Group: System Environment/Daemons +URL: http://www.outoforder.cc/projects/httpd/mod_auth_xradius/ +License: ASL 2.0 +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) + +Source0: http://www.outoforder.cc/downloads/mod_auth_xradius/mod_auth_xradius-%{version}.tar.bz2 +Source1: auth_xradius.conf + +Patch0: %{name}-%{version}-memcache.patch +Patch1: %{name}-%{version}-ha.patch +Patch2: %{name}-%{version}-unixd.patch +Patch3: %{name}-%{version}-share_libxradius.patch +Patch4: %{name}-%{version}-libnss_libxradius.patch + +BuildRequires: apr-util-devel +BuildRequires: httpd-devel +BuildRequires: libtool +BuildRequires: nspr-devel +BuildRequires: nss-devel >= 3.12.5 + +%description +Apache module that provides high performance authentication against +RFC 2865 RADIUS Servers. + +%package -n libxradius +Summary: Development files for libxradius +Group: Development/Libraries + +%description -n libxradius +This is a library to generate RADIUS authentication request. + +%package -n libxradius-devel +Summary: Development files for libxradius +Group: Development/Libraries +Requires: libxradius%{?_isa} = %{version}-%{release} + +%description -n libxradius-devel +The libradius-devel package contains libraries and header files for +developing applications that use libradius. + +%prep +%setup -q +%patch0 -p1 -b .memcache +%patch1 -p1 -b .ha +%if 0%{?fedora} >= 18 +%patch2 -p1 -b .unixd +%endif +%patch3 -p1 -b .share_libxradius +%patch4 -p1 -b .libnss_libxradius + +autoreconf -fvi + + +%build + +%configure --localstatedir=/var/lib \ + --with-apxs=%{_sbindir}/apxs + +make %{?_smp_mflags} + +%install +rm -rf %{buildroot} +make DESTDIR=%{buildroot} install + +# Install the radius library documentation +mkdir -p %{buildroot}%{_mandir}/man3 +mkdir -p %{buildroot}%{_mandir}/man5 +install -p -m644 libradius/libradius.3 %{buildroot}%{_mandir}/man3/libxradius.3 +install -p -m644 libradius/radius.conf.5 %{buildroot}%{_mandir}/man5/radius.conf.5 + +# Install the apache module documentation +mkdir -p %{buildroot}%{_sysconfdir}/httpd/conf.d +mkdir -p %{buildroot}%{_libdir}/httpd/modules +install -p -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/httpd/conf.d/ + + +%clean +rm -rf %{buildroot} + +%post -n libxradius -p /sbin/ldconfig + +%postun -n libxradius -p /sbin/ldconfig + + +%files +%doc README LICENSE NOTICE +%{_libdir}/httpd/modules/*.so +%config(noreplace) %{_sysconfdir}/httpd/conf.d/*.conf + +%files -n libxradius +%defattr(-,root,root,-) +%doc README +%{_libdir}/libxradius.so.* +%{_mandir}/man5/radius.conf.5.* + +%files -n libxradius-devel +%defattr(-,root,root,-) +%{_libdir}/libxradius.so +%{_mandir}/man3/libxradius.3.* +%{_includedir}/*.h + + +%changelog +* Mon Jul 23 2012 Simone Caronni <negativo17@gmail.com> - 0.4.6-16 +- Fixed libxradius-devel requirement. + +* Fri Jul 13 2012 Simone Caronni <negativo17@gmail.com> - 0.4.6-15 +- Merged the 2 libnss patches into one. +- Fixed typo "xss_init_nss" in libnss patch. +- Removed _isa from BuildRequires. + +* Fri Jul 13 2012 Stephen Gallagher <sgallagh@redhat.com> - 0.4.6-14 +- Fix NSS initialization routines. + +* Thu Jun 14 2012 Simone Caronni <negativo17@gmail.com> - 0.4.6-13 +- Added libnss patch to libxradius. + +* Tue Jun 12 2012 Simone Caronni <negativo17@gmail.com> - 0.4.6-12 +- Added libnss patch to libxradius. + +* Tue Jun 12 2012 Simone Caronni <negativo17@gmail.com> - 0.4.6-11 +- Update memcache patch. +- Update libxradius patch. +- Swap automake17 BR with libtool. +- Use autoreconf instead of the 1.7 patched autogen.sh. + +* Mon Jun 11 2012 Stephen Gallagher <sgallagh@redhat.com> - 0.4.6-10 +- Rename subpackage to libxradius. +- Rename manpages and shared object. +- Properly link mod_auth_xradius with libxradius. +- Remove libradius makefile. + +* Wed May 30 2012 Simone Caronni <negativo17@gmail.com> - 0.4.6-9 +- First attempt in creating subpackages for libradius. +- Removed patch to rename radius calls. +- Removed macros for system commands. +- Used buildroot macro in a consistent way. + +* Wed May 30 2012 Simone Caronni <negativo17@gmail.com> - 0.4.6-8 +- Renamed libradius calls (xrad_ -> rad_) to use external library. + +* Wed May 30 2012 Simone Caronni <negativo17@gmail.com> - 0.4.6-7 +- Remove libmd BR. +- Reworked memcache patch. +- Updated patch for removing libradius. + +* Mon May 21 2012 Simone Caronni <negativo17@gmail.com> - 0.4.6-6 +- Strip out libmd and libradius. +- Remove libradius from sources. +- Added conditional for Fedora >= 18 patch. + +* Wed May 15 2012 Simone Caronni <negativo17@gmail.com> - 0.4.6-5 +- Added Provides for bundled md5 library. +- Added BSD license for bundled libradius library. + +* Wed May 15 2012 Simone Caronni <negativo17@gmail.com> - 0.4.6-4 +- Modified default configuration pointing only to localhost. +- Added patch for rawhide. + +* Wed May 10 2012 Simone Caronni <negativo17@gmail.com> - 0.4.6-3 +- First build based off rutgers.edu package. + +* Thu Jul 22 2010 Orcan Ogetbil <orcan@nbcs.rutgers.edu> 0.4.6-2.ru +- Fixes in the .conf file |