summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Tagging 1.2.3 release.mod_authnz_pam-1.2.3Jan Pazdziora2022-01-233-3/+7
|
* Catch warnings, fix the incompatible pointer type one.Jan Pazdziora2022-01-232-2/+2
|
* Test on ARM in Cirrus CI to get wider architecture coverage.Jan Pazdziora2022-01-231-1/+1
|
* Test Fedora rawhide on GitHub Actions, to get repeated scheduled testing.Jan Pazdziora2022-01-232-2/+5
|
* Change default redirect status for AuthPAMExpiredRedirect to 303 See Other, ↵Jan Pazdziora2022-01-234-14/+52
| | | | | | | | | | make it configurable. Redirect to reset password typically goes to different system, so repeating for example POST which 307 Temporary Redirect does is not that useful; the 303 See Other will do plain GET. The redirect status can be overriden with an optional second parameter to AuthPAMExpiredRedirect.
* Test the exact redirect status done by AuthPAMExpiredRedirect.Jan Pazdziora2022-01-221-1/+1
|
* Test the expansion of placeholders as well.Jan Pazdziora2022-01-212-2/+2
|
* Add testing of AuthPAMExpiredRedirect, using pam_unix and sp_max in shadow.Jan Pazdziora2022-01-214-0/+37
| | | | The chmod g+r /etc/shadow approach is obviously only for testing.
* CentOS 8 got EOL on 2021-12-31, switch to testing on CentOS 8 Stream.Jan Pazdziora2022-01-212-2/+3
|
* Travis CI OSS credits do not replenish, stop attempting to run builds there.Jan Pazdziora2022-01-211-33/+0
|
* Revert "Workaround 1897493 / 1900021 -- test on docker with disabled ↵Jan Pazdziora2022-01-211-4/+2
| | | | | | | | seccomp, we have to move the build steps to docker run." This reverts commit 63bea6d518f3d5d10384fa1530b805083c0f9478. The latest dockers have updated seccomp policies.
* Run Travis CI jobs on Ubuntu Focal 20.24 ARM64, to increase architecture ↵Jan Pazdziora2021-05-081-1/+5
| | | | coverage.
* Workaround 1897493 / 1900021 -- test on docker with disabled seccomp, we ↵Jan Pazdziora2021-05-081-2/+4
| | | | have to move the build steps to docker run.
* Tagging 1.2.2 release.mod_authnz_pam-1.2.2Jan Pazdziora2021-03-301-1/+4
|
* Use ap_get_useragent_host instead of ap_get_remote_hostJake Chen2021-03-301-0/+4
| | | | | | | | | - according to https://www.apachelounge.com/Changelog-2.4.html, modules should be updated to inquire for ap_get_useragent_host() in place of ap_get_remote_host(). - use module magic number 20120211,56 to determine whether to use ap_get_useragent_host (according to https://github.com/apache/httpd/blob/2.4.x/include/ap_mmn.h)
* Add CI testing on GitHub Actions.Jan Pazdziora2021-03-301-0/+27
|
* Disable testing on CentOS 6 in Cirrus CI as well.Jan Pazdziora2020-12-081-1/+0
|
* CentOS 6 was EOL on 2020-11-30.Jan Pazdziora2020-12-021-2/+0
|
* Workaround 1869030.Jan Pazdziora2020-11-181-2/+0
|
* Tagging 1.2.1 release.mod_authnz_pam-1.2.1Jan Pazdziora2020-07-091-1/+4
|
* Clarify account behaviour with AuthBasicProvider and interaction with ↵Jan Pazdziora2020-07-095-3/+74
| | | | Require pam-account.
* Store password to cache only after passing all PAM checks, including account.Jake Chen2020-07-082-5/+10
|
* Harden the test, show that auth is not enough and that account is run.Jake Chen2020-07-083-8/+17
|
* Related to 1760300 - move to Bionic where libseccomp handles statx.Jan Pazdziora2020-03-191-1/+1
| | | | | Addressing stat: cannot statx '/root/rpmbuild/BUILDROOT/mod_authnz_pam-1.2.0-1.fc33.localbuild.x86_64/usr/lib64/httpd/modules/mod_authnz_pam.so': Operation not permitted
* Allow easy rerunning tests/run.sh multiple times.Jan Pazdziora2020-01-091-0/+2
|
* Add testing on CentOS 8.Jan Pazdziora2020-01-091-0/+2
|
* Signal success in the output, not just with exit status.Jan Pazdziora2020-01-091-0/+2
|
* Revert "Fedora rawhide is not stable."Jan Pazdziora2019-03-151-1/+1
| | | | | This reverts commit 656a372582b75014209e5fd68d40ca5403f4e7d2 since Fedora rawhide is usable again.
* Fedora rawhide is not stable.Jan Pazdziora2019-03-011-1/+1
| | | | | | Workaround Public key for rpm-build-4.14.2.1-4.fc30.1.x86_64.rpm is not installed. Failing package is: rpm-build-4.14.2.1-4.fc30.1.x86_64 GPG Keys are configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-31-x86_64
* Test on the latest released (and tagged) Fedora, whichever it is.Jan Pazdziora2018-12-031-1/+1
|
* Document new name for allow_httpd_mod_auth_pam SELinux booleanPeter Oliver2018-12-031-2/+2
| | | | This is named `httpd_mod_auth_pam` in RHEL 7.
* Promote https: scheme.Jan Pazdziora2018-08-011-2/+2
|
* Support building in copr using make srpm.Jan Pazdziora2018-08-011-0/+22
|
* Tagging 1.2.0 release.mod_authnz_pam-1.2.0Jan Pazdziora2018-07-173-4/+7
|
* On Apache 2.4, test AuthBasicProvider socache PAM + AuthnCacheProvideFor PAM.Jan Pazdziora2018-07-173-0/+25
|
* Skip support for caching on 2.3.7 or older where ap_authn_cache_store did ↵Jan Pazdziora2018-07-171-0/+6
| | | | not exist.
* Implementation of socache caching.schnitzi992018-07-171-0/+32
| | | | | Copied from example code of dbd and dbm socache implementations If PAM-Authentification is successful (AUTH_GRANTED), do apache-style salted bcrypt hash and store it in socache.
* Wait for the HTTP server to start in tests.Jan Pazdziora2018-07-171-0/+8
|
* Test Require pam-account and AuthBasicProvider PAM in CI.Jan Pazdziora2018-07-179-7/+108
|
* Build rpm in Cirrus CI, use the same tests/build.sh for Travis CI.Jan Pazdziora2018-07-167-35/+50
|
* Build rpm in Travis CI.Jan Pazdziora2018-07-154-0/+52
|
* https://fedoraproject.org/wiki/Packaging:C_and_C%2B%2B#BuildRequires_and_Req ↵Jan Pazdziora2018-02-231-1/+5
| | | | uires
* Escape macros in %changelogIgor Gnatenko2018-02-231-2/+5
| | | | | | | Reference: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/Y2ZUKK2B7T2IKXPMODNF6HB2O5T5TS6H/ Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org> (cherry picked from dist-git commit 3dc29f87fd91b51a0768e253604b7baa5efce360)
* Tagging 1.1.0 release.mod_authnz_pam-1.1.0Jan Pazdziora2016-11-223-3/+8
|
* Fix AuthPAMExpiredRedirect %s escaping on Apache 2.2.Jan Pazdziora2016-11-221-3/+2
|
* Force and send the response redirect status, to avoid the default 401.Jan Pazdziora2016-11-221-1/+3
|
* Use info for success messages, since notice cannot be silenced for logs to ↵Jan Pazdziora2016-11-161-1/+1
| | | | | | files. Suggested by: Phil Endecott
* Put the name of the module to the start of the message on Apache 2.4.Jan Pazdziora2016-11-161-4/+15
| | | | | | | | | Replacing [Tue Nov 15 18:00:42.602043 2016] [:notice] [pid 27824] [client 10.11.12.13:40740] mod_authnz_pam: PAM authentication passed for user bob@EXAMPLE.COM with [Tue Nov 15 18:00:42.602043 2016] [authnz_pam:notice] [pid 27824] [client 10.11.12.13:40740] PAM authentication passed for user bob@EXAMPLE.COM Suggested by: Phil Endecott
* Prefer ap_log_rerror for messages related to a particular request.Jan Pazdziora2016-11-151-3/+3
| | | | Suggested by: Phil Endecott
* 1319166 - the Requires(pre) httpd does not seem to be needed.mod_authnz_pam-1.0.2Jan Pazdziora2016-03-211-2/+4
|