blob: ab21b68fdcc6da268b15310626900dc4530a80aa (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
|
%{!?_httpd_apxs: %{expand: %%global _httpd_apxs %%{_sbindir}/apxs}}
%{!?_httpd_confdir: %{expand: %%global _httpd_confdir %%{_sysconfdir}/httpd/conf.d}}
# /etc/httpd/conf.d with httpd < 2.4 and defined as /etc/httpd/conf.modules.d with httpd >= 2.4
%{!?_httpd_modconfdir: %{expand: %%global _httpd_modconfdir %%{_sysconfdir}/httpd/conf.d}}
%{!?_httpd_moddir: %{expand: %%global _httpd_moddir %%{_libdir}/httpd/modules}}
Summary: Apache module to intercept login form submission and run PAM authentication
Name: mod_intercept_form_submit
Version: 0.9.4
Release: 1%{?dist}
License: ASL 2.0
Group: System Environment/Daemons
URL: http://www.adelton.com/apache/mod_intercept_form_submit/
Source0: http://www.adelton.com/apache/mod_intercept_form_submit/%{name}-%{version}.tar.gz
BuildRequires: httpd-devel
BuildRequires: pkgconfig
Requires(pre): httpd
Requires: httpd
Requires: mod_authnz_pam >= 0.7
# Suppres auto-provides for module DSO
%{?filter_provides_in: %filter_provides_in %{_libdir}/httpd/modules/.*\.so$}
%{?filter_setup}
%description
mod_intercept_form_submit can intercept submission of application login
forms. It retrieves the login and password information from the POST
HTTP request, runs PAM authentication with those credentials, and sets
the REMOTE_USER environment variable if the authentication passes.
%prep
%setup -q -n %{name}-%{version}
%build
%{_httpd_apxs} -c mod_intercept_form_submit.c -Wall -pedantic
%install
rm -rf $RPM_BUILD_ROOT
install -Dm 755 .libs/mod_intercept_form_submit.so $RPM_BUILD_ROOT%{_httpd_moddir}/mod_intercept_form_submit.so
%if "%{_httpd_modconfdir}" != "%{_httpd_confdir}"
# httpd >= 2.4.x
install -Dp -m 0644 intercept_form_submit.conf $RPM_BUILD_ROOT%{_httpd_modconfdir}/55-intercept_form_submit.conf
%else
# httpd <= 2.2.x
install -Dp -m 0644 intercept_form_submit.conf $RPM_BUILD_ROOT%{_httpd_confdir}/intercept_form_submit.conf
%endif
%files
%doc README LICENSE docs/*
%if "%{_httpd_modconfdir}" != "%{_httpd_confdir}"
%config(noreplace) %{_httpd_modconfdir}/*.conf
%else
%config(noreplace) %{_httpd_confdir}/intercept_form_submit.conf
%endif
%{_httpd_moddir}/*.so
%changelog
* Thu Jan 16 2014 Jan Pazdziora - 0.9.4-1
- Amend documentation to show mod_authnz_pam loading.
* Wed Jan 15 2014 Jan Pazdziora - 0.9.3-1
- Move the processing to the middle of the fixup phase to allow
mod_headers to process the result.
* Thu Jan 09 2014 Jan Pazdziora - 0.9.2-1
- If pam_authenticate_with_login_password is not available (mod_authnz_pam
not loaded), skip calling it.
- Declare all functions static for proper isolation.
* Wed Jan 08 2014 Jan Pazdziora - 0.9.1-1
- Use mod_authnz_pam for the actual PAM authentication.
* Thu Dec 05 2013 Jan Pazdziora - 0.9-1
- Perform PAM account validation, not just authentication.
- Support Content-Type with charset parameter.
* Tue Nov 19 2013 Jan Pazdziora - 0.8-1
- Populate r->user as well, not just REMOTE_USER.
- Set EXTERNAL_AUTH_ERROR variable upon PAM authentication error.
- Add support for InterceptFormClearRemoteUserForSkipped.
- Add support for InterceptFormPasswordRedact.
* Thu Nov 07 2013 Jan Pazdziora - 0.7-1
- Parse the input early enough to support CGI scripts.
- Skip the authentication if REMOTE_USER is already set.
* Mon Nov 04 2013 Jan Pazdziora - 0.6-1
- Adding support for blacklists via InterceptFormLoginSkip.
* Thu Oct 31 2013 Jan Pazdziora - 0.5-1
- Initial release.
|
