summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--network/mod_auth_kerb/README11
-rw-r--r--network/mod_auth_kerb/doinst.sh13
-rw-r--r--network/mod_auth_kerb/mod_auth_kerb.SlackBuild85
-rw-r--r--network/mod_auth_kerb/mod_auth_kerb.c.patch10
-rw-r--r--network/mod_auth_kerb/mod_auth_kerb.conf27
-rw-r--r--network/mod_auth_kerb/mod_auth_kerb.info10
-rw-r--r--network/mod_auth_kerb/slack-desc19
-rw-r--r--network/mod_evasive/fixup-for-httpd24.diff84
8 files changed, 84 insertions, 175 deletions
diff --git a/network/mod_auth_kerb/README b/network/mod_auth_kerb/README
deleted file mode 100644
index 9c2df762ad..0000000000
--- a/network/mod_auth_kerb/README
+++ /dev/null
@@ -1,11 +0,0 @@
-Mod_auth_kerb is an Apache module designed to provide Kerberos
-authentication to the Apache web server. The module also supports
-the Negotiate authentication method, which performs full Kerberos
-authentication based on ticket exchanges, and does not require
-users to insert their passwords to the browser.
-
-You will need to add the following line to /etc/httpd/httpd.conf:
- Include /etc/httpd/extra/mod_auth_kerb.conf
-
-Mod_auth_kerb can be further configured through the Apache configuration file;
-see the README in the package's documentation directory for details.
diff --git a/network/mod_auth_kerb/doinst.sh b/network/mod_auth_kerb/doinst.sh
deleted file mode 100644
index accf625eb0..0000000000
--- a/network/mod_auth_kerb/doinst.sh
+++ /dev/null
@@ -1,13 +0,0 @@
-config() {
- NEW="$1"
- OLD="$(dirname $NEW)/$(basename $NEW .new)"
- # If there's no config file by that name, mv it over:
- if [ ! -r $OLD ]; then
- mv $NEW $OLD
- elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then
- # toss the redundant copy
- rm $NEW
- fi
- # Otherwise, we leave the .new copy for the admin to consider...
-}
-config etc/httpd/extra/mod_auth_kerb.conf.new
diff --git a/network/mod_auth_kerb/mod_auth_kerb.SlackBuild b/network/mod_auth_kerb/mod_auth_kerb.SlackBuild
deleted file mode 100644
index 60adb3f377..0000000000
--- a/network/mod_auth_kerb/mod_auth_kerb.SlackBuild
+++ /dev/null
@@ -1,85 +0,0 @@
-#!/bin/sh
-
-# Slackware build script for mod_auth_kerb
-# Written by Thibaut Notteboom (tib at tibux dot org)
-
-PRGNAM=mod_auth_kerb
-VERSION=${VERSION:-5.4}
-BUILD=${BUILD:-1}
-TAG=${TAG:-_SBo}
-
-if [ -z "$ARCH" ]; then
- case "$( uname -m )" in
- i?86) ARCH=i486 ;;
- arm*) ARCH=arm ;;
- *) ARCH=$( uname -m ) ;;
- esac
-fi
-
-CWD=$(pwd)
-TMP=${TMP:-/tmp/SBo}
-PKG=$TMP/package-$PRGNAM
-OUTPUT=${OUTPUT:-/tmp}
-
-if [ "$ARCH" = "i486" ]; then
- SLKCFLAGS="-O2 -march=i486 -mtune=i686"
- LIBDIRSUFFIX=""
-elif [ "$ARCH" = "i686" ]; then
- SLKCFLAGS="-O2 -march=i686 -mtune=i686"
- LIBDIRSUFFIX=""
-elif [ "$ARCH" = "x86_64" ]; then
- SLKCFLAGS="-O2 -fPIC"
- LIBDIRSUFFIX="64"
-else
- SLKCFLAGS="-O2"
- LIBDIRSUFFIX=""
-fi
-
-set -e
-
-rm -rf $PKG
-mkdir -p $TMP $PKG $OUTPUT
-cd $TMP
-rm -rf $PRGNAM-$VERSION
-tar xvf $CWD/$PRGNAM-$VERSION.tar.gz
-cd $PRGNAM-$VERSION
-chown -R root:root .
-find . \
- \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
- -exec chmod 755 {} \; -o \
- \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
- -exec chmod 644 {} \;
-
-patch -p0 < $CWD/mod_auth_kerb.c.patch
-
-CFLAGS="$SLKCFLAGS" \
-CXXFLAGS="$SLKCFLAGS" \
-./configure \
- --prefix=/usr \
- --without-krb4 \
- --with-krb5=/usr/heimdal \
- --build=$ARCH-slackware-linux
-
-make
-
-mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/httpd/modules
-install -m 0755 src/.libs/mod_auth_kerb.so \
- $PKG/usr/lib${LIBDIRSUFFIX}/httpd/modules/mod_auth_kerb.so
-
-mkdir -p $PKG/etc/httpd/extra
-sed "s%@baselibdir@%lib${LIBDIRSUFFIX}%" $CWD/mod_auth_kerb.conf > \
- $PKG/etc/httpd/extra/mod_auth_kerb.conf.new
-
-find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \
- | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
-
-mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
-cp -a ChangeLog INSTALL LICENSE README $PKG/usr/doc/$PRGNAM-$VERSION
-cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
-
-mkdir -p $PKG/install
-cat $CWD/slack-desc > $PKG/install/slack-desc
-cat $CWD/doinst.sh > $PKG/install/doinst.sh
-
-cd $PKG
-/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz}
diff --git a/network/mod_auth_kerb/mod_auth_kerb.c.patch b/network/mod_auth_kerb/mod_auth_kerb.c.patch
deleted file mode 100644
index bbdf64f0a3..0000000000
--- a/network/mod_auth_kerb/mod_auth_kerb.c.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- src/mod_auth_kerb.c.orig 2011-11-14 22:54:54.457955883 +0100
-+++ src/mod_auth_kerb.c 2011-11-14 22:55:42.060334084 +0100
-@@ -89,6 +89,7 @@
- #include <krb5.h>
- #ifdef HEIMDAL
- # include <gssapi.h>
-+# include <gssapi/gssapi_krb5.h>
- #else
- # include <gssapi/gssapi.h>
- # include <gssapi/gssapi_generic.h>
diff --git a/network/mod_auth_kerb/mod_auth_kerb.conf b/network/mod_auth_kerb/mod_auth_kerb.conf
deleted file mode 100644
index a75e692bb6..0000000000
--- a/network/mod_auth_kerb/mod_auth_kerb.conf
+++ /dev/null
@@ -1,27 +0,0 @@
-
-# The mod_auth_kerb module implements Kerberos authentication over
-# HTTP, following the "Negotiate" protocol.
-#
-
-LoadModule auth_kerb_module @baselibdir@/httpd/modules/mod_auth_kerb.so
-
-#
-# Sample configuration: Kerberos authentication must only be
-# used over SSL to prevent replay attacks. The keytab file
-# configured must be readable only by the "apache" user, and
-# must contain service keys for "HTTP/www.example.com", where
-# "www.example.com" is the FQDN of this server.
-#
-
-#<Location /private>
-# SSLRequireSSL
-# AuthType Kerberos
-# AuthName "Kerberos Login"
-# KrbMethodNegotiate On
-# KrbMethodK5Passwd Off
-# KrbAuthRealms EXAMPLE.COM
-# Krb5KeyTab /etc/httpd/krb5.keytab
-# require valid-user
-#</Location>
-
-
diff --git a/network/mod_auth_kerb/mod_auth_kerb.info b/network/mod_auth_kerb/mod_auth_kerb.info
deleted file mode 100644
index 6856e6c854..0000000000
--- a/network/mod_auth_kerb/mod_auth_kerb.info
+++ /dev/null
@@ -1,10 +0,0 @@
-PRGNAM="mod_auth_kerb"
-VERSION="5.4"
-HOMEPAGE="http://modauthkerb.sourceforge.net/"
-DOWNLOAD="http://fossies.org/unix/www/apache_httpd_modules/mod_auth_kerb-5.4.tar.gz"
-MD5SUM="642b81763ad3ca81dba359cb952da5e3"
-DOWNLOAD_x86_64=""
-MD5SUM_x86_64=""
-REQUIRES="heimdal"
-MAINTAINER="Thibaut Notteboom"
-EMAIL="tib@tibux.org"
diff --git a/network/mod_auth_kerb/slack-desc b/network/mod_auth_kerb/slack-desc
deleted file mode 100644
index f67744cb92..0000000000
--- a/network/mod_auth_kerb/slack-desc
+++ /dev/null
@@ -1,19 +0,0 @@
-# HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description. Line
-# up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in. You must
-# make exactly 11 lines for the formatting to be correct. It's also
-# customary to leave one space after the ':' except on otherwise blank lines.
-
- |-----handy-ruler------------------------------------------------------|
-mod_auth_kerb: mod_auth_kerb (Kerberos Module for Apache)
-mod_auth_kerb:
-mod_auth_kerb: Mod_auth_kerb is an Apache module designed to provide Kerberos
-mod_auth_kerb: authentication to the Apache web server. The module also supports
-mod_auth_kerb: the Negotiate authentication method, which performs full Kerberos
-mod_auth_kerb: authentication based on ticket exchanges, and does not require
-mod_auth_kerb: users to insert their passwords to the browser.
-mod_auth_kerb:
-mod_auth_kerb: Homepage: http://modauthkerb.sourceforge.net/
-mod_auth_kerb:
-mod_auth_kerb:
diff --git a/network/mod_evasive/fixup-for-httpd24.diff b/network/mod_evasive/fixup-for-httpd24.diff
new file mode 100644
index 0000000000..d6ae5a6ffc
--- /dev/null
+++ b/network/mod_evasive/fixup-for-httpd24.diff
@@ -0,0 +1,84 @@
+diff -Nur mod_evasive.orig/mod_evasive20.c mod_evasive/mod_evasive20.c
+--- mod_evasive.orig/mod_evasive20.c 2005-10-08 14:01:18.000000000 -0500
++++ mod_evasive/mod_evasive20.c 2012-09-21 21:22:19.732985740 -0500
+@@ -139,11 +139,11 @@
+ time_t t = time(NULL);
+
+ /* Check whitelist */
+- if (is_whitelisted(r->connection->remote_ip))
++ if (is_whitelisted(r->useragent_ip))
+ return OK;
+
+ /* First see if the IP itself is on "hold" */
+- n = ntt_find(hit_list, r->connection->remote_ip);
++ n = ntt_find(hit_list, r->useragent_ip);
+
+ if (n != NULL && t-n->timestamp<blocking_period) {
+
+@@ -155,14 +155,14 @@
+ } else {
+
+ /* Has URI been hit too much? */
+- snprintf(hash_key, 2048, "%s_%s", r->connection->remote_ip, r->uri);
++ snprintf(hash_key, 2048, "%s_%s", r->useragent_ip, r->uri);
+ n = ntt_find(hit_list, hash_key);
+ if (n != NULL) {
+
+ /* If URI is being hit too much, add to "hold" list and 403 */
+ if (t-n->timestamp<page_interval && n->count>=page_count) {
+ ret = HTTP_FORBIDDEN;
+- ntt_insert(hit_list, r->connection->remote_ip, time(NULL));
++ ntt_insert(hit_list, r->useragent_ip, time(NULL));
+ } else {
+
+ /* Reset our hit count list as necessary */
+@@ -177,14 +177,14 @@
+ }
+
+ /* Has site been hit too much? */
+- snprintf(hash_key, 2048, "%s_SITE", r->connection->remote_ip);
++ snprintf(hash_key, 2048, "%s_SITE", r->useragent_ip);
+ n = ntt_find(hit_list, hash_key);
+ if (n != NULL) {
+
+ /* If site is being hit too much, add to "hold" list and 403 */
+ if (t-n->timestamp<site_interval && n->count>=site_count) {
+ ret = HTTP_FORBIDDEN;
+- ntt_insert(hit_list, r->connection->remote_ip, time(NULL));
++ ntt_insert(hit_list, r->useragent_ip, time(NULL));
+ } else {
+
+ /* Reset our hit count list as necessary */
+@@ -205,27 +205,27 @@
+ struct stat s;
+ FILE *file;
+
+- snprintf(filename, sizeof(filename), "%s/dos-%s", log_dir != NULL ? log_dir : DEFAULT_LOG_DIR, r->connection->remote_ip);
++ snprintf(filename, sizeof(filename), "%s/dos-%s", log_dir != NULL ? log_dir : DEFAULT_LOG_DIR, r->useragent_ip);
+ if (stat(filename, &s)) {
+ file = fopen(filename, "w");
+ if (file != NULL) {
+ fprintf(file, "%ld\n", getpid());
+ fclose(file);
+
+- LOG(LOG_ALERT, "Blacklisting address %s: possible DoS attack.", r->connection->remote_ip);
++ LOG(LOG_ALERT, "Blacklisting address %s: possible DoS attack.", r->useragent_ip);
+ if (email_notify != NULL) {
+ snprintf(filename, sizeof(filename), MAILER, email_notify);
+ file = popen(filename, "w");
+ if (file != NULL) {
+ fprintf(file, "To: %s\n", email_notify);
+- fprintf(file, "Subject: HTTP BLACKLIST %s\n\n", r->connection->remote_ip);
+- fprintf(file, "mod_evasive HTTP Blacklisted %s\n", r->connection->remote_ip);
++ fprintf(file, "Subject: HTTP BLACKLIST %s\n\n", r->useragent_ip);
++ fprintf(file, "mod_evasive HTTP Blacklisted %s\n", r->useragent_ip);
+ pclose(file);
+ }
+ }
+
+ if (system_command != NULL) {
+- snprintf(filename, sizeof(filename), system_command, r->connection->remote_ip);
++ snprintf(filename, sizeof(filename), system_command, r->useragent_ip);
+ system(filename);
+ }
+