diff --git a/.gitignore b/.gitignore index 6602bd9..639b5d4 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/mod_authnz_pam-0.9.3.tar.gz +SOURCES/mod_authnz_pam-1.1.0.tar.gz diff --git a/.mod_authnz_pam.metadata b/.mod_authnz_pam.metadata index 3f79992..c92f07d 100644 --- a/.mod_authnz_pam.metadata +++ b/.mod_authnz_pam.metadata @@ -1 +1 @@ -0bed6e81026a398fba1b4f678a14cd86908ad581 SOURCES/mod_authnz_pam-0.9.3.tar.gz +c530148c6388b022b08ea152cc9895ac98c771b4 SOURCES/mod_authnz_pam-1.1.0.tar.gz diff --git a/SOURCES/mod_authnz_pam-otp.patch b/SOURCES/mod_authnz_pam-otp.patch deleted file mode 100644 index 8982944..0000000 --- a/SOURCES/mod_authnz_pam-otp.patch +++ /dev/null @@ -1,27 +0,0 @@ -commit 6de21466287c3e77850ab1d66f076405971ba4f3 -Author: Jan Pazdziora -Date: Mon Nov 9 21:14:54 2015 +0100 - - Only put the password to the first response (factor). - - When modules start to support pre-auth, we would put the password+code - (in case of OTP setup) to both first and second factor, leading to - PAM_CRED_ERR / Failure setting user credentials. - -diff --git a/mod_authnz_pam.c b/mod_authnz_pam.c -index 968b567..87d3150 100644 ---- a/mod_authnz_pam.c -+++ b/mod_authnz_pam.c -@@ -61,7 +61,11 @@ static int pam_authenticate_conv(int num_msg, const struct pam_message ** msg, s - response[i].resp = 0; - response[i].resp_retcode = 0; - if (msg[i]->msg_style == PAM_PROMPT_ECHO_OFF) { -- response[i].resp = strdup(appdata_ptr); -+ if (i == 0) { -+ response[i].resp = strdup(appdata_ptr); -+ } else { -+ response[i].resp = NULL; -+ } - } else { - free(response); - return PAM_CONV_ERR; diff --git a/SPECS/mod_authnz_pam.spec b/SPECS/mod_authnz_pam.spec index 8077169..462a3d1 100644 --- a/SPECS/mod_authnz_pam.spec +++ b/SPECS/mod_authnz_pam.spec @@ -7,17 +7,15 @@ Summary: PAM authorization checker and PAM Basic Authentication provider Name: mod_authnz_pam -Version: 0.9.3 -Release: 5%{?dist} +Version: 1.1.0 +Release: 1%{?dist} License: ASL 2.0 Group: System Environment/Daemons URL: http://www.adelton.com/apache/mod_authnz_pam/ Source0: http://www.adelton.com/apache/mod_authnz_pam/%{name}-%{version}.tar.gz -Patch1: mod_authnz_pam-otp.patch BuildRequires: httpd-devel BuildRequires: pam-devel BuildRequires: pkgconfig -Requires(pre): httpd Requires: httpd-mmn = %{_httpd_mmn} Requires: pam @@ -34,12 +32,13 @@ can also be used as full Basic Authentication provider which runs the %prep %setup -q -n %{name}-%{version} -%patch1 -p1 %build %{_httpd_apxs} -c -Wc,"%{optflags} -Wall -pedantic -std=c99" -lpam mod_authnz_pam.c %if "%{_httpd_modconfdir}" != "%{_httpd_confdir}" -cp authnz_pam.conf authnz_pam.confx +echo > authnz_pam.confx +echo "# Load the module in %{_httpd_modconfdir}/55-authnz_pam.conf" >> authnz_pam.confx +cat authnz_pam.conf >> authnz_pam.confx %else cat authnz_pam.module > authnz_pam.confx cat authnz_pam.conf >> authnz_pam.confx @@ -64,6 +63,9 @@ install -Dp -m 0644 authnz_pam.confx $RPM_BUILD_ROOT%{_httpd_confdir}/authnz_pam %{_httpd_moddir}/*.so %changelog +* Mon Mar 13 2017 Tibor Dudlák - 1.1.0-1 +- 1399183 - Rebase to upstream release 1.1.0. + * Thu Nov 19 2015 Jan Pazdziora - 0.9.3-5 - 1279591 - Fix OTP use case for modules with pre-auth.