www-apache/mod_auth_pgsql: Removal

www-apache/mod_auth_pgsql was removed per bug 548974. It hasn’t been updated for somewhere around 10 years and has been superseded by mod_authn_dbd for quite some time. Additionally, mod_auth_pgsql is susceptible to severe security bug(s) that have gone unresolved by upstream, which has also disappeared. If you’re still using mod_auth_pgsql, may God have mercy on your soul. Bug: 255033, 548974
author: Aaron W. Swenson <titanofold@gentoo.org> 2016-03-21 12:08:19 -0400
committer: Aaron W. Swenson <titanofold@gentoo.org> 2016-03-21 12:18:00 -0400
commit: 31bd551b4294b9dfd39858efc1e8a44b013da966 (patch)
tree: d242b8c10ede63774b7d9e10b82596e5d222a7dc /www-apache
parent: dev-ruby/net-ssh: add 3.1.0. (diff)
download: gentoo-31bd551b4294b9dfd39858efc1e8a44b013da966.tar.gz
gentoo-31bd551b4294b9dfd39858efc1e8a44b013da966.tar.bz2
gentoo-31bd551b4294b9dfd39858efc1e8a44b013da966.zip
9 files changed, 0 insertions, 924 deletions
diff --git a/www-apache/mod_auth_pgsql/Manifest b/www-apache/mod_auth_pgsql/Manifest
deleted file mode 100644
index 55f24a8acb8a..000000000000
--- a/www-apache/mod_auth_pgsql/Manifest
+++ /dev/null
@@ -1 +0,0 @@
-DIST mod_auth_pgsql-2.0.3.tar.gz 15474 SHA256 51651609d742e21bbc587fd4951b41a39deda53262cbf931b9b40bdda3b5cb92 SHA512 9ec9d9c1075d37e62e98f0f5519147d9fb2042ef7e149ff50461f3966d548afceefc330f4a1c3bd8fc64b5e93ed3e85508571a5b1b9832974c84267737e89cb0 WHIRLPOOL dea354fb9b3a06f668b8b039339b5972e295abd7357d6c5a61f6192a5c3bbcad1227f86a3d9b552e4b564476b8da9ded5f7b175d77f4cba0c3e360567aef13b2
diff --git a/www-apache/mod_auth_pgsql/files/80_mod_auth_pgsql.conf b/www-apache/mod_auth_pgsql/files/80_mod_auth_pgsql.conf
deleted file mode 100644
index 96ea129e9f6e..000000000000
--- a/www-apache/mod_auth_pgsql/files/80_mod_auth_pgsql.conf
+++ /dev/null
@@ -1,9 +0,0 @@
-# To make this module work with apache 2.2 you have to specify
-# `AuthBasicAuthoritative Off' in your authentication section. See
-# http://httpd.apache.org/docs/2.2/mod/mod_auth_basic.html#authbasicauthoritative
-
-<IfDefine AUTH_PGSQL>
-LoadModule auth_pgsql_module modules/mod_auth_pgsql.so
-</IfDefine>
-
-# vim: ts=4 filetype=apache
diff --git a/www-apache/mod_auth_pgsql/files/mod_auth_pgsql-2.0.3-apache-2.4.patch b/www-apache/mod_auth_pgsql/files/mod_auth_pgsql-2.0.3-apache-2.4.patch
deleted file mode 100644
index d9818eb7a136..000000000000
--- a/www-apache/mod_auth_pgsql/files/mod_auth_pgsql-2.0.3-apache-2.4.patch
+++ /dev/null
@@ -1,341 +0,0 @@
-From: Marco Nenciarini <mnencia@debian.org>
-Date: Sat, 20 Jul 2013 18:47:04 +0200
-Subject: apache 2.4
-
----
- mod_auth_pgsql.c | 196 ++++++++++++-------------------------------------------
- 1 file changed, 41 insertions(+), 155 deletions(-)
-
-diff --git a/mod_auth_pgsql.c b/mod_auth_pgsql.c
-index 639537d..26d7f90 100644
---- a/mod_auth_pgsql.c
-+++ b/mod_auth_pgsql.c
-@@ -109,6 +109,8 @@
- #include "http_request.h"
- #include "util_script.h"
- 
-+#include "mod_auth.h"
-+
- #ifdef WIN32
- #define crypt apr_password_validate
- #else
-@@ -191,7 +193,7 @@ module AP_MODULE_DECLARE_DATA auth_pgsql_module;
- 
- 
- static int pg_log_auth_user(request_rec * r, pg_auth_config_rec * sec, 
--		char *user, char *sent_pw);
-+		const char *user, const char *sent_pw);
- static char *do_pg_query(request_rec * r, char *query, 
- 		pg_auth_config_rec * sec);
- 
-@@ -442,9 +444,8 @@ static char pg_errstr[MAX_STRING_LEN];
- 		  * failures separately
- 		  */
- 
--static char *auth_pg_md5(char *pw)
-+static char *auth_pg_md5(const char *pw)
- {
--	apr_md5_ctx_t ctx;
- 	unsigned char digest[APR_MD5_DIGESTSIZE];
- 	static unsigned char md5hash[APR_MD5_DIGESTSIZE * 2 + 1];
- 	int i;
-@@ -459,14 +460,15 @@ static char *auth_pg_md5(char *pw)
- }
- 
- 
--static char *auth_pg_base64(char *pw)
-+static char *auth_pg_base64(const char *pw)
- {
- 	if (auth_pgsql_pool_base64 == NULL)
- 		apr_pool_create_ex(&auth_pgsql_pool_base64, NULL, NULL, NULL);
- 	if (auth_pgsql_pool == NULL)
- 		return NULL;
- 
--	return ap_pbase64encode(auth_pgsql_pool, pw);
-+	/* NOTE: ap_pbase64encode is no change arg2. so removable const. */
-+	return ap_pbase64encode(auth_pgsql_pool, (char *)pw);
- }
- 
- 
-@@ -557,7 +559,8 @@ char *do_pg_query(request_rec * r, char *query, pg_auth_config_rec * sec)
- 
- 		if (!check || strcmp(sec->auth_pg_charset, check)) {
- 			apr_snprintf(pg_errstr, MAX_STRING_LEN,
--						 "mod_auth_pgsql database character set encoding %s");
-+						 "mod_auth_pgsql database character set encoding %s",
-+						 check);
- 			PQfinish(pg_conn);
- 			return NULL;
- 		}
-@@ -614,7 +617,7 @@ char *do_pg_query(request_rec * r, char *query, pg_auth_config_rec * sec)
- 	return result;
- }
- 
--char *get_pg_pw(request_rec * r, char *user, pg_auth_config_rec * sec)
-+char *get_pg_pw(request_rec * r, const char *user, pg_auth_config_rec * sec)
- {
- 	char query[MAX_STRING_LEN];
- 	char *safe_user;
-@@ -755,19 +758,20 @@ static char *get_pg_grp(request_rec * r, char *group, char *user,
- }
- 
- /* Process authentication request from Apache*/
--static int pg_authenticate_basic_user(request_rec * r)
-+static authn_status check_password(request_rec *r, const char *user,
-+                                   const char *password)
- {
-+	
- 	pg_auth_config_rec *sec =
- 		(pg_auth_config_rec *) ap_get_module_config(r->per_dir_config,
- 													&auth_pgsql_module);
--	char *val = NULL;
--	char *sent_pw, *real_pw;
--	int res;
--	char *user;
-+	const char *val = NULL;
-+	const char *sent_pw;
-+	const char *real_pw;
-+	authn_status auth_res;
-+	
-+	sent_pw = password;
- 
--	if ((res = ap_get_basic_auth_pw(r, (const char **) &sent_pw)))
--		return res;
--	user = r->user;
- 
- #ifdef DEBUG_AUTH_PGSQL
- 	ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
-@@ -784,7 +788,7 @@ static int pg_authenticate_basic_user(request_rec * r)
- 	if ((!sec->auth_pg_pwd_table) && (!sec->auth_pg_pwd_field)) {
- 		ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
- 					  "[mod_auth_pgsql.c] - missing configuration parameters");
--		return DECLINED;
-+		return AUTH_GENERAL_ERROR;
- 	}
- 	pg_errstr[0] = '\0';
- 
-@@ -809,22 +813,16 @@ static int pg_authenticate_basic_user(request_rec * r)
- 
- 	if (!real_pw) {
- 		if (pg_errstr[0]) {
--			res = HTTP_INTERNAL_SERVER_ERROR;
-+			auth_res = AUTH_GENERAL_ERROR;
- 		} else {
--			if (sec->auth_pg_authoritative) {
- 				/* force error and access denied */
- 				apr_snprintf(pg_errstr, MAX_STRING_LEN,
- 							 "mod_auth_pgsql: Password for user %s not found (PG-Authoritative)",
- 							 user);
--				ap_note_basic_auth_failure(r);
--				res = HTTP_UNAUTHORIZED;
--			} else {
--				/* allow fall through to another module */
--				return DECLINED;
--			}
-+			auth_res = AUTH_USER_NOT_FOUND;
- 		}
- 		ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "[mod_auth_pgsql.c] - ERROR - %s", pg_errstr);
--		return res;
-+		return auth_res;
- 	}
- 
- 	/* allow no password, if the flag is set and the password
-@@ -836,7 +834,7 @@ static int pg_authenticate_basic_user(request_rec * r)
- 					 user);
- 		ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, "[mod_auth_pgsql.c] - ERROR - %s", pg_errstr);
- 		pg_log_auth_user(r, sec, user, sent_pw);
--		return OK;
-+		return AUTH_GRANTED;
- 	};
- 
- 	/* if the flag is off however, keep that kind of stuff at
-@@ -847,8 +845,7 @@ static int pg_authenticate_basic_user(request_rec * r)
- 					 "[mod_auth_pgsql.c] - Empty password rejected for user \"%s\"",
- 					 user);
- 		ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "[mod_auth_pgsql.c] - ERROR - %s", pg_errstr);
--		ap_note_basic_auth_failure(r);
--		return HTTP_UNAUTHORIZED;
-+		return AUTH_DENIED;
- 	};
- 
- 	if (sec->auth_pg_encrypted)
-@@ -877,8 +874,7 @@ static int pg_authenticate_basic_user(request_rec * r)
- 			apr_snprintf(pg_errstr, MAX_STRING_LEN,
- 						 "PG user %s: password mismatch", user);
- 			ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "[mod_auth_pgsql.c] - ERROR - %s", pg_errstr);
--			ap_note_basic_auth_failure(r);
--			return HTTP_UNAUTHORIZED;
-+			return AUTH_DENIED;
- 		}
- 
- 	/*  store password in the cache */
-@@ -891,130 +887,13 @@ static int pg_authenticate_basic_user(request_rec * r)
- 	}
- 
- 	pg_log_auth_user(r, sec, user, sent_pw);
--	return OK;
--}
--
--/* Checking ID */
--
--static int pg_check_auth(request_rec * r)
--{
--	pg_auth_config_rec *sec =
--		(pg_auth_config_rec *) ap_get_module_config(r->per_dir_config,
--													&auth_pgsql_module);
--	char *user = r->user;
--	int m = r->method_number;
--	int group_result = DECLINED;
--
--
--
--	apr_array_header_t *reqs_arr = (apr_array_header_t *) ap_requires(r);
--	require_line *reqs = reqs_arr ? (require_line *) reqs_arr->elts : NULL;
--
--	register int x, res;
--	const char *t;
--	char *w;
--
--	pg_errstr[0] = '\0';
--
--#ifdef DEBUG_AUTH_PGSQL
--	ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
--				  "[mod_auth_pgsql.c] - pg_check_auth - going to check auth for user \"%s\" ",
--				  user);
--#endif							/* DEBUG_AUTH_PGSQL */
--
--
--	if (!pg_conn) {
--		if (!(pg_conn = pg_connect(sec))) {
--			ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "[mod_auth_pgsql.c] - cannot connect to database");
--			ap_note_basic_auth_failure(r);
--			return HTTP_UNAUTHORIZED;
--		}
--	}
--
--	/* if we cannot do it; leave it to some other guy 
--	 */
--	if ((!sec->auth_pg_grp_table) && (!sec->auth_pg_grp_group_field)
--		&& (!sec->auth_pg_grp_user_field))
--		return DECLINED;
--
--	if (!reqs_arr) {
--		if (sec->auth_pg_authoritative) {
--			/* force error and access denied */
--			apr_snprintf(pg_errstr, MAX_STRING_LEN,
--						 "mod_auth_pgsql: user %s denied, no access rules specified (PG-Authoritative)",
--						 user);
--			ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "[mod_auth_pgsql.c] - ERROR - %s", pg_errstr);
--			ap_note_basic_auth_failure(r);
--			res = HTTP_UNAUTHORIZED;
--		} else {
--			return DECLINED;
--		}
--	}
--
--	for (x = 0; x < reqs_arr->nelts; x++) {
--
--		if (!(reqs[x].method_mask & (1 << m)))
--			continue;
--
--		t = reqs[x].requirement;
--		w = ap_getword(r->pool, &t, ' ');
--
--		if (!strcmp(w, "valid-user"))
--			return OK;
--
--		if (!strcmp(w, "user")) {
--			while (t[0]) {
--				w = ap_getword_conf(r->pool, &t);
--				if (!strcmp(user, w))
--					return OK;
--			}
--			if (sec->auth_pg_authoritative) {
--				/* force error and access denied */
--				apr_snprintf(pg_errstr, MAX_STRING_LEN,
--							 "mod_auth_pgsql: user %s denied, no access rules specified (PG-Authoritative)",
--							 user);
--				ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "[mod_auth_pgsql.c] - ERROR - %s", pg_errstr);
--				ap_note_basic_auth_failure(r);
--				return HTTP_UNAUTHORIZED;
--			}
--
--		} else if (!strcmp(w, "group")) {
--			/* look up the membership for each of the groups in the table */
--			pg_errstr[0] = '\0';
--
--			while (t[0]) {
--				if (get_pg_grp(r, ap_getword(r->pool, &t, ' '), user, sec)) {
--					group_result = OK;
--				};
--			};
--
--			if (pg_errstr[0]) {
--				ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "[mod_auth_pgsql.c] - ERROR - %s", pg_errstr);
--				return HTTP_INTERNAL_SERVER_ERROR;
--			}
--
--			if (group_result == OK)
--				return OK;
--
--			if (sec->auth_pg_authoritative) {
--				apr_snprintf(pg_errstr, MAX_STRING_LEN,
--							 "[mod_auth_pgsql.c] - user %s not in right groups (PG-Authoritative)",
--							 user);
--				ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "[mod_auth_pgsql.c] - ERROR - %s", pg_errstr);
--				ap_note_basic_auth_failure(r);
--				return HTTP_UNAUTHORIZED;
--			};
--		}
--	}
--
--	return DECLINED;
-+	return AUTH_GRANTED;
- }
- 
--
- /* Send the authentication to the log table */
- int
--pg_log_auth_user(request_rec * r, pg_auth_config_rec * sec, char *user,
--				 char *sent_pw)
-+pg_log_auth_user(request_rec * r, pg_auth_config_rec * sec, const char *user,
-+				 const char *sent_pw)
- {
- 	char sql[MAX_STRING_LEN];
- 	char *s;
-@@ -1087,7 +966,7 @@ pg_log_auth_user(request_rec * r, pg_auth_config_rec * sec, char *user,
- 					 sec->auth_pg_log_addrs_field);
- 		strncat(fields, sql, MAX_STRING_LEN - strlen(fields) - 1);
- 		apr_snprintf(sql, MAX_STRING_LEN, ", '%s'",
--					 r->connection->remote_ip);
-+					 r->connection->client_ip);
- 		strncat(values, sql, MAX_STRING_LEN - strlen(values) - 1);
- 	}
- 	if (sec->auth_pg_log_pwd_field) {	/* Password field , clear WARNING */
-@@ -1140,15 +1019,22 @@ static void *pg_auth_server_config(apr_pool_t * p, server_rec * s)
- }
- 
- 
-+static const authn_provider authn_pgsql_provider =
-+{
-+    &check_password,
-+    NULL,
-+};
-+
- static void register_hooks(apr_pool_t * p)
- {
- 	ap_hook_post_config(pg_auth_init_handler, NULL, NULL, APR_HOOK_MIDDLE);
--	ap_hook_auth_checker(pg_check_auth, NULL, NULL, APR_HOOK_MIDDLE);
--	ap_hook_check_user_id(pg_authenticate_basic_user, NULL, NULL,
--						  APR_HOOK_MIDDLE);
-+
-+	ap_register_auth_provider(p, AUTHN_PROVIDER_GROUP, "pgsql",
-+								AUTHN_PROVIDER_VERSION,
-+								&authn_pgsql_provider, AP_AUTH_INTERNAL_PER_CONF);
- };
- 
--module AP_MODULE_DECLARE_DATA auth_pgsql_module = {
-+AP_DECLARE_MODULE(auth_pgsql) = {
- 	STANDARD20_MODULE_STUFF,
- 	create_pg_auth_dir_config,	/* dir config creater */
- 	NULL,						/* dir merger --- default is to override */
diff --git a/www-apache/mod_auth_pgsql/files/mod_auth_pgsql-2.0.3-documentation.patch b/www-apache/mod_auth_pgsql/files/mod_auth_pgsql-2.0.3-documentation.patch
deleted file mode 100644
index 262d07dd59bf..000000000000
--- a/www-apache/mod_auth_pgsql/files/mod_auth_pgsql-2.0.3-documentation.patch
+++ /dev/null
@@ -1,124 +0,0 @@
-From: Marco Nenciarini <mnencia@debian.org>
-Date: Sat, 10 Aug 2013 16:26:41 +0200
-Subject: documentation
-
----
- mod_auth_pgsql.html | 47 ++++++++++++++++++++++++++++-------------------
- 1 file changed, 28 insertions(+), 19 deletions(-)
-
-diff --git a/mod_auth_pgsql.html b/mod_auth_pgsql.html
-index 3269fe0..d35768b 100644
---- a/mod_auth_pgsql.html
-+++ b/mod_auth_pgsql.html
-@@ -48,18 +48,19 @@ Notes</a> |<a href="#Changelog"> Changelog</a> </p>
-   <li><a href="#host">Auth_PG_host</a> </li>
-   <li><a href="#port">Auth_PG_port</a> </li>
-   <li><a href="#options">Auth_PG_options</a> </li>
--  <li><a href="#pwd_table">Auth_PG_database</a> </li>
--  <li><a href="#PGuser">Auth_PG_user</a> </li>
--  <li><a href="PGpwd">Auth_PG_pwd</a> </li>
--  <li><a href="#grp_table">Auth_PG_pwd_table</a> </li>
--  <li><a href="#uid_field">Auth_PG_grp_table</a> </li>
-+  <li><a href="#database">Auth_PG_database</a> </li>
-+  <li><a href="#user">Auth_PG_user</a> </li>
-+  <li><a href="#pwd">Auth_PG_pwd</a> </li>
-+  <li><a href="#pwd_table">Auth_PG_pwd_table</a> </li>
-+  <li><a href="#grp_table">Auth_PG_grp_table</a> </li>
-   <li><a href="#uid_field">Auth_PG_uid_field</a> </li>
-   <li><a href="#pwd_field">Auth_PG_pwd_field</a> </li>
--  <li><a href="#gid_field">Auth_PG_gid_field</a> </li>
-+  <li><a href="#grp_group_field">Auth_PG_grp_group_field</a> </li>
-+  <li><a href="#grp_user_field">Auth_PG_grp_user_field</a> </li>
-   <li><a href="#nopasswd">Auth_PG_nopasswd</a> </li>
-   <li><a href="#authoritative">Auth_PG_authoritative</a> </li>
--  <li><a href="#lowercaseuid">Auth_PG_lowercase_uid</a> </li>
--  <li><a href="#uppercaseuid">Auth_PG_uppercase_uid</a></li>
-+  <li><a href="#lowercase_uid">Auth_PG_lowercase_uid</a> </li>
-+  <li><a href="#uppercase_uid">Auth_PG_uppercase_uid</a></li>
-   <li><a href="#pwd_ignore_case">Auth_PG_pwd_ignore_case</a><br>
-   </li>
-   <li><a href="#encrypted">Auth_PG_encrypted</a> </li>
-@@ -112,7 +113,7 @@ available options. </p>
- information.<br>
- <br>
- </p>
--<h2><a name="PGuser"></a> Auth_PG_user<br>
-+<h2><a name="user"></a> Auth_PG_user<br>
- </h2>
- <b>Syntax:</b> Auth_PG_user <i>username</i><br>
- <b>Context:</b> directory, .htaccess <br>
-@@ -125,7 +126,7 @@ access on all the log tables (if used).<br>
- Needed if the user who make the quey is differrent from the
- user runnig apache, or if the posmater is on a different server and you
- must autheticate with password<br>
--<h2><a name="PGpwd"></a> Auth_PG_pwd</h2>
-+<h2><a name="pwd"></a> Auth_PG_pwd</h2>
- <p><b>Syntax:</b> Auth_PG_pwd <i>password</i><br>
- <b>Context:</b> directory, .htaccess <br>
- <b>Override:</b> AuthConfig <br>
-@@ -169,17 +170,25 @@ in the Auth_PG_pwd_table relation. </p>
- <b>Override:</b> AuthConfig <br>
- <b>Status:</b> Extension
- <p>Specifies the attribute name of the field containing the encrypted
--(see Auth_PG_encrypted) password in the Auth_PGpwd_table relation.<br>
-+(see Auth_PG_encrypted) password in the Auth_PG_pwd_table relation.<br>
- Please remember to use field of type varchar, not char for the password.<br>
- </p>
--<h2><a name="gid_field"></a> Auth_PG_gid_field</h2>
--<b>Syntax:</b> Auth_PG_gid_field <i>attribute name</i><br>
-+<h2><a name="grp_group_field"></a> Auth_PG_grp_group_field</h2>
-+<b>Syntax:</b> Auth_PG_grp_group_field <i>attribute name</i><br>
- <b>Context:</b> directory, .htaccess <br>
- <b>Override:</b> AuthConfig <br>
- <b>Status:</b> Extension
- <p>Specifies the attribute name of the field containing the group name
- in the Auth_PG_grp_table relation. This directive is only necessary if
- you want to authenticate by user groups. </p>
-+<h2><a name="grp_user_field"></a> Auth_PG_grp_user_field</h2>
-+<b>Syntax:</b> Auth_PG_grp_user_field <i>attribute name</i><br>
-+<b>Context:</b> directory, .htaccess <br>
-+<b>Override:</b> AuthConfig <br>
-+<b>Status:</b> Extension
-+<p>Specifies the attribute name of the field containing the user name
-+in the Auth_PG_grp_table relation. This directive is only necessary if
-+you want to authenticate by user groups. </p>
- <h2><a name="nopasswd"></a> Auth_PG_nopasswd</h2>
- <b>Syntax:</b> Auth_PG_nopasswd <i>on</i> or <i>off</i><br>
- <b>Context:</b> directory, .htaccess <br>
-@@ -202,7 +211,7 @@ the PostgreSQL scheme, the parent directory scheme will be given
- the chance to try and authenticate the user. Exercise caution
- when turning this option off. It can be a security risk. Can be
- used to use two authentication schemes for the same dir. </p>
--<h2><a name="lowercaseuid"></a> Auth_PG_lowercase_uid</h2>
-+<h2><a name="lowercase_uid"></a> Auth_PG_lowercase_uid</h2>
- <b>Syntax:</b> Auth_PG_lowercase_uid <i>on</i> or <i>off</i><br>
- <b>Context:</b> directory, .htaccess <br>
- <b>Override:</b> AuthConfig <br>
-@@ -211,7 +220,7 @@ used to use two authentication schemes for the same dir. </p>
- user UIDs to lowercase before looking them up. When turned on this does
- not affect the case of the original user ID should this module decline
- to authenticate and a lower level is called.</p>
--<h2><a name="uppercaseuid"></a> Auth_PG_uppercase_uid</h2>
-+<h2><a name="uppercase_uid"></a> Auth_PG_uppercase_uid</h2>
- <b>Syntax:</b> Auth_PG_uppercase_uid <i>on</i> or <i>off</i><br>
- <b>Context:</b> directory, .htaccess <br>
- <b>Override:</b> AuthConfig <br>
-@@ -277,14 +286,14 @@ initial space .</em></p>
- <p>This option allows you to exercise greater control over the SQL code
- used to retrieve the group name and corresponding user from the
- database. You can use this to search for the group name
--using more attributes in the table than the gid_field. </p>
-+using more attributes in the table than the grp_group_field. </p>
- <p>The basic SQL statement used to retrieve a group name and user name
- for checking looks like this: </p>
- <ul>
--select <i>&lt;uid_field&gt;</i> from <i>&lt;grp_table&gt;</i> where <i>
--&lt;gid_field&gt;</i> ='<i>&lt;required group&gt;</i> '
-+select <i>&lt;grp_user_field&gt;</i> from <i>&lt;grp_table&gt;</i> where <i>
-+&lt;grp_group_field&gt;</i> ='<i>&lt;required group&gt;</i> '
- </ul>
--The gid_whereclause will be added to the end of this statement
-+The grp_whereclause will be added to the end of this statement
- and must fit logically. <em>The where clause must be double
- quoted.<br>
- <br>
diff --git a/www-apache/mod_auth_pgsql/files/mod_auth_pgsql-2.0.3-encoding.patch b/www-apache/mod_auth_pgsql/files/mod_auth_pgsql-2.0.3-encoding.patch
deleted file mode 100644
index 959a97b562e2..000000000000
--- a/www-apache/mod_auth_pgsql/files/mod_auth_pgsql-2.0.3-encoding.patch
+++ /dev/null
@@ -1,283 +0,0 @@
-From: Marco Nenciarini <mnencia@debian.org>
-Date: Sat, 10 Aug 2013 16:26:41 +0200
-Subject: encoding
-
----
- mod_auth_pgsql.c    | 144 +++++++++++++++++++++++++++++++---------------------
- mod_auth_pgsql.html |   9 ++++
- 2 files changed, 94 insertions(+), 59 deletions(-)
-
-diff --git a/mod_auth_pgsql.c b/mod_auth_pgsql.c
-index f13c166..639537d 100644
---- a/mod_auth_pgsql.c
-+++ b/mod_auth_pgsql.c
-@@ -151,6 +151,7 @@ typedef struct {
- 	const char *auth_pg_port;
- 	const char *auth_pg_options;
- 	const char *auth_pg_user;
-+	const char *auth_pg_charset;
- 	const char *auth_pg_pwd;
- 	const char *auth_pg_pwd_table;
- 	const char *auth_pg_uname_field;
-@@ -181,6 +182,8 @@ typedef struct {
- 
- } pg_auth_config_rec;
- 
-+static PGconn *pg_conn;
-+
- static apr_pool_t *auth_pgsql_pool = NULL;
- static apr_pool_t *auth_pgsql_pool_base64 = NULL;
- 
-@@ -220,6 +223,7 @@ static void *create_pg_auth_dir_config(apr_pool_t * p, char *d)
- 	new_rec->auth_pg_port = NULL;
- 	new_rec->auth_pg_options = NULL;
- 	new_rec->auth_pg_user = NULL;
-+	new_rec->auth_pg_charset = NULL;
- 	new_rec->auth_pg_pwd = NULL;
- 	new_rec->auth_pg_pwd_table = NULL;
- 	new_rec->auth_pg_uname_field = NULL;
-@@ -324,6 +328,10 @@ static const command_rec pg_auth_cmds[] = {
- 				  (void *) APR_OFFSETOF(pg_auth_config_rec, auth_pg_user),
- 				  OR_AUTHCFG,
- 				  "user name connect as"),
-+	AP_INIT_TAKE1("Auth_PG_charset", ap_set_string_slot,
-+				  (void *) APR_OFFSETOF(pg_auth_config_rec, auth_pg_charset),
-+				  OR_AUTHCFG,
-+				  "charset to use for connection"),
- 	AP_INIT_TAKE1("Auth_PG_pwd", ap_set_string_slot,
- 				  (void *) APR_OFFSETOF(pg_auth_config_rec, auth_pg_pwd),
- 				  OR_AUTHCFG,
-@@ -462,53 +470,51 @@ static char *auth_pg_base64(char *pw)
- }
- 
- 
-+PGconn *pg_connect(pg_auth_config_rec *sec)
-+{
-+	PGconn *conn;
- 
--/* Got from POstgreSQL 7.2 */
--/* ---------------
-- * Escaping arbitrary strings to get valid SQL strings/identifiers.
-- *
-- * Replaces "\\" with "\\\\" and "'" with "''".
-- * length is the length of the buffer pointed to by
-- * from.  The buffer at to must be at least 2*length + 1 characters
-- * long.  A terminating NUL character is written.
-- * ---------------
-- */
-+	conn = PQsetdbLogin(sec->auth_pg_host, sec->auth_pg_port,
-+		sec->auth_pg_options, NULL, sec->auth_pg_database,
-+		sec->auth_pg_user, sec->auth_pg_pwd);
-+	if (PQstatus(conn) != CONNECTION_OK) {
-+		PQreset(conn);
-+		apr_snprintf(pg_errstr, MAX_STRING_LEN,
-+					 "mod_auth_pgsql database connection error resetting %s",
-+					 PQerrorMessage(conn));
-+		if (PQstatus(conn) != CONNECTION_OK) {
-+			apr_snprintf(pg_errstr, MAX_STRING_LEN,
-+						 "mod_auth_pgsql database connection error reset failed %s",
-+						 PQerrorMessage(conn));
-+			PQfinish(conn);
-+			return NULL;
-+		}
-+	}
-+	return conn;
-+}
- 
--static size_t pg_check_string(char *to, const char *from, size_t length)
--{
--	const char *source = from;
--	char *target = to;
--	unsigned int remaining = length;
--
--	while (remaining > 0) {
--		switch (*source) {
--		case '\\':
--			*target = '\\';
--			target++;
--			*target = '\\';
--			/* target and remaining are updated below. */
--			break;
- 
--		case '\'':
--			*target = '\'';
--			target++;
--			*target = '\'';
--			/* target and remaining are updated below. */
--			break;
-+static size_t pg_check_string(char *to, const char *from, size_t length, request_rec * r, pg_auth_config_rec *sec)
-+{
-+	int error;
- 
--		default:
--			*target = *source;
--			/* target and remaining are updated below. */
-+	if (!pg_conn) {
-+		if (!(pg_conn = pg_connect(sec))) {
-+			ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "[mod_auth_pgsql.c] - cannot connect to database");
-+			ap_note_basic_auth_failure(r);
-+			return -1;
- 		}
--		source++;
--		target++;
--		remaining--;
- 	}
- 
--	/* Write the terminating NUL character. */
--	*target = '\0';
-+	PQescapeStringConn(pg_conn, to, from, length, &error);
-+
-+	if (error) {
-+		ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "[mod_auth_pgsql.c] - cannot escape string");
-+		ap_note_basic_auth_failure(r);
-+		return -1;
-+	}
- 
--	return target - to;
-+	return 0;
- }
- 
- 
-@@ -518,7 +524,6 @@ static size_t pg_check_string(char *to, const char *from, size_t length)
- char *do_pg_query(request_rec * r, char *query, pg_auth_config_rec * sec)
- {
- 	PGresult *pg_result;
--	PGconn *pg_conn;
- 	char *val;
- 	char *result = NULL;
- 
-@@ -530,19 +535,10 @@ char *do_pg_query(request_rec * r, char *query, pg_auth_config_rec * sec)
- 	  sec->auth_pg_database);
- #endif							/* DEBUG_AUTH_PGSQL */
- 
--	pg_conn = PQsetdbLogin(sec->auth_pg_host, sec->auth_pg_port,
--		sec->auth_pg_options, NULL, sec->auth_pg_database,
--		sec->auth_pg_user, sec->auth_pg_pwd);
--	if (PQstatus(pg_conn) != CONNECTION_OK) {
--		PQreset(pg_conn);
--		apr_snprintf(pg_errstr, MAX_STRING_LEN,
--					 "mod_auth_pgsql database connection error resetting %s",
--					 PQerrorMessage(pg_conn));
--		if (PQstatus(pg_conn) != CONNECTION_OK) {
--			apr_snprintf(pg_errstr, MAX_STRING_LEN,
--						 "mod_auth_pgsql database connection error reset failed %s",
--						 PQerrorMessage(pg_conn));
--			PQfinish(pg_conn);
-+	if (!pg_conn) {
-+		if (!(pg_conn = pg_connect(sec))) {
-+			ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "[mod_auth_pgsql.c] - cannot connect to database");
-+			ap_note_basic_auth_failure(r);
- 			return NULL;
- 		}
- 	}
-@@ -552,6 +548,21 @@ char *do_pg_query(request_rec * r, char *query, pg_auth_config_rec * sec)
- 				  query);
- #endif							/* DEBUG_AUTH_PGSQL */
- 
-+	if (sec->auth_pg_charset) {
-+		const char *check;
-+
-+		PQsetClientEncoding(pg_conn, sec->auth_pg_charset);
-+
-+		check = pg_encoding_to_char(PQclientEncoding(pg_conn));
-+
-+		if (!check || strcmp(sec->auth_pg_charset, check)) {
-+			apr_snprintf(pg_errstr, MAX_STRING_LEN,
-+						 "mod_auth_pgsql database character set encoding %s");
-+			PQfinish(pg_conn);
-+			return NULL;
-+		}
-+	}
-+
- 	pg_result = PQexec(pg_conn, query);
- 
- 	if (pg_result == NULL) {
-@@ -610,7 +621,7 @@ char *get_pg_pw(request_rec * r, char *user, pg_auth_config_rec * sec)
- 	int n;
- 
- 	safe_user = apr_palloc(r->pool, 1 + 2 * strlen(user));
--	pg_check_string(safe_user, user, strlen(user));
-+	pg_check_string(safe_user, user, strlen(user), r, sec);
- 
- #ifdef DEBUG_AUTH_PGSQL
- 	ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
-@@ -685,8 +696,8 @@ static char *get_pg_grp(request_rec * r, char *group, char *user,
- #endif							/* DEBUG_AUTH_PGSQL */
- 
- 	query[0] = '\0';
--	pg_check_string(safe_user, user, strlen(user));
--	pg_check_string(safe_group, group, strlen(group));
-+	pg_check_string(safe_user, user, strlen(user), r, sec);
-+	pg_check_string(safe_group, group, strlen(group), r, sec);
- 
- 	if ((!sec->auth_pg_grp_table) ||
- 		(!sec->auth_pg_grp_group_field) || (!sec->auth_pg_grp_user_field))
-@@ -777,6 +788,14 @@ static int pg_authenticate_basic_user(request_rec * r)
- 	}
- 	pg_errstr[0] = '\0';
- 
-+	if (!pg_conn) {
-+		if (!(pg_conn = pg_connect(sec))) {
-+			ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "[mod_auth_pgsql.c] - cannot connect to database");
-+			ap_note_basic_auth_failure(r);
-+			return HTTP_UNAUTHORIZED;
-+		}
-+	}
-+
- 	if (sec->auth_pg_cache_passwords
- 		&& (!apr_is_empty_table(sec->cache_pass_table))) {
- 		val = (char *) apr_table_get(sec->cache_pass_table, user);
-@@ -904,6 +923,13 @@ static int pg_check_auth(request_rec * r)
- #endif							/* DEBUG_AUTH_PGSQL */
- 
- 
-+	if (!pg_conn) {
-+		if (!(pg_conn = pg_connect(sec))) {
-+			ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "[mod_auth_pgsql.c] - cannot connect to database");
-+			ap_note_basic_auth_failure(r);
-+			return HTTP_UNAUTHORIZED;
-+		}
-+	}
- 
- 	/* if we cannot do it; leave it to some other guy 
- 	 */
-@@ -1015,9 +1041,9 @@ pg_log_auth_user(request_rec * r, pg_auth_config_rec * sec, char *user,
- 	}
- 
- 	/* AUD: MAX_STRING_LEN probably isn't always correct */
--	pg_check_string(safe_user, user, strlen(user));
--	pg_check_string(safe_pw, sent_pw, strlen(sent_pw));
--	pg_check_string(safe_req, r->the_request, strlen(r->the_request));
-+	pg_check_string(safe_user, user, strlen(user), r, sec);
-+	pg_check_string(safe_pw, sent_pw, strlen(sent_pw), r, sec);
-+	pg_check_string(safe_req, r->the_request, strlen(r->the_request), r, sec);
- 
- 
- 	if (sec->auth_pg_lowercaseuid) {
-diff --git a/mod_auth_pgsql.html b/mod_auth_pgsql.html
-index d35768b..5474314 100644
---- a/mod_auth_pgsql.html
-+++ b/mod_auth_pgsql.html
-@@ -48,6 +48,7 @@ Notes</a> |<a href="#Changelog"> Changelog</a> </p>
-   <li><a href="#host">Auth_PG_host</a> </li>
-   <li><a href="#port">Auth_PG_port</a> </li>
-   <li><a href="#options">Auth_PG_options</a> </li>
-+  <li><a href="#charset">Auth_PG_charset</a> </li>
-   <li><a href="#database">Auth_PG_database</a> </li>
-   <li><a href="#user">Auth_PG_user</a> </li>
-   <li><a href="#pwd">Auth_PG_pwd</a> </li>
-@@ -104,6 +105,14 @@ be found. </p>
- <p>Specifies an option string to be passed to the postgreSQL backend
- process. Refer to the PostgreSQL user manual for a description of the
- available options. </p>
-+<h2><a name="charset"></a> Auth_PG_charset</h2>
-+<b>Syntax:</b> Auth_PG_options <i>option string</i><br>
-+<b>Context:</b> directory, .htaccess <br>
-+<b>Override:</b> AuthConfig <br>
-+<b>Status:</b> Extension
-+<p>Specifies the name of an encoding to be set for the PostgreSQL
-+backend process. Refer to the PostgreSQL user manual for a description
-+of the available options. </p>
- <h2><a name="database"></a> Auth_PG_database</h2>
- <b>Syntax:</b> Auth_PG_database <i>database name</i><br>
- <b>Context:</b> directory, .htaccess <br>
diff --git a/www-apache/mod_auth_pgsql/files/mod_auth_pgsql-2.0.3-fixdoublefree.patch b/www-apache/mod_auth_pgsql/files/mod_auth_pgsql-2.0.3-fixdoublefree.patch
deleted file mode 100644
index c7314771f37c..000000000000
--- a/www-apache/mod_auth_pgsql/files/mod_auth_pgsql-2.0.3-fixdoublefree.patch
+++ /dev/null
@@ -1,87 +0,0 @@
-Description: Avoid double free of connection pointers
- .
- libapache2-mod-auth-pgsql (2.0.3-6.1) unstable; urgency=medium
- .
-   * Non-maintainer upload.
-   * Apply patch from Launchpad to set freed pointers to NULL before
-     subsequent checks against NULL. (Closes: #774313)
-Author: Neil Williams <codehelp@debian.org>
-Bug-Debian: https://bugs.debian.org/774313
-Origin: ubuntu, https://launchpadlibrarian.net/177475074/doublefree.patch
-
----
-
---- libapache2-mod-auth-pgsql-2.0.3.orig/mod_auth_pgsql.c
-+++ libapache2-mod-auth-pgsql-2.0.3/mod_auth_pgsql.c
-@@ -489,6 +489,7 @@ PGconn *pg_connect(pg_auth_config_rec *s
- 						 "mod_auth_pgsql database connection error reset failed %s",
- 						 PQerrorMessage(conn));
- 			PQfinish(conn);
-+			conn = NULL;
- 			return NULL;
- 		}
- 	}
-@@ -562,6 +563,7 @@ char *do_pg_query(request_rec * r, char
- 						 "mod_auth_pgsql database character set encoding %s",
- 						 check);
- 			PQfinish(pg_conn);
-+			pg_conn = NULL;
- 			return NULL;
- 		}
- 	}
-@@ -573,12 +575,15 @@ char *do_pg_query(request_rec * r, char
- 					 "PGSQL 2: %s -- Query: %s ",
- 					 PQerrorMessage(pg_conn), query);
- 		PQfinish(pg_conn);
-+		pg_conn = NULL;
- 		return NULL;
- 	}
- 
- 	if (PQresultStatus(pg_result) == PGRES_EMPTY_QUERY) {
- 		PQclear(pg_result);
-+		pg_result = NULL;
- 		PQfinish(pg_conn);
-+		pg_conn = NULL;
- 		return NULL;
- 	}
- 
-@@ -586,7 +591,9 @@ char *do_pg_query(request_rec * r, char
- 		apr_snprintf(pg_errstr, MAX_STRING_LEN, "PGSQL 3: %s -- Query: %s",
- 					 PQerrorMessage(pg_conn), query);
- 		PQclear(pg_result);
-+		pg_result = NULL;
- 		PQfinish(pg_conn);
-+		pg_conn = NULL;
- 		return NULL;
- 	}
- 
-@@ -596,7 +603,9 @@ char *do_pg_query(request_rec * r, char
- 			apr_snprintf(pg_errstr, MAX_STRING_LEN, "PGSQL 4: %s",
- 						 PQerrorMessage(pg_conn));
- 			PQclear(pg_result);
-+			pg_result = NULL;
- 			PQfinish(pg_conn);
-+			pg_conn = NULL;
- 			return NULL;
- 		}
- 
-@@ -604,7 +613,9 @@ char *do_pg_query(request_rec * r, char
- 			apr_snprintf(pg_errstr, MAX_STRING_LEN,
- 						 "Could not get memory for Postgres query.");
- 			PQclear(pg_result);
-+			pg_result = NULL;
- 			PQfinish(pg_conn);
-+			pg_conn = NULL;
- 			return NULL;
- 		}
- 
-@@ -613,7 +624,9 @@ char *do_pg_query(request_rec * r, char
- 
- 	/* ignore errors here ! */
- 	PQclear(pg_result);
-+	pg_result = NULL;
- 	PQfinish(pg_conn);
-+	pg_conn = NULL;
- 	return result;
- }
- 
diff --git a/www-apache/mod_auth_pgsql/metadata.xml b/www-apache/mod_auth_pgsql/metadata.xml
deleted file mode 100644
index 711734ad7566..000000000000
--- a/www-apache/mod_auth_pgsql/metadata.xml
+++ /dev/null
@@ -1,8 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
-<pkgmetadata>
-	<maintainer type="project">
-		<email>pgsql-bugs@gentoo.org</email>
-		<name>PostgreSQL and Related Package Development</name>
-	</maintainer>
-</pkgmetadata>
diff --git a/www-apache/mod_auth_pgsql/mod_auth_pgsql-2.0.3-r1.ebuild b/www-apache/mod_auth_pgsql/mod_auth_pgsql-2.0.3-r1.ebuild
deleted file mode 100644
index 26ec2e65c9cc..000000000000
--- a/www-apache/mod_auth_pgsql/mod_auth_pgsql-2.0.3-r1.ebuild
+++ /dev/null
@@ -1,31 +0,0 @@
-# Copyright 1999-2014 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-inherit apache-module multilib
-
-DESCRIPTION="This module allows user authentication against information stored in a PostgreSQL database"
-HOMEPAGE="http://www.giuseppetanzilli.it/mod_auth_pgsql2/"
-SRC_URI="http://www.giuseppetanzilli.it/mod_auth_pgsql2/dist/${P}.tar.gz"
-
-LICENSE="freedist"
-SLOT="2"
-KEYWORDS="amd64 ppc ~sparc x86"
-IUSE=""
-
-DEPEND="dev-db/postgresql"
-RDEPEND="${DEPEND}"
-
-APXS2_ARGS="-a -c -I/usr/include/postgresql -L/usr/$(get_libdir)/postgresql -lpq mod_auth_pgsql.c"
-
-APACHE2_MOD_CONF="80_mod_auth_pgsql"
-APACHE2_MOD_DEFINE="AUTH_PGSQL"
-
-DOCFILES="INSTALL README mod_auth_pgsql.html"
-
-need_apache2_2
-
-src_install() {
-	apache-module_src_install
-	fperms 600 "${APACHE_MODULES_CONFDIR}"/${APACHE2_MOD_CONF}.conf
-}
diff --git a/www-apache/mod_auth_pgsql/mod_auth_pgsql-2.0.3-r2.ebuild b/www-apache/mod_auth_pgsql/mod_auth_pgsql-2.0.3-r2.ebuild
deleted file mode 100644
index 4876dc317765..000000000000
--- a/www-apache/mod_auth_pgsql/mod_auth_pgsql-2.0.3-r2.ebuild
+++ /dev/null
@@ -1,40 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-inherit eutils apache-module multilib
-
-DESCRIPTION="This module allows user authentication against information stored in a PostgreSQL database"
-HOMEPAGE="http://www.giuseppetanzilli.it/mod_auth_pgsql2/"
-SRC_URI="http://www.giuseppetanzilli.it/mod_auth_pgsql2/dist/${P}.tar.gz"
-
-LICENSE="freedist"
-SLOT="2"
-KEYWORDS="~amd64 ~ppc ~sparc ~x86"
-IUSE=""
-
-DEPEND="dev-db/postgresql:*"
-RDEPEND="${DEPEND}"
-
-APXS2_ARGS="-a -c -I/usr/include/postgresql -L/usr/$(get_libdir)/postgresql -lpq mod_auth_pgsql.c"
-
-APACHE2_MOD_CONF="80_mod_auth_pgsql"
-APACHE2_MOD_DEFINE="AUTH_PGSQL"
-
-DOCFILES="INSTALL README mod_auth_pgsql.html"
-
-need_apache2_4
-
-src_prepare() {
-	# Debian patches
-	epatch "${FILESDIR}"/${P}-documentation.patch
-	epatch "${FILESDIR}"/${P}-encoding.patch
-	epatch "${FILESDIR}"/${P}-apache-2.4.patch
-	epatch "${FILESDIR}"/${P}-fixdoublefree.patch
-}
-
-src_install() {
-	apache-module_src_install
-	fperms 600 "${APACHE_MODULES_CONFDIR}"/${APACHE2_MOD_CONF}.conf
-}
author	Aaron W. Swenson <titanofold@gentoo.org>	2016-03-21 12:08:19 -0400
committer	Aaron W. Swenson <titanofold@gentoo.org>	2016-03-21 12:18:00 -0400
commit	31bd551b4294b9dfd39858efc1e8a44b013da966 (patch)
tree	d242b8c10ede63774b7d9e10b82596e5d222a7dc /www-apache
parent	dev-ruby/net-ssh: add 3.1.0. (diff)
download	gentoo-31bd551b4294b9dfd39858efc1e8a44b013da966.tar.gz gentoo-31bd551b4294b9dfd39858efc1e8a44b013da966.tar.bz2 gentoo-31bd551b4294b9dfd39858efc1e8a44b013da966.zip