diff options
author | Garrett Wollman <wollman@FreeBSD.org> | 2001-10-19 17:40:18 +0000 |
---|---|---|
committer | Garrett Wollman <wollman@FreeBSD.org> | 2001-10-19 17:40:18 +0000 |
commit | a3db454330be3b2c6b0d59f8afe30fdff03928f3 (patch) | |
tree | 73c624884cdd44e42448a94f0845b392150cd761 | |
parent | fix typo (diff) |
New port www/mod_auth_kerb: authenticate Web clients against Kerberos v5.
Notes
Notes:
svn path=/head/; revision=48962
-rw-r--r-- | www/Makefile | 1 | ||||
-rw-r--r-- | www/mod_auth_kerb/Makefile | 42 | ||||
-rw-r--r-- | www/mod_auth_kerb/distinfo | 1 | ||||
-rw-r--r-- | www/mod_auth_kerb/pkg-comment | 1 | ||||
-rw-r--r-- | www/mod_auth_kerb/pkg-descr | 14 | ||||
-rw-r--r-- | www/mod_auth_kerb/pkg-plist | 3 | ||||
-rw-r--r-- | www/mod_auth_kerb2/Makefile | 42 | ||||
-rw-r--r-- | www/mod_auth_kerb2/distinfo | 1 | ||||
-rw-r--r-- | www/mod_auth_kerb2/pkg-comment | 1 | ||||
-rw-r--r-- | www/mod_auth_kerb2/pkg-descr | 14 | ||||
-rw-r--r-- | www/mod_auth_kerb2/pkg-plist | 3 |
11 files changed, 123 insertions, 0 deletions
diff --git a/www/Makefile b/www/Makefile index 03d58e9ccf01..ab17f4df73cf 100644 --- a/www/Makefile +++ b/www/Makefile @@ -127,6 +127,7 @@ SUBDIR += mod_access_referer SUBDIR += mod_auth_any SUBDIR += mod_auth_external + SUBDIR += mod_auth_kerb SUBDIR += mod_auth_mysql SUBDIR += mod_auth_pam SUBDIR += mod_auth_pgsql diff --git a/www/mod_auth_kerb/Makefile b/www/mod_auth_kerb/Makefile new file mode 100644 index 000000000000..f8939c23f667 --- /dev/null +++ b/www/mod_auth_kerb/Makefile @@ -0,0 +1,42 @@ +# New ports collection makefile for: mod_auth_kerb +# Date created: 19 October 2001 +# Whom: wollman +# +# $FreeBSD$ +# + +# Shamelessly stolen from will's mod_auth_any port. + +PORTNAME= mod_auth_kerb +PORTVERSION= 4.10 +CATEGORIES= www +MASTER_SITES= http://stonecold.unity.ncsu.edu/software/mod_auth_kerb/downloads/ + +MAINTAINER= wollman@FreeBSD.org + +# +# This module allows users to send their Kerberos password in +# plain text; it should only be used over an encrypted connection +# (i.e., HTTP over SSL/TLS). Thus, we require as a dependency +# a version of Apache which can do this. +# +BUILD_DEPENDS= ${APXS}:${PORTSDIR}/www/apache13-modssl +RUN_DEPENDS= ${APXS}:${PORTSDIR}/www/apache13-modssl +LIB_DEPENDS= krb5.3:${PORTSDIR}/security/krb5 + +WRKSRC= ${WRKDIR}/src/modules/kerberos + +APXS?= ${LOCALBASE}/sbin/apxs +KRB5_HOME?= ${LOCALBASE} + +do-build: + cd ${WRKSRC} && \ + ${APXS} -I${KRB5_HOME}/include -L${KRB5_HOME}/lib \ + -DKRB5 -DKRB5_VERIFY_TICKET -DKRB5_SAVE_CREDENTIALS \ + -DKRB5_DEFAULT_KEYTAB=\"\\\"file:${LOCALBASE}/etc/apache/keytab\\\"\" \ + -c ${PORTNAME}.c + +do-install: + ${APXS} -i -A -n ${PORTNAME:S/mod_//g} ${WRKSRC}/${PORTNAME}.so + +.include <bsd.port.mk> diff --git a/www/mod_auth_kerb/distinfo b/www/mod_auth_kerb/distinfo new file mode 100644 index 000000000000..e9e8e1b7f5d9 --- /dev/null +++ b/www/mod_auth_kerb/distinfo @@ -0,0 +1 @@ +MD5 (mod_auth_kerb-4.10.tar.gz) = 5088f0bbdecbd120b9118273a3957510 diff --git a/www/mod_auth_kerb/pkg-comment b/www/mod_auth_kerb/pkg-comment new file mode 100644 index 000000000000..f5a1f4c2f90c --- /dev/null +++ b/www/mod_auth_kerb/pkg-comment @@ -0,0 +1 @@ +An Apache module for authenticating users with Kerberos v5 diff --git a/www/mod_auth_kerb/pkg-descr b/www/mod_auth_kerb/pkg-descr new file mode 100644 index 000000000000..88d070bc10a1 --- /dev/null +++ b/www/mod_auth_kerb/pkg-descr @@ -0,0 +1,14 @@ +mod_auth_kerb is an Apache module for authenticating Web clients +in a Kerberos v5 realm. Because the Kerberos password is transmitted +in plain text, this module MUST be used in conjunction with an +encryption-capable Web server (by default, apache13-modssl). There is +no documentation provided; see the Web site for more details. This +package is built with the KRB5_VERIFY_TICKET and KRB5_SAVE_CREDENTIALS +options, and *without* Kerberos v4 support. In order to successfully +authenticate users, the Web server will need a keytab file containing +a key for the principal `www/my.host.name.example@MY.REALM.EXAMPLE' +which is readable by the user Apache runs as; the location of this +keytab defaults to ${LOCALBASE}/etc/apache/keytab but can be modified +in the server configuration. + +WWW: http://stonecold.unity.ncsu.edu/software/mod_auth_kerb/ diff --git a/www/mod_auth_kerb/pkg-plist b/www/mod_auth_kerb/pkg-plist new file mode 100644 index 000000000000..9c53a963e65a --- /dev/null +++ b/www/mod_auth_kerb/pkg-plist @@ -0,0 +1,3 @@ +libexec/apache/mod_auth_kerb.so +@exec %D/sbin/apxs -e -A -n auth_kerb %D/%F +@unexec %D/sbin/apxs -e -A -n auth_kerb %D/%F diff --git a/www/mod_auth_kerb2/Makefile b/www/mod_auth_kerb2/Makefile new file mode 100644 index 000000000000..f8939c23f667 --- /dev/null +++ b/www/mod_auth_kerb2/Makefile @@ -0,0 +1,42 @@ +# New ports collection makefile for: mod_auth_kerb +# Date created: 19 October 2001 +# Whom: wollman +# +# $FreeBSD$ +# + +# Shamelessly stolen from will's mod_auth_any port. + +PORTNAME= mod_auth_kerb +PORTVERSION= 4.10 +CATEGORIES= www +MASTER_SITES= http://stonecold.unity.ncsu.edu/software/mod_auth_kerb/downloads/ + +MAINTAINER= wollman@FreeBSD.org + +# +# This module allows users to send their Kerberos password in +# plain text; it should only be used over an encrypted connection +# (i.e., HTTP over SSL/TLS). Thus, we require as a dependency +# a version of Apache which can do this. +# +BUILD_DEPENDS= ${APXS}:${PORTSDIR}/www/apache13-modssl +RUN_DEPENDS= ${APXS}:${PORTSDIR}/www/apache13-modssl +LIB_DEPENDS= krb5.3:${PORTSDIR}/security/krb5 + +WRKSRC= ${WRKDIR}/src/modules/kerberos + +APXS?= ${LOCALBASE}/sbin/apxs +KRB5_HOME?= ${LOCALBASE} + +do-build: + cd ${WRKSRC} && \ + ${APXS} -I${KRB5_HOME}/include -L${KRB5_HOME}/lib \ + -DKRB5 -DKRB5_VERIFY_TICKET -DKRB5_SAVE_CREDENTIALS \ + -DKRB5_DEFAULT_KEYTAB=\"\\\"file:${LOCALBASE}/etc/apache/keytab\\\"\" \ + -c ${PORTNAME}.c + +do-install: + ${APXS} -i -A -n ${PORTNAME:S/mod_//g} ${WRKSRC}/${PORTNAME}.so + +.include <bsd.port.mk> diff --git a/www/mod_auth_kerb2/distinfo b/www/mod_auth_kerb2/distinfo new file mode 100644 index 000000000000..e9e8e1b7f5d9 --- /dev/null +++ b/www/mod_auth_kerb2/distinfo @@ -0,0 +1 @@ +MD5 (mod_auth_kerb-4.10.tar.gz) = 5088f0bbdecbd120b9118273a3957510 diff --git a/www/mod_auth_kerb2/pkg-comment b/www/mod_auth_kerb2/pkg-comment new file mode 100644 index 000000000000..f5a1f4c2f90c --- /dev/null +++ b/www/mod_auth_kerb2/pkg-comment @@ -0,0 +1 @@ +An Apache module for authenticating users with Kerberos v5 diff --git a/www/mod_auth_kerb2/pkg-descr b/www/mod_auth_kerb2/pkg-descr new file mode 100644 index 000000000000..88d070bc10a1 --- /dev/null +++ b/www/mod_auth_kerb2/pkg-descr @@ -0,0 +1,14 @@ +mod_auth_kerb is an Apache module for authenticating Web clients +in a Kerberos v5 realm. Because the Kerberos password is transmitted +in plain text, this module MUST be used in conjunction with an +encryption-capable Web server (by default, apache13-modssl). There is +no documentation provided; see the Web site for more details. This +package is built with the KRB5_VERIFY_TICKET and KRB5_SAVE_CREDENTIALS +options, and *without* Kerberos v4 support. In order to successfully +authenticate users, the Web server will need a keytab file containing +a key for the principal `www/my.host.name.example@MY.REALM.EXAMPLE' +which is readable by the user Apache runs as; the location of this +keytab defaults to ${LOCALBASE}/etc/apache/keytab but can be modified +in the server configuration. + +WWW: http://stonecold.unity.ncsu.edu/software/mod_auth_kerb/ diff --git a/www/mod_auth_kerb2/pkg-plist b/www/mod_auth_kerb2/pkg-plist new file mode 100644 index 000000000000..9c53a963e65a --- /dev/null +++ b/www/mod_auth_kerb2/pkg-plist @@ -0,0 +1,3 @@ +libexec/apache/mod_auth_kerb.so +@exec %D/sbin/apxs -e -A -n auth_kerb %D/%F +@unexec %D/sbin/apxs -e -A -n auth_kerb %D/%F |