From 964bab3fabf2ea92a0fefa32f451bc5fca1a863da5a0164159dd311baec2b3d5 Mon Sep 17 00:00:00 2001 From: Dirk Stoecker Date: Sat, 26 Dec 2015 12:27:23 +0000 Subject: [PATCH] Accepting request 350842 from devel:languages:perl:autoupdate automatic update OBS-URL: https://build.opensuse.org/request/show/350842 OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-Apache-AuthCookie?expand=0&rev=19 --- Apache-AuthCookie-3.22.tar.gz | 3 -- Apache-AuthCookie-3.23.tar.gz | 3 ++ perl-Apache-AuthCookie.changes | 15 +++++++ perl-Apache-AuthCookie.spec | 80 +++++++++++++++++----------------- 4 files changed, 59 insertions(+), 42 deletions(-) delete mode 100644 Apache-AuthCookie-3.22.tar.gz create mode 100644 Apache-AuthCookie-3.23.tar.gz diff --git a/Apache-AuthCookie-3.22.tar.gz b/Apache-AuthCookie-3.22.tar.gz deleted file mode 100644 index 4e7ef54..0000000 --- a/Apache-AuthCookie-3.22.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:425d84f0e1d4635021e4e4edc7c88aefc2b3ad5f6cbe000e491e980f2633e537 -size 48956 diff --git a/Apache-AuthCookie-3.23.tar.gz b/Apache-AuthCookie-3.23.tar.gz new file mode 100644 index 0000000..24ded4f --- /dev/null +++ b/Apache-AuthCookie-3.23.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:c40c7f28447ad1e17f00ac63c0855d0af41b31d212fcc72ae91cc284e5aee9a7 +size 45053 diff --git a/perl-Apache-AuthCookie.changes b/perl-Apache-AuthCookie.changes index 29b8cba..d94b692 100644 --- a/perl-Apache-AuthCookie.changes +++ b/perl-Apache-AuthCookie.changes @@ -1,3 +1,18 @@ +------------------------------------------------------------------- +Sat Dec 26 09:27:49 UTC 2015 - coolo@suse.com + +- updated to 3.23 + see /usr/share/doc/packages/perl-Apache-AuthCookie/Changes + + 3.23 2015-09-10 + - Improve CGI mode param() handling to avoi CGI.pm's "param() called in list context" warning. + - add support for Apache 2.4 via mod_perl 1.09. + ***** IMPORTANT ***** + Apache 2.4 has a *VERY* different API for authentication. You will need + to port your subclass and configuration over to the Apache 2.4 API in + order to use Apache 2.4! Please be sure to read README.apache-2.4.pod for + porting instructions! + ------------------------------------------------------------------- Tue Apr 14 09:15:25 UTC 2015 - coolo@suse.com diff --git a/perl-Apache-AuthCookie.spec b/perl-Apache-AuthCookie.spec index 3df3878..d7b47ba 100644 --- a/perl-Apache-AuthCookie.spec +++ b/perl-Apache-AuthCookie.spec @@ -17,7 +17,7 @@ Name: perl-Apache-AuthCookie -Version: 3.22 +Version: 3.23 Release: 0 %define cpan_name Apache-AuthCookie Summary: Perl Authentication and Authorization via cookies @@ -31,10 +31,12 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: perl BuildRequires: perl-macros BuildRequires: perl(Apache::Test) >= 1.35 +BuildRequires: perl(CGI) >= 3.12 BuildRequires: perl(Class::Load) >= 0.03 BuildRequires: perl(autobox) >= 1.1 BuildRequires: perl(mod_perl2) >= 1.999022 Requires: perl(Apache::Test) >= 1.35 +Requires: perl(CGI) >= 3.12 Requires: perl(Class::Load) >= 0.03 Requires: perl(autobox) >= 1.1 Requires: perl(mod_perl2) >= 1.999022 @@ -59,73 +61,73 @@ Your module is a class which implements two methods: * 'authen_cred()' - Verify the user-supplied credentials and return a session key. The - session key can be any string - often you'll use some string containing - username, timeout info, and any other information you need to determine - access to documents, and append a one-way hash of those values together - with some secret key. +Verify the user-supplied credentials and return a session key. The session +key can be any string - often you'll use some string containing username, +timeout info, and any other information you need to determine access to +documents, and append a one-way hash of those values together with some +secret key. * 'authen_ses_key()' - Verify the session key (previously generated by 'authen_cred()', possibly - during a previous request) and return the user ID. This user ID will be - fed to '$r->connection->user()' to set Apache's idea of who's logged in. +Verify the session key (previously generated by 'authen_cred()', possibly +during a previous request) and return the user ID. This user ID will be fed +to '$r->connection->user()' to set Apache's idea of who's logged in. By using AuthCookie versus Apache's built-in AuthBasic you can design your own authentication system. There are several benefits. * 1. - The client doesn't *have* to pass the user credentials on every - subsequent access. If you're using passwords, this means that the - password can be sent on the first request only, and subsequent requests - don't need to send this (potentially sensitive) information. This is - known as "ticket-based" authentication. +The client doesn't *have* to pass the user credentials on every subsequent +access. If you're using passwords, this means that the password can be sent +on the first request only, and subsequent requests don't need to send this +(potentially sensitive) information. This is known as "ticket-based" +authentication. * 2. - When you determine that the client should stop using the - credentials/session key, the server can tell the client to delete the - cookie. Letting users "log out" is a notoriously impossible-to-solve - problem of AuthBasic. +When you determine that the client should stop using the +credentials/session key, the server can tell the client to delete the +cookie. Letting users "log out" is a notoriously impossible-to-solve +problem of AuthBasic. * 3. - AuthBasic dialog boxes are ugly. You can design your own HTML login forms - when you use AuthCookie. +AuthBasic dialog boxes are ugly. You can design your own HTML login forms +when you use AuthCookie. * 4. - You can specify the domain of a cookie using PerlSetVar commands. For - instance, if your AuthName is 'WhatEver', you can put the command +You can specify the domain of a cookie using PerlSetVar commands. For +instance, if your AuthName is 'WhatEver', you can put the command - PerlSetVar WhatEverDomain .yourhost.com + PerlSetVar WhatEverDomain .yourhost.com - into your server setup file and your access cookies will span all hosts - ending in '.yourhost.com'. +into your server setup file and your access cookies will span all hosts +ending in '.yourhost.com'. * 5. - You can optionally specify the name of your cookie using the 'CookieName' - directive. For instance, if your AuthName is 'WhatEver', you can put the - command +You can optionally specify the name of your cookie using the 'CookieName' +directive. For instance, if your AuthName is 'WhatEver', you can put the +command - PerlSetVar WhatEverCookieName MyCustomName + PerlSetVar WhatEverCookieName MyCustomName - into your server setup file and your cookies for this AuthCookie realm - will be named MyCustomName. Default is AuthType_AuthName. +into your server setup file and your cookies for this AuthCookie realm will +be named MyCustomName. Default is AuthType_AuthName. * 6. - By default users must satisfy ALL of the 'require' directives. If you - want authentication to succeed if ANY 'require' directives are met, use - the 'Satisfy' directive. For instance, if your AuthName is 'WhatEver', - you can put the command +By default users must satisfy ALL of the 'require' directives. If you want +authentication to succeed if ANY 'require' directives are met, use the +'Satisfy' directive. For instance, if your AuthName is 'WhatEver', you can +put the command - PerlSetVar WhatEverSatisfy Any + PerlSetVar WhatEverSatisfy Any - into your server startup file and authentication for this realm will - succeed if ANY of the 'require' directives are met. +into your server startup file and authentication for this realm will +succeed if ANY of the 'require' directives are met. This is the flow of the authentication handler, less the details of the redirects. Two REDIRECT's are used to keep the client from displaying the @@ -200,7 +202,7 @@ client. %prep %setup -q -n %{cpan_name}-%{version} -find . -type f -print0 | xargs -0 chmod 644 +find . -type f ! -name \*.pl -print0 | xargs -0 chmod 644 %build %{__perl} Makefile.PL INSTALLDIRS=vendor