Comment 1 Edwin Groothuis 2013-06-03 17:30:09 UTC

Responsible Changed
From-To: freebsd-ports-bugs->apache

apache@ wants this port PRs (via the GNATS Auto Assign Tool)

Comment 2 Olli Hauer 2013-06-22 22:14:18 UTC

Responsible Changed
From-To: apache->ohauer

I'll take it

Hi Vivek,

I have some additions to the port and found some minor issues with the default Makefiles (here we need to do some more work)

See the build logs from redports:
https://redports.org/buildarchive/20130622213001-34496

It seems the port needs mod_dav_svn, so I've added a check to the Makefile

The install target is another culprits ( totally debian specific :( which need some rewrite (not done jet)

Current work available here (install not fixed)
http://people.freebsd.org/~ohauer/diffs/mod_authnz_crowd.shar


--
regards,
olli

OK,

I've done some more test builds and shaped a new shar file.
http://people.freebsd.org/~ohauer/diffs/mod_authnz_crowd.shar

It was a little more work ...
- the port needs a pkg-plist else no cleanup of httpd.conf will be done.
- added MANUAL_PACKAGE_BUILD since the build fails if subevrsion was build without mod_dav_svn
  (mod_dav_svn is not enabled by default)
- added USE_GCC=any else port fails on 10 current
- removed some additional debian specific lines from src/Makefile.am


I'm not sure about the CFLAGS (-O1 / -O2), from Makefile.am

-AM_CFLAGS = `apr-1-config --cflags`
+AM_CFLAGS = `apr-1-config --cflags | sed -e 's/O[[:digit:]]/O1/'`

but -O2 is still used, a snippet from the build log

> --cflags`  `apr-1-config --cflags | sed -e 's/O[[:digit:]]/O1/'` -O2 -pipe -fno-strict-aliasing 
> -g -O1 -O2 -pipe -fno-strict-aliasing


The only way I have found to overwrite -O2 is to add the following line into the Makefile.
( '-O2 -pipe -fno-strict-aliasing' is alway set from bsd.port.mk if no explicit declaration is found in the Makefile)

CFLAGS:=       ${CFLAGS:C/-O[2-9]/-O1/}

With this entry it change to
> --cflags | sed -e 's/O[[:digit:]]/O1/'` -O1 -pipe
> -g -O1 -O1 -pipe


Let me know if the port runs stable.

--
Regards,
olli

Thanks so much for your help here!

I tried your shar file. The module builds fine, and authenticates well
against my crowd server.

The deal with the -O2 is that the vendor claims it breaks the program, so I
tried to neuter it. I do not observe any failures with it, so it may have
been on an older version of their software and/or gcc.

One more question: is there a way to tell it that when it activates the
module in httpd.conf, that it must put those LoadModules *after*
mod_dav_svn? Otherwise it fails to load properly.

On 2013-06-25 17:10, Vick Khera wrote:
> One more question: is there a way to tell it that when it activates the
> module in httpd.conf, that it must put those LoadModules *after*
> mod_dav_svn? Otherwise it fails to load properly.
> 

Hi Vick,

there is no way to tell this during installation, but this can be written as a notice in pkg-message.

Given the users has to install subversion before building mod_authnz_crowd, mod_dav_svn is already installed and activated.

What I can think is to write a pkg-install check which looks to the module order (sed/awk ...)

PS:
If the module builds OK without the -O1 hack we can remove this part.



--
Regards,
olli

On Tue, Jun 25, 2013 at 11:27 AM, olli hauer <ohauer@gmx.de> wrote:

> If the module builds OK without the -O1 hack we can remove this part.
>

In my experience, it did work ok, but there could be some edge case of
configuration I do not use that causes failure. The vendor does not specify
the failure they observed. Personally, I'd prefer to not try to hack up the
optimization flags, and leave them to -O2.

The issue with the ordering is when subversion gets upgraded, the
mod_dav_svn is de-activated and then re-activated, the svn module is now
later, and restart fails. I don't think there is a fix for this with the
ports, as apxs doesn't track such dependencies.

On 2013-06-25 17:33, Vick Khera wrote:
> On Tue, Jun 25, 2013 at 11:27 AM, olli hauer <ohauer@gmx.de> wrote:
> 
>> If the module builds OK without the -O1 hack we can remove this part.
>>
> 
> In my experience, it did work ok, but there could be some edge case of
> configuration I do not use that causes failure. The vendor does not specify
> the failure they observed. Personally, I'd prefer to not try to hack up the
> optimization flags, and leave them to -O2.
> 
> The issue with the ordering is when subversion gets upgraded, the
> mod_dav_svn is de-activated and then re-activated, the svn module is now
> later, and restart fails. I don't think there is a fix for this with the
> ports, as apxs doesn't track such dependencies.
> 

Sure, the only way to make sure this case will not happen is to generate
a include script and place the script into %%APACHEETCDIR%%/Include/

I can look later to implement such a solution if you are not faster ;)

--
regards,
olli

On 2013-06-25 17:33, Vick Khera wrote:
> On Tue, Jun 25, 2013 at 11:27 AM, olli hauer <ohauer@gmx.de> wrote:
> 
>> If the module builds OK without the -O1 hack we can remove this part.
>>
> 
> In my experience, it did work ok, but there could be some edge case of
> configuration I do not use that causes failure. The vendor does not specify
> the failure they observed. Personally, I'd prefer to not try to hack up the
> optimization flags, and leave them to -O2.
> 
> The issue with the ordering is when subversion gets upgraded, the
> mod_dav_svn is de-activated and then re-activated, the svn module is now
> later, and restart fails. I don't think there is a fix for this with the
> ports, as apxs doesn't track such dependencies.
> 

Hi Vick,

new shar file to test.
http://people.freebsd.org/~ohauer/diffs/mod_authnz_crowd_201306252005.shar

Use a dedicated include script, maybe you can test to wrap a directive around
to test if the required modules are loaded.

<IfModule  svn_dav...>
 LoadModule ...
</IfModule>


--
regards,
olli

Comment 11 Olli Hauer 2013-06-27 05:10:56 UTC

State Changed
From-To: open->feedback

open -> feedback

Hi, sorry for disappearing for so long :(

That last shar file Olli posted (mod_authnz_crowd_201306252005.shar) =
works great. The only addition I have is a pkg-message file to help =
usage:

--cut here--
To enable mod_authnz_crowd, you must ensure that the subversion DAV =
modules
are enabled and loaded first, like this:

LoadModule dav_svn_module     libexec/apache22/mod_dav_svn.so
LoadModule authz_svn_module   libexec/apache22/mod_authz_svn.so
Include etc/apache22/Includes/zzz_authnz_crowd.conf
--cut here--

Thanks!

Comment 13 dfilter service 2013-08-18 22:15:37 UTC

Author: ohauer
Date: Sun Aug 18 21:15:26 2013
New Revision: 324938
URL: http://svnweb.freebsd.org/changeset/ports/324938

Log:
  - new port www/mod_authnz_crowd
  
  Apache 2.2 connector for Atlassian Crowd to provide authentication and
  authorization support using Basic Auth.
  
  WWW: https://confluence.atlassian.com/display/CROWD/Integrating+Crowd+with+Apache
  
  PR:		ports/179263
  Submitted by:	Vivek Khera <vivek@khera.org>

Added:
  head/www/mod_authnz_crowd/
  head/www/mod_authnz_crowd/Makefile   (contents, props changed)
  head/www/mod_authnz_crowd/distinfo   (contents, props changed)
  head/www/mod_authnz_crowd/files/
  head/www/mod_authnz_crowd/files/patch-configure.ac   (contents, props changed)
  head/www/mod_authnz_crowd/files/patch-src__Makefile.am   (contents, props changed)
  head/www/mod_authnz_crowd/files/patch-src__svn__Makefile.am   (contents, props changed)
  head/www/mod_authnz_crowd/files/pkg-message.in   (contents, props changed)
  head/www/mod_authnz_crowd/files/zzz_authnz_crowd.conf.in   (contents, props changed)
  head/www/mod_authnz_crowd/pkg-descr   (contents, props changed)
  head/www/mod_authnz_crowd/scripts/
  head/www/mod_authnz_crowd/scripts/configure   (contents, props changed)
Modified:
  head/www/Makefile

Modified: head/www/Makefile
==============================================================================
--- head/www/Makefile	Sun Aug 18 20:54:02 2013	(r324937)
+++ head/www/Makefile	Sun Aug 18 21:15:26 2013	(r324938)
@@ -468,6 +468,7 @@
     SUBDIR += mod_auth_xradius
     SUBDIR += mod_authn_otp
     SUBDIR += mod_authn_sasl
+    SUBDIR += mod_authnz_crowd
     SUBDIR += mod_authnz_external
     SUBDIR += mod_authz_unixgroup
     SUBDIR += mod_backtrace

Added: head/www/mod_authnz_crowd/Makefile
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/mod_authnz_crowd/Makefile	Sun Aug 18 21:15:26 2013	(r324938)
@@ -0,0 +1,44 @@
+# Created by: Vick Khera <vivek@khera.org>
+# $FreeBSD$
+
+PORTNAME=	mod_authnz_crowd
+PORTVERSION=	2.0.2
+CATEGORIES=	www
+MASTER_SITES=	http://downloads.atlassian.com/software/crowd/downloads/cwdapache/
+DIST_SUBDIR=	apache2
+
+MAINTAINER=	vivek@khera.org
+COMMENT=	Apache 2.2.x module to use Atlassian Crowd for authentication
+
+LICENSE=	AL2
+
+LIB_DEPENDS=	libsvn_client-1.so:${PORTSDIR}/devel/subversion \
+		libcurl.so:${PORTSDIR}/ftp/curl
+
+USE_AUTOTOOLS=	autoconf:env automake:env libtool:env
+GNU_CONFIGURE=	yes
+USE_GNOME=	libxml2
+USE_GCC=	any
+USE_APACHE=	22
+MAKE_JOBS_SAFE= yes
+
+MANUAL_PACKAGE_BUILD=	requires subversion build with MOD_DAV_SVN.
+
+SUB_FILES=	pkg-message zzz_authnz_crowd.conf
+SUB_LIST+=	APACHEETCDIR=${APACHEETCDIR} \
+		APACHEMODDIR=${APACHEMODDIR}
+
+PLIST_FILES=	${APACHEMODDIR}/mod_authnz_crowd.so \
+		${APACHEMODDIR}/mod_authz_svn_crowd.so \
+		${APACHEETCDIR}/Includes/zzz_authnz_crowd.conf
+
+LDFLAGS+=	-L${PREFIX}/lib
+
+post-install:
+	${INSTALL_DATA} ${WRKDIR}/zzz_authnz_crowd.conf \
+		${PREFIX}/${APACHEETCDIR}/Includes/
+	@${ECHO_CMD}
+	@${CAT} ${PKGMESSAGE}
+	@${ECHO_CMD}
+
+.include <bsd.port.mk>

Added: head/www/mod_authnz_crowd/distinfo
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/mod_authnz_crowd/distinfo	Sun Aug 18 21:15:26 2013	(r324938)
@@ -0,0 +1,2 @@
+SHA256 (apache2/mod_authnz_crowd-2.0.2.tar.gz) = 941edf2aea51528ef85c4f9897561f36178e8143ba717309c133134ec05299ac
+SIZE (apache2/mod_authnz_crowd-2.0.2.tar.gz) = 25398

Added: head/www/mod_authnz_crowd/files/patch-configure.ac
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/mod_authnz_crowd/files/patch-configure.ac	Sun Aug 18 21:15:26 2013	(r324938)
@@ -0,0 +1,63 @@
+--- ./configure.ac.orig	2011-03-29 07:51:33.000000000 +0200
++++ ./configure.ac	2013-06-22 22:54:04.000000000 +0200
+@@ -1,5 +1,6 @@
+ AC_INIT([mod_authnz_crowd], [2.0.2], [support@atlassian.com])
+ AM_INIT_AUTOMAKE([-Wall -Werror foreign])
++AM_PROG_AR
+ AC_PROG_CC
+ AC_PROG_LIBTOOL
+ AC_CONFIG_HEADERS([config.h])
+@@ -12,7 +13,7 @@
+ 
+ AC_CHECK_LIB([apr-1], [apr_pool_pre_cleanup_register], [], [AC_MSG_ERROR([apr_pool_pre_cleanup_register was not found in libapr-1])])
+ 
+-AC_CHECK_FILE([/usr/local/apache2/include/httpd.h], [APACHE_INCLUDE_DIR="/usr/local/apache2/include"], [
++AC_CHECK_FILE([/usr/local/include/apache22/httpd.h], [APACHE_INCLUDE_DIR="/usr/local/include/apache22"], [
+     AC_CHECK_FILE([/usr/include/httpd/httpd.h], [APACHE_INCLUDE_DIR="/usr/include/httpd"], [
+         AC_CHECK_FILE([/usr/include/apache2/httpd.h], [APACHE_INCLUDE_DIR="/usr/include/apache2"], [
+             AC_MSG_ERROR([Could not locate Apache include directory])
+@@ -21,7 +22,7 @@
+ ])
+ AC_SUBST([APACHE_INCLUDE_DIR])
+ 
+-AC_PATH_PROG([HTTPD], [httpd], , [/usr/local/apache2/bin:/usr/sbin])
++AC_PATH_PROG([HTTPD], [httpd], , [/usr/local/bin:/usr/local/sbin])
+ APACHE_BIN_DIR=`AS_DIRNAME($HTTPD)`
+ AC_SUBST([APACHE_BIN_DIR])
+ 
+@@ -32,7 +33,7 @@
+ ])
+ AC_SUBST([SVN_DIR])
+ 
+-AC_CHECK_FILE([/usr/libexec/apache2/mod_dav.so], [APACHE_MODULES_DIR="/usr/libexec/apache2"], [
++AC_CHECK_FILE([/usr/local/libexec/apache22/mod_dav.so], [APACHE_MODULES_DIR="/usr/local/libexec/apache22"], [
+     AC_CHECK_FILE([/usr/lib64/httpd/modules/mod_dav.so], [APACHE_MODULES_DIR="/usr/lib64/httpd/modules"], [
+         AC_CHECK_FILE([/usr/lib/httpd/modules/mod_dav.so], [APACHE_MODULES_DIR="/usr/lib/httpd/modules"], [
+             AC_CHECK_FILE([/usr/lib/apache2/modules/mod_dav.so], [APACHE_MODULES_DIR="/usr/lib/apache2/modules"], [
+@@ -43,7 +44,7 @@
+ ])
+ AC_SUBST([APACHE_MODULES_DIR])
+ 
+-AC_CHECK_FILE([/usr/local/apache2/conf/httpd.conf], [HTTPD_CONF="/usr/local/apache2/conf/httpd.conf"], [
++AC_CHECK_FILE([/usr/local/etc/apache22/httpd.conf], [HTTPD_CONF="/usr/local/etc/apache22/httpd.conf"], [
+     AC_CHECK_FILE([/etc/httpd/conf/httpd.conf], [HTTPD_CONF="/etc/httpd/conf/httpd.conf"], [
+         AC_CHECK_FILE([/etc/apache2/httpd.conf], [HTTPD_CONF="/etc/apache2/httpd.conf"], [
+             AC_MSG_ERROR([Could not locate Apache configuration file])
+@@ -52,7 +53,7 @@
+ ])
+ AC_SUBST([HTTPD_CONF])
+ 
+-AC_CHECK_FILE([/usr/local/apache2/bin/apxs], [APXS="/usr/local/apache2/bin/apxs"], [
++AC_CHECK_FILE([/usr/local/sbin/apxs], [APXS="/usr/local/sbin/apxs"], [
+     AC_CHECK_FILE([/usr/sbin/apxs], [APXS="/usr/sbin/apxs"], [
+         AC_CHECK_FILE([/usr/bin/apxs2], [APXS="/usr/bin/apxs2"], [
+             AC_MSG_ERROR([Could not locate Apache apxs binary])
+@@ -61,7 +62,7 @@
+ ])
+ AC_SUBST([APXS])
+ 
+-AC_CHECK_FILE([/usr/local/apache2/bin/apachectl], [APACHECTL="/usr/local/apache2/bin/apachectl"], [
++AC_CHECK_FILE([/usr/local/sbin/apachectl], [APACHECTL="/usr/local/sbin/apachectl"], [
+     AC_CHECK_FILE([/usr/sbin/apache2ctl], [APACHECTL="/usr/sbin/apache2ctl"], [
+         AC_CHECK_FILE([/usr/sbin/apachectl], [APACHECTL="/usr/sbin/apachectl"], [
+             AC_MSG_ERROR([Could not locate Apache apachectl binary])

Added: head/www/mod_authnz_crowd/files/patch-src__Makefile.am
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/mod_authnz_crowd/files/patch-src__Makefile.am	Sun Aug 18 21:15:26 2013	(r324938)
@@ -0,0 +1,29 @@
+--- ./src/Makefile.am.orig	2011-03-29 07:51:32.000000000 +0200
++++ ./src/Makefile.am	2013-08-18 22:37:41.000000000 +0200
+@@ -3,9 +3,9 @@
+ lib_LTLIBRARIES = mod_authnz_crowd.la
+ mod_authnz_crowd_la_SOURCES = mod_authnz_crowd.c mod_authnz_crowd.h crowd_client.c crowd_client.h cache.c cache.h util.c util.h
+ mod_authnz_crowd_la_LDFLAGS = -module -lcurl `xml2-config --libs`
+-AM_CFLAGS = `apr-1-config --cflags`
++AM_CFLAGS = `apr-1-config --cflags | sed -e 's/O[[:digit:]]/O1/'`
+ AM_CPPFLAGS = -I@APACHE_INCLUDE_DIR@ `apr-1-config --cppflags --includes` `xml2-config --cflags`
+-CFLAGS=-g -O1   # -O2 causes mysterious crashes
++#CFLAGS=-g -O1   # -O2 causes mysterious crashes
+ TESTS = test.py
+ TESTS_ENVIRONMENT = APACHE_BIN_DIR=@APACHE_BIN_DIR@
+ 
+@@ -18,11 +18,6 @@
+ 	APACHE_MODULES_DIR=@APACHE_MODULES_DIR@ CURDIR=$(CURDIR) envsubst < httpd/conf/httpd_svn.conf.in > httpd/conf/httpd_svn.conf
+ 
+ install:
+-	cp @HTTPD_CONF@ /tmp/httpd.conf.bak
+-	@APXS@ -i -a mod_authnz_crowd.la
+-	@APXS@ -e -a -n dav_svn modules/mod_dav_svn.so
+-	@APXS@ -i -a svn/mod_authz_svn_crowd.la
+-	if [ -e /etc/apache2/mods-enabled/dav.load ]; then mv /etc/apache2/mods-enabled/dav.load /etc/apache2/mods-enabled/1dav.load; fi
+-	if [ -e /etc/apache2/mods-enabled/dav_svn.load ]; then mv /etc/apache2/mods-enabled/dav_svn.load /etc/apache2/mods-enabled/1dav_svn.load; fi
+-	@APACHECTL@ configtest || mv /tmp/httpd.conf.bak @HTTPD_CONF@
+-	@APACHECTL@ graceful
++	@APXS@ -i mod_authnz_crowd.la
++	@APXS@ -e -n dav_svn modules/mod_dav_svn.so
++	@APXS@ -i svn/mod_authz_svn_crowd.la

Added: head/www/mod_authnz_crowd/files/patch-src__svn__Makefile.am
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/mod_authnz_crowd/files/patch-src__svn__Makefile.am	Sun Aug 18 21:15:26 2013	(r324938)
@@ -0,0 +1,11 @@
+--- ./src/svn/Makefile.am.orig	2011-03-29 07:51:32.000000000 +0200
++++ ./src/svn/Makefile.am	2013-06-22 22:54:04.000000000 +0200
+@@ -1,6 +1,6 @@
+ lib_LTLIBRARIES = mod_authz_svn_crowd.la
+ mod_authz_svn_crowd_la_SOURCES = mod_authz_svn_crowd.c
+ mod_authz_svn_crowd_la_LDFLAGS = -module
+-AM_CFLAGS = `apr-1-config --cflags`
++AM_CFLAGS = `apr-1-config --cflags | sed -e 's/O[[:digit:]]/O1/'`
+ AM_CPPFLAGS = -I@APACHE_INCLUDE_DIR@ `apr-1-config --cppflags --includes` -I@SVN_DIR@/include/subversion-1
+-CFLAGS=-g -O1   # -O2 causes mysterious crashes
++#CFLAGS=-g -O1   # -O2 causes mysterious crashes

Added: head/www/mod_authnz_crowd/files/pkg-message.in
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/mod_authnz_crowd/files/pkg-message.in	Sun Aug 18 21:15:26 2013	(r324938)
@@ -0,0 +1,14 @@
+=================================================================
+
+authnz_crowd apache config was installed as
+  %%PREFIX%%/%%APACHEETCDIR%%/Includes/zzz_authnz_crowd.conf
+
+To enable mod_authnz_crowd, you must ensure that the Subversion DAV
+modules are enabled and loaded first, like this:
+
+  LoadModule dav_svn_module %%APACHEMODDIR%%/mod_dav_svn.so
+  LoadModule authz_svn_module %%APACHEMODDIR%%/mod_authz_svn.so
+
+  Include %%APACHEETCDIR%%/Includes/zzz_authnz_crowd.conf
+
+=================================================================

Added: head/www/mod_authnz_crowd/files/zzz_authnz_crowd.conf.in
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/mod_authnz_crowd/files/zzz_authnz_crowd.conf.in	Sun Aug 18 21:15:26 2013	(r324938)
@@ -0,0 +1,7 @@
+# $FreeBSD$
+
+<IfModule dav_svn_module>
+LoadModule authnz_crowd_module %%APACHEMODDIR%%/mod_authnz_crowd.so
+LoadModule authz_svn_crowd_module %%APACHEMODDIR%%/mod_authz_svn_crowd.so
+</IfModule>
+

Added: head/www/mod_authnz_crowd/pkg-descr
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/mod_authnz_crowd/pkg-descr	Sun Aug 18 21:15:26 2013	(r324938)
@@ -0,0 +1,4 @@
+Apache 2.2 connector for Atlassian Crowd to provide authentication and
+authorization support using Basic Auth.
+
+WWW: https://confluence.atlassian.com/display/CROWD/Integrating+Crowd+with+Apache

Added: head/www/mod_authnz_crowd/scripts/configure
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/mod_authnz_crowd/scripts/configure	Sun Aug 18 21:15:26 2013	(r324938)
@@ -0,0 +1,3 @@
+#!/bin/sh
+cd ${WRKSRC}
+autoreconf --install
_______________________________________________
svn-ports-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-ports-all
To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"

Comment 14 Olli Hauer 2013-08-18 22:21:49 UTC

State Changed
From-To: feedback->closed

Committed with minor changes.