=== removed file 'a/ebuild/vultureng-1.90p1.ebuild' --- a/ebuild/vultureng-1.90p1.ebuild +++ /dev/null @@ -1,91 +0,0 @@ -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvs/vultureng/ebuild/vultureng-1.1.ebuild,v 1.6 2006/01/19 14:01:55 jjn Exp $ - -inherit flag-o-matic eutils - -GENTOO_PATCHNAME="${PN}-${PV}" -GENTOO_PATCHDIR="${WORKDIR}/${GENTOO_PATCHNAME}/ebuild" - -DESCRIPTION="INTRINsec Reverse Proxy" -HOMEPAGE="http://vulture.open-source.fr" -SRC_URI="http://arnaud.desmons.free.fr/vulture/${PN}-${PV}.tar.bz2" -S=${WORKDIR}/${PN}-${PV} -LICENSE="GPL-2" -SLOT="0" - -KEYWORDS="~x86" -IUSE="ldap apache2 postgres dba pear sqlite session curl cli pcre mcrypt" - -INTRINsec_HOME="/opt/INTRINsec" - -RDEPEND="dev-lang/perl -dev-perl/perl-ldap -dev-perl/Apache-Session -=dev-perl/DBD-SQLite-0.31 -dev-perl/DBD-Pg -dev-perl/libwww-perl -net-www/mod_security ->=www-apache/mod_perl-2.0.1 ->=net-www/apache-2.0.52 -dev-lang/php -app-admin/sudo ->=dev-perl/crypt-cbc-2.15 -dev-perl/Crypt-Blowfish -dev-perl/Digest-SHA1 -dev-libs/openssl -" - -DEPEND="dev-libs/openssl -=dev-db/sqlite-2.8* -dev-lang/perl -" - -src_unpack() { - - unpack ${A} || die - cd ${S} || die - - EPATCH_SUFFIX="patch" - epatch ${GENTOO_PATCHDIR}/*.patch || die "internal ebuild error" -} - -src_compile() { - sqlite sql/db < sql/sqlite.dump - sqlite sql/sessions < sql/sessions.dump - rm -f lib/Vulture/Makefile - libpath=`perl -MConfig -e 'print $Config{sitelib}'` - make OPT=LIB=${D}/${libpath} - cd lib/SSLLookup && perl Makefile.PL DESTDIR=${D} && make CCFLAGS=-I/usr/include/apr-0 - rm -f ../../lib/Authen-Radius-0.12/install-radius-db.PL - cd ../../lib/Data-HexDump-0.02 && perl Makefile.PL && make - cd ../../lib/Authen-Radius-0.12 && perl Makefile.PL && make -} - -src_install () { - make PREFIX=${D}${INTRINsec_HOME} NAME=${PN} install - make -C lib/SSLLookup install - make -C lib/Data-HexDump-0.02 DESTDIR=${D} install - make -C lib/Authen-Radius-0.12 DESTDIR=${D} install - - insinto /etc/raddb - doins lib/Authen-Radius-0.12/raddb/dictionary* - fowners apache:apache ${INTRINsec_HOME}/${PN} - insopts -m0600 -o apache -g apache - insinto ${INTRINsec_HOME}/${PN}/conf - doins ebuild/httpd.conf - insinto ${INTRINsec_HOME}/${PN}/www - doins ebuild/config.php - insinto ${INTRINsec_HOME}/${PN}/sql - doins sql/db - newinitd ebuild/VultureNG.init vultureng -} - -pkg_postinst() { - openssl req -x509 -newkey rsa:2048 -batch -nodes\ - -config ${INTRINsec_HOME}/${PN}/conf/openssl.cnf\ - -out ${INTRINsec_HOME}/${PN}/conf/vultureng.crt\ - -keyout ${INTRINsec_HOME}/${PN}/conf/vultureng.key - einfo "Vulture is installed. You can now type the following :" - einfo "echo \"apache ALL=NOPASSWD:/usr/sbin/apache2\" >> /etc/sudoers" -} === added file 'b/ChangeLog' --- /dev/null +++ b/ChangeLog @@ -0,0 +1,118 @@ +VultureNG ChangeLog + +Version 1.90p2 +30-May-2006 + * Bug with ACL http://groups.open-source.fr/viewtopic.php?t=306#724 + * Missing "Profiles" in menu + * Bug with ACL in the administration interface + * Some translation updates + +Version 1.90p1 +25-May-2006 + * Bug in ProxyPassReverse (Location wasn't rewritten) + * Bug in authentication ids (authentication didn't work + in some cases) + +Version 1.90 +26-Apr-2006 + * Application’s session timeout configuration + * “Host” header overwriting (no more workaround with /etc/hosts) + * Authentication is now possible with only one name or IP (sso portal + name can be the same as an application name) + * New CSS (click on the top banner to switch) + * “Check for update” link + +Version 1.1 +24-Jan-2006 + * ACL now linked with applications to keep SSO + * Radius authentication + * One Time Password management + * Misc GUI improvements + * Easter egg + +Version 1.0 +25-Oct-2005 + + * Load balancing + * Dynamic variables (headers, SSO Forward) + * Cleanup into ResponseHandler (favicon fixed) + * Authentication via form (was Basic) + * Passwords encryption into database + * SSO proxy configuration now in IHM + * Hash algorithms for SQL authentication + * ACL for SSL authentication + * Rooster integration + * DB migration's dump + +Version 0.9 +29-Aug-2005 + + * Fixed IE cache (thx to bounty) + http://groups.open-source.fr/viewtopic.php?t=25 + * mod_perl 2.0 renaming (thx to bounty) + http://perl.apache.org/docs/2.0/rename.html + http://groups.open-source.fr/viewtopic.php?t=25 + * Win32 DBD:SQLite multithread workaround (thx to bounty) + http://groups.open-source.fr/viewtopic.php?t=25 + * IHM improvements (thx to glr) + * PNG transparency hack for IE + http://www.youngpup.net/2001/sleight + * Added support for application's headers customization + * Fixed buildrequires to sqlite < 3 + * Fixed minus in alias + +Version 0.8 +20-Jun-2005 + + * Fixed interface deletion (thanks to oeufdure) + * Fixed menu in IE + +Version 0.7 +07-Jun-2005 + + * Added support of regexp for application names + +Version 0.6 +24-May-2005 + + * Gentoo packaging + +Version 0.5 +25-April-2005 + + * Mdk packaging + +Version 0.4 +18-April-2005 + + * Fixed the "SSO_FORWARD_DISPLAY" bug in application edition form + * Added support for port number in private address + * Autologon Support + * ServerAlias Support + * Allow rewrite rules to return HTTP Status Codes + * Applications are now binded to an interface + * Custom Log Format for both interfaces and applications + * Several RPM minor changes + +Version 0.3 +21-March-2005 + + * Support of SSLVerifyClient in SSL CA Authentication + * SSO Forward + * mod_access implementation + * SSL Engine + * Sqlite2 -> Sqlite1 + * RPM Spec File modification + * ebuild Modification + +Version 0.2 +08-March-2005 + + * Fixed a trailing slash bug in rewrite_rules + * Fixed a bug in LDAP Group Authentication + * Basic authentication instead of form + +Version 0.1 +04-March-2005 + + * Initial Release === added file 'b/ebuild/vultureng-1.90p2.ebuild' --- /dev/null +++ b/ebuild/vultureng-1.90p2.ebuild @@ -0,0 +1,91 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvs/vultureng/ebuild/vultureng-1.1.ebuild,v 1.6 2006/01/19 14:01:55 jjn Exp $ + +inherit flag-o-matic eutils + +GENTOO_PATCHNAME="${PN}-${PV}" +GENTOO_PATCHDIR="${WORKDIR}/${GENTOO_PATCHNAME}/ebuild" + +DESCRIPTION="INTRINsec Reverse Proxy" +HOMEPAGE="http://vulture.open-source.fr" +SRC_URI="http://arnaud.desmons.free.fr/vulture/${PN}-${PV}.tar.bz2" +S=${WORKDIR}/${PN}-${PV} +LICENSE="GPL-2" +SLOT="0" + +KEYWORDS="~x86" +IUSE="ldap apache2 postgres dba pear sqlite session curl cli pcre mcrypt" + +INTRINsec_HOME="/opt/INTRINsec" + +RDEPEND="dev-lang/perl +dev-perl/perl-ldap +dev-perl/Apache-Session +=dev-perl/DBD-SQLite-0.31 +dev-perl/DBD-Pg +dev-perl/libwww-perl +net-www/mod_security +>=www-apache/mod_perl-2.0.1 +>=net-www/apache-2.0.52 +dev-lang/php +app-admin/sudo +>=dev-perl/crypt-cbc-2.15 +dev-perl/Crypt-Blowfish +dev-perl/Digest-SHA1 +dev-libs/openssl +" + +DEPEND="dev-libs/openssl +=dev-db/sqlite-2.8* +dev-lang/perl +" + +src_unpack() { + + unpack ${A} || die + cd ${S} || die + + EPATCH_SUFFIX="patch" + epatch ${GENTOO_PATCHDIR}/*.patch || die "internal ebuild error" +} + +src_compile() { + sqlite sql/db < sql/sqlite.dump + sqlite sql/sessions < sql/sessions.dump + rm -f lib/Vulture/Makefile + libpath=`perl -MConfig -e 'print $Config{sitelib}'` + make OPT=LIB=${D}/${libpath} + cd lib/SSLLookup && perl Makefile.PL DESTDIR=${D} && make CCFLAGS=-I/usr/include/apr-0 + rm -f ../../lib/Authen-Radius-0.12/install-radius-db.PL + cd ../../lib/Data-HexDump-0.02 && perl Makefile.PL && make + cd ../../lib/Authen-Radius-0.12 && perl Makefile.PL && make +} + +src_install () { + make PREFIX=${D}${INTRINsec_HOME} NAME=${PN} install + make -C lib/SSLLookup install + make -C lib/Data-HexDump-0.02 DESTDIR=${D} install + make -C lib/Authen-Radius-0.12 DESTDIR=${D} install + + insinto /etc/raddb + doins lib/Authen-Radius-0.12/raddb/dictionary* + fowners apache:apache ${INTRINsec_HOME}/${PN} + insopts -m0600 -o apache -g apache + insinto ${INTRINsec_HOME}/${PN}/conf + doins ebuild/httpd.conf + insinto ${INTRINsec_HOME}/${PN}/www + doins ebuild/config.php + insinto ${INTRINsec_HOME}/${PN}/sql + doins sql/db + newinitd ebuild/VultureNG.init vultureng +} + +pkg_postinst() { + openssl req -x509 -newkey rsa:2048 -batch -nodes\ + -config ${INTRINsec_HOME}/${PN}/conf/openssl.cnf\ + -out ${INTRINsec_HOME}/${PN}/conf/vultureng.crt\ + -keyout ${INTRINsec_HOME}/${PN}/conf/vultureng.key + einfo "Vulture is installed. You can now type the following :" + einfo "echo \"apache ALL=NOPASSWD:/usr/sbin/apache2\" >> /etc/sudoers" +} === modified file 'a/Makefile' --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ NAME = vultureng -VERSION = 1.90p1 +VERSION = 1.90p2 PREFIX = /opt/INTRINsec DIRS = sql www conf === modified file 'a/lib/Vulture/lib/Vulture/ResponseHandler.pm' --- a/lib/Vulture/lib/Vulture/ResponseHandler.pm +++ b/lib/Vulture/lib/Vulture/ResponseHandler.pm @@ -28,7 +28,7 @@ sub acl_ldap { my ($app, $dbh, $user) = @_; - my $query = "SELECT id_user FROM acl WHERE id_user='".$user."' AND id_app='".$app->{id}."' AND id_auth='".$app->{id_method}."'"; + my $query = "SELECT id_user FROM acl WHERE id_user='".$user."' AND id_app='".$app->{id}."' AND id_auth='".$app->{auth}."'"; my $sth = $dbh->prepare($query); $sth->execute; === modified file 'a/rpm/vultureng.spec' --- a/rpm/vultureng.spec +++ b/rpm/vultureng.spec @@ -15,7 +15,7 @@ %endif %define name vultureng -%define version 1.90p1 +%define version 1.90p2 Summary: VultureNG Reverse Proxy Name: %name @@ -102,6 +102,9 @@ %changelog +* Thu May 30 2006 Arnaud Desmons 1.90p2 +- 1.90p2 + * Thu May 25 2006 Arnaud Desmons 1.90p1 - 1.90p1 === modified file 'a/sql/sqlite.dump' --- a/sql/sqlite.dump +++ b/sql/sqlite.dump @@ -9,7 +9,7 @@ INSERT INTO auth VALUES(1,3,1); CREATE TABLE ca (id INTEGER PRIMARY KEY, name TEXT NOT NULL, crt TEXT NOT NULL, ssl_constraint TEXT, require TEXT NOT NULL); CREATE TABLE conf (var TEXT NOT NULL, value TEXT); -INSERT INTO conf VALUES('version','1.90p1'); +INSERT INTO conf VALUES('version','1.90p2'); CREATE TABLE config (default_filter_config TEXT NOT NULL, default_access_config TEXT NOT NULL); INSERT INTO config VALUES('#Default mod_security config SecFilterCheckURLEncoding On === modified file 'a/sql/sqlite.dump.1.90' --- a/sql/sqlite.dump.1.90 +++ b/sql/sqlite.dump.1.90 @@ -15,4 +15,4 @@ DROP TABLE tmp; UPDATE sql SET uri='dbi:SQLite:dbname=/opt/INTRINsec/vultureng/sql/db' WHERE uri='dbi:SQLite:dbname=/opt/INTRINsec/VultureNG/sql/db'; -UPDATE conf SET value='1.90p1' WHERE var='version'; +UPDATE conf SET value='1.90p2' WHERE var='version'; === modified file 'a/www/WEB-INF/classes/ACL.php' --- a/www/WEB-INF/classes/ACL.php +++ b/www/WEB-INF/classes/ACL.php @@ -24,7 +24,7 @@ $this->id_auth = $id_auth; } - function getPass($id, $is_grp) { + function getPass($id, $is_group) { $db = $this->db; $result = $db->query("SELECT id FROM acl WHERE ".($is_group ? "id_group" : "id_user") ."='". @@ -41,7 +41,7 @@ return $row['id']; } - function setPass($id, $pass, $is_grp) { + function setPass($id, $pass, $is_group) { $db = $this->db; $db->query("DELETE FROM acl WHERE ".($is_group ? "id_group" : "id_user")."='".$id. "' AND id_app='".$this->id_app."' AND id_auth='".$this->id_auth."'"); === modified file 'a/www/WEB-INF/tpl/edit_if_ssl.tpl' --- a/www/WEB-INF/tpl/edit_if_ssl.tpl +++ b/www/WEB-INF/tpl/edit_if_ssl.tpl @@ -52,7 +52,7 @@
-

".$i18n["edit_if"]."

+

".$i18n["edit_if"]."

=== modified file 'a/www/locales/en.inc.php' --- a/www/locales/en.inc.php +++ b/www/locales/en.inc.php @@ -29,6 +29,7 @@ /* User */ $i18n ["user"] = "Users"; + $i18n ["users"] = "Users"; $i18n ["login"] = "Login"; $i18n ["lastname"] = "Last name"; $i18n ["firstname"] = "First name"; @@ -45,6 +46,7 @@ $i18n["internet"] = "Internet name"; $i18n["alias"] = "Alias"; $i18n["private"] = "Private URL"; + $i18n["timeout"] = "Timeout"; $i18n["auth_method"] = "Authentication Methods"; $i18n["rewrite"] = "Rewriting rules"; $i18n["access"] = "Access Control"; @@ -52,15 +54,19 @@ $i18n["activate_rewrite"] = "URL rewriting"; $i18n["deactivate_rewrite"] = "No URL rewriting"; $i18n["activate_access"] = "Access control"; - $i18n["deactivate_access"] = "NO Access control"; + $i18n["deactivate_access"] = "No Access control"; $i18n["activate_security"] = "URL filtering"; $i18n["deactivate_security"] = "No URL filtering"; - $i18n["activate_post"] = "SSO Forward ®"; - $i18n["deactivate_post"] = "NO SSO Forward ®"; + $i18n["activate_post"] = "SSO Forward"; + $i18n["deactivate_post"] = "No SSO Forward"; $i18n["sso_forward"] = "SSO Forward ® : Authentication propagation"; $i18n["profiles"] = "Profiles"; $i18n["_profiles"] = "profiles"; - + $i18n["activate_header"] = "HTTP headers"; + $i18n["deactivate_header"] = "No HTTP headers"; + $i18n["activate_load_balancing"] = "Load balancing"; + $i18n["deactivate_load_balancing"] = "No load balancing"; + $i18n["post"] = "Form authentication"; $i18n["post_url"] = "Authentication Form URL"; $i18n["add_field"] = "Add a field"; @@ -75,6 +81,9 @@ $i18n["autologon"] = "Application's login/password and Vulture's login/password are identical"; $i18n["autologon_missing"] = "Please define a 'autologon_user' field and a 'autologon_password' field"; + $i18n["enable_proxy"] = "Enable SSO portal"; + $i18n["disable_proxy"] = "Disable SSO portal"; + $i18n["proxy_name"] = "SSO portal name"; /* Interfaces */ $i18n["interface"] = "Interfaces"; @@ -82,7 +91,7 @@ $i18n["ip_port"] = "Port"; $i18n["status"] = "Status"; $i18n["add_if"] = "Interface add"; - $i18n["edit_if"] = "Interface edit"; + $i18n["edit_if"] = "Interface edition"; $i18n["activate_ssl"] = "SSL activation"; $i18n["deactivate_ssl"] = "SSL canceling"; $i18n["ca_crt"] = "Certification authority certificate"; @@ -127,11 +136,11 @@ $i18n["ldap_group_member"]= "Searching attribute in groups"; $i18n["ldap_group_is_dn"]= "Searching attibute is a DN"; - $i18n["enable_acl"] = "Access list administration"; + $i18n["enable_acl"] = "ACL administration"; $i18n["acl_enabled"] = "Adminitrate an access list"; $i18n["disable_acl"] = "Allow for all"; - $i18n["user_access"] = "Access list by user"; - $i18n["group_access"] = "Acess list by group"; + $i18n["user_access"] = "ACL by user"; + $i18n["group_access"] = "ACL by group"; $i18n["avail_user"] = "Available users list"; $i18n["in_user"] = "Authorized users list"; $i18n["avail_group"] = "Available groups list";