Hello community,
here is the log from the commit of package perl-Apache2-AuthCookieDBI for
openSUSE:Factory checked in at 2019-08-22 10:51:47
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/perl-Apache2-AuthCookieDBI (Old)
and /work/SRC/openSUSE:Factory/.perl-Apache2-AuthCookieDBI.new.22127 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "perl-Apache2-AuthCookieDBI"
Thu Aug 22 10:51:47 2019 rev:22 rq:724778 version:2.18
Changes:
--------
---
/work/SRC/openSUSE:Factory/perl-Apache2-AuthCookieDBI/perl-Apache2-AuthCookieDBI.changes
2013-06-06 12:15:21.000000000 +0200
+++
/work/SRC/openSUSE:Factory/.perl-Apache2-AuthCookieDBI.new.22127/perl-Apache2-AuthCookieDBI.changes
2019-08-22 10:51:51.633704007 +0200
@@ -1,0 +2,11 @@
+Sun Aug 18 05:02:50 UTC 2019 - Stephan Kulow <[email protected]>
+
+- updated to 2.18
+ see /usr/share/doc/packages/perl-Apache2-AuthCookieDBI/Changes
+
+ 2.18 - Sat Aug 17 12:35:38 PDT 2019
+ - Fix https://github.com/matisse/Apache-AuthCookieDBI/issues/3
+ "DBI_CryptType crypt does not appear to work"
+ Changes by Ed Sabol https://github.com/esabol
+
+-------------------------------------------------------------------
Old:
----
Apache2-AuthCookieDBI-2.17.tar.gz
New:
----
Apache2-AuthCookieDBI-2.18.tar.gz
cpanspec.yml
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ perl-Apache2-AuthCookieDBI.spec ++++++
--- /var/tmp/diff_new_pack.s1wwKG/_old 2019-08-22 10:51:52.337703913 +0200
+++ /var/tmp/diff_new_pack.s1wwKG/_new 2019-08-22 10:51:52.341703912 +0200
@@ -1,7 +1,7 @@
#
# spec file for package perl-Apache2-AuthCookieDBI
#
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -12,19 +12,20 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: perl-Apache2-AuthCookieDBI
-Version: 2.17
+Version: 2.18
Release: 0
%define cpan_name Apache2-AuthCookieDBI
-Summary: An AuthCookie module backed by a DBI database.
-License: LGPL-2.1+
+Summary: An AuthCookie module backed by a DBI database
+License: LGPL-2.1-or-later
Group: Development/Libraries/Perl
-Url: http://search.cpan.org/dist/Apache2-AuthCookieDBI/
-Source:
http://www.cpan.org/authors/id/M/MA/MATISSE/%{cpan_name}-%{version}.tar.gz
+Url: https://metacpan.org/release/%{cpan_name}
+Source0:
https://cpan.metacpan.org/authors/id/M/MA/MATISSE/%{cpan_name}-%{version}.tar.gz
+Source1: cpanspec.yml
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: perl
@@ -37,14 +38,8 @@
BuildRequires: perl(DBI) >= 1.4
BuildRequires: perl(Date::Calc)
BuildRequires: perl(Digest::SHA) >= 5.47
-BuildRequires: perl(Module::Build) >= 0.4000
+BuildRequires: perl(Module::Build) >= 0.420000
BuildRequires: perl(mod_perl2) >= 1.999022
-#BuildRequires: perl(Apache)
-#BuildRequires: perl(Apache2::Log)
-#BuildRequires: perl(Apache2::Log::Request)
-#BuildRequires: perl(Mock::Tieable)
-#BuildRequires: perl(SSL)
-#BuildRequires: perl(Text::TagTemplate)
Requires: perl(Apache2::AuthCookie) >= 3.08
Requires: perl(Apache2::Const)
Requires: perl(Apache2::RequestRec)
@@ -106,7 +101,7 @@
%setup -q -n %{cpan_name}-%{version}
%build
-%{__perl} Build.PL installdirs=vendor
+perl Build.PL installdirs=vendor
./Build build flags=%{?_smp_mflags}
%check
@@ -118,6 +113,7 @@
%files -f %{name}.files
%defattr(-,root,root,755)
-%doc Changes eg generic_reg_auth_scheme.txt LICENSE README schema.sql
techspec.txt
+%doc Changes generic_reg_auth_scheme.txt README schema.sql techspec.txt
+%license LICENSE
%changelog
++++++ Apache2-AuthCookieDBI-2.17.tar.gz -> Apache2-AuthCookieDBI-2.18.tar.gz
++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Apache2-AuthCookieDBI-2.17/Changes
new/Apache2-AuthCookieDBI-2.18/Changes
--- old/Apache2-AuthCookieDBI-2.17/Changes 2012-12-06 04:41:41.000000000
+0100
+++ new/Apache2-AuthCookieDBI-2.18/Changes 2019-08-17 21:40:34.000000000
+0200
@@ -1,5 +1,9 @@
Revision history for Perl extension Apache2::AuthCookieDBI.
+2.18 - Sat Aug 17 12:35:38 PDT 2019
+ - Fix https://github.com/matisse/Apache-AuthCookieDBI/issues/3
+ "DBI_CryptType crypt does not appear to work"
+ Changes by Ed Sabol https://github.com/esabol
2.17
- Added support for Digest::SHA::sha256/384/512_hex digests for passwords.
This is a response to https://rt.cpan.org/Ticket/Display.html?id=79333
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Apache2-AuthCookieDBI-2.17/META.json
new/Apache2-AuthCookieDBI-2.18/META.json
--- old/Apache2-AuthCookieDBI-2.17/META.json 2012-12-06 04:41:41.000000000
+0100
+++ new/Apache2-AuthCookieDBI-2.18/META.json 2019-08-17 21:40:34.000000000
+0200
@@ -4,13 +4,13 @@
"unknown"
],
"dynamic_config" : 1,
- "generated_by" : "Module::Build version 0.4003, CPAN::Meta::Converter
version 2.112150",
+ "generated_by" : "Module::Build version 0.4229",
"license" : [
- "open_source"
+ "lgpl_2_1"
],
"meta-spec" : {
"url" : "http://search.cpan.org/perldoc?CPAN::Meta::Spec";,
- "version" : "2"
+ "version" : 2
},
"name" : "Apache2-AuthCookieDBI",
"prereqs" : {
@@ -22,7 +22,7 @@
},
"configure" : {
"requires" : {
- "Module::Build" : "0.40"
+ "Module::Build" : "0.42"
}
},
"runtime" : {
@@ -31,15 +31,15 @@
},
"requires" : {
"Apache2::AuthCookie" : "3.08",
- "Apache2::Const" : 0,
- "Apache2::RequestRec" : 0,
- "Apache2::ServerUtil" : 0,
- "Carp" : 0,
+ "Apache2::Const" : "0",
+ "Apache2::RequestRec" : "0",
+ "Apache2::ServerUtil" : "0",
+ "Carp" : "0",
"Crypt::CBC" : "2.13",
"DBI" : "1.4",
- "Date::Calc" : 0,
- "Digest::MD5" : 0,
- "FindBin" : 0,
+ "Date::Calc" : "0",
+ "Digest::MD5" : "0",
+ "FindBin" : "0",
"mod_perl2" : "1.999022"
}
}
@@ -47,7 +47,7 @@
"provides" : {
"Apache2::AuthCookieDBI" : {
"file" : "lib/Apache2/AuthCookieDBI.pm",
- "version" : "2.17"
+ "version" : "2.18"
}
},
"release_status" : "stable",
@@ -59,5 +59,6 @@
"url" : "https://github.com/matisse/Apache-AuthCookieDBI";
}
},
- "version" : "2.17"
+ "version" : "2.18",
+ "x_serialization_backend" : "JSON::PP version 4.04"
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Apache2-AuthCookieDBI-2.17/META.yml
new/Apache2-AuthCookieDBI-2.18/META.yml
--- old/Apache2-AuthCookieDBI-2.17/META.yml 2012-12-06 04:41:41.000000000
+0100
+++ new/Apache2-AuthCookieDBI-2.18/META.yml 2019-08-17 21:40:34.000000000
+0200
@@ -3,36 +3,37 @@
author:
- unknown
build_requires:
- Digest::SHA: 5.47
- Test::More: 0.4
+ Digest::SHA: '5.47'
+ Test::More: '0.4'
configure_requires:
- Module::Build: 0.40
+ Module::Build: '0.42'
dynamic_config: 1
-generated_by: 'Module::Build version 0.4003, CPAN::Meta::Converter version
2.112150'
-license: open_source
+generated_by: 'Module::Build version 0.4229, CPAN::Meta::Converter version
2.150010'
+license: lgpl
meta-spec:
url: http://module-build.sourceforge.net/META-spec-v1.4.html
- version: 1.4
+ version: '1.4'
name: Apache2-AuthCookieDBI
provides:
Apache2::AuthCookieDBI:
file: lib/Apache2/AuthCookieDBI.pm
- version: 2.17
+ version: '2.18'
recommends:
- Digest::SHA: 5.47
+ Digest::SHA: '5.47'
requires:
- Apache2::AuthCookie: 3.08
- Apache2::Const: 0
- Apache2::RequestRec: 0
- Apache2::ServerUtil: 0
- Carp: 0
- Crypt::CBC: 2.13
- DBI: 1.4
- Date::Calc: 0
- Digest::MD5: 0
- FindBin: 0
- mod_perl2: 1.999022
+ Apache2::AuthCookie: '3.08'
+ Apache2::Const: '0'
+ Apache2::RequestRec: '0'
+ Apache2::ServerUtil: '0'
+ Carp: '0'
+ Crypt::CBC: '2.13'
+ DBI: '1.4'
+ Date::Calc: '0'
+ Digest::MD5: '0'
+ FindBin: '0'
+ mod_perl2: '1.999022'
resources:
license: http://opensource.org/licenses/lgpl-license.php
repository: https://github.com/matisse/Apache-AuthCookieDBI
-version: 2.17
+version: '2.18'
+x_serialization_backend: 'CPAN::Meta::YAML version 0.018'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Apache2-AuthCookieDBI-2.17/Makefile.PL
new/Apache2-AuthCookieDBI-2.18/Makefile.PL
--- old/Apache2-AuthCookieDBI-2.17/Makefile.PL 2012-12-06 04:41:41.000000000
+0100
+++ new/Apache2-AuthCookieDBI-2.18/Makefile.PL 2019-08-17 21:40:34.000000000
+0200
@@ -1,26 +1,26 @@
-# Note: this file was auto-generated by Module::Build::Compat version 0.4003
+# Note: this file was auto-generated by Module::Build::Compat version 0.4229
use ExtUtils::MakeMaker;
WriteMakefile
(
- 'PL_FILES' => {},
- 'INSTALLDIRS' => 'site',
- 'NAME' => 'Apache2::AuthCookieDBI',
- 'EXE_FILES' => [],
- 'VERSION_FROM' => 'lib/Apache2/AuthCookieDBI.pm',
'PREREQ_PM' => {
- 'Apache2::Const' => 0,
+ 'Crypt::CBC' => '2.13',
'Apache2::AuthCookie' => '3.08',
'FindBin' => 0,
- 'Apache2::RequestRec' => 0,
+ 'Apache2::Const' => 0,
+ 'DBI' => '1.4',
+ 'Digest::MD5' => 0,
+ 'Digest::SHA' => '5.47',
+ 'Date::Calc' => 0,
'mod_perl2' => '1.999022',
- 'Carp' => 0,
'Test::More' => '0.4',
- 'Date::Calc' => 0,
- 'Crypt::CBC' => '2.13',
- 'Digest::SHA' => '5.47',
- 'Digest::MD5' => 0,
'Apache2::ServerUtil' => 0,
- 'DBI' => '1.4'
- }
+ 'Carp' => 0,
+ 'Apache2::RequestRec' => 0
+ },
+ 'INSTALLDIRS' => 'site',
+ 'EXE_FILES' => [],
+ 'VERSION_FROM' => 'lib/Apache2/AuthCookieDBI.pm',
+ 'PL_FILES' => {},
+ 'NAME' => 'Apache2::AuthCookieDBI'
)
;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/Apache2-AuthCookieDBI-2.17/lib/Apache2/AuthCookieDBI.pm
new/Apache2-AuthCookieDBI-2.18/lib/Apache2/AuthCookieDBI.pm
--- old/Apache2-AuthCookieDBI-2.17/lib/Apache2/AuthCookieDBI.pm 2012-12-06
04:41:41.000000000 +0100
+++ new/Apache2-AuthCookieDBI-2.18/lib/Apache2/AuthCookieDBI.pm 2019-08-17
21:40:34.000000000 +0200
@@ -33,7 +33,7 @@
use strict;
use warnings;
use 5.010_000;
-our $VERSION = '2.17';
+our $VERSION = '2.18';
use Apache2::AuthCookie;
use base qw( Apache2::AuthCookie );
@@ -337,7 +337,7 @@
}
# Compile module for password encryption, if needed.
- if ( $c{'DBI_CryptType'} =~ '^sha') {
+ if ( $c{'DBI_CryptType'} =~ /^sha/ ) {
require Digest::SHA;
}
@@ -372,13 +372,12 @@
only readable by root, or put the PerlSetVar in a file only readable by
root and include it.
-This is required and has no default value.
-(NOTE: In AuthCookieDBI versions 1.22 and earlier the secret key either could
be
-set in the configuration file itself
-or it could be place in a seperate file with the path configured with
+This is required and has no default value. (NOTE: In AuthCookieDBI versions
+1.22 and earlier the secret key either could be set in the configuration file
+itself or it could be placed in a separate file with the path configured with
C<PerlSetVar WhateverDBI_SecretKeyFile>.
-As of version 2.0 you must use C<WhateverDBI_SecretKey> and not
+As of version 2.0, you must use C<WhateverDBI_SecretKey> and not
C<PerlSetVar WhateverDBI_SecretKeyFile>.
If you want to put the secret key in a separate file then you can create a
@@ -516,8 +515,7 @@
my %password_checker = (
'none' => sub { return $password eq $crypted_password; },
'crypt' => sub {
- $class->_crypt_digest( $password, $crypted_password ) eq
- $crypted_password;
+ return crypt( $password, $crypted_password ) eq $crypted_password;
},
'md5' => sub { return md5_hex($password) eq $crypted_password; },
'sha256' => sub {
@@ -533,12 +531,6 @@
return $password_checker{$crypt_type}->();
}
-sub _crypt_digest {
- my ( $class, $plaintext, $encrypted ) = @_;
- my $salt = substr $encrypted, 0, 2;
- return crypt $plaintext, $salt;
-}
-
#-------------------------------------------------------------------------------
# _percent_encode -- Percent-encode (like URI encoding) any non-alphanumberics
# in the supplied string.
@@ -615,12 +607,16 @@
my $crypted_password = EMPTY_STRING;
+ my $PasswordField = $dbh->quote_identifier($c{'DBI_PasswordField'});
+ my $UsersTable = $dbh->quote_identifier($c{'DBI_UsersTable'});
+ my $UserField = $dbh->quote_identifier($c{'DBI_UserField'});
+
my $sql_query = <<"SQL";
- SELECT `$c{'DBI_PasswordField'}`
- FROM `$c{'DBI_UsersTable'}`
- WHERE `$c{'DBI_UserField'}` = ?
- AND (`$c{'DBI_PasswordField'}` != ''
- AND `$c{'DBI_PasswordField'}` IS NOT NULL)
+ SELECT $PasswordField
+ FROM $UsersTable
+ WHERE $UserField = ?
+ AND ($PasswordField != ''
+ AND $PasswordField IS NOT NULL)
SQL
my $sth = $dbh->prepare_cached($sql_query);
$sth->execute($user);
@@ -964,11 +960,15 @@
my $dbh = $class->_dbi_connect($r) || return Apache2::Const::SERVER_ERROR;
# Now loop through all the groups to see if we're a member of any:
+ my $DBI_GroupUserField = $dbh->quote_identifier($c{'DBI_GroupUserField'});
+ my $DBI_GroupsTable = $dbh->quote_identifier($c{'DBI_GroupsTable'});
+ my $DBI_GroupField = $dbh->quote_identifier($c{'DBI_GroupField'});
+
my $sth = $dbh->prepare_cached( <<"EOS" );
-SELECT `$c{'DBI_GroupUserField'}`
-FROM `$c{'DBI_GroupsTable'}`
-WHERE `$c{'DBI_GroupField'}` = ?
-AND `$c{'DBI_GroupUserField'}` = ?
+SELECT $DBI_GroupUserField
+FROM $DBI_GroupsTable
+WHERE $DBI_GroupField = ?
+AND $DBI_GroupUserField = ?
EOS
foreach my $group (@groups) {
$sth->execute( $group, $user );
@@ -999,10 +999,14 @@
}
my $dbh = $class->_dbi_connect($r) || return;
+ my $ActiveFieldName = $dbh->quote_identifier($active_field_name);
+ my $DBI_UsersTable = $dbh->quote_identifier($c{'DBI_UsersTable'});
+ my $DBI_UserField = $dbh->quote_identifier($c{'DBI_UserField'});
+
my $sql_query = <<"SQL";
- SELECT `$active_field_name`
- FROM `$c{'DBI_UsersTable'}`
- WHERE `$c{'DBI_UserField'}` = ?
+ SELECT $ActiveFieldName
+ FROM $DBI_UsersTable
+ WHERE $DBI_UserField = ?
SQL
my $sth = $dbh->prepare_cached($sql_query);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Apache2-AuthCookieDBI-2.17/t/mock_libs/DBI.pm
new/Apache2-AuthCookieDBI-2.18/t/mock_libs/DBI.pm
--- old/Apache2-AuthCookieDBI-2.17/t/mock_libs/DBI.pm 2012-12-06
04:41:41.000000000 +0100
+++ new/Apache2-AuthCookieDBI-2.18/t/mock_libs/DBI.pm 2019-08-17
21:40:34.000000000 +0200
@@ -35,6 +35,10 @@
my ($self, @args) = @_;
return bless {}, 'DBI::Mock::sth';
}
+sub quote_identifier {
+ my ($self, $arg) = @_;
+ return $arg;
+}
package DBI::Mock::sth;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Apache2-AuthCookieDBI-2.17/t/utils.t
new/Apache2-AuthCookieDBI-2.18/t/utils.t
--- old/Apache2-AuthCookieDBI-2.17/t/utils.t 2012-12-06 04:41:41.000000000
+0100
+++ new/Apache2-AuthCookieDBI-2.18/t/utils.t 2019-08-17 21:40:34.000000000
+0200
@@ -226,21 +226,21 @@
sub test_check_password_digest_crypt {
my $plaintext_password = 'plaintext password';
- my $crypt_encrypted
- = CLASS_UNDER_TEST->_crypt_digest( $plaintext_password,
- $plaintext_password );
+ my $salt = join('',
+ (('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64]));
+ my $crypted_password = crypt( $plaintext_password, $salt );
Test::More::ok(
CLASS_UNDER_TEST->_check_password(
- $plaintext_password, $crypt_encrypted, 'crypt'
+ $plaintext_password, $crypted_password, 'crypt'
),
- '_check_password() success case with crypt digest'
+ '_check_password() success case with crypt'
);
Test::More::ok(
!CLASS_UNDER_TEST->_check_password(
$plaintext_password, 'no match', 'crypt'
),
- '_check_password() failure case with crypt digest'
+ '_check_password() failure case with crypt'
);
return TRUE;
++++++ cpanspec.yml ++++++
---
#description_paragraphs: 3
#description: |-
# override description from CPAN
#summary: override summary from CPAN
#no_testing: broken upstream
#sources:
# - source1
# - source2
#patches:
# foo.patch: -p1
# bar.patch:
#preamble: |-
# BuildRequires: gcc-c++
#post_prep: |-
# hunspell=`pkg-config --libs hunspell | sed -e 's,-l,,; s, *,,g'`
# sed -i -e "s,hunspell-X,$hunspell," t/00-prereq.t Makefile.PL
#post_build: |-
# rm unused.files
#post_install: |-
# sed on %{name}.files
#license: SUSE-NonFree
#skip_noarch: 1
#custom_build: |-
#./Build build flags=%{?_smp_mflags} --myflag
#custom_test: |-
#startserver && make test
#ignore_requires: Bizarre::Module
