From bf6230c5acbbf243787732d8150988a4c1a813a3 Mon Sep 17 00:00:00 2001
From: Xavier Guimard
Date: Sun, 11 Oct 2009 08:13:50 +0000
Subject: [PATCH] VERSION 0.9.4.1
---
build/lemonldap-ng/changelog | 18 ++-
build/lemonldap-ng/debian/po/ru.po | 135 ++++++++++++++++++
.../doc/4.1-Configuration-overview.html | 42 +++++-
.../4.5-Multiple-authentication-backend.html | 32 ++++-
.../lib/Lemonldap/NG/Common/Apache/Session.pm | 2 +-
.../lib/Lemonldap/NG/Common/CGI.pm | 2 +-
.../lib/Lemonldap/NG/Common/Crypto.pm | 2 +-
.../lib/Lemonldap/NG/Handler/CGI.pm | 2 +-
.../lib/Lemonldap/NG/Handler/Simple.pm | 2 +-
.../lib/Lemonldap/NG/Manager.pm | 2 +-
.../lib/Lemonldap/NG/Portal/AuthCAS.pm | 2 +-
.../lib/Lemonldap/NG/Portal/Menu.pm | 2 +-
.../lib/Lemonldap/NG/Portal/Simple.pm | 2 +-
.../lib/Lemonldap/NG/Portal/_Multi.pm | 2 +-
14 files changed, 227 insertions(+), 20 deletions(-)
create mode 100644 build/lemonldap-ng/debian/po/ru.po
diff --git a/build/lemonldap-ng/changelog b/build/lemonldap-ng/changelog
index 81b848951..a643bfc71 100644
--- a/build/lemonldap-ng/changelog
+++ b/build/lemonldap-ng/changelog
@@ -1,10 +1,20 @@
lemonldap-ng (0.9.5) unstable; urgency=low
- * Bugs :
- - bad XML filter when embedding in tags
- - testUri() not usable in Lemonldap::NG::Handler::CGI
+ * TODO
- -- Xavier Guimard Thu, 20 Aug 2009 16:20:26 +0200
+ -- Xavier Guimard Sun, 11 Oct 2009 09:08:46 +0200
+
+lemonldap-ng (0.9.4.1) unstable; urgency=low
+
+ * Safe jail update
+ * Many little bugs in Handler/CGI.pm
+ * Apache::Session::LDAP was not usable with session explorer
+ * syslog facility was not taken in account in Common/CGI.pm
+ * require failed in _Multi.pm
+ * doc update
+ * ru debconf translation (Closes: #550552 / bugs.debian.org)
+
+ -- Xavier Guimard Sun, 11 Oct 2009 09:36:35 +0200
lemonldap-ng (0.9.4) unstable; urgency=low
diff --git a/build/lemonldap-ng/debian/po/ru.po b/build/lemonldap-ng/debian/po/ru.po
new file mode 100644
index 000000000..7afd38260
--- /dev/null
+++ b/build/lemonldap-ng/debian/po/ru.po
@@ -0,0 +1,135 @@
+# translation of lemonldap-ng_0.9.4-1_ru.po to Russian
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+#
+# Yuri Kozlov , 2009.
+msgid ""
+msgstr ""
+"Project-Id-Version: lemonldap-ng 0.9.4-1\n"
+"Report-Msgid-Bugs-To: x.guimard@free.fr\n"
+"POT-Creation-Date: 2007-09-22 13:08+0200\n"
+"PO-Revision-Date: 2009-10-01 09:27+0400\n"
+"Last-Translator: Yuri Kozlov \n"
+"Language-Team: Russian \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.11.4\n"
+"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:1001
+msgid "LDAP server:"
+msgstr "Сервер LDAP:"
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:1001
+msgid ""
+"Set here name or IP address of the LDAP server that has to be used by "
+"Lemonldap::NG. You can modify this value later using the Lemonldap::NG "
+"manager."
+msgstr ""
+"Введите имя или IP-адрес сервера LDAP, который будет "
+"использовать Lemonldap::NG. Позже вы можете изменить это значение "
+"через менеджер Lemonldap::NG."
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:2001
+msgid "Lemonldap::NG DNS domain:"
+msgstr "DNS домен Lemonldap::NG:"
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:2001
+msgid ""
+"Set here the main domain protected by Lemonldap::NG. You can modify this "
+"value later using the Lemonldap::NG manager."
+msgstr ""
+"Введите главный домен, защищаемый Lemonldap::NG. Позже вы можете изменить "
+"это значение через менеджер Lemonldap::NG."
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:3001
+msgid "Lemonldap::NG portal:"
+msgstr "Портал Lemonldap::NG:"
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:3001
+msgid ""
+"Set here the Lemonldap::NG portal URL. You can modify this value later using "
+"the Lemonldap::NG manager."
+msgstr ""
+"Введите URL портала Lemonldap::NG. Позже вы можете изменить "
+"это значение через менеджер Lemonldap::NG."
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:4001
+msgid "LDAP server port:"
+msgstr "Порт сервера LDAP:"
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:4001
+msgid ""
+"Set here the port used by the LDAP server. You can modify this value later "
+"using the Lemonldap::NG manager."
+msgstr ""
+"Введите используемый порт сервера LDAP. Позже вы можете изменить "
+"это значение через менеджер Lemonldap::NG."
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:5001
+msgid "LDAP search base:"
+msgstr "База поиска LDAP:"
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:5001
+msgid ""
+"Set here the search base to use in LDAP queries. You can modify this value "
+"later using the Lemonldap::NG manager."
+msgstr ""
+"Введите поисковую базу, используемую в запросах LDAP. Позже вы можете изменить "
+"это значение через менеджер Lemonldap::NG."
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:6001
+msgid "LDAP account:"
+msgstr "Учётная запись в LDAP:"
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:6001
+msgid ""
+"Set here the account that Lemonldap::NG has to use for its LDAP requests. "
+"Leaving it blank causes Lemonldap::NG to use anonymous connections. You can "
+"modify this value later using the Lemonldap::NG manager."
+msgstr ""
+"Введите имя учётной записи, которое Lemonldap::NG будет использовать в "
+"запросах LDAP. Оставьте поле пустым, если Lemonldap::NG должен подключаться "
+"анонимно. Позже вы можете изменить это значение через менеджер Lemonldap::NG."
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:7001
+msgid "LDAP password:"
+msgstr "Пароль к LDAP:"
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:7001
+msgid ""
+"Set here the password for the Lemonldap::NG LDAP account. You can modify "
+"this value later using the Lemonldap::NG manager."
+msgstr ""
+"Введите пароль к учётной записи Lemonldap::NG в LDAP. "
+"Позже вы можете изменить это значение через менеджер Lemonldap::NG."
+
diff --git a/build/lemonldap-ng/doc/4.1-Configuration-overview.html b/build/lemonldap-ng/doc/4.1-Configuration-overview.html
index 29ddcb431..a5484b238 100644
--- a/build/lemonldap-ng/doc/4.1-Configuration-overview.html
+++ b/build/lemonldap-ng/doc/4.1-Configuration-overview.html
@@ -190,7 +190,7 @@ MyGroup => { $uid eq
You can use DocumentRoot to protect a local application, or use
- mod_proxy to use LemonLDAP::NG as a reverse proxy
+ mod_proxy to use LemonLDAP::NG as a reverse proxy (see below)
You have to declare only one "reload" target on a physical server,
because only one Handler can be instancied on a physical server
@@ -198,11 +198,45 @@ MyGroup => { $uid eq Of course you must already have a virtualhost for the portal and
another for the manager; These hosts are only in Apache, and not in
LemonLDAP::NG configuration.
-
+ To transform your VirtualHost into a reverse proxy, use for example:
- To go further
+
+
+# Application Test
+<VirtualHost *:80>
+ ServerName test1.example.com
+ ServerAlias test2.example.com
# SSO protection
+ PerlHeaderParserHandler My::Package
ProxyPreserveHost on
+ ProxyPass / http://APPLICATION_IP/
+ ProxyPassReverse / http://APPLICATION_IP/
</VirtualHost>
+
+
- See the
Remarks:
+
+
+ - The ProxyPreserveHost directive will forward the Host header to the
+ protected application
+
Using the reverse proxy mode, you will not have the REMOTE_USER
+ environment variable set. Indeed, this variable is set by the Handler on
+ the physical server hosting the Handlers, and not on other servers where
+ the Handler is not installed. But this magic Apache configuration will let
+ you transform the Auth-User HTTP header in REMOTE_USER envronment
+ varibale:
+
+
+
+
+SetEnvIfNoCase Auth-User "(.*)" REMOTE_USER=$1
+
+
+
+ To go
+ further
+
+ See the full parameters list.
diff --git a/build/lemonldap-ng/doc/4.5-Multiple-authentication-backend.html b/build/lemonldap-ng/doc/4.5-Multiple-authentication-backend.html
index 4fa7d465a..f71ff7249 100644
--- a/build/lemonldap-ng/doc/4.5-Multiple-authentication-backend.html
+++ b/build/lemonldap-ng/doc/4.5-Multiple-authentication-backend.html
@@ -66,14 +66,25 @@
Configuration
+
+ Known problems
+
+
+
+
See also
Presentation
This backend allows to chain authentication
- method, for example to failback to LDAP authentication if Kerberos
- authentication failed.
+ method, for example to failback to LDAP authentication if Remote
+ authentication failed…
Configuration
@@ -99,6 +110,23 @@ authentication => 'Multi Remote $ENV{REMOTE_ADDR}=~/^192/;LDAP $ENV{REMOTE_AD
+ Known
+ problems
+
+ AuthApache
+ authentication
+
+ When using this module, Lemonldap::NG portal will be called only if Apache
+ does not return "401 Authentication required", but this is not the Apache
+ behaviour: if the auth module fails, Apache returns 401. We're studying a
+ future solutuion for this…
+
+ SSL
+ authentication
+
+ To chain SSL, you have to set "SSLRequire optional" in Apache
+ configuration, else users will be authenticated by SSL only.
+
See also
diff --git a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Apache/Session.pm b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Apache/Session.pm
index 2866b1701..46ec13d96 100644
--- a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Apache/Session.pm
+++ b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Apache/Session.pm
@@ -10,7 +10,7 @@ package Lemonldap::NG::Common::Apache::Session;
use strict;
use Storable qw(thaw);
-our $VERSION = 0.2;
+our $VERSION = 0.21;
BEGIN {
diff --git a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI.pm b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI.pm
index 4df563c8c..bf29d6a08 100644
--- a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI.pm
+++ b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI.pm
@@ -13,7 +13,7 @@ use CGI;
#parameter syslog Indicates syslog facility for logging user actions
-our $VERSION = '0.5';
+our $VERSION = '0.51';
use base qw(CGI);
diff --git a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Crypto.pm b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Crypto.pm
index 3a0c23c68..c898ba952 100644
--- a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Crypto.pm
+++ b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Crypto.pm
@@ -11,7 +11,7 @@ use Crypt::Rijndael;
use MIME::Base64;
use base qw(Crypt::Rijndael);
-our $VERSION = '0.1';
+our $VERSION = '0.2';
our $msg;
diff --git a/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/CGI.pm b/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/CGI.pm
index 5bf86b46a..34d9d15d5 100644
--- a/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/CGI.pm
+++ b/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/CGI.pm
@@ -17,7 +17,7 @@ use Lemonldap::NG::Handler::SharedConf qw(:all);
#link Lemonldap::NG::Handler::_CGI protected _handler
-our $VERSION = '0.3';
+our $VERSION = '0.4';
## @cmethod Lemonldap::NG::Handler::CGI new(hashRef args)
# Constructor.
diff --git a/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Simple.pm b/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Simple.pm
index e2d4da4f7..0309e2290 100644
--- a/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Simple.pm
+++ b/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Simple.pm
@@ -26,7 +26,7 @@ require POSIX;
#inherits Apache::Session
#link Lemonldap::NG::Common::Apache::Session::SOAP protected globalStorage
-our $VERSION = '0.91';
+our $VERSION = '0.92';
our %EXPORT_TAGS;
diff --git a/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm b/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm
index fa28cbb78..c516a37bd 100644
--- a/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm
+++ b/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm
@@ -26,7 +26,7 @@ use MIME::Base64;
use base qw(Lemonldap::NG::Common::CGI);
our @ISA;
-our $VERSION = '0.90';
+our $VERSION = '0.91';
# Secure jail
our $msafe;
diff --git a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthCAS.pm b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthCAS.pm
index 53cf96310..a157c508a 100644
--- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthCAS.pm
+++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthCAS.pm
@@ -9,7 +9,7 @@ use strict;
use Lemonldap::NG::Portal::Simple;
use AuthCAS;
-our $VERSION = '0.1';
+our $VERSION = '0.11';
## @apmethod int authInit()
# Does nothing.
diff --git a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Menu.pm b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Menu.pm
index 5d5d0f820..85a1013de 100755
--- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Menu.pm
+++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Menu.pm
@@ -20,7 +20,7 @@ use Lemonldap::NG::Portal::PasswordDBLDAP; #inherits
*_modifyPassword = *Lemonldap::NG::Portal::PasswordDBLDAP::modifyPassword;
*_passwordDBInit = *Lemonldap::NG::Portal::PasswordDBLDAP::passwordDBInit;
-our $VERSION = '0.11';
+our $VERSION = '0.2';
### ACCESS CONTROL DISPLAY SYSTEM
diff --git a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm
index 6ab124ce1..8085ed252 100644
--- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm
+++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm
@@ -34,7 +34,7 @@ use Safe;
#inherits Apache::Session
#link Lemonldap::NG::Common::Apache::Session::SOAP protected globalStorage
-our $VERSION = '0.89';
+our $VERSION = '0.90';
use base qw(Lemonldap::NG::Common::CGI Exporter);
our @ISA;
diff --git a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_Multi.pm b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_Multi.pm
index 2f89a7bb6..ff11aede5 100644
--- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_Multi.pm
+++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_Multi.pm
@@ -12,7 +12,7 @@ package Lemonldap::NG::Portal::_Multi;
use Lemonldap::NG::Portal::Simple;
-our $VERSION = '0.1';
+our $VERSION = '0.11';
## @cmethod Lemonldap::NG::Portal::_Multi new(Lemonldap::NG::Portal::Simple portal)
# Constructor