From bf6230c5acbbf243787732d8150988a4c1a813a3 Mon Sep 17 00:00:00 2001
From: Xavier Guimard <xavier.guimard@laposte.net>
Date: Sun, 11 Oct 2009 08:13:50 +0000
Subject: [PATCH] VERSION 0.9.4.1

---
 build/lemonldap-ng/changelog                  |  18 ++-
 build/lemonldap-ng/debian/po/ru.po            | 135 ++++++++++++++++++
 .../doc/4.1-Configuration-overview.html       |  42 +++++-
 .../4.5-Multiple-authentication-backend.html  |  32 ++++-
 .../lib/Lemonldap/NG/Common/Apache/Session.pm |   2 +-
 .../lib/Lemonldap/NG/Common/CGI.pm            |   2 +-
 .../lib/Lemonldap/NG/Common/Crypto.pm         |   2 +-
 .../lib/Lemonldap/NG/Handler/CGI.pm           |   2 +-
 .../lib/Lemonldap/NG/Handler/Simple.pm        |   2 +-
 .../lib/Lemonldap/NG/Manager.pm               |   2 +-
 .../lib/Lemonldap/NG/Portal/AuthCAS.pm        |   2 +-
 .../lib/Lemonldap/NG/Portal/Menu.pm           |   2 +-
 .../lib/Lemonldap/NG/Portal/Simple.pm         |   2 +-
 .../lib/Lemonldap/NG/Portal/_Multi.pm         |   2 +-
 14 files changed, 227 insertions(+), 20 deletions(-)
 create mode 100644 build/lemonldap-ng/debian/po/ru.po

diff --git a/build/lemonldap-ng/changelog b/build/lemonldap-ng/changelog
index 81b848951..a643bfc71 100644
--- a/build/lemonldap-ng/changelog
+++ b/build/lemonldap-ng/changelog
@@ -1,10 +1,20 @@
 lemonldap-ng (0.9.5) unstable; urgency=low
 
-  * Bugs :
-    - bad XML filter when embedding <application> in <application> tags
-    - testUri() not usable in Lemonldap::NG::Handler::CGI 
+  * TODO
 
- -- Xavier Guimard <x.guimard@free.fr>  Thu, 20 Aug 2009 16:20:26 +0200
+ -- Xavier Guimard <x.guimard@free.fr>  Sun, 11 Oct 2009 09:08:46 +0200
+
+lemonldap-ng (0.9.4.1) unstable; urgency=low
+
+  * Safe jail update
+  * Many little bugs in Handler/CGI.pm
+  * Apache::Session::LDAP was not usable with session explorer
+  * syslog facility was not taken in account in Common/CGI.pm
+  * require failed in _Multi.pm
+  * doc update
+  * ru debconf translation (Closes: #550552 / bugs.debian.org)
+
+ -- Xavier Guimard <x.guimard@free.fr>  Sun, 11 Oct 2009 09:36:35 +0200
 
 lemonldap-ng (0.9.4) unstable; urgency=low
 
diff --git a/build/lemonldap-ng/debian/po/ru.po b/build/lemonldap-ng/debian/po/ru.po
new file mode 100644
index 000000000..7afd38260
--- /dev/null
+++ b/build/lemonldap-ng/debian/po/ru.po
@@ -0,0 +1,135 @@
+# translation of lemonldap-ng_0.9.4-1_ru.po to Russian
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+#
+# Yuri Kozlov <yuray@komyakino.ru>, 2009.
+msgid ""
+msgstr ""
+"Project-Id-Version: lemonldap-ng 0.9.4-1\n"
+"Report-Msgid-Bugs-To: x.guimard@free.fr\n"
+"POT-Creation-Date: 2007-09-22 13:08+0200\n"
+"PO-Revision-Date: 2009-10-01 09:27+0400\n"
+"Last-Translator: Yuri Kozlov <yuray@komyakino.ru>\n"
+"Language-Team: Russian <debian-l10n-russian@lists.debian.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.11.4\n"
+"Plural-Forms:  nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:1001
+msgid "LDAP server:"
+msgstr "Сервер LDAP:"
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:1001
+msgid ""
+"Set here name or IP address of the LDAP server that has to be used by "
+"Lemonldap::NG. You can modify this value later using the Lemonldap::NG "
+"manager."
+msgstr ""
+"Введите имя или IP-адрес сервера LDAP, который будет "
+"использовать Lemonldap::NG. Позже вы можете изменить это значение "
+"через менеджер Lemonldap::NG."
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:2001
+msgid "Lemonldap::NG DNS domain:"
+msgstr "DNS домен Lemonldap::NG:"
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:2001
+msgid ""
+"Set here the main domain protected by Lemonldap::NG. You can modify this "
+"value later using the Lemonldap::NG manager."
+msgstr ""
+"Введите главный домен, защищаемый Lemonldap::NG. Позже вы можете изменить "
+"это значение через менеджер Lemonldap::NG."
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:3001
+msgid "Lemonldap::NG portal:"
+msgstr "Портал Lemonldap::NG:"
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:3001
+msgid ""
+"Set here the Lemonldap::NG portal URL. You can modify this value later using "
+"the Lemonldap::NG manager."
+msgstr ""
+"Введите URL портала Lemonldap::NG. Позже вы можете изменить "
+"это значение через менеджер Lemonldap::NG."
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:4001
+msgid "LDAP server port:"
+msgstr "Порт сервера LDAP:"
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:4001
+msgid ""
+"Set here the port used by the LDAP server. You can modify this value later "
+"using the Lemonldap::NG manager."
+msgstr ""
+"Введите используемый порт сервера LDAP. Позже вы можете изменить "
+"это значение через менеджер Lemonldap::NG."
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:5001
+msgid "LDAP search base:"
+msgstr "База поиска LDAP:"
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:5001
+msgid ""
+"Set here the search base to use in LDAP queries. You can modify this value "
+"later using the Lemonldap::NG manager."
+msgstr ""
+"Введите поисковую базу, используемую в запросах LDAP. Позже вы можете изменить "
+"это значение через менеджер Lemonldap::NG."
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:6001
+msgid "LDAP account:"
+msgstr "Учётная запись в LDAP:"
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:6001
+msgid ""
+"Set here the account that Lemonldap::NG has to use for its LDAP requests. "
+"Leaving it blank causes Lemonldap::NG to use anonymous connections. You can "
+"modify this value later using the Lemonldap::NG manager."
+msgstr ""
+"Введите имя учётной записи, которое Lemonldap::NG будет использовать в "
+"запросах LDAP. Оставьте поле пустым, если Lemonldap::NG должен подключаться "
+"анонимно. Позже вы можете изменить это значение через менеджер Lemonldap::NG."
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:7001
+msgid "LDAP password:"
+msgstr "Пароль к LDAP:"
+
+#. Type: string
+#. Description
+#: ../liblemonldap-ng-conf-perl.templates:7001
+msgid ""
+"Set here the password for the Lemonldap::NG LDAP account. You can modify "
+"this value later using the Lemonldap::NG manager."
+msgstr ""
+"Введите пароль к учётной записи Lemonldap::NG в LDAP. "
+"Позже вы можете изменить это значение через менеджер Lemonldap::NG."
+
diff --git a/build/lemonldap-ng/doc/4.1-Configuration-overview.html b/build/lemonldap-ng/doc/4.1-Configuration-overview.html
index 29ddcb431..a5484b238 100644
--- a/build/lemonldap-ng/doc/4.1-Configuration-overview.html
+++ b/build/lemonldap-ng/doc/4.1-Configuration-overview.html
@@ -190,7 +190,7 @@ MyGroup =&gt; { $uid eq <span class=
 
     <ul class="star">
       <li>You can use DocumentRoot to protect a local application, or use
-      mod_proxy to use LemonLDAP::NG as a reverse proxy</li>
+      mod_proxy to use LemonLDAP::NG as a reverse proxy (see below)</li>
 
       <li>You have to declare only one "reload" target on a physical server,
       because only one Handler can be instancied on a physical server</li>
@@ -198,11 +198,45 @@ MyGroup =&gt; { $uid eq <span class=
       <li>Of course you must already have a virtualhost for the portal and
       another for the manager; These hosts are only in Apache, and not in
       LemonLDAP::NG configuration.</li>
-    </ul>
+    </ul>To transform your VirtualHost into a reverse proxy, use for example:
 
-    <h3 class="heading-1-1"><span id="HTogofurther">To go further</span></h3>
+    <div class="code">
+      <pre>
+# Application Test
+&lt;VirtualHost *:80&gt;
+    ServerName test1.example.com
+    ServerAlias test2.example.com<br /><br />    # SSO protection
+    PerlHeaderParserHandler My::Package<br /><br />    ProxyPreserveHost on
+    ProxyPass / <span class="nobr"><a href=
+"http://APPLICATION_IP/">http://APPLICATION_IP/</a></span>
+    ProxyPassReverse / <span class="nobr"><a href=
+"http://APPLICATION_IP/">http://APPLICATION_IP/</a></span><br /><br />&lt;/VirtualHost&gt;
+</pre>
+    </div>
 
-    <p class="paragraph"></p>See the <span class="wikilink"><a href=
+    <p class="paragraph"></p><strong class="strong">Remarks</strong>:
+
+    <ul class="star">
+      <li>The ProxyPreserveHost directive will forward the Host header to the
+      protected application</li>
+    </ul>Using the reverse proxy mode, you will not have the REMOTE_USER
+    environment variable set. Indeed, this variable is set by the Handler on
+    the physical server hosting the Handlers, and not on other servers where
+    the Handler is not installed. But this magic Apache configuration will let
+    you transform the Auth-User HTTP header in REMOTE_USER envronment
+    varibale:<br />
+    <br />
+
+    <div class="code">
+      <pre>
+SetEnvIfNoCase Auth-User <span class="java-quote">"(.*)"</span> REMOTE_USER=$1
+</pre>
+    </div>
+
+    <h3 class="heading-1-1"><span id="HTogofurther">To go
+    further</span></h3><br />
+    <br />
+    See the <span class="wikilink"><a href=
     "4.1-Configuration-parameter-list.html">full parameters list</a></span>.
   </div>
 
diff --git a/build/lemonldap-ng/doc/4.5-Multiple-authentication-backend.html b/build/lemonldap-ng/doc/4.5-Multiple-authentication-backend.html
index 4fa7d465a..f71ff7249 100644
--- a/build/lemonldap-ng/doc/4.5-Multiple-authentication-backend.html
+++ b/build/lemonldap-ng/doc/4.5-Multiple-authentication-backend.html
@@ -66,14 +66,25 @@
 
       <li><a href="#HConfiguration">Configuration</a></li>
 
+      <li>
+        <a href="#HKnownproblems">Known problems</a>
+
+        <ul>
+          <li><a href="#HAuthApacheauthentication">AuthApache
+          authentication</a></li>
+
+          <li><a href="#HSSLauthentication">SSL authentication</a></li>
+        </ul>
+      </li>
+
       <li><a href="#HSeealso">See also</a></li>
     </ul>
 
     <h3 class="heading-1-1"><span id="HPresentation">Presentation</span></h3>
 
     <p class="paragraph"></p>This backend allows to chain authentication
-    method, for example to failback to LDAP authentication if Kerberos
-    authentication failed.
+    method, for example to failback to LDAP authentication if Remote
+    authentication failed&hellip;
 
     <h3 class="heading-1-1"><span id=
     "HConfiguration">Configuration</span></h3>
@@ -99,6 +110,23 @@ authentication =&gt; 'Multi Remote $ENV{REMOTE_ADDR}=~/^192/;LDAP $ENV{REMOTE_AD
 </pre>
     </div>
 
+    <h3 class="heading-1-1"><span id="HKnownproblems">Known
+    problems</span></h3>
+
+    <h4 class="heading-1-1-1"><span id="HAuthApacheauthentication">AuthApache
+    authentication</span></h4><br />
+    <br />
+    When using this module, Lemonldap::NG portal will be called only if Apache
+    does not return "401 Authentication required", but this is not the Apache
+    behaviour: if the auth module fails, Apache returns 401. We're studying a
+    future solutuion for this&hellip;
+
+    <h4 class="heading-1-1-1"><span id="HSSLauthentication">SSL
+    authentication</span></h4><br />
+    <br />
+    To chain SSL, you have to set "SSLRequire optional" in Apache
+    configuration, else users will be authenticated by SSL only.
+
     <h3 class="heading-1-1"><span id="HSeealso">See also</span></h3>
 
     <ul class="star">
diff --git a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Apache/Session.pm b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Apache/Session.pm
index 2866b1701..46ec13d96 100644
--- a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Apache/Session.pm
+++ b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Apache/Session.pm
@@ -10,7 +10,7 @@ package Lemonldap::NG::Common::Apache::Session;
 use strict;
 use Storable qw(thaw);
 
-our $VERSION = 0.2;
+our $VERSION = 0.21;
 
 BEGIN {
 
diff --git a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI.pm b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI.pm
index 4df563c8c..bf29d6a08 100644
--- a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI.pm
+++ b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI.pm
@@ -13,7 +13,7 @@ use CGI;
 
 #parameter syslog Indicates syslog facility for logging user actions
 
-our $VERSION = '0.5';
+our $VERSION = '0.51';
 
 use base qw(CGI);
 
diff --git a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Crypto.pm b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Crypto.pm
index 3a0c23c68..c898ba952 100644
--- a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Crypto.pm
+++ b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Crypto.pm
@@ -11,7 +11,7 @@ use Crypt::Rijndael;
 use MIME::Base64;
 use base qw(Crypt::Rijndael);
 
-our $VERSION = '0.1';
+our $VERSION = '0.2';
 
 our $msg;
 
diff --git a/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/CGI.pm b/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/CGI.pm
index 5bf86b46a..34d9d15d5 100644
--- a/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/CGI.pm
+++ b/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/CGI.pm
@@ -17,7 +17,7 @@ use Lemonldap::NG::Handler::SharedConf qw(:all);
 
 #link Lemonldap::NG::Handler::_CGI protected _handler
 
-our $VERSION = '0.3';
+our $VERSION = '0.4';
 
 ## @cmethod Lemonldap::NG::Handler::CGI new(hashRef args)
 # Constructor.
diff --git a/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Simple.pm b/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Simple.pm
index e2d4da4f7..0309e2290 100644
--- a/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Simple.pm
+++ b/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Simple.pm
@@ -26,7 +26,7 @@ require POSIX;
 #inherits Apache::Session
 #link Lemonldap::NG::Common::Apache::Session::SOAP protected globalStorage
 
-our $VERSION = '0.91';
+our $VERSION = '0.92';
 
 our %EXPORT_TAGS;
 
diff --git a/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm b/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm
index fa28cbb78..c516a37bd 100644
--- a/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm
+++ b/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm
@@ -26,7 +26,7 @@ use MIME::Base64;
 use base qw(Lemonldap::NG::Common::CGI);
 our @ISA;
 
-our $VERSION = '0.90';
+our $VERSION = '0.91';
 
 # Secure jail
 our $msafe;
diff --git a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthCAS.pm b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthCAS.pm
index 53cf96310..a157c508a 100644
--- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthCAS.pm
+++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthCAS.pm
@@ -9,7 +9,7 @@ use strict;
 use Lemonldap::NG::Portal::Simple;
 use AuthCAS;
 
-our $VERSION = '0.1';
+our $VERSION = '0.11';
 
 ## @apmethod int authInit()
 # Does nothing.
diff --git a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Menu.pm b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Menu.pm
index 5d5d0f820..85a1013de 100755
--- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Menu.pm
+++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Menu.pm
@@ -20,7 +20,7 @@ use Lemonldap::NG::Portal::PasswordDBLDAP; #inherits
 *_modifyPassword = *Lemonldap::NG::Portal::PasswordDBLDAP::modifyPassword;
 *_passwordDBInit = *Lemonldap::NG::Portal::PasswordDBLDAP::passwordDBInit;
 
-our $VERSION = '0.11';
+our $VERSION = '0.2';
 
 ### ACCESS CONTROL DISPLAY SYSTEM
 
diff --git a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm
index 6ab124ce1..8085ed252 100644
--- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm
+++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm
@@ -34,7 +34,7 @@ use Safe;
 #inherits Apache::Session
 #link Lemonldap::NG::Common::Apache::Session::SOAP protected globalStorage
 
-our $VERSION = '0.89';
+our $VERSION = '0.90';
 
 use base qw(Lemonldap::NG::Common::CGI Exporter);
 our @ISA;
diff --git a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_Multi.pm b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_Multi.pm
index 2f89a7bb6..ff11aede5 100644
--- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_Multi.pm
+++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_Multi.pm
@@ -12,7 +12,7 @@ package Lemonldap::NG::Portal::_Multi;
 
 use Lemonldap::NG::Portal::Simple;
 
-our $VERSION = '0.1';
+our $VERSION = '0.11';
 
 ## @cmethod Lemonldap::NG::Portal::_Multi new(Lemonldap::NG::Portal::Simple portal)
 # Constructor