--- libapache2-mod-authnz-external-3.2.4.orig/debian/watch
+++ libapache2-mod-authnz-external-3.2.4/debian/watch
@@ -0,0 +1,24 @@
+# watch control file for uscan
+# you can run the "uscan" command
+# to check for upstream updates and more.
+# See uscan(1) for format
+
+# Compulsory line, this is a version 3 file
+version=3
+
+# Uncomment to examine a Webpage
+# <Webpage URL> <string match>
+#http://www.example.com/downloads.php #PACKAGE#-(.*)\.tar\.gz
+http://code.google.com/p/mod-auth-external/downloads/list http://mod-auth-external.googlecode.com/files/mod_authnz_external-(.*)\.tar\.gz
+
+# Uncomment to examine a Webserver directory
+#http://www.example.com/pub/#PACKAGE#-(.*)\.tar\.gz
+
+# Uncommment to examine a FTP server
+#ftp://ftp.example.com/pub/#PACKAGE#-(.*)\.tar\.gz debian uupdate
+
+# Uncomment to find new files on sourceforge, for devscripts >= 2.9
+# http://sf.net/#PACKAGE#/#PACKAGE#-(.*)\.tar\.gz
+
+# Uncomment to find new files on GooglePages
+# http://example.googlepages.com/foo.html #PACKAGE#-(.*)\.tar\.gz
--- libapache2-mod-authnz-external-3.2.4.orig/debian/libapache2-mod-authnz-external.dirs
+++ libapache2-mod-authnz-external-3.2.4/debian/libapache2-mod-authnz-external.dirs
@@ -0,0 +1,2 @@
+usr/lib/apache2/modules
+etc/apache2/mods-available
--- libapache2-mod-authnz-external-3.2.4.orig/debian/control
+++ libapache2-mod-authnz-external-3.2.4/debian/control
@@ -0,0 +1,23 @@
+Source: libapache2-mod-authnz-external
+Section: web
+Priority: optional
+Maintainer: Hai Zaar <haizaar@haizaar.com>
+Build-Depends: debhelper (>= 7), apache2-threaded-dev (>= 2.2.0)
+Standards-Version: 3.8.2
+Homepage: http://code.google.com/p/mod-auth-external
+
+Package: libapache2-mod-authnz-external
+Architecture: any
+Depends: ${shlibs:Depends}, apache2.2-common
+Recommends: pwauth
+Description: authenticate Apache against external authentication services
+ Mod_Auth_External can be used to quickly construct secure, reliable
+ authentication systems. It can also be mis-used to quickly open gaping
+ holes in your security. Read the documentation, and use with extreme
+ caution.
+ .
+ Notably, this module can be used to securely authenticate against PAM
+ (without exposing /etc/shadow file), using, for example, pwauth
+ authenticator.
+ .
+ This Package includes the mod-athnz-external Module for Apache Version 2.x
--- libapache2-mod-authnz-external-3.2.4.orig/debian/libapache2-mod-authnz-external.docs
+++ libapache2-mod-authnz-external-3.2.4/debian/libapache2-mod-authnz-external.docs
@@ -0,0 +1,2 @@
+AUTHENTICATORS
+README
--- libapache2-mod-authnz-external-3.2.4.orig/debian/authnz_external.load
+++ libapache2-mod-authnz-external-3.2.4/debian/authnz_external.load
@@ -0,0 +1 @@
+LoadModule authnz_external_module /usr/lib/apache2/modules/mod_authnz_external.so
--- libapache2-mod-authnz-external-3.2.4.orig/debian/README.debian
+++ libapache2-mod-authnz-external-3.2.4/debian/README.debian
@@ -0,0 +1,17 @@
+This package can be used with pwauth to provide secure auth against PAM without
+exposing /etc/shadow file.
+
+To use it on Debian, make sure to also pwauth package then add these lines to
+relevant Location or Directory section:
+ AuthBasicProvider external
+ AuthExternal pwauth
+
+And to the related virtual host section:
+ AddExternalAuth pwauth /usr/sbin/pwauth
+ SetExternalAuthMethod pwauth pipe
+
+See these links for more info:
+README file
+http://blog.innerewut.de/2007/6/26/apache-2-2-authentication-with-mod_authnz_external
+http://www.unixpapa.com/mod_auth_external
+
--- libapache2-mod-authnz-external-3.2.4.orig/debian/libapache2-mod-authnz-external.install
+++ libapache2-mod-authnz-external-3.2.4/debian/libapache2-mod-authnz-external.install
@@ -0,0 +1,2 @@
+.libs/mod_authnz_external.so usr/lib/apache2/modules
+debian/authnz_external.load etc/apache2/mods-available
--- libapache2-mod-authnz-external-3.2.4.orig/debian/copyright
+++ libapache2-mod-authnz-external-3.2.4/debian/copyright
@@ -0,0 +1,58 @@
+This package was debianized for Ubuntu by Chuck Short <zulcss@ubuntu.com> on
+Tue, 08 Jan 2008 10:20:36 -0500.
+This package was debianized for Debian by Hai Zaar <haizaar@haizaar.com> on
+Tue, 31 Mar 2009 18:32:20 +0300 based on the work mentioned above.
+
+It was downloaded from http://code.google.com/p/mod-auth-external
+
+Upstream Authors:
+
+Nathan Neulinger <nneul@umr.edu>
+Tyler Allison <allison@nas.nasa.gov>
+Dave Woolaway <dave@watersheep.org>
+Sven Koch <haegar@sdinet.de>
+Jan Wolter <jan@unixpapa.com>
+
+
+Copyright:
+Copyright (c) 1995 The Apache Group. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+
+1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in
+ the documentation and/or other materials provided with the
+ distribution.
+
+3. All advertising materials mentioning features or use of this
+ software must display the following acknowledgment:
+ "This product includes software developed by the Apache Group
+ for use in the Apache HTTP server project (http://www.apache.org/)."
+
+4. The names "Apache Server" and "Apache Group" must not be used to
+ endorse or promote products derived from this software without
+ prior written permission.
+
+5. Redistributions of any form whatsoever must retain the following
+ acknowledgment:
+ "This product includes software developed by the Apache Group
+ for use in the Apache HTTP server project (http://www.apache.org/)."
+
+THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY
+EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE GROUP OR
+IT'S CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+OF THE POSSIBILITY OF SUCH DAMAGE.
+
--- libapache2-mod-authnz-external-3.2.4.orig/debian/compat
+++ libapache2-mod-authnz-external-3.2.4/debian/compat
@@ -0,0 +1 @@
+7
--- libapache2-mod-authnz-external-3.2.4.orig/debian/rules
+++ libapache2-mod-authnz-external-3.2.4/debian/rules
@@ -0,0 +1,81 @@
+#!/usr/bin/make -f
+# Sample debian/rules that uses debhelper.
+# This file is public domain software, originally written by Joey Hess.
+#
+# This version is for packages that are architecture dependent.
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+build: build-stamp
+build-stamp:
+ dh_testdir
+
+ # Add here commands to compile the package.
+ #$(MAKE)
+
+ touch build-stamp
+
+clean:
+ dh_testdir
+ dh_testroot
+ rm -f build-stamp
+
+ # Add here commands to clean up after the build process.
+ rm -f *.o *.so *.la *.lo *.o *.slo
+ rm -rf .libs
+
+ dh_clean
+
+install: build
+ dh_testdir
+ dh_testroot
+ dh_prep
+ dh_installdirs
+
+ # Add here commands to install the package into debian/<packagename>
+ #$(MAKE) prefix=`pwd`/debian/`dh_listpackages`/usr install
+ apxs2 -c -Wc,-fno-strict-aliasing mod_authnz_external.c
+
+# Build architecture-independent files here.
+binary-indep: build install
+# We have nothing to do by default.
+
+# Build architecture-dependent files here.
+binary-arch: build install
+ dh_testdir
+ dh_testroot
+ dh_installchangelogs
+ dh_installdocs
+ dh_installexamples
+ dh_install
+# dh_installmenu
+# dh_installdebconf
+# dh_installlogrotate
+# dh_installemacsen
+# dh_installcatalogs
+# dh_installpam
+# dh_installmime
+# dh_installinit
+# dh_installcron
+# dh_installinfo
+# dh_installwm
+# dh_installudev
+# dh_lintian
+# dh_undocumented
+ dh_installman
+ dh_link
+ dh_strip
+ dh_compress
+ dh_fixperms
+# dh_perl
+# dh_python
+# dh_makeshlibs
+ dh_installdeb
+ dh_shlibdeps
+ dh_gencontrol
+ dh_md5sums
+ dh_builddeb
+
+binary: binary-indep binary-arch
+.PHONY: build clean binary-indep binary-arch binary install
--- libapache2-mod-authnz-external-3.2.4.orig/debian/changelog
+++ libapache2-mod-authnz-external-3.2.4/debian/changelog
@@ -0,0 +1,21 @@
+libapache2-mod-authnz-external (3.2.4-2.1) unstable; urgency=high
+
+ * Non-maintainer upload by the security team
+ * Fix SQL injection via the $user paramter (Closes: #633637)
+ Fixes: CVE-2011-2688
+
+ -- Steffen Joeris <white@debian.org> Mon, 18 Jul 2011 10:26:11 +1000
+
+libapache2-mod-authnz-external (3.2.4-2) unstable; urgency=low
+
+ * libapache2-mod-authnz-external does not install the .load file
+ (Closes: #534492)
+
+ -- Hai Zaar <haizaar@haizaar.com> Fri, 26 Jun 2009 11:08:21 +0300
+
+libapache2-mod-authnz-external (3.2.4-1) unstable; urgency=low
+
+ * Initial release (Closes: #526786)
+
+ -- Hai Zaar <haizaar@haizaar.com> Sun, 21 May 2009 17:02:00 +0300
+
![[patchlogo]](http://patch-tracker.debian.org/static/img/swirlpatch.png)