From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 3C61D138334 for ; Thu, 13 Dec 2018 15:39:40 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 518A9E0CEB; Thu, 13 Dec 2018 15:39:39 +0000 (UTC) Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 0F8FEE0CEB for ; Thu, 13 Dec 2018 15:39:39 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 81013335C5D for ; Thu, 13 Dec 2018 15:39:37 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 1247C4ED for ; Thu, 13 Dec 2018 15:39:36 +0000 (UTC) From: "Thomas Deutschmann" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Thomas Deutschmann" Message-ID: <1544715569.4a33b110e36087f1a5e43e47dd846f7bf26b4414.whissi@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/files/, www-servers/nginx/ X-VCS-Repository: repo/gentoo X-VCS-Files: www-servers/nginx/files/http_auth_pam-1.5.1-adjust-loglevel-for-authentication-failures.patch www-servers/nginx/nginx-1.14.2-r1.ebuild www-servers/nginx/nginx-1.14.2.ebuild www-servers/nginx/nginx-1.15.7-r1.ebuild www-servers/nginx/nginx-1.15.7.ebuild X-VCS-Directories: www-servers/nginx/files/ www-servers/nginx/ X-VCS-Committer: whissi X-VCS-Committer-Name: Thomas Deutschmann X-VCS-Revision: 4a33b110e36087f1a5e43e47dd846f7bf26b4414 X-VCS-Branch: master Date: Thu, 13 Dec 2018 15:39:36 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: fdf20206-f6ba-4162-8e26-70f1876c3498 X-Archives-Hash: 4356ce9fbed223c6219d283a2afb9900 commit: 4a33b110e36087f1a5e43e47dd846f7bf26b4414 Author: Thomas Deutschmann gentoo org> AuthorDate: Thu Dec 13 15:37:16 2018 +0000 Commit: Thomas Deutschmann gentoo org> CommitDate: Thu Dec 13 15:39:29 2018 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4a33b110 www-servers/nginx: http_auth_pam: adjust loglevel for auth failures Package-Manager: Portage-2.3.52, Repoman-2.3.12 Signed-off-by: Thomas Deutschmann gentoo.org> ...just-loglevel-for-authentication-failures.patch | 22 ++++++++++++++++++++++ ...{nginx-1.14.2.ebuild => nginx-1.14.2-r1.ebuild} | 6 ++++++ ...{nginx-1.15.7.ebuild => nginx-1.15.7-r1.ebuild} | 6 ++++++ 3 files changed, 34 insertions(+) diff --git a/www-servers/nginx/files/http_auth_pam-1.5.1-adjust-loglevel-for-authentication-failures.patch b/www-servers/nginx/files/http_auth_pam-1.5.1-adjust-loglevel-for-authentication-failures.patch new file mode 100644 index 00000000000..632dcdee50e --- /dev/null +++ b/www-servers/nginx/files/http_auth_pam-1.5.1-adjust-loglevel-for-authentication-failures.patch @@ -0,0 +1,22 @@ +https://github.com/sto/ngx_http_auth_pam_module/pull/18 + +--- a/ngx_http_auth_pam_module.c ++++ b/ngx_http_auth_pam_module.c +@@ -348,7 +348,7 @@ ngx_http_auth_pam_authenticate(ngx_http_request_t *r, + /* try to authenticate user, log error on failure */ + if ((rc = pam_authenticate(pamh, + PAM_DISALLOW_NULL_AUTHTOK)) != PAM_SUCCESS) { +- ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, ++ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, + "PAM: user '%s' - not authenticated: %s", + ainfo.username.data, pam_strerror(pamh, rc)); + pam_end(pamh, PAM_SUCCESS); +@@ -357,7 +357,7 @@ ngx_http_auth_pam_authenticate(ngx_http_request_t *r, + + /* check that the account is healthy */ + if ((rc = pam_acct_mgmt(pamh, PAM_DISALLOW_NULL_AUTHTOK)) != PAM_SUCCESS) { +- ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, ++ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, + "PAM: user '%s' - invalid account: %s", + ainfo.username.data, pam_strerror(pamh, rc)); + pam_end(pamh, PAM_SUCCESS); diff --git a/www-servers/nginx/nginx-1.14.2.ebuild b/www-servers/nginx/nginx-1.14.2-r1.ebuild similarity index 99% rename from www-servers/nginx/nginx-1.14.2.ebuild rename to www-servers/nginx/nginx-1.14.2-r1.ebuild index 66b09925f1e..08100e45578 100644 --- a/www-servers/nginx/nginx-1.14.2.ebuild +++ b/www-servers/nginx/nginx-1.14.2-r1.ebuild @@ -381,6 +381,12 @@ src_prepare() { eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch" eapply "${FILESDIR}/${PN}-httpoxy-mitigation-r1.patch" + if use nginx_modules_http_auth_pam; then + cd "${HTTP_AUTH_PAM_MODULE_WD}" || die + eapply "${FILESDIR}"/http_auth_pam-1.5.1-adjust-loglevel-for-authentication-failures.patch + cd "${S}" || die + fi + if use nginx_modules_http_brotli; then cd "${HTTP_BROTLI_MODULE_WD}" || die eapply "${FILESDIR}"/http_brotli-detect-brotli-r2.patch diff --git a/www-servers/nginx/nginx-1.15.7.ebuild b/www-servers/nginx/nginx-1.15.7-r1.ebuild similarity index 99% rename from www-servers/nginx/nginx-1.15.7.ebuild rename to www-servers/nginx/nginx-1.15.7-r1.ebuild index e873f4b5416..6fbcd2eaad4 100644 --- a/www-servers/nginx/nginx-1.15.7.ebuild +++ b/www-servers/nginx/nginx-1.15.7-r1.ebuild @@ -381,6 +381,12 @@ src_prepare() { eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch" eapply "${FILESDIR}/${PN}-httpoxy-mitigation-r1.patch" + if use nginx_modules_http_auth_pam; then + cd "${HTTP_AUTH_PAM_MODULE_WD}" || die + eapply "${FILESDIR}"/http_auth_pam-1.5.1-adjust-loglevel-for-authentication-failures.patch + cd "${S}" || die + fi + if use nginx_modules_http_brotli; then cd "${HTTP_BROTLI_MODULE_WD}" || die eapply "${FILESDIR}"/http_brotli-detect-brotli-r2.patch