File apache2-mod_auth_openidc.spec of Package apache2-mod_auth_openidc.28532
#
# spec file for package apache2-mod_auth_openidc
#
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define apxs %{_sbindir}/apxs2
%define apache_libexecdir %(%{apxs} -q LIBEXECDIR)
Name: apache2-mod_auth_openidc
Version: 2.3.8
Release: 0
Summary: Apache2.x module for an OpenID Connect enabled Identity Provider
License: Apache-2.0
Group: Productivity/Networking/Web/Servers
URL: https://github.com/zmartzone/mod_auth_openidc/
Source: https://github.com/zmartzone/mod_auth_openidc/archive/v%{version}.tar.gz
Patch0: apache2-mod_auth_openidc-2.3.8-CVE-2019-14857.patch
Patch1: apache2-mod_auth_openidc-2.3.8-CVE-2019-20479.patch
Patch2: fix-CVE-2021-32785.patch
Patch3: fix-CVE-2021-32786.patch
Patch4: fix-CVE-2021-32791.patch
Patch5: fix-CVE-2021-32792-1.patch
Patch6: fix-CVE-2021-32792-2.patch
Patch7: fix-CVE-2021-39191.patch
# PATCH-FIX-UPSTREAM danilo.spinella@suse.com bsc#1206441
# Open Redirect in oidc_validate_redirect_url() using tab character
Patch8: fix-CVE-2022-23527-0.patch
Patch9: fix-CVE-2022-23527-1.patch
Patch10: fix-CVE-2022-23527-2.patch
Patch11: fix-CVE-2022-23527-3.patch
# PATCH-FIX-UPSTREAm danilo.spinella@suse.com
# https://github.com/zmartzone/mod_auth_openidc/commit/8ea550f34ce51d8d41ba47843739c964407fa0ad#diff-d96ed9829fce9f8bbd63bf1be03700bf5a8f8b5614ac1b68015edbf456ecf303R3432-R3439
Patch12: harden-refresh-token-request.patch
# PATCH-FIX-UPSTREAM danilo.spinella@suse.com bsc#1210073 CVE-2023-28625
Patch13: fix-CVE-2023-28625.patch
BuildRequires: apache-rpm-macros
BuildRequires: apache2-devel
BuildRequires: autoconf
BuildRequires: automake
%if 0%{?suse_version} >= 1550
BuildRequires: hiredis-devel
%endif
BuildRequires: libtool
BuildRequires: pkgconfig
BuildRequires: pkgconfig(cjose) >= 0.4.1
BuildRequires: pkgconfig(jansson) >= 2.0
BuildRequires: pkgconfig(libcurl)
BuildRequires: pkgconfig(libpcre)
BuildRequires: pkgconfig(openssl) >= 1.0.1
Requires: %{apache_mmn}
Requires: %{apache_suse_maintenance_mmn}
%description
This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.
%prep
%setup -q -n mod_auth_openidc-%{version}
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%build
./autogen.sh
%configure \
%if 0%{?is_opensuse} > 0
%{?_with_hiredis} \
%else
%{?_without_hiredis} \
%endif
make %{?_smp_mflags}
%install
install -D -m0755 src/.libs/mod_auth_openidc.so %{buildroot}%{apache_libexecdir}/mod_auth_openidc.so
%files
%dir %{apache_libexecdir}
%{apache_libexecdir}/mod_auth_openidc.so
%changelog