File apache2-mod_auth_openidc.spec of Package apache2-mod_auth_openidc.28532

#
# spec file for package apache2-mod_auth_openidc
#
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via https://bugs.opensuse.org/
#


%define apxs %{_sbindir}/apxs2
%define apache_libexecdir %(%{apxs} -q LIBEXECDIR)
Name:           apache2-mod_auth_openidc
Version:        2.3.8
Release:        0
Summary:        Apache2.x module for an OpenID Connect enabled Identity Provider
License:        Apache-2.0
Group:          Productivity/Networking/Web/Servers
URL:            https://github.com/zmartzone/mod_auth_openidc/
Source:         https://github.com/zmartzone/mod_auth_openidc/archive/v%{version}.tar.gz
Patch0:         apache2-mod_auth_openidc-2.3.8-CVE-2019-14857.patch
Patch1:         apache2-mod_auth_openidc-2.3.8-CVE-2019-20479.patch
Patch2:         fix-CVE-2021-32785.patch
Patch3:         fix-CVE-2021-32786.patch
Patch4:         fix-CVE-2021-32791.patch
Patch5:         fix-CVE-2021-32792-1.patch
Patch6:         fix-CVE-2021-32792-2.patch
Patch7:         fix-CVE-2021-39191.patch
# PATCH-FIX-UPSTREAM danilo.spinella@suse.com bsc#1206441
# Open Redirect in oidc_validate_redirect_url() using tab character
Patch8:         fix-CVE-2022-23527-0.patch
Patch9:         fix-CVE-2022-23527-1.patch
Patch10:        fix-CVE-2022-23527-2.patch
Patch11:        fix-CVE-2022-23527-3.patch
# PATCH-FIX-UPSTREAm danilo.spinella@suse.com
# https://github.com/zmartzone/mod_auth_openidc/commit/8ea550f34ce51d8d41ba47843739c964407fa0ad#diff-d96ed9829fce9f8bbd63bf1be03700bf5a8f8b5614ac1b68015edbf456ecf303R3432-R3439
Patch12:        harden-refresh-token-request.patch
# PATCH-FIX-UPSTREAM danilo.spinella@suse.com bsc#1210073 CVE-2023-28625
Patch13:        fix-CVE-2023-28625.patch
BuildRequires:  apache-rpm-macros
BuildRequires:  apache2-devel
BuildRequires:  autoconf
BuildRequires:  automake
%if 0%{?suse_version} >= 1550
BuildRequires:  hiredis-devel
%endif
BuildRequires:  libtool
BuildRequires:  pkgconfig
BuildRequires:  pkgconfig(cjose) >= 0.4.1
BuildRequires:  pkgconfig(jansson) >= 2.0
BuildRequires:  pkgconfig(libcurl)
BuildRequires:  pkgconfig(libpcre)
BuildRequires:  pkgconfig(openssl) >= 1.0.1
Requires:       %{apache_mmn}
Requires:       %{apache_suse_maintenance_mmn}

%description
This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.

%prep
%setup -q -n mod_auth_openidc-%{version}
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1

%build
./autogen.sh
%configure \
%if 0%{?is_opensuse} > 0
  %{?_with_hiredis}    \
%else
  %{?_without_hiredis} \
%endif

make %{?_smp_mflags}

%install
install -D -m0755 src/.libs/mod_auth_openidc.so %{buildroot}%{apache_libexecdir}/mod_auth_openidc.so

%files
%dir %{apache_libexecdir}
%{apache_libexecdir}/mod_auth_openidc.so

%changelog
openSUSE Build Service is sponsored by