From baeacfea0fbd0daa4fe97457bd7848e85990d088 Mon Sep 17 00:00:00 2001 From: Radu Carpa Date: Fri, 22 Dec 2023 21:53:40 +0100 Subject: [PATCH] prepare containers for webdav tests Install voms-client into the dev container: xrdgsiproxy generates wrong proxy certificates, which don't work with standart SSL. Rework the webdav container: - move compilation of mod-want-digest into a deb package. This way, the correct configuration for usage with a2enmod is created by existing helper scripts. - add a self-written module which enables support of gsi proxy certificates in mod_ssl. - rework and simplify the dockerfile. --- dev/Dockerfile | 1 + webdav/Dockerfile | 119 +++++++----------- webdav/conf/conf-available/dav.conf | 10 -- webdav/conf/sites-available/default-ssl.conf | 33 +++-- webdav/conf/sites-available/default.conf | 20 ++- webdav/docker-entrypoint.sh | 59 +-------- webdav/libapache2-mod-gsiproxy/debian/apache2 | 2 + .../libapache2-mod-gsiproxy/debian/changelog | 5 + webdav/libapache2-mod-gsiproxy/debian/compat | 1 + .../debian/conf/zgsiproxy.load | 2 + webdav/libapache2-mod-gsiproxy/debian/control | 15 +++ webdav/libapache2-mod-gsiproxy/debian/rules | 11 ++ .../debian/source/format | 1 + webdav/libapache2-mod-gsiproxy/mod_gsiproxy.c | 66 ++++++++++ .../libapache2-mod-want-digest/debian/apache2 | 2 + .../debian/changelog | 5 + .../libapache2-mod-want-digest/debian/compat | 1 + .../debian/conf/want_digest.load | 1 + .../libapache2-mod-want-digest/debian/control | 19 +++ .../libapache2-mod-want-digest/debian/rules | 23 ++++ .../debian/source/format | 1 + 21 files changed, 243 insertions(+), 154 deletions(-) delete mode 100644 webdav/conf/conf-available/dav.conf create mode 100644 webdav/libapache2-mod-gsiproxy/debian/apache2 create mode 100644 webdav/libapache2-mod-gsiproxy/debian/changelog create mode 100644 webdav/libapache2-mod-gsiproxy/debian/compat create mode 100644 webdav/libapache2-mod-gsiproxy/debian/conf/zgsiproxy.load create mode 100644 webdav/libapache2-mod-gsiproxy/debian/control create mode 100755 webdav/libapache2-mod-gsiproxy/debian/rules create mode 100644 webdav/libapache2-mod-gsiproxy/debian/source/format create mode 100644 webdav/libapache2-mod-gsiproxy/mod_gsiproxy.c create mode 100644 webdav/libapache2-mod-want-digest/debian/apache2 create mode 100644 webdav/libapache2-mod-want-digest/debian/changelog create mode 100644 webdav/libapache2-mod-want-digest/debian/compat create mode 100644 webdav/libapache2-mod-want-digest/debian/conf/want_digest.load create mode 100644 webdav/libapache2-mod-want-digest/debian/control create mode 100755 webdav/libapache2-mod-want-digest/debian/rules create mode 100644 webdav/libapache2-mod-want-digest/debian/source/format diff --git a/dev/Dockerfile b/dev/Dockerfile index 56b0b2c..5fb0d18 100644 --- a/dev/Dockerfile +++ b/dev/Dockerfile @@ -47,6 +47,7 @@ RUN dnf -y install yum-utils epel-release.noarch && \ rclone \ rsync \ vim \ + voms-clients-java \ which \ xmlsec1-devel \ xmlsec1-openssl-devel \ diff --git a/webdav/Dockerfile b/webdav/Dockerfile index 9dcb4fc..f31a48c 100644 --- a/webdav/Dockerfile +++ b/webdav/Dockerfile @@ -1,84 +1,55 @@ -FROM httpd:latest -# These variables are inherited from the httpd:alpine image: -# ENV HTTPD_PREFIX /usr/local/apache2 -# WORKDIR "$HTTPD_PREFIX" +FROM ubuntu:noble as deb_builder +RUN set -ex; \ + apt-get update; \ + apt-get install -y \ + apache2-dev \ + apache2-ssl-dev \ + build-essential \ + curl \ + libaprutil1-dev \ + libapr1-dev \ + libtool \ + zlib1g-dev + +COPY libapache2-mod-want-digest/ mod-want-digest/ +RUN cd mod-want-digest/; dpkg-buildpackage + +COPY libapache2-mod-gsiproxy mod-gsiproxy +RUN cd mod-gsiproxy; dpkg-buildpackage -# Copy in our configuration files. -COPY conf/ conf/ + +FROM ubuntu:noble RUN set -ex; \ - # Download current `mod_want_digest.c` file (and store into root dir) - cd /;\ apt-get update; \ - apt-get install -y curl; \ - curl -LJ https://github.com/wetzel-desy/mod_want_digest/tarball/main -o wetzel-desy-tarball; \ - tar -xf wetzel-desy-tarball; \ - FILENAME=$(find . -name mod_want_digest.c); \ - mv $FILENAME .; \ - rm -rf wetzel-desy-*; \ - cd $HTTPD_PREFIX;\ - \ - # Create empty default DocumentRoot. - mkdir -p "/var/www/html"; \ - # Create directories for Dav data and lock database. - mkdir -p "/var/lib/dav/data"; \ - touch "/var/lib/dav/DavLock"; \ - chown -R www-data:www-data "/var/lib/dav"; \ - \ - # Enable DAV modules. - for i in dav dav_fs; do \ - sed -i -e "/^#LoadModule ${i}_module.*/s/^#//" "conf/httpd.conf"; \ - done; \ - \ - # Make sure authentication modules are enabled. - for i in authn_core authn_file authz_core authz_user auth_basic auth_digest; do \ - sed -i -e "/^#LoadModule ${i}_module.*/s/^#//" "conf/httpd.conf"; \ - done; \ - \ - # Make sure other modules are enabled. - for i in alias headers mime setenvif; do \ - sed -i -e "/^#LoadModule ${i}_module.*/s/^#//" "conf/httpd.conf"; \ - done; \ - \ - # Run httpd as "www-data" (instead of "daemon"). - for i in User Group; do \ - sed -i -e "s|^$i .*|$i www-data|" "conf/httpd.conf"; \ - done; \ - \ - # Include enabled configs and sites. - printf '%s\n' "Include conf/conf-enabled/*.conf" \ - >> "conf/httpd.conf"; \ - printf '%s\n' "Include conf/sites-enabled/*.conf" \ - >> "conf/httpd.conf"; \ - \ - # Write output to file and to std(err|out)??? - sed -i -e 's/\/proc\/self\/fd\/2/"|\$tee -a \/proc\/self\/fd\/2 \/usr\/local\/apache2\/logs\/apacheerrors.log"/g' conf/httpd.conf; \ - sed -i -e 's/LogLevel warn/LogLevel debug/g' conf/httpd.conf; \ - touch logs/apacheerrors.log; \ - \ - # Enable dav and default site. - mkdir -p "conf/conf-enabled"; \ - mkdir -p "conf/sites-enabled"; \ - ln -s ../conf-available/dav.conf "conf/conf-enabled"; \ - ln -s ../sites-available/default.conf "conf/sites-enabled"; \ - # Install openssl if we need to generate a self-signed certificate. - # apk add --no-cache openssl - apt-get install openssl; \ - \ - # install mod_want_digest - mv /mod_want_digest.c mod_want_digest.c; \ - apt-get install -y libtool libaprutil1-dev libapr1-dev zlib1g-dev build-essential; \ - ln -s /usr/lib/x86_64-linux-gnu/libz.so /usr/lib/x86_64-linux-gnu/libzlib.so; \ - apxs -c -lzlib mod_want_digest.c; \ - apxs -ia mod_want_digest.la; \ - \ - # enable SSL - ln -s "../sites-available/default-ssl.conf" "conf/sites-enabled"; \ - sed -i -e "/^#LoadModule ssl_module.*/s/^#//" "conf/httpd.conf" + apt-get install -y \ + apache2 \ + apache2-dev \ + libapache2-mod-auth-openidc \ + libapache2-mod-oauth2 \ + gridsite \ + ; \ + apt-get clean + + +# Configure apache +COPY conf/ conf/ +RUN set -ex; \ + cp -R conf/* /etc/apache2/; \ + # Create directory for webdav + mkdir -p /var/www/webdav/digests /var/www/webdav/data; \ + chown -R www-data:www-data /var/www/webdav; \ + \ + a2enmod dav dav_fs auth_basic auth_digest auth_openidc alias headers mime setenvif; \ + a2dismod zgridsite; \ + a2dissite 000-default +# Install compiled modules +COPY --from=deb_builder /*.deb /tmp/ +RUN dpkg -i /tmp/*.deb COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh EXPOSE 80/tcp 443/tcp ENTRYPOINT [ "docker-entrypoint.sh" ] -CMD [ "httpd-foreground" ] +CMD ["apache2","-D","FOREGROUND"] diff --git a/webdav/conf/conf-available/dav.conf b/webdav/conf/conf-available/dav.conf deleted file mode 100644 index 5a08191..0000000 --- a/webdav/conf/conf-available/dav.conf +++ /dev/null @@ -1,10 +0,0 @@ -DavLockDB "/var/lib/dav/DavLock" -Alias / "/var/lib/dav/data/" - - Dav On - Options Indexes FollowSymLinks - - - Require all granted - - \ No newline at end of file diff --git a/webdav/conf/sites-available/default-ssl.conf b/webdav/conf/sites-available/default-ssl.conf index 7f3bd68..f60fa95 100644 --- a/webdav/conf/sites-available/default-ssl.conf +++ b/webdav/conf/sites-available/default-ssl.conf @@ -1,18 +1,29 @@ -Listen 443 - Protocols h2 http/1.1 ServerName localhost - DocumentRoot "/var/www/html/" - - Require all denied - + DocumentRoot /var/www/webdav/data/ + CustomLog /proc/self/fd/1 combined ErrorLog /proc/self/fd/2 + SSLEngine on - SSLCertificateFile /web1cert.pem - SSLCertificateKeyFile /web1key.pem - SSLProtocol all -SSLv3 + SSLCertificateFile /etc/grid-security/hostcert.pem + SSLCertificateKeyFile /etc/grid-security/hostkey.pem + SSLCACertificatePath /etc/grid-security/certificates/ + SSLVerifyClient require + SSLVerifyDepth 10 + SSLOptions +StdEnvVars + SSLProtocol TLSv1.2 SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS - SSLHonorCipherOrder on - SSLSessionTickets off + + AllowEncodedSlashes on + + + Dav On + Options Indexes FollowSymLinks + DigestRootDir /var/www/webdav/digests/ + + + Require all granted + + diff --git a/webdav/conf/sites-available/default.conf b/webdav/conf/sites-available/default.conf index e309338..a96a6fc 100644 --- a/webdav/conf/sites-available/default.conf +++ b/webdav/conf/sites-available/default.conf @@ -1,11 +1,19 @@ ServerName localhost - DocumentRoot "/var/www/html/" - - Require all denied - + DocumentRoot /var/www/webdav/data/ + CustomLog /proc/self/fd/1 combined ErrorLog /proc/self/fd/2 - # This lets certain DAV methods work behind an SSL reverse proxy. - RequestHeader edit Destination ^https http early + + AllowEncodedSlashes on + + + Dav On + Options Indexes FollowSymLinks + DigestRootDir /var/www/webdav/digests/ + + + Require all granted + + diff --git a/webdav/docker-entrypoint.sh b/webdav/docker-entrypoint.sh index 3103571..530860c 100755 --- a/webdav/docker-entrypoint.sh +++ b/webdav/docker-entrypoint.sh @@ -1,61 +1,14 @@ #!/bin/sh set -e +. /etc/apache2/envvars -# Just in case this environment variable has gone missing. -HTTPD_PREFIX="${HTTPD_PREFIX:-/usr/local/apache2}" - -# Configure vhosts. -if [ "x$SERVER_NAMES" != "x" ]; then - # Use first domain as Apache ServerName. - SERVER_NAME="${SERVER_NAMES%%,*}" - sed -e "s|ServerName .*|ServerName $SERVER_NAME|" \ - -i "$HTTPD_PREFIX"/conf/sites-available/default*.conf - - # Replace commas with spaces and set as Apache ServerAlias. - SERVER_ALIAS="`printf '%s\n' "$SERVER_NAMES" | tr ',' ' '`" - sed -e "/ServerName/a\ \ ServerAlias $SERVER_ALIAS" \ - -i "$HTTPD_PREFIX"/conf/sites-available/default*.conf -fi - -# Configure dav.conf -if [ "x$LOCATION" != "x" ]; then - sed -e "s|Alias .*|Alias $LOCATION /var/lib/dav/data/|" \ - -i "$HTTPD_PREFIX/conf/conf-available/dav.conf" -fi -if [ "x$REALM" != "x" ]; then - sed -e "s|AuthName .*|AuthName \"$REALM\"|" \ - -i "$HTTPD_PREFIX/conf/conf-available/dav.conf" +# Certificates have been mounted by the user. +a2dismod zgridsite +if [ -e /etc/grid-security/hostcert.pem ] && [ -e /etc/grid-security/hostkey.pem ]; then + a2ensite default-ssl else - REALM="WebDAV" + a2dissite default fi -if [ "x$AUTH_TYPE" != "x" ]; then - # Only support "Basic" and "Digest". - if [ "$AUTH_TYPE" != "Basic" ] && [ "$AUTH_TYPE" != "Digest" ]; then - printf '%s\n' "$AUTH_TYPE: Unknown AuthType" 1>&2 - exit 1 - fi - sed -e "s|AuthType .*|AuthType $AUTH_TYPE|" \ - -i "$HTTPD_PREFIX/conf/conf-available/dav.conf" -fi - -# This will either be the self-signed certificate generated above or one that -# has been bind mounted in by the user. -if [ -e /privkey.pem ] && [ -e /cert.pem ]; then - # Enable SSL Apache modules. - for i in http2 ssl; do - sed -e "/^#LoadModule ${i}_module.*/s/^#//" \ - -i "$HTTPD_PREFIX/conf/httpd.conf" - done - # Enable SSL vhost. - ln -sf ../sites-available/default-ssl.conf \ - "$HTTPD_PREFIX/conf/sites-enabled" -fi - -# Create directories for Dav data and lock database. -[ ! -d "/var/lib/dav/data" ] && mkdir -p "/var/lib/dav/data" -[ ! -d "/var/lib/dav/data/rucio" ] && mkdir -p "/var/lib/dav/data/rucio" -[ ! -e "/var/lib/dav/DavLock" ] && touch "/var/lib/dav/DavLock" -chown -R www-data:www-data "/var/lib/dav" exec "$@" diff --git a/webdav/libapache2-mod-gsiproxy/debian/apache2 b/webdav/libapache2-mod-gsiproxy/debian/apache2 new file mode 100644 index 0000000..ee39dd9 --- /dev/null +++ b/webdav/libapache2-mod-gsiproxy/debian/apache2 @@ -0,0 +1,2 @@ +mod .libs/mod_gsiproxy.so +mod debian/conf/zgsiproxy.load diff --git a/webdav/libapache2-mod-gsiproxy/debian/changelog b/webdav/libapache2-mod-gsiproxy/debian/changelog new file mode 100644 index 0000000..6cc4806 --- /dev/null +++ b/webdav/libapache2-mod-gsiproxy/debian/changelog @@ -0,0 +1,5 @@ +libapache2-mod-gsiproxy (1.0.0) stable; urgency=medium + + * Initial commit + + -- Radu Carpa Fri, 22 Dec 2023 11:39:22 +0100 diff --git a/webdav/libapache2-mod-gsiproxy/debian/compat b/webdav/libapache2-mod-gsiproxy/debian/compat new file mode 100644 index 0000000..3cacc0b --- /dev/null +++ b/webdav/libapache2-mod-gsiproxy/debian/compat @@ -0,0 +1 @@ +12 \ No newline at end of file diff --git a/webdav/libapache2-mod-gsiproxy/debian/conf/zgsiproxy.load b/webdav/libapache2-mod-gsiproxy/debian/conf/zgsiproxy.load new file mode 100644 index 0000000..a761ea5 --- /dev/null +++ b/webdav/libapache2-mod-gsiproxy/debian/conf/zgsiproxy.load @@ -0,0 +1,2 @@ +# Depends: ssl +LoadModule gsi_proxy_certs_module /usr/lib/apache2/modules/mod_gsiproxy.so diff --git a/webdav/libapache2-mod-gsiproxy/debian/control b/webdav/libapache2-mod-gsiproxy/debian/control new file mode 100644 index 0000000..299b49a --- /dev/null +++ b/webdav/libapache2-mod-gsiproxy/debian/control @@ -0,0 +1,15 @@ +Source: libapache2-mod-gsiproxy +Maintainer: Rucio +Section: web +Priority: optional +Standards-Version: 1.0.0 +Build-Depends: + apache2-dev, + apache2-ssl-dev + +Package: libapache2-mod-gsiproxy +Architecture: any +Depends: + ${shlibs:Depends}, + ${misc:Depends} +Description: Apache2 module which activates support for GSI X509 proxy certificates in mod_ssl diff --git a/webdav/libapache2-mod-gsiproxy/debian/rules b/webdav/libapache2-mod-gsiproxy/debian/rules new file mode 100755 index 0000000..1a1b3a5 --- /dev/null +++ b/webdav/libapache2-mod-gsiproxy/debian/rules @@ -0,0 +1,11 @@ +#!/usr/bin/make -f + +override_dh_auto_build: + apxs -Wc,-ffile-prefix-map=$(CURDIR)=. -lz -c mod_gsiproxy.c + +override_dh_clean: + rm -rf .libs + dh_clean + +%: + dh $@ --with apache2 diff --git a/webdav/libapache2-mod-gsiproxy/debian/source/format b/webdav/libapache2-mod-gsiproxy/debian/source/format new file mode 100644 index 0000000..89ae9db --- /dev/null +++ b/webdav/libapache2-mod-gsiproxy/debian/source/format @@ -0,0 +1 @@ +3.0 (native) diff --git a/webdav/libapache2-mod-gsiproxy/mod_gsiproxy.c b/webdav/libapache2-mod-gsiproxy/mod_gsiproxy.c new file mode 100644 index 0000000..4d4dcc3 --- /dev/null +++ b/webdav/libapache2-mod-gsiproxy/mod_gsiproxy.c @@ -0,0 +1,66 @@ +#include "http_core.h" +#include "openssl/ssl.h" +#include "openssl/x509.h" +#include "mod_ssl.h" + +extern module AP_MODULE_DECLARE_DATA ssl_module; + +#ifndef BOOL +#define BOOL unsigned int +#endif + +typedef struct { + void *sc; + SSL_CTX *ssl_ctx; +} modssl_ctx_t; + +typedef enum { + SSL_ENABLED_UNSET = -1, + SSL_ENABLED_FALSE = 0, + SSL_ENABLED_TRUE = 1, + SSL_ENABLED_OPTIONAL = 3 +} ssl_enabled_t; + +typedef struct { + void *mc; + ssl_enabled_t enabled; + BOOL proxy_enabled; + const char *vhost_id; + int vhost_id_len; + int session_cache_timeout; + BOOL cipher_server_pref; + BOOL insecure_reneg; + modssl_ctx_t *server; + modssl_ctx_t *proxy; +} SSLSrvConfigRec; + +int hook_post_config(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *base_server) +{ + SSLSrvConfigRec *sc; + server_rec *s; + for (s = base_server; s; s = s->next) { + sc = (SSLSrvConfigRec *)ap_get_module_config(s->module_config, &ssl_module); + if (sc && sc->enabled && sc->server && sc->server->ssl_ctx){ + X509_VERIFY_PARAM *param = SSL_CTX_get0_param(sc->server->ssl_ctx); + X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_ALLOW_PROXY_CERTS); + } + } + return OK; +} + +static void register_hooks(apr_pool_t *pool) +{ + static const char * const dep[] = { "mod_ssl.c", NULL }; + ap_hook_post_config(hook_post_config, dep, NULL, APR_HOOK_MIDDLE); +} + +module AP_MODULE_DECLARE_DATA gsi_proxy_certs_module = +{ + STANDARD20_MODULE_STUFF, + NULL, + NULL, + NULL, + NULL, + NULL, + register_hooks +}; diff --git a/webdav/libapache2-mod-want-digest/debian/apache2 b/webdav/libapache2-mod-want-digest/debian/apache2 new file mode 100644 index 0000000..59addff --- /dev/null +++ b/webdav/libapache2-mod-want-digest/debian/apache2 @@ -0,0 +1,2 @@ +mod .libs/mod_want_digest.so +mod debian/conf/want_digest.load diff --git a/webdav/libapache2-mod-want-digest/debian/changelog b/webdav/libapache2-mod-want-digest/debian/changelog new file mode 100644 index 0000000..3bf67bf --- /dev/null +++ b/webdav/libapache2-mod-want-digest/debian/changelog @@ -0,0 +1,5 @@ +libapache2-mod-want-digest (0.2.3) stable; urgency=medium + + * Initial commit + + -- Radu Carpa Fri, 22 Dec 2023 11:39:22 +0100 diff --git a/webdav/libapache2-mod-want-digest/debian/compat b/webdav/libapache2-mod-want-digest/debian/compat new file mode 100644 index 0000000..3cacc0b --- /dev/null +++ b/webdav/libapache2-mod-want-digest/debian/compat @@ -0,0 +1 @@ +12 \ No newline at end of file diff --git a/webdav/libapache2-mod-want-digest/debian/conf/want_digest.load b/webdav/libapache2-mod-want-digest/debian/conf/want_digest.load new file mode 100644 index 0000000..f8eecc6 --- /dev/null +++ b/webdav/libapache2-mod-want-digest/debian/conf/want_digest.load @@ -0,0 +1 @@ +LoadModule want_digest_filter_module /usr/lib/apache2/modules/mod_want_digest.so diff --git a/webdav/libapache2-mod-want-digest/debian/control b/webdav/libapache2-mod-want-digest/debian/control new file mode 100644 index 0000000..041800b --- /dev/null +++ b/webdav/libapache2-mod-want-digest/debian/control @@ -0,0 +1,19 @@ +Source: libapache2-mod-want-digest +Maintainer: Rucio +Section: web +Priority: optional +Standards-Version: 0.2.3 +Build-Depends: + curl, + apache2-dev, + libtool, + libaprutil1-dev, + libapr1-dev, + zlib1g-dev + +Package: libapache2-mod-want-digest +Architecture: any +Depends: + ${shlibs:Depends}, + ${misc:Depends} +Description: Apache2 httpd module that implements a data integrity check in accordance with RFC 3230 diff --git a/webdav/libapache2-mod-want-digest/debian/rules b/webdav/libapache2-mod-want-digest/debian/rules new file mode 100755 index 0000000..1c895e7 --- /dev/null +++ b/webdav/libapache2-mod-want-digest/debian/rules @@ -0,0 +1,23 @@ +#!/usr/bin/make -f + +override_dh_auto_build: + curl -LJ https://github.com/wetzel-desy/mod_want_digest/tarball/main -o mod_want_digest.tar.gz + tar -xf mod_want_digest.tar.gz --strip-components=1 --wildcards "*mod_want_digest.c" + apxs -Wc,-ffile-prefix-map=$(CURDIR)=. -lz -c mod_want_digest.c + +override_dh_auto_install: + # Don't install using the upstream Makefile. Use apache2 and + # examples files instead. + +override_dh_installexamples: + # Examples were renamed, let's follow the scheme: + dh_installexamples + +override_dh_clean: + # Clean built files: + rm -rf .libs + # Clean renamed examples: + dh_clean + +%: + dh $@ --with apache2 diff --git a/webdav/libapache2-mod-want-digest/debian/source/format b/webdav/libapache2-mod-want-digest/debian/source/format new file mode 100644 index 0000000..89ae9db --- /dev/null +++ b/webdav/libapache2-mod-want-digest/debian/source/format @@ -0,0 +1 @@ +3.0 (native)