From: Sam Hartman Date: Wed, 15 Dec 2010 02:12:43 +0000 (-0500) Subject: Merge in upstream/2.4+dfsg into experimental. X-Git-Url: http://www.project-moonshot.org/gitweb/?p=shibboleth%2Fsp.git;a=commitdiff_plain;h=02d51181ac49dc3d4002ee0a390615c7f03633c5 Merge in upstream/2.4+dfsg into experimental. --- 02d51181ac49dc3d4002ee0a390615c7f03633c5 diff --cc configs/Makefile.am index ee604e6,38f1446..5858307 --- a/configs/Makefile.am +++ b/configs/Makefile.am @@@ -4,8 -4,8 +4,8 @@@ AUTOMAKE_OPTIONS = foreig pkglibdir = ${libdir}/@PACKAGE@ pkglogdir = ${localstatedir}/log/@PACKAGE@ - pkgdocdir = ${datadir}/doc/@PACKAGE@ -pkgdocdir = $(datadir)/doc/@PACKAGE@-@PACKAGE_VERSION@ -shirelogdir = ${localstatedir}/log/httpd ++pkgdocdir = $(datadir)/doc/@PACKAGE@ +shirelogdir = ${localstatedir}/log/apache2 pkgxmldir = $(datadir)/xml/@PACKAGE@ pkgrundir = $(localstatedir)/run/@PACKAGE@ pkgsysconfdir = $(sysconfdir)/@PACKAGE@ diff --cc configs/keygen.sh index e68607c,4ee69f6..bb89e80 --- a/configs/keygen.sh +++ b/configs/keygen.sh @@@ -1,13 -1,11 +1,15 @@@ #! /bin/sh +# Added for Debian. The upstream version is installed in /etc/shibboleth and +# for Debian we wanted to move it to /usr/bin, so change directories so that +# it puts files in the correct location. +cd /etc/shibboleth - - while getopts h:e:y:bf c + while getopts h:u:g:o:e:y:bf c do case $c in + u) USER=$OPTARG;; + g) GROUP=$OPTARG;; + o) OUT=$OPTARG;; b) BATCH=1;; f) FORCE=1;; h) FQDN=$OPTARG;; diff --cc configs/metagen.sh index 16c9180,e460240..ce71382 --- a/configs/metagen.sh +++ b/configs/metagen.sh @@@ -1,18 -1,50 +1,50 @@@ -#! /bin/sh +#! /bin/bash - while getopts a:c:e:h:n:o:s:t: c + DECLS=1 + + SAML1=0 + SAML2=0 + ARTIFACT=0 + DS=0 + LOGOUT=0 + NAMEIDMGMT=0 + + SAML10PROT="urn:oasis:names:tc:SAML:1.0:protocol" + SAML11PROT="urn:oasis:names:tc:SAML:1.1:protocol" + SAML20PROT="urn:oasis:names:tc:SAML:2.0:protocol" + + SAML20SOAP="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" + SAML20REDIRECT="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" + SAML20POST="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" + SAML20POSTSS="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" + SAML20ART="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" + SAML20PAOS="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" + + SAML1POST="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" + SAML1ART="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" + + while getopts a:c:e:f:h:n:o:s:t:u:12ADLNO c do case $c in - c) CERTS[${#CERTS[*]}]=$OPTARG;; - e) ENTITYID=$OPTARG;; - h) HOSTS[${#HOSTS[*]}]=$OPTARG;; - n) NAKEDHOSTS[${#NAKEDHOSTS[*]}]=$OPTARG;; - o) ORGNAME=$OPTARG;; - a) ADMIN[${#ADMIN[*]}]=$OPTARG;; - s) SUP[${#SUP[*]}]=$OPTARG;; - t) TECH[${#TECH[*]}]=$OPTARG;; - \?) echo metagen -c cert1 [-c cert2 ...] -h host1 [-h host2 ...] [-e entityID] - exit 1;; + c) CERTS[${#CERTS[*]}]=$OPTARG;; + e) ENTITYID=$OPTARG;; + f) FORMATS[${#FORMATS[*]}]=$OPTARG;; + h) HOSTS[${#HOSTS[*]}]=$OPTARG;; + n) NAKEDHOSTS[${#NAKEDHOSTS[*]}]=$OPTARG;; + o) ORGNAME=$OPTARG;; + a) ADMIN[${#ADMIN[*]}]=$OPTARG;; + s) SUP[${#SUP[*]}]=$OPTARG;; + t) TECH[${#TECH[*]}]=$OPTARG;; + u) URL=$OPTARG;; + 1) SAML1=1;; + 2) SAML2=1;; + A) ARTIFACT=1;; + D) DS=1;; + L) LOGOUT=1;; + N) NAMEIDMGMT=1;; + O) DECLS=0;; + \?) echo metagen [-12ADLNO] -c cert1 [-c cert2 ...] -h host1 [-h host2 ...] [-e entityID] + exit 1;; esac done diff --cc configs/native.logger.in index 2927392,8c17632..7d2cff2 --- a/configs/native.logger.in +++ b/configs/native.logger.in @@@ -26,23 -26,17 +26,29 @@@ log4j.category.XMLTooling.libcurl=INF # define the appender -log4j.appender.native_log=org.apache.log4j.RollingFileAppender -log4j.appender.native_log.fileName=@-SHIRELOGDIR-@/native.log -log4j.appender.native_log.maxFileSize=1000000 -log4j.appender.native_log.maxBackupIndex=10 -log4j.appender.native_log.layout=org.apache.log4j.PatternLayout -log4j.appender.native_log.layout.ConversionPattern=%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n +# This is the default, but it's essentially useless under normal +# circumstances since Apache doesn't have access to write to that +# directory. +#log4j.appender.native_log=org.apache.log4j.RollingFileAppender +#log4j.appender.native_log.fileName=@-SHIRELOGDIR-@/native.log +#log4j.appender.native_log.maxFileSize=1000000 +#log4j.appender.native_log.maxBackupIndex=10 - ##log4j.appender.native_log.layout=org.apache.log4j.BasicLayout +#log4j.appender.native_log.layout=org.apache.log4j.PatternLayout +#log4j.appender.native_log.layout.ConversionPattern=%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n + log4j.appender.warn_log=org.apache.log4j.RollingFileAppender + log4j.appender.warn_log.fileName=@-SHIRELOGDIR-@/native_warn.log + log4j.appender.warn_log.maxFileSize=1000000 + log4j.appender.warn_log.maxBackupIndex=10 + log4j.appender.warn_log.layout=org.apache.log4j.PatternLayout + log4j.appender.warn_log.layout.ConversionPattern=%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n + log4j.appender.warn_log.threshold=WARN +# Use syslog instead, since then at least the messages will go somewhere. +# That facility is (3 << 3) or LOG_DAEMON, since log4cpp apparently +# doesn't recognize symbolic log facilities. +# +# This is a Debian-specific change. +log4j.appender.native_log=org.apache.log4j.LocalSyslogAppender +log4j.appender.native_log.syslogName=shibboleth-sp +log4j.appender.native_log.facility=24 +log4j.appender.native_log.layout=org.apache.log4j.BasicLayout diff --cc configs/shibd-debian.in index 75c2fa2,59f0995..da41cd2 --- a/configs/shibd-debian.in +++ b/configs/shibd-debian.in @@@ -99,12 -66,10 +99,11 @@@ start stop) echo -n "Stopping $DESC: " start-stop-daemon --stop --quiet --pidfile $PIDFILE \ -- --exec $DAEMON ++ --retry TERM/30/KILL/5 --exec $DAEMON echo "$NAME." ;; restart|force-reload) + prepare_environment - echo -n "Restarting $DESC: " start-stop-daemon --stop --quiet --pidfile $PIDFILE \ --exec $DAEMON