Release a new version of the Apache module, with the context support.

diff --git a/itkacl-2.1/itkacl-test.c b/itkacl-2.1/itkacl-test.c
deleted file mode 100644 (file)
index 49388d4..0000000
--- a/itkacl-2.1/itkacl-test.c
+++ /dev/null
@@ -1,19 +0,0 @@
-#include <stdio.h>
-
-int itkacl_check(const char * const realm, const char * const user,
-               char *errmsg, size_t errmsg_size);
-       
-int main()
-{
-       char errmsg[1024];
-       int ret = itkacl_check("/login/unix-servers/cirkus", "sesse", errmsg, sizeof(errmsg));
-
-       if (ret == 0) {
-               printf("OK\n");
-       } else if (ret == -1) {
-               printf("Error: %s\n", errmsg);
-       } else {
-               printf("Not OK\n");
-       }
-       return 0;
-}

diff --git a/itkacl-2.1/itkacl.h b/itkacl-2.1/itkacl.h
deleted file mode 100644 (file)
index 32d94a7..0000000
--- a/itkacl-2.1/itkacl.h
+++ /dev/null
@@ -1,14 +0,0 @@
-#ifndef _ITKACL_H
-#define _ITKACL_H
-
-/*
- * itkacl control library, version 0.1
- *
- * (C) 2004-2009 Steinar H. Gunderson
- * GPL, v2.
- */
-
-int itkacl_check(const char * const realm, const char * const user,
-                char *errmsg, size_t errmsg_size);
-
-#endif  /* !defined(_ITKACL_H) */

diff --git a/itkacl-2.1/Makefile b/itkacl-2.2/Makefile
similarity index 97%
rename from itkacl-2.1/Makefile
rename to itkacl-2.2/Makefile
index 99ef295e0fa49d9970feccd79f3477386a65af79..029de705ab9c0cd4300e57cff3375b86303f91d4 100644 (file)
--- a/itkacl-2.1/Makefile
+++ b/itkacl-2.2/Makefile
@@ -6,7 +6,7 @@ RANLIB=ranlib
 PREFIX=/usr/local
 
 SONAME=libitkacl.so.2
-LIBNAME=libitkacl.so.2.0.0
+LIBNAME=libitkacl.so.2.0.1
 
 all: libitkacl.a $(LIBNAME) itkacl-test
 clean:

diff --git a/itkacl-2.1/config.pm b/itkacl-2.2/config.pm
similarity index 100%
rename from itkacl-2.1/config.pm
rename to itkacl-2.2/config.pm

diff --git a/itkacl-2.1/debian/changelog b/itkacl-2.2/debian/changelog
similarity index 63%
rename from itkacl-2.1/debian/changelog
rename to itkacl-2.2/debian/changelog
index cf405bfa203cb3b9c0f902f7cf6c87af16f3171b..601f816055a5cc911e87ab8d64d544c8b42552e9 100644 (file)
--- a/itkacl-2.1/debian/changelog
+++ b/itkacl-2.2/debian/changelog
@@ -1,3 +1,11 @@
+itkacl (2.2) unstable; urgency=medium
+
+  * Add an API for keeping a permanent library context, for performance reasons
+    (unbound in buster and newer needs a lot of CU time for creating a new DNS
+    context).
+
+ -- Steinar H. Gunderson <sesse@samfundet.no>  Tue, 15 Mar 2022 21:59:20 +0100
+
 itkacl (2.1) unstable; urgency=low
 
   * Make the core library support a configuration file (/etc/itkacl.conf),

diff --git a/itkacl-2.1/debian/compat b/itkacl-2.2/debian/compat
similarity index 100%
rename from itkacl-2.1/debian/compat
rename to itkacl-2.2/debian/compat

diff --git a/itkacl-2.1/debian/control b/itkacl-2.2/debian/control
similarity index 100%
rename from itkacl-2.1/debian/control
rename to itkacl-2.2/debian/control

diff --git a/itkacl-2.1/debian/copyright b/itkacl-2.2/debian/copyright
similarity index 100%
rename from itkacl-2.1/debian/copyright
rename to itkacl-2.2/debian/copyright

diff --git a/itkacl-2.1/debian/itkacl-sync.dirs b/itkacl-2.2/debian/itkacl-sync.dirs
similarity index 100%
rename from itkacl-2.1/debian/itkacl-sync.dirs
rename to itkacl-2.2/debian/itkacl-sync.dirs

diff --git a/itkacl-2.1/debian/itkacl-sync.install b/itkacl-2.2/debian/itkacl-sync.install
similarity index 100%
rename from itkacl-2.1/debian/itkacl-sync.install
rename to itkacl-2.2/debian/itkacl-sync.install

diff --git a/itkacl-2.1/debian/libitkacl-dev.install b/itkacl-2.2/debian/libitkacl-dev.install
similarity index 100%
rename from itkacl-2.1/debian/libitkacl-dev.install
rename to itkacl-2.2/debian/libitkacl-dev.install

diff --git a/itkacl-2.1/debian/libitkacl2.install b/itkacl-2.2/debian/libitkacl2.install
similarity index 100%
rename from itkacl-2.1/debian/libitkacl2.install
rename to itkacl-2.2/debian/libitkacl2.install

diff --git a/itkacl-2.1/debian/rules b/itkacl-2.2/debian/rules
similarity index 100%
rename from itkacl-2.1/debian/rules
rename to itkacl-2.2/debian/rules

diff --git a/itkacl-2.2/itkacl-test.c b/itkacl-2.2/itkacl-test.c
new file mode 100644 (file)
index 0000000..88d2777
--- /dev/null
+++ b/itkacl-2.2/itkacl-test.c
@@ -0,0 +1,28 @@
+#include <stdio.h>
+#include "itkacl.h"
+
+int main()
+{
+       char errmsg[1024];
+       int ret;
+       struct itkacl_ctx *ctx;
+
+       ctx = itkacl_create_ctx(errmsg, sizeof(errmsg));
+       if (ctx == NULL) {
+               printf("Error while creating context: %s\n", errmsg);
+               return 1;
+       }
+
+       ret = itkacl_check_with_ctx(ctx, "/login/unix-servers/cirkus", "sesse", errmsg, sizeof(errmsg));
+
+       itkacl_free_ctx(ctx);
+
+       if (ret == 0) {
+               printf("OK\n");
+       } else if (ret == -1) {
+               printf("Error: %s\n", errmsg);
+       } else {
+               printf("Not OK\n");
+       }
+       return 0;
+}

diff --git a/itkacl-2.1/itkacl.c b/itkacl-2.2/itkacl.c
similarity index 76%
rename from itkacl-2.1/itkacl.c
rename to itkacl-2.2/itkacl.c
index eda3ebb70dbe00694a87d3d23f0d1abe9b5717e8..d7bdfa016c06bc37225628cda3b098f2c62d317a 100644 (file)
--- a/itkacl-2.1/itkacl.c
+++ b/itkacl-2.2/itkacl.c
@@ -1,7 +1,7 @@
 /*
  * ITKACL control library.
  *
- * (C) 2004-2013 Steinar H. Gunderson
+ * (C) 2004-2022 Steinar H. Gunderson
  * GPL, v2.
  */
 #include <stdio.h>
@@ -13,12 +13,19 @@
 #include <ctype.h>
 #include <unbound.h>
 
+#include "itkacl.h"
+
 struct itkacl_config {
        char nszone[256];
        int require_dnssec;
        char dnssec_public_key[256];
 };
 
+struct itkacl_ctx {
+       struct itkacl_config config;
+       struct ub_ctx *ubctx;
+};
+
 #define CONFIG_FILENAME "/etc/itkacl.conf"
 
 static int itkacl_read_config(const char * const filename,
@@ -106,18 +113,105 @@ static int itkacl_read_config(const char * const filename,
 int itkacl_check(const char * const realm, const char * const user,
                 char *errmsg, size_t errmsg_size)
 {
-       struct itkacl_config config;
+       struct itkacl_ctx *ctx;
+       int err;
+
+       ctx = itkacl_create_ctx(errmsg, errmsg_size);
+       if (ctx == NULL) {
+               return -1;
+       }
+
+       err = itkacl_check_with_ctx(ctx, realm, user, errmsg, errmsg_size);
+
+       itkacl_free_ctx(ctx);
+
+       return err;
+}
+
+struct itkacl_ctx *itkacl_create_ctx(char *errmsg, size_t errmsg_size)
+{
+       struct itkacl_ctx *ctx;
+       int ret;
+
+       ctx = (struct itkacl_ctx *)malloc(sizeof(struct itkacl_ctx));
+       if (ctx == NULL) {
+               if (errmsg)
+                       snprintf(errmsg, errmsg_size, "Memory allocation failed");
+               return NULL;
+       }
+
+       if (itkacl_read_config(CONFIG_FILENAME, &ctx->config, errmsg, errmsg_size) != 0) {
+               free(ctx);
+               return NULL;
+       }
+
+       /* Create the DNS resolver context. */
+       ctx->ubctx = ub_ctx_create();
+       if (ctx->ubctx == NULL) {
+               if (errmsg)
+                       snprintf(errmsg, errmsg_size, "Host name lookup failure: Could not create DNS context");
+               free(ctx);
+               return NULL;
+       }
+
+       ret = ub_ctx_resolvconf(ctx->ubctx, NULL);
+       if (ret != 0) {
+               if (errmsg)
+                       snprintf(errmsg, errmsg_size,
+                                "Host name lookup failure: Could not read resolv.conf "
+                                "(resolver error: %s) (system error: %s)",
+                                ub_strerror(ret), strerror(errno));
+               ub_ctx_delete(ctx->ubctx);
+               free(ctx);
+               return NULL;
+       }
+
+       ret = ub_ctx_hosts(ctx->ubctx, NULL);
+       if (ret != 0) {
+               if (errmsg)
+                       snprintf(errmsg, errmsg_size,
+                                "Host name lookup failure: Could not read hosts file "
+                                "(resolver error: %s) (system error: %s)",
+                                ub_strerror(ret), strerror(errno));
+               ub_ctx_delete(ctx->ubctx);
+               free(ctx);
+               return NULL;
+       }
+
+       if (strlen(ctx->config.dnssec_public_key) != 0) {
+               ret = ub_ctx_add_ta_file(ctx->ubctx, ctx->config.dnssec_public_key);
+               if (ret != 0) {
+                       if (errmsg)
+                               snprintf(errmsg, errmsg_size,
+                                        "Host name lookup failure: Error adding keys from %s "
+                                        "(resolver error: %s) (system error: %s)",
+                                        ctx->config.dnssec_public_key,
+                                        ub_strerror(ret), strerror(errno));
+                       ub_ctx_delete(ctx->ubctx);
+                       free(ctx);
+                       return NULL;
+               }
+       }
+
+       return ctx;
+}
+
+void itkacl_free_ctx(struct itkacl_ctx *ctx)
+{
+       ub_ctx_delete(ctx->ubctx);
+       free(ctx);
+}
+
+int itkacl_check_with_ctx(struct itkacl_ctx *ctx,
+                          const char * const realm, const char * const user,
+                         char *errmsg, size_t errmsg_size)
+{
        int ret, nxdomain;
        const char *ptr;
        char nszone[256];
        char temp[256];
-       struct ub_ctx* ctx;
        struct ub_result* result;
 
-       if (itkacl_read_config(CONFIG_FILENAME, &config, errmsg, errmsg_size) != 0) {
-               return -1;
-       }
-
        if (realm[0] != '/') {
                if (errmsg)
                        snprintf(errmsg, errmsg_size, "Invalid realm '%s' (missing leading /)",
@@ -155,7 +249,7 @@ int itkacl_check(const char * const realm, const char * const user,
 
        /* traverse the realm entry by entry from the root,
         * creating a DNS zone name as we go */
-       strcpy(nszone, config.nszone);
+       strcpy(nszone, ctx->config.nszone);
        ptr = realm;
        while (*ptr) {
                /* copy all characters to next / or end of string */
@@ -187,57 +281,12 @@ int itkacl_check(const char * const realm, const char * const user,
        strcpy(temp, nszone);
        sprintf(nszone, "%s.%s", user, temp);
 
-       /* Create the DNS resolver context. */
-       ctx = ub_ctx_create();
-       if (ctx == NULL) {
-               if (errmsg)
-                       snprintf(errmsg, errmsg_size, "Host name lookup failure: Could not create DNS context");
-               return -1;
-       }
-
-       ret = ub_ctx_resolvconf(ctx, NULL);
-       if (ret != 0) {
-               if (errmsg)
-                       snprintf(errmsg, errmsg_size,
-                                "Host name lookup failure: Could not read resolv.conf "
-                                "(resolver error: %s) (system error: %s)",
-                                ub_strerror(ret), strerror(errno));
-               ub_ctx_delete(ctx);
-               return -1;
-       }
-
-       ret = ub_ctx_hosts(ctx, NULL);
-       if (ret != 0) {
-               if (errmsg)
-                       snprintf(errmsg, errmsg_size,
-                                "Host name lookup failure: Could not read hosts file "
-                                "(resolver error: %s) (system error: %s)",
-                                ub_strerror(ret), strerror(errno));
-               ub_ctx_delete(ctx);
-               return -1;
-       }
-
-       if (strlen(config.dnssec_public_key) != 0) {
-               ret = ub_ctx_add_ta_file(ctx, config.dnssec_public_key);
-               if (ret != 0) {
-                       if (errmsg)
-                               snprintf(errmsg, errmsg_size,
-                                        "Host name lookup failure: Error adding keys from %s "
-                                        "(resolver error: %s) (system error: %s)",
-                                        config.dnssec_public_key,
-                                        ub_strerror(ret), strerror(errno));
-                       ub_ctx_delete(ctx);
-                       return -1;
-               }
-       }
-
        /* Do the actual DNS lookup (TYPE A, CLASS IN). */
-       ret = ub_resolve(ctx, nszone, 1, 1, &result);
+       ret = ub_resolve(ctx->ubctx, nszone, 1, 1, &result);
        if (ret != 0) {
                if (errmsg)
                        snprintf(errmsg, errmsg_size, "Host name lookup failure: %s",
                                 ub_strerror(ret));
-               ub_ctx_delete(ctx);
                return -1;
        }
 
@@ -247,22 +296,19 @@ int itkacl_check(const char * const realm, const char * const user,
                        snprintf(errmsg, errmsg_size,
                                 "Host name lookup failure: Bogus DNSSEC result (security failure)");
                ub_resolve_free(result);
-               ub_ctx_delete(ctx);
                return -1;
        }
-       if (config.require_dnssec && !result->secure) {
+       if (ctx->config.require_dnssec && !result->secure) {
                if (errmsg)
                        snprintf(errmsg, errmsg_size,
                                 "Host name lookup failure: Result was not secured with DNSSEC");
                ub_resolve_free(result);
-               ub_ctx_delete(ctx);
                return -1;
        }
 
        nxdomain = result->nxdomain;
 
        ub_resolve_free(result);
-       ub_ctx_delete(ctx);
 
        if (nxdomain)
                return 1;

diff --git a/itkacl-2.1/itkacl.conf b/itkacl-2.2/itkacl.conf
similarity index 100%
rename from itkacl-2.1/itkacl.conf
rename to itkacl-2.2/itkacl.conf

diff --git a/itkacl-2.2/itkacl.h b/itkacl-2.2/itkacl.h
new file mode 100644 (file)
index 0000000..77be702
--- /dev/null
+++ b/itkacl-2.2/itkacl.h
@@ -0,0 +1,32 @@
+#ifndef _ITKACL_H
+#define _ITKACL_H
+
+/*
+ * itkacl control library, version 2.2
+ *
+ * (C) 2004-2022 Steinar H. Gunderson
+ * GPL, v2.
+ */
+
+int itkacl_check(const char * const realm, const char * const user,
+                char *errmsg, size_t errmsg_size);
+
+/*
+ * Opaque context. A context is created with itkacl_create_ctx()
+ * and freed with itkacl_free_ctx(), and is thread-safe.
+ * If you are making multiple calls to itkacl_check(), it is faster
+ * to reuse the same context over and over (since libunbound can
+ * have rather high setup times depending on configuration).
+ *
+ * Configuration is only reread when the context is created.
+ */
+struct itkacl_ctx;
+
+struct itkacl_ctx *itkacl_create_ctx(char *errmsg, size_t errmsg_size);  // Returns NULL on failure.
+void itkacl_free_ctx(struct itkacl_ctx *ctx);
+
+int itkacl_check_with_ctx(struct itkacl_ctx *ctx,
+                          const char * const realm, const char * const user,
+                         char *errmsg, size_t errmsg_size);
+
+#endif  /* !defined(_ITKACL_H) */

diff --git a/itkacl-2.1/itkacl.sql b/itkacl-2.2/itkacl.sql
similarity index 100%
rename from itkacl-2.1/itkacl.sql
rename to itkacl-2.2/itkacl.sql

diff --git a/itkacl-2.1/sync-itkacl.pl b/itkacl-2.2/sync-itkacl.pl
similarity index 100%
rename from itkacl-2.1/sync-itkacl.pl
rename to itkacl-2.2/sync-itkacl.pl

diff --git a/libapache2-mod-authz-itkacl-0.6/Makefile b/libapache2-mod-authz-itkacl-0.7/Makefile
similarity index 100%
rename from libapache2-mod-authz-itkacl-0.6/Makefile
rename to libapache2-mod-authz-itkacl-0.7/Makefile

diff --git a/libapache2-mod-authz-itkacl-0.6/debian/authz_itkacl.load b/libapache2-mod-authz-itkacl-0.7/debian/authz_itkacl.load
similarity index 100%
rename from libapache2-mod-authz-itkacl-0.6/debian/authz_itkacl.load
rename to libapache2-mod-authz-itkacl-0.7/debian/authz_itkacl.load

diff --git a/libapache2-mod-authz-itkacl-0.6/debian/changelog b/libapache2-mod-authz-itkacl-0.7/debian/changelog
similarity index 86%
rename from libapache2-mod-authz-itkacl-0.6/debian/changelog
rename to libapache2-mod-authz-itkacl-0.7/debian/changelog
index 1a7b937c0a81607a5f6085494cd42efeb908959f..30c40952fe8a93d439b21632923126df1e86cdb1 100644 (file)
--- a/libapache2-mod-authz-itkacl-0.6/debian/changelog
+++ b/libapache2-mod-authz-itkacl-0.7/debian/changelog
@@ -1,3 +1,10 @@
+libapache2-mod-authz-itkacl (0.7) unstable; urgency=medium
+
+  * Use the new context system, for increased performance.
+  * No longer depend on obsolete apache2-prefork-dev.
+
+ -- Steinar H. Gunderson <sesse@samfundet.no>  Tue, 15 Mar 2022 22:46:53 +0100
+
 libapache2-mod-authz-itkacl (0.6) unstable; urgency=medium
 
   * Update to Apache 2.4.

diff --git a/libapache2-mod-authz-itkacl-0.6/debian/compat b/libapache2-mod-authz-itkacl-0.7/debian/compat
similarity index 100%
rename from libapache2-mod-authz-itkacl-0.6/debian/compat
rename to libapache2-mod-authz-itkacl-0.7/debian/compat

diff --git a/libapache2-mod-authz-itkacl-0.6/debian/control b/libapache2-mod-authz-itkacl-0.7/debian/control
similarity index 82%
rename from libapache2-mod-authz-itkacl-0.6/debian/control
rename to libapache2-mod-authz-itkacl-0.7/debian/control
index 9a73611f990360737e65b0db653011f6f0d15920..832bc66ac8ac1233312f0d3a8d0d16ef1367c56a 100644 (file)
--- a/libapache2-mod-authz-itkacl-0.6/debian/control
+++ b/libapache2-mod-authz-itkacl-0.7/debian/control
@@ -2,7 +2,7 @@ Source: libapache2-mod-authz-itkacl
 Section: web
 Priority: optional
 Maintainer: Steinar H. Gunderson <sesse@samfundet.no>
-Build-Depends: debhelper (>= 7.0.0), apache2-prefork-dev, libitkacl-dev, dh-apache2 | apache2-dev
+Build-Depends: debhelper (>= 7.0.0), libitkacl-dev, dh-apache2 | apache2-dev
 Standards-Version: 3.9.1
 
 Package: libapache2-mod-authz-itkacl

diff --git a/libapache2-mod-authz-itkacl-0.6/debian/dirs b/libapache2-mod-authz-itkacl-0.7/debian/dirs
similarity index 100%
rename from libapache2-mod-authz-itkacl-0.6/debian/dirs
rename to libapache2-mod-authz-itkacl-0.7/debian/dirs

diff --git a/libapache2-mod-authz-itkacl-0.6/debian/rules b/libapache2-mod-authz-itkacl-0.7/debian/rules
similarity index 100%
rename from libapache2-mod-authz-itkacl-0.6/debian/rules
rename to libapache2-mod-authz-itkacl-0.7/debian/rules

diff --git a/libapache2-mod-authz-itkacl-0.6/mod_authz_itkacl.c b/libapache2-mod-authz-itkacl-0.7/mod_authz_itkacl.c
similarity index 86%
rename from libapache2-mod-authz-itkacl-0.6/mod_authz_itkacl.c
rename to libapache2-mod-authz-itkacl-0.7/mod_authz_itkacl.c
index 51ec224c00438326eceb4f6c9e1f062abad6f252..97017ef0693f06d6973af1a3c9138073192a8469 100644 (file)
--- a/libapache2-mod-authz-itkacl-0.6/mod_authz_itkacl.c
+++ b/libapache2-mod-authz-itkacl-0.7/mod_authz_itkacl.c
@@ -1,8 +1,8 @@
 /*
- * ITKACL module, (C) 2004-2015 Steinar H. Gunderson
+ * ITKACL module, (C) 2004-2022 Steinar H. Gunderson
  */
 
-#define MODAUTHITKACL_VERSION "0.6"
+#define MODAUTHITKACL_VERSION "0.7"
 
 #include "apr_strings.h"
 
@@ -14,18 +14,17 @@
 #include "http_protocol.h"
 #include "http_request.h"
 #include "mod_auth.h"
+#include "itkacl.h"
 
 module AP_MODULE_DECLARE_DATA authz_itkacl_module;
-
-extern int itkacl_check(const char * const realm, const char * const user,
-                       char *errmsg, size_t errmsg_size);
+static struct itkacl_ctx *ctx = NULL;
 
 static int handle_require(request_rec *r, const char *username, const char *acl_path)
 {
        char errmsg[1024];
        int ret;
 
-       ret = itkacl_check(acl_path, username, errmsg, 1024);
+       ret = itkacl_check_with_ctx(ctx, acl_path, username, errmsg, 1024);
        if (ret == 0) {
                return AUTHZ_GRANTED;
        }
@@ -107,6 +106,17 @@ static authz_status authz_itkacl_authorize_user(request_rec *r, const char *requ
 static int authz_itkacl_init_handler(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s)
 {
        ap_add_version_component(p, "mod_auth_itkacl/" MODAUTHITKACL_VERSION);
+       if (ctx != NULL) {
+               itkacl_free_ctx(ctx);
+       }
+       {
+               char errmsg[1024];
+               ctx = itkacl_create_ctx(errmsg, sizeof(errmsg));
+               if (ctx == NULL) {
+                       ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, "Error while initializing libitkacl: %s", errmsg);
+                       return HTTP_INTERNAL_SERVER_ERROR;
+               }
+       }
        return OK;
 }
 

diff --git a/perl-itkacl-2.0/debian/changelog b/perl-itkacl-2.0/debian/changelog
deleted file mode 100644 (file)
index 0b335fd..0000000
--- a/perl-itkacl-2.0/debian/changelog
+++ /dev/null
@@ -1,5 +0,0 @@
-libitkacl-perl (2.0) unstable; urgency=low
-
-  * Initial release.
-
- -- Steinar H. Gunderson <sesse@samfundet.no>  Tue, 14 May 2013 01:26:44 +0200

diff --git a/perl-itkacl-2.0/itkacl.i b/perl-itkacl-2.0/itkacl.i
deleted file mode 100644 (file)
index f58703c..0000000
--- a/perl-itkacl-2.0/itkacl.i
+++ /dev/null
@@ -1,20 +0,0 @@
-/* SWIG interface for libitkacl */
-%module itkacl
-
-/* Convert errors to Perl exceptions and keep the interface clean. */
-%inline %{
-       extern int itkacl_check(char *realm, char *user, char *errmsg, size_t errmsgsize);
-       int check(char *realm, char *user)
-       {
-               char errmsg[1024];
-               int ret = itkacl_check(realm, user, errmsg, 1024);
-
-               /* printf("check '%s' vs. '%s' gave %d\n", user, realm, ret); */
-               if (ret == -1)
-                       die(errmsg);
-               else
-                       return (ret == 0);
-       }
-       
-%}
-

diff --git a/perl-itkacl-2.0/Makefile.PL b/perl-itkacl-2.2/Makefile.PL
similarity index 100%
rename from perl-itkacl-2.0/Makefile.PL
rename to perl-itkacl-2.2/Makefile.PL

diff --git a/perl-itkacl-2.2/debian/changelog b/perl-itkacl-2.2/debian/changelog
new file mode 100644 (file)
index 0000000..9040e7a
--- /dev/null
+++ b/perl-itkacl-2.2/debian/changelog
@@ -0,0 +1,11 @@
+libitkacl-perl (2.2) unstable; urgency=medium
+
+  * Use the new library contexts for higher performance with repeated calls.
+
+ -- Steinar H. Gunderson <sesse@samfundet.no>  Tue, 15 Mar 2022 22:24:46 +0100
+
+libitkacl-perl (2.0) unstable; urgency=low
+
+  * Initial release.
+
+ -- Steinar H. Gunderson <sesse@samfundet.no>  Tue, 14 May 2013 01:26:44 +0200

diff --git a/perl-itkacl-2.0/debian/compat b/perl-itkacl-2.2/debian/compat
similarity index 100%
rename from perl-itkacl-2.0/debian/compat
rename to perl-itkacl-2.2/debian/compat

diff --git a/perl-itkacl-2.0/debian/control b/perl-itkacl-2.2/debian/control
similarity index 100%
rename from perl-itkacl-2.0/debian/control
rename to perl-itkacl-2.2/debian/control

diff --git a/perl-itkacl-2.0/debian/copyright b/perl-itkacl-2.2/debian/copyright
similarity index 100%
rename from perl-itkacl-2.0/debian/copyright
rename to perl-itkacl-2.2/debian/copyright

diff --git a/perl-itkacl-2.0/debian/rules b/perl-itkacl-2.2/debian/rules
similarity index 100%
rename from perl-itkacl-2.0/debian/rules
rename to perl-itkacl-2.2/debian/rules

diff --git a/perl-itkacl-2.2/itkacl.i b/perl-itkacl-2.2/itkacl.i
new file mode 100644 (file)
index 0000000..4523e81
--- /dev/null
+++ b/perl-itkacl-2.2/itkacl.i
@@ -0,0 +1,44 @@
+/* SWIG interface for libitkacl */
+%module itkacl
+
+%perlcode %{
+_itkacl_init();
+END {
+       _itkacl_deinit();
+}
+
+%}
+
+/* Convert errors to Perl exceptions and keep the interface clean. */
+%inline %{
+       #include "itkacl.h"
+
+       struct itkacl_ctx *_ctx = NULL;
+
+       void _itkacl_init()
+       {
+               char errmsg[1024];
+               _ctx = itkacl_create_ctx(errmsg, sizeof(errmsg));
+               if (_ctx == NULL)
+                       die(errmsg);
+       }
+
+       void _itkacl_deinit()
+       {
+               itkacl_free_ctx(_ctx);
+       }
+
+       int check(char *realm, char *user)
+       {
+               char errmsg[1024];
+               int ret = itkacl_check_with_ctx(_ctx, realm, user, errmsg, 1024);
+
+               /* printf("check '%s' vs. '%s' gave %d\n", user, realm, ret); */
+               if (ret == -1)
+                       die(errmsg);
+               else
+                       return (ret == 0);
+       }
+       
+%}
+

diff --git a/php5-itkacl-2.0/debian/changelog b/php5-itkacl-2.0/debian/changelog
deleted file mode 100644 (file)
index 9f4f4b3..0000000
--- a/php5-itkacl-2.0/debian/changelog
+++ /dev/null
@@ -1,5 +0,0 @@
-php5-itkacl (2.0) unstable; urgency=low
-
-  * Initial release.
-
- -- Steinar H. Gunderson <sesse@samfundet.no>  Tue, 14 May 2013 19:02:22 +0200

diff --git a/php5-itkacl-2.0/debian/php5-itkacl.dirs b/php5-itkacl-2.0/debian/php5-itkacl.dirs
deleted file mode 100644 (file)
index 8ca3a0f..0000000
--- a/php5-itkacl-2.0/debian/php5-itkacl.dirs
+++ /dev/null
@@ -1 +0,0 @@
-etc/php5/conf.d

diff --git a/php5-itkacl-2.0/Makefile b/php7-itkacl-2.0/Makefile
similarity index 86%
rename from php5-itkacl-2.0/Makefile
rename to php7-itkacl-2.0/Makefile
index 74968dcb867e2042190ccd270b0bc3f88ee13ad6..e282a1edf9163037eaad310185d8cfc261602970 100644 (file)
--- a/php5-itkacl-2.0/Makefile
+++ b/php7-itkacl-2.0/Makefile
@@ -8,8 +8,8 @@ php_itkacl.so: itkacl_wrap.o
 itkacl_wrap.o: itkacl_wrap.cpp
        $(CXX) $(shell php-config --includes) $(CXXFLAGS) -c itkacl_wrap.cpp -o itkacl_wrap.o
 
-itkacl_wrap.cpp:
-       swig -php5 -c++ itkacl.i
+itkacl_wrap.cpp: itkacl.i
+       swig -php7 -noproxy -c++ -cppext cpp itkacl.i
 
 clean:
        $(RM) itkacl.php itkacl_wrap.cpp itkacl_wrap.o php_itkacl.h php_itkacl.so

diff --git a/php7-itkacl-2.0/debian/changelog b/php7-itkacl-2.0/debian/changelog
new file mode 100644 (file)
index 0000000..4dbb7c2
--- /dev/null
+++ b/php7-itkacl-2.0/debian/changelog
@@ -0,0 +1,11 @@
+php7-itkacl (2.1) unstable; urgency=medium
+
+  * Port to PHP 7.
+
+ -- Steinar H. Gunderson <sesse@samfundet.no>  Fri, 09 Aug 2019 00:05:36 +0200
+
+php5-itkacl (2.0) unstable; urgency=low
+
+  * Initial release.
+
+ -- Steinar H. Gunderson <sesse@samfundet.no>  Tue, 14 May 2013 19:02:22 +0200

diff --git a/php5-itkacl-2.0/debian/compat b/php7-itkacl-2.0/debian/compat
similarity index 100%
rename from php5-itkacl-2.0/debian/compat
rename to php7-itkacl-2.0/debian/compat

diff --git a/php5-itkacl-2.0/debian/control b/php7-itkacl-2.0/debian/control
similarity index 72%
rename from php5-itkacl-2.0/debian/control
rename to php7-itkacl-2.0/debian/control
index 288ecb18a6ce22ddb242dc1cdf33fe6397e4d5ad..b7ce5e8e91416edf04a76a75fa2d739b53b93bc6 100644 (file)
--- a/php5-itkacl-2.0/debian/control
+++ b/php7-itkacl-2.0/debian/control
@@ -1,11 +1,11 @@
-Source: php5-itkacl
+Source: php7-itkacl
 Priority: extra
 Maintainer: Steinar H. Gunderson <sesse@samfundet.no>
-Build-Depends: debhelper (>= 7.0.50~), libitkacl-dev, php5-dev
+Build-Depends: debhelper (>= 7.0.50~), libitkacl-dev, php7.3-dev
 Standards-Version: 3.9.1
 Section: php
 
-Package: php5-itkacl
+Package: php7-itkacl
 Section: php
 Architecture: any
 Depends: ${shlibs:Depends}, ${misc:Depends}, ${php:Depends}

diff --git a/php5-itkacl-2.0/debian/itkacl.ini b/php7-itkacl-2.0/debian/itkacl.ini
similarity index 100%
rename from php5-itkacl-2.0/debian/itkacl.ini
rename to php7-itkacl-2.0/debian/itkacl.ini

diff --git a/php7-itkacl-2.0/debian/php7-itkacl.dirs b/php7-itkacl-2.0/debian/php7-itkacl.dirs
new file mode 100644 (file)
index 0000000..db7d8a6
--- /dev/null
+++ b/php7-itkacl-2.0/debian/php7-itkacl.dirs
@@ -0,0 +1 @@
+etc/php7/conf.d

diff --git a/php5-itkacl-2.0/debian/rules b/php7-itkacl-2.0/debian/rules
similarity index 73%
rename from php5-itkacl-2.0/debian/rules
rename to php7-itkacl-2.0/debian/rules
index f177e9e7732aa91890fa528d9294e9d9b7494bd6..84044520664cfeb98a1fa8b00e91aa842d047dc0 100755 (executable)
--- a/php5-itkacl-2.0/debian/rules
+++ b/php7-itkacl-2.0/debian/rules
@@ -16,8 +16,8 @@ binary-arch:
        dh_testroot
        dh_prep
        dh_installdirs
-       $(MAKE) install DESTDIR=debian/php5-itkacl
-       install -m 0644 -o root -g root debian/itkacl.ini debian/php5-itkacl/etc/php5/conf.d/
+       $(MAKE) install DESTDIR=debian/php7-itkacl
+       install -m 0644 -o root -g root debian/itkacl.ini debian/php7-itkacl/etc/php7/conf.d/
        dh_installdocs
        dh_installchangelogs
        dh_compress
@@ -25,7 +25,7 @@ binary-arch:
        dh_strip
        dh_makeshlibs
        dh_shlibdeps
-       echo "php:Depends=phpapi-$(shell php-config --phpapi)" >> debian/php5-itkacl.substvars
+       echo "php:Depends=phpapi-$(shell php-config --phpapi)" >> debian/php7-itkacl.substvars
        dh_installdeb
        dh_gencontrol
        dh_md5sums

diff --git a/php5-itkacl-2.0/itkacl.i b/php7-itkacl-2.0/itkacl.i
similarity index 81%
rename from php5-itkacl-2.0/itkacl.i
rename to php7-itkacl-2.0/itkacl.i
index 18ae21cf56a4cc33f0cf2d477272a8ec9021e5fd..06eef1e77fc83b4656983ec3fe2e03a75bcd8c21 100644 (file)
--- a/php5-itkacl-2.0/itkacl.i
+++ b/php7-itkacl-2.0/itkacl.i
@@ -10,9 +10,6 @@
  * restrictions.
  */
 %inline %{
-       /* This is due to Swig forgetting one file */
-       #include <php5/Zend/zend_exceptions.h>
-
        extern "C" int itkacl_check(char *realm, char *user, char *errmsg, size_t errmsgsize);
        
        class itkaclwrap {
@@ -26,9 +23,17 @@
                int ret = itkacl_check(realm, user, itkacl_errmsg, 1024);
                if (ret == -1) {
                        SWIG_exception(SWIG_RuntimeError,itkacl_errmsg);
+thrown: return -1;
                } else {
                        return ret == 0;
                }
        }
 %}
 
+%pragma(php) code="
+class itkacl {
+      static function check($realm,$user) {
+              return itkaclwrap_check($realm,$user);
+      }
+} "
+