head 1.2; access; symbols pkgsrc-2017Q4:1.1.0.58 pkgsrc-2017Q4-base:1.1 pkgsrc-2017Q3:1.1.0.56 pkgsrc-2017Q3-base:1.1 pkgsrc-2017Q2:1.1.0.52 pkgsrc-2017Q2-base:1.1 pkgsrc-2017Q1:1.1.0.50 pkgsrc-2017Q1-base:1.1 pkgsrc-2016Q4:1.1.0.48 pkgsrc-2016Q4-base:1.1 pkgsrc-2016Q3:1.1.0.46 pkgsrc-2016Q3-base:1.1 pkgsrc-2016Q2:1.1.0.44 pkgsrc-2016Q2-base:1.1 pkgsrc-2016Q1:1.1.0.42 pkgsrc-2016Q1-base:1.1 pkgsrc-2015Q4:1.1.0.40 pkgsrc-2015Q4-base:1.1 pkgsrc-2015Q3:1.1.0.38 pkgsrc-2015Q3-base:1.1 pkgsrc-2015Q2:1.1.0.36 pkgsrc-2015Q2-base:1.1 pkgsrc-2015Q1:1.1.0.34 pkgsrc-2015Q1-base:1.1 pkgsrc-2014Q4:1.1.0.32 pkgsrc-2014Q4-base:1.1 pkgsrc-2014Q3:1.1.0.30 pkgsrc-2014Q3-base:1.1 pkgsrc-2014Q2:1.1.0.28 pkgsrc-2014Q2-base:1.1 pkgsrc-2014Q1:1.1.0.26 pkgsrc-2014Q1-base:1.1 pkgsrc-2013Q4:1.1.0.24 pkgsrc-2013Q4-base:1.1 pkgsrc-2013Q3:1.1.0.22 pkgsrc-2013Q3-base:1.1 pkgsrc-2013Q2:1.1.0.20 pkgsrc-2013Q2-base:1.1 pkgsrc-2013Q1:1.1.0.18 pkgsrc-2013Q1-base:1.1 pkgsrc-2012Q4:1.1.0.16 pkgsrc-2012Q4-base:1.1 pkgsrc-2012Q3:1.1.0.14 pkgsrc-2012Q3-base:1.1 pkgsrc-2012Q2:1.1.0.12 pkgsrc-2012Q2-base:1.1 pkgsrc-2012Q1:1.1.0.10 pkgsrc-2012Q1-base:1.1 pkgsrc-2011Q4:1.1.0.8 pkgsrc-2011Q4-base:1.1 pkgsrc-2011Q3:1.1.0.6 pkgsrc-2011Q3-base:1.1 pkgsrc-2011Q2:1.1.0.4 pkgsrc-2011Q2-base:1.1 pkgsrc-2011Q1:1.1.0.2 pkgsrc-2011Q1-base:1.1; locks; strict; comment @# @; 1.2 date 2018.01.01.10.23.05; author wiz; state dead; branches; next 1.1; commitid zjUBNlZlngYbU9lA; 1.1 date 2011.04.01.15.11.58; author wiz; state Exp; branches; next ; desc @@ 1.2 log @apache22: remove, it was eol'd in June 2017 Remove packages that only work with apache22. Remove apache22 references. @ text @$NetBSD: patch-USAGE,v 1.1 2011/04/01 15:11:58 wiz Exp $ All Debian patches up to 4.3.9-13. --- USAGE.orig 2004-12-23 13:43:14.000000000 +0000 +++ USAGE @@@@ -18,7 +18,10 @@@@ create table mysql_auth ( primary key (username) ); -This would work quite well. +This would work quite well. Remember that the passwd field needs to be long +enough to store the entire password string -- for example, if you are using +MD5 passwords, passwd needs to be 32 characters long, and if you are using +SHA1 it must be 40 characters long. NOTE 1: You don't have to use a new table for the purpose of storing usernames and passwords; I quite happily use a 'members' table (with all @@@@ -41,9 +44,9 @@@@ Auth_MySQL_Info or -AuthMySQL_DefaultHost -AuthMySQL_DefaultUser -AuthMySQL_DefaultPassword +Auth_MySQL_DefaultHost +Auth_MySQL_DefaultUser +Auth_MySQL_DefaultPassword This should be placed globally. @@@@ -53,12 +56,12 @@@@ use Auth_MySQL_General_DB to set that. This setting can be overridden in .htaccess files if -AuthMySQL_AllowOverride is set. +Auth_MySQL_AllowOverride is set. On that topic, if you want .htaccess files to be restricted in what they're able to connect to database-wise, you can -AuthMySQL_AllowOverride no +Auth_MySQL_AllowOverride no and the host, user, password, and database name cannot be changed. @@@@ -123,3 +126,22 @@@@ become plaintext equivalents. The full set of directives available are now listed in the file DIRECTIVES, for ease of perusal. + +Disable other Auth methods +-------------------------- + +For some reason Apache has problems handing over authority to this +module if this is requested an another auth module is also loaded. + +If you have another authentication module loaded, you'll have to +disable it the hard way. + +AuthBasicAuthoritative Off +AuthUserFile /dev/null + +The following option is not sufficient + +Auth_MySQL_Authoritative On + +If you experience similar problems with group membership, try +repeating the same procedure with AuthGroupFile. @ 1.1 log @Add all Debian patches up to 4.3.9-13, including a fix for CVE-2008-2384. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD$ @