Changes proposed by Tom Browder

.gitignore

@@ -0,0 +1,13 @@
+.libs
+*.new
+*.orig
+my-pull.log
+update-vh1.sh
+*~
+*.lo
+*.slo
+*.la
+t
+tt
+ttt
+tttt

Makefile

@@ -1,24 +1,35 @@
 CC=gcc
+
+# if user has not defined the apxs path, try to set
+# it here
 ifeq ($(APXS_PATH),)
-APXS_PATH=/usr/sbin/apxs
+  APXS_PATH := $(shell which apxs)
+endif
+
+# check again, abort on error
+ifeq ($(APXS_PATH),)
+  $(error Cannot find Apache utility program 'apxs')
 endif
 
 MY_LDFLAGS=-lcurl -lyajl
 
 # Note that gcc flags are passed through apxs, so preface with -Wc
 MY_CFLAGS=-Wc,-I. -Wc,-Wall
 
+# note apsx adds "_module" to the name
+MODULE_NAME := auth_browserid
+
 .SUFFIXES: .c .o .la
 .c.la:
-	$(APXS_PATH) $(MY_LDFLAGS) $(MY_CFLAGS) -c $< 
+	$(APXS_PATH) $(MY_LDFLAGS) $(MY_CFLAGS) -c $< -n $(MODULE_NAME)
 .c.o:
 	$(CC) -c $<
 
 all:  mod_auth_browserid.la 
 
 install: mod_auth_browserid.la 
 	@echo "-"$*"-" "-"$?"-" "-"$%"-" "-"$@"-" "-"$<"-"
-	$(MY_APXS) -i $?
+	$(APXS_PATH) -i -n $(MODULE_NAME) -a $?
 
 clean:
 	-rm -f *.o *.lo *.la *.slo 

README.md

@@ -1,4 +1,4 @@
-mod_browserid is a module for Apache 2.0 or later that implements Apache authentication for the BrowserID protocol.
+mod_browserid is a module for Apache 2.0 or later that implements Apache authentication for the BrowserID protocol.  
 
 Building and Installing
 =======================
@@ -57,7 +57,7 @@ Once authentication is set up, the "require" directive can be used with one of t
 * `require valid-user`: a valid BrowserID identity must have been presented
 * `require user <someID>`: a specific identity must be presented
 * `require userfile <path-to-file>`: the BrowserID presented by the user must be the newline-separated list of identities found in this file
-
+ 
 NOT YET IMPLEMENTED
 -------------------
 
@@ -80,31 +80,35 @@ httpd.conf:
   LoadModule mod_auth_browserid_module modules/mod_auth_browserid.so
 
   <Directory /usr/local/apache2/htdocs/id_login >
-  AuthBrowserIDCookieName myauthcookie
-  AuthBrowserIDSubmitPath "/id_login/submit"
-  AuthBrowserIDVerificationServerURL "https://browserid.org/verify"
+    AuthBrowserIDCookieName myauthcookie
+    AuthBrowserIDSubmitPath "/id_login/submit"
+    AuthBrowserIDVerificationServerURL "https://browserid.org/verify"
   </Directory>
 
   <Directory /usr/local/apache2/htdocs/id_demo/ >
-   AuthType BrowserID
-   AuthBrowserIDAuthoritative on
-   AuthBrowserIDCookieName myauthcookie
-   AuthBrowserIDVerificationServerURL "https://browserid.org/verify"
-
-   # must be set (apache mandatory) but not used by the module
-   AuthName "My Login"
-
-   # to redirect unauthorized users to the login page
-   ErrorDocument 401 "/id_login/browserid_login.php"
-
-   require userfile /usr/local/apache2/htdocs/id_demo_users
+    AuthType BrowserID
+    AuthBrowserIDAuthoritative on
+    AuthBrowserIDCookieName myauthcookie
+    AuthBrowserIDSecret aaz5R2w42^24A3uM&75Z822M79xQ82
+    AuthBrowserIDVerificationServerURL "https://browserid.org/verify"
+
+    # must be set (apache mandatory) but not used by the module
+    AuthName "My Login"
+
+    # to redirect unauthorized users to the login page
+    ErrorDocument 401 "/id_login/browserid_login.php"
+
+    # file with authorized user names (e-mail addresses)
+    Require userfile /usr/local/apache2/htdocs/id_demo_users
+
   </Directory>
 ```
 
 /id_login/browserid_login.php:
 
 ```
-  <?php?><html>
+  <?php
+  <html>
   <head>
   <script src="https://browserid.org/include.js" type="text/javascript"></script>
   <title>Authentication</title>
@@ -126,10 +130,11 @@ httpd.conf:
         });
   }
   </script></body></html>
+  ?>
 ```
 /usr/local/apache2/htdocs/id_demo_users:
 
 ```
   user@site.com
   otheruser@site.com
-```
+```

TODO

@@ -0,0 +1,81 @@
+query Mike and Dan about intent of "forwardedRequestHeader"--it appears not to be used
+
+query about Apache use of flags: is there a macro?
+
+E-mail to dev-identity list on 28 Mar 
+(https://groups.google.com/forum/?fromgroups#!topic/mozilla.dev.identity/g9yCsiIV_Hs)
+=====================================================================================
+
+This morning I took a closer look at my running server using
+mod_browserid, the configuration, and the module source code.
+Following are some observations:
+
+Log errors:
+=======
+
+[Wed Mar 28 01:04:56 2012] [error] [client 92.194.45.48]
+Auth_browserID: ap_hook_check_user_id in - Auth_browserid_check_cookie
+[Wed Mar 28 01:04:56 2012] [error] [client 92.194.45.48] PHP Notice:
+Use of undefined constant php - assumed 'php' in
+/home/tbrowde/public_html/mygnus.com/public/id_login/browserid_login.php
+on line 1
+[Wed Mar 28 01:05:24 2012] [error] [client 92.194.45.48]
+Auth_browserID: ap_hook_check_user_id in -
+Auth_browserid_check_cookie, referer: https://mygnus.com/
+
+Possible problems with my test setup:
+===========================
+
++ directive  "AuthBrowserIDAuthoritative" shows "on" in example, but
+code says set "yes" or "no" (default)
+
++ function "create_browserid_config" doesn't explicitly set all
+variables to default values
+
+Some suggestions:
+=============
+
+2. allow user to establish default max credential life for each sign in
+
+3. allow mod_browserid an option (directive) to adjust max credential
+life for a sign in
+
+4. explain all directives in README (particularly "authBasicFix"); how
+do they affect the example setup (two directories used two different
+ways)?
+
+E-mail to dev-identity list of 29 Mar:
+=====================================
+
++ fix or document reasons for observed Apache log errors
+
++ incorporate other observations in previous e-mail to dev-identity
+list on 28 Mar [see above]
+
++ add capability to use a dbm for authorized user e-mail addresses
+
++ more examples
+
++ add bits to docs (e.g., ensure all user options and inputs are documented)
+
+#========= COMPLETED =====================
+
+1. module name for Apache2: [DONE]
+
+current:
+
+/* apache module name */
+module AP_MODULE_DECLARE_DATA mod_auth_browserid_module;
+
+suggested:
+auth_browserid_module;
+
+Rationale:  More like other module names in existing set shipping with Apache2.
+
+Example of a current one:
+LoadModule auth_digest_module /usr/lib/apache2/modules/mod_auth_digest.so
+
++ code cleanup [mostly DONE ongoing]
+  - minor typos
+  - rearrange some functions for easier maintenance (e.g., keep those
+    modifying struct BrowserIDConfigRec closer to it)

TOMS-NOTES

@@ -0,0 +1,31 @@
+Base dbd use on standard module mod_authn_dbd.
+
+git hints for local repo clone:
+
+$ git remote -v
+origin	ssh://git@github.com/tbrowder/mod_browserid.git (fetch)
+origin	ssh://git@github.com/tbrowder/mod_browserid.git (push)
+upstream	git@github.com:mozilla/mod_browserid.git (fetch)
+upstream	git@github.com:mozilla/mod_browserid.git (push)
+
+
+# update my repo on git hub from the local repo:
+$ git push origin master # alias: gip
+
+# update my local repo from mozilla repo
+$ git fetch upstream # alias giu or gif
+
+From Mozilla's Mike Hanson:
+==========================
+
+If this is new territory for you, check out
+https://help.github.com/articles/using-pull-requests - it's a good
+explanation of how these things work.
+
+If you're working on an actual clone of mozilla/modbrowserid, you may
+want to back up a step, fork to your own account, and commit your
+changes on that repo.  Then the github.com "pull request" button does
+everything you want, including a nice diff view, comment system, etc.
+
+[cool--it works]
+

astyle.opt

@@ -0,0 +1,35 @@
+# Use k&r styling
+style=k&r
+
+# set standard spacing
+indent=spaces=4
+
+# set pointer format to existing predominat style
+align-pointer=name
+
+# Indent goto labels rather than making them flush on the left
+indent-labels
+
+# no cuddled else's!
+break-closing-brackets
+
+# use brackets for one-line conditionals
+add-brackets
+
+# Indent switch cases
+indent-switches
+
+# We don't want to add additional indentation to conditionals 
+min-conditional-indent=0
+
+# Allow deeper indenting of statements
+max-instatement-indent=79
+
+# Pad operators
+pad-oper
+
+# Tighten parenthesis (unless overridden by other options such as pad-header)
+unpad-paren
+
+# Keep the space between if, while, etc. and the first paren
+pad-header

format.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+if [ -z $1 ] ; then
+  echo "Usage: $0 <file to style>"
+  exit
+fi
+
+astyle --options=astyle.opt $1