%define drupaldir %{_datadir}/drupal6
%global module_name securepages_prevent_hijack
Name: drupal6-%{module_name}
Version:  1.5
Release:  1%{?dist}
Summary:  Secure Pages add-on that prevents hijacked sessions from accessing SSL pages

Group: Applications/Publishing
License: GPLv2
URL: http://drupal.org/project/%{module_name}
Source0: http://ftp.drupal.org/files/projects/%{module_name}-6.x-1.5.tar.gz
Source1: drupal6-module-fedora-README.txt

BuildArch: noarch
BuildRoot: %{_tmppath}/%{module_name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires: drupal6-securepages
Requires: php-ldap

%description
This is an add-on to the Secure Pages module that will prevent hijacked
sessions from accessing SSL pages, yet still allow users to stay logged in
when browsing non-SSL pages.

The login form is also secured, both on the user page and the login block.

This module is recommended for most securepages users. (One possible
exception is if you have set session.cookie_secure, and you have "Switch back
to http" disabled in the securepages settings.)

Please do consider carefully the inherent limitations of mixed HTTP / HTTPS
sessions. For an analysis of various approaches to using SSL, see this[1]
article on crackingdrupal.com.

[1] - http://crackingdrupal.com/blog/greggles/drupal-and-ssl-multiple-recipes-possible-solutions


%prep
%setup -qn %{module_name}


%build
cp %{SOURCE1} .


%install
rm -rf %{buildroot}
install -d %{buildroot}%{drupaldir}/modules/%{module_name}
cp -pr * %{buildroot}%{drupaldir}/modules/%{module_name}


%clean
rm -rf %{buildroot}


%files
%defattr(-,root,root,-)
%doc LICENSE.txt README.txt drupal6-module-fedora-README.txt
%{drupaldir}/modules/%{module_name}
%exclude %{drupaldir}/modules/%{module_name}/LICENSE.txt
%exclude %{drupaldir}/modules/%{module_name}/README.txt
%exclude %{drupaldir}/modules/%{module_name}/drupal6-module-fedora-README.txt


%changelog
* Thu Mar 4 2010 Orion Poplawski <orion@cora.nwra.com> - 1.5-1
- Initial package