From c4df8b0cccc442a9c5c6d2eca29a9e1ad8cf209f Mon Sep 17 00:00:00 2001 From: =?utf8?q?Elan=20Ruusam=C3=A4e?= Date: Thu, 7 Oct 2010 19:29:29 +0000 Subject: [PATCH] - up to 2010-10-07 rc1 Changed files: dokuwiki-config.patch -> 1.12 dokuwiki-geshi.patch -> 1.5 dokuwiki-http_auth-option.patch -> 1.5 dokuwiki-mailthreads.patch -> 1.2 dokuwiki-media-userinfo.patch -> 1.2 dokuwiki-notify-respect-minor.patch -> 1.2 dokuwiki-notifyns.patch -> 1.3 dokuwiki.spec -> 1.85 fixprivilegeescalationbug.diff -> 1.2 simplepie.patch -> 1.2 smblink.patch -> 1.2 task-1821.patch -> 1.4 --- dokuwiki-config.patch | 11 +++--- dokuwiki-geshi.patch | 20 +++++++---- dokuwiki-http_auth-option.patch | 20 +++++------ dokuwiki-mailthreads.patch | 38 ++++++++++----------- dokuwiki-media-userinfo.patch | 12 ++++--- dokuwiki-notify-respect-minor.patch | 20 +++++------ dokuwiki-notifyns.patch | 52 ++++++++++++++--------------- dokuwiki.spec | 20 +++++------ fixprivilegeescalationbug.diff | 20 +++++------ simplepie.patch | 22 ++++++------ smblink.patch | 11 ------ task-1821.patch | 38 ++++++++++----------- 12 files changed, 141 insertions(+), 143 deletions(-) delete mode 100644 smblink.patch diff --git a/dokuwiki-config.patch b/dokuwiki-config.patch index d334156..c23cfcf 100644 --- a/dokuwiki-config.patch +++ b/dokuwiki-config.patch @@ -18,13 +18,14 @@ $conf['fullpath'] = 0; //show full path of the document or relative to datadir only? 0|1 $conf['recent'] = 20; //how many entries to show in recent $conf['breadcrumbs'] = 10; //how many recent visited pages to show ---- dokuwiki-2009-12-25/install.php~ 2010-01-04 18:16:29.000000000 +0200 -+++ dokuwiki-2009-12-25/install.php 2010-01-04 18:16:45.552540795 +0200 -@@ -47,6 +47,7 @@ +--- dokuwiki-rc2010-10-07/install.php~ 2010-10-07 21:47:44.000000000 +0300 ++++ dokuwiki-rc2010-10-07/install.php 2010-10-07 21:47:46.672639096 +0300 +@@ -47,7 +47,7 @@ '2008-05-04' => '1e5c42eac3219d9e21927c39e3240aad', '2009-02-14' => 'ec8c04210732a14fdfce0f7f6eead865', - '2009-12-25' => '993c4b2b385643efe5abf8e7010e11f4', -+ '2009-12-25-pld' => 'b9f4419b5b1b9b915c35f4cd3c66bda1', + '2009-12-25' => '993c4b2b385643efe5abf8e7010e11f4', +- '2010-10-07rc' => '7921d48195f4db21b8ead6d9bea801b8' ++ '2010-10-07pld' => 'e5d9d0fc37a774e37587e84e91dc84bc' ); diff --git a/dokuwiki-geshi.patch b/dokuwiki-geshi.patch index f981af9..1468d0a 100644 --- a/dokuwiki-geshi.patch +++ b/dokuwiki-geshi.patch @@ -1,6 +1,6 @@ ---- dokuwiki/inc/parserutils.php~ 2009-11-10 15:25:28.000000000 +0200 -+++ dokuwiki/inc/parserutils.php 2009-11-10 15:26:29.134232633 +0200 -@@ -641,16 +641,16 @@ +--- dokuwiki-rc2010-10-07/inc/parserutils.php~ 2010-10-07 21:21:37.000000000 +0300 ++++ dokuwiki-rc2010-10-07/inc/parserutils.php 2010-10-07 21:24:30.142987536 +0300 +@@ -634,14 +634,14 @@ $cache = getCacheName($language.$code,".code"); $ctime = @filemtime($cache); if($ctime && !$_REQUEST['purge'] && @@ -13,11 +13,19 @@ } else { -- require_once(DOKU_INC . 'inc/geshi.php'); -+ require_once '/usr/share/php/geshi.php'; - - $geshi = new GeSHi($code, $language, DOKU_INC . 'inc/geshi'); + $geshi = new GeSHi($code, $language); $geshi->set_encoding('utf-8'); $geshi->enable_classes(); $geshi->set_header_type(GESHI_HEADER_PRE); +--- dokuwiki-rc2010-10-07/inc/load.php~ 2010-10-07 11:08:13.000000000 +0300 ++++ dokuwiki-rc2010-10-07/inc/load.php 2010-10-07 21:23:57.072781806 +0300 +@@ -68,7 +68,7 @@ + 'IXR_Client' => DOKU_INC.'inc/IXR_Library.php', + 'IXR_IntrospectionServer' => DOKU_INC.'inc/IXR_Library.php', + 'Doku_Plugin_Controller'=> DOKU_INC.'inc/plugincontroller.class.php', +- 'GeSHi' => DOKU_INC.'inc/geshi.php', ++ 'GeSHi' => '/usr/share/php/geshi.php', + 'TarLib' => DOKU_INC.'inc/TarLib.class.php', + 'ZipLib' => DOKU_INC.'inc/ZipLib.class.php', + 'DokuWikiFeedCreator' => DOKU_INC.'inc/feedcreator.class.php', diff --git a/dokuwiki-http_auth-option.patch b/dokuwiki-http_auth-option.patch index 948a54a..9bf82b6 100644 --- a/dokuwiki-http_auth-option.patch +++ b/dokuwiki-http_auth-option.patch @@ -8,14 +8,14 @@ $conf['securecookie'] = 1; //never send HTTPS cookies via HTTP /* Advanced Options */ ---- dokuwiki/inc/auth.php~ 2009-11-10 15:27:25.000000000 +0200 -+++ dokuwiki/inc/auth.php 2009-11-10 15:28:31.494299548 +0200 -@@ -68,7 +68,7 @@ - } +--- dokuwiki-rc2010-10-07/inc/auth.php~ 2010-10-07 21:25:10.000000000 +0300 ++++ dokuwiki-rc2010-10-07/inc/auth.php 2010-10-07 21:26:19.795893378 +0300 +@@ -77,7 +77,7 @@ + } - // if no credentials were given try to use HTTP auth (for SSO) -- if(empty($_REQUEST['u']) && empty($_COOKIE[DOKU_COOKIE]) && !empty($_SERVER['PHP_AUTH_USER'])){ -+ if($conf['http_auth'] && empty($_REQUEST['u']) && empty($_COOKIE[DOKU_COOKIE]) && !empty($_SERVER['PHP_AUTH_USER'])){ - $_REQUEST['u'] = $_SERVER['PHP_AUTH_USER']; - $_REQUEST['p'] = $_SERVER['PHP_AUTH_PW']; - $_REQUEST['http_credentials'] = true; + // if no credentials were given try to use HTTP auth (for SSO) +- if(empty($_REQUEST['u']) && empty($_COOKIE[DOKU_COOKIE]) && !empty($_SERVER['PHP_AUTH_USER'])){ ++ if($conf['http_auth'] && empty($_REQUEST['u']) && empty($_COOKIE[DOKU_COOKIE]) && !empty($_SERVER['PHP_AUTH_USER'])){ + $_REQUEST['u'] = $_SERVER['PHP_AUTH_USER']; + $_REQUEST['p'] = $_SERVER['PHP_AUTH_PW']; + $_REQUEST['http_credentials'] = true; diff --git a/dokuwiki-mailthreads.patch b/dokuwiki-mailthreads.patch index e124fb7..f0cf607 100644 --- a/dokuwiki-mailthreads.patch +++ b/dokuwiki-mailthreads.patch @@ -1,24 +1,24 @@ ---- dokuwiki-2008-05-05/inc/common.php~ 2008-11-20 16:13:06.616720562 +0200 -+++ dokuwiki-2008-05-05/inc/common.php 2008-11-20 16:12:51.042753759 +0200 -@@ -1009,7 +1009,20 @@ - $from = str_replace('@NAME@',$INFO['userinfo']['name'],$from); - $from = str_replace('@MAIL@',$INFO['userinfo']['mail'],$from); +--- dokuwiki-rc2010-10-07/inc/common.php~ 2010-10-07 21:34:10.000000000 +0300 ++++ dokuwiki-rc2010-10-07/inc/common.php 2010-10-07 21:36:02.099167786 +0300 +@@ -1168,7 +1168,20 @@ + $from = str_replace('@NAME@',$INFO['userinfo']['name'],$from); + $from = str_replace('@MAIL@',$INFO['userinfo']['mail'],$from); -- mail_send($to,$subject,$text,$from,'',$bcc); -+ $headers = array(); -+ // add mail headers to identify page changes in same mail thread -+ $file = wikiFN($id); -+ $cur = @filemtime($file); -+ $headers['Message-Id'] = "$id?rev=$cur"; -+ if ($rev) { -+ $headers['In-Reply-To'] = "$id?rev=$rev"; -+ } -+ $h = ''; -+ foreach ($headers as $k => $v) { -+ $h .= sprintf("%s: %s%s", $k, $v, MAILHEADER_EOL); -+ } +- mail_send($to,$subject,$text,$from,'',$bcc); ++ $headers = array(); ++ // add mail headers to identify page changes in same mail thread ++ $file = wikiFN($id); ++ $cur = @filemtime($file); ++ $headers['Message-Id'] = "$id?rev=$cur"; ++ if ($rev) { ++ $headers['In-Reply-To'] = "$id?rev=$rev"; ++ } ++ $h = ''; ++ foreach ($headers as $k => $v) { ++ $h .= sprintf("%s: %s%s", $k, $v, MAILHEADER_EOL); ++ } + -+ mail_send($to,$subject,$text,$from,'' ,$bcc, $h); ++ mail_send($to,$subject,$text,$from,'' ,$bcc, $h); } /** diff --git a/dokuwiki-media-userinfo.patch b/dokuwiki-media-userinfo.patch index 35f62fb..59391ca 100644 --- a/dokuwiki-media-userinfo.patch +++ b/dokuwiki-media-userinfo.patch @@ -1,13 +1,15 @@ ---- dokuwiki/inc/media.php~ 2008-03-11 17:01:47.000000000 +0200 -+++ dokuwiki/inc/media.php 2008-03-11 17:01:51.038533362 +0200 -@@ -301,6 +301,7 @@ - function media_notify($id,$file,$mime){ +CHECKME: possibly outdated now? + +--- dokuwiki-rc2010-10-07/inc/media.php~ 2010-10-07 21:28:44.000000000 +0300 ++++ dokuwiki-rc2010-10-07/inc/media.php 2010-10-07 21:30:12.262536013 +0300 +@@ -392,6 +392,7 @@ global $lang; global $conf; + global $INFO; + global $USERINFO; if(empty($conf['notify'])) return; //notify enabled? - $text = rawLocale('uploadmail'); + $ip = clientIP(); @@ -316,8 +317,8 @@ $from = $conf['mailfrom']; diff --git a/dokuwiki-notify-respect-minor.patch b/dokuwiki-notify-respect-minor.patch index d2cbd35..114436e 100644 --- a/dokuwiki-notify-respect-minor.patch +++ b/dokuwiki-notify-respect-minor.patch @@ -1,10 +1,10 @@ ---- dokuwiki/inc/common.php~ 2007-06-26 21:27:15.000000000 +0300 -+++ dokuwiki/inc/common.php 2008-02-25 20:39:15.516789317 +0200 -@@ -831,6 +831,7 @@ - // decide if there is something to do - if($who == 'admin'){ - if(empty($conf['notify'])) return; //notify enabled? -+ if($conf['useacl'] && $_SERVER['REMOTE_USER'] && $minor) return; //skip minors - $text = rawLocale('mailtext'); - $to = $conf['notify']; - $bcc = ''; +--- dokuwiki-rc2010-10-07/inc/common.php~ 2010-10-07 21:27:15.000000000 +0300 ++++ dokuwiki-rc2010-10-07/inc/common.php 2010-10-07 21:28:01.732549375 +0300 +@@ -1073,6 +1073,7 @@ + // decide if there is something to do + if($who == 'admin'){ + if(empty($conf['notify'])) return; //notify enabled? ++ if($conf['useacl'] && $_SERVER['REMOTE_USER'] && $minor) return; //skip minors + $text = rawLocale('mailtext'); + $to = $conf['notify']; + $bcc = ''; diff --git a/dokuwiki-notifyns.patch b/dokuwiki-notifyns.patch index 6b91f52..631970f 100644 --- a/dokuwiki-notifyns.patch +++ b/dokuwiki-notifyns.patch @@ -1,5 +1,5 @@ ---- dokuwiki-2008-05-05/inc/common.php~ 2008-11-12 16:45:56.298338127 +0200 -+++ dokuwiki-2008-05-05/inc/common.php 2008-11-12 16:56:31.711609436 +0200 +--- dokuwiki-rc2010-10-07/inc/common.php~ 2010-10-07 21:31:18.000000000 +0300 ++++ dokuwiki-rc2010-10-07/inc/common.php 2010-10-07 21:33:06.502518916 +0300 @@ -902,6 +902,34 @@ return $date; } @@ -35,28 +35,28 @@ /** * Sends a notify mail on page change * -@@ -921,10 +949,10 @@ +@@ -1100,10 +1100,10 @@ - // decide if there is something to do - if($who == 'admin'){ -- if(empty($conf['notify'])) return; //notify enabled? - if($conf['useacl'] && $_SERVER['REMOTE_USER'] && $minor) return; //skip minors -+ $to = notifyNS($id, $conf['notify']); -+ if(empty($to)) return; //notify enabled? - $text = rawLocale('mailtext'); -- $to = $conf['notify']; - $bcc = ''; - }elseif($who == 'subscribers'){ - if(!$conf['subscribers']) return; //subscribers enabled? -@@ -934,9 +962,9 @@ - $to = ''; - $text = rawLocale('subscribermail'); - }elseif($who == 'register'){ -- if(empty($conf['registernotify'])) return; -+ $to = notifyNS($id, $conf['registernotify']); -+ if(empty($to)) return; - $text = rawLocale('registermail'); -- $to = $conf['registernotify']; - $bcc = ''; - }else{ - return; //just to be safe + // decide if there is something to do + if($who == 'admin'){ +- if(empty($conf['notify'])) return; //notify enabled? + if($conf['useacl'] && $_SERVER['REMOTE_USER'] && $minor) return; //skip minors ++ $to = notifyNS($id, $conf['notify']); ++ if(empty($to)) return; //notify enabled? + $text = rawLocale('mailtext'); +- $to = $conf['notify']; + $bcc = ''; + }elseif($who == 'subscribers'){ + if(!$conf['subscribers']) return; //subscribers enabled? +@@ -1116,9 +1116,9 @@ + $to = ''; + $text = rawLocale('subscr_single'); + }elseif($who == 'register'){ +- if(empty($conf['registernotify'])) return; ++ $to = notifyNS($id, $conf['registernotify']); ++ if(empty($to)) return; + $text = rawLocale('registermail'); +- $to = $conf['registernotify']; + $bcc = ''; + }else{ + return; //just to be safe diff --git a/dokuwiki.spec b/dokuwiki.spec index 5fdb330..b8c1367 100644 --- a/dokuwiki.spec +++ b/dokuwiki.spec @@ -1,4 +1,4 @@ -%define subver 2009-12-25 +%define subver 2010-10-07 %define ver %(echo %{subver} | tr -d -) %define php_min_version 5.1.2 %include /usr/lib/rpm/macros.php @@ -6,11 +6,11 @@ Summary: PHP-based Wiki webapplication Summary(pl.UTF-8): Aplikacja WWW Wiki oparta na PHP Name: dokuwiki Version: %{ver} -Release: 10 +Release: 0.2 License: GPL v2 Group: Applications/WWW -Source0: http://www.splitbrain.org/_media/projects/dokuwiki/%{name}-%{subver}c.tgz -# Source0-md5: 2649b6fecbcb273374f5be8f0a2edf02 +Source0: http://www.splitbrain.org/_media/projects/dokuwiki/%{name}-rc%{subver}.tgz +# Source0-md5: 888aef56735e21a4094180dac57030f0 Source1: %{name}-apache.conf Source2: %{name}-lighttpd.conf Source3: jude.png @@ -23,8 +23,8 @@ Source6: pld_button.png Source7: cacti.gif Source8: nagios.gif Source9: http://trac.edgewall.org/export/9404/trunk/doc/trac_icon_16x16.png -Source10: pld.gif # Source9-md5: 0c19ed35bf677f33f6bea14b3a8a2e10 +Source10: pld.gif Patch66: %{name}-config.patch Patch0: %{name}-paths.patch Patch2: %{name}-mysqlauth.patch @@ -46,14 +46,13 @@ Patch19: pld-branding.patch Patch20: fixprivilegeescalationbug.diff Patch21: task-1821.patch Patch22: adldap.patch -Patch23: smblink.patch URL: http://www.dokuwiki.org/dokuwiki BuildRequires: rpm-php-pearprov >= 4.4.2-11 BuildRequires: rpmbuild(macros) >= 1.520 Requires: php-common >= 4:%{php_min_version} Requires: php-geshi >= 1.0.7.19 -Requires: php-simplepie >= 1.0.1 Requires: php-session +Requires: php-simplepie >= 1.0.1 Requires: php-xml Requires: webapps Requires: webserver(access) @@ -115,7 +114,7 @@ po pierwszej instalacji. Potem należy go odinstalować, jako że pozostawienie plików instalacyjnych mogłoby być niebezpieczne. %prep -%setup -q -n %{name}-%{subver} +%setup -q -n %{name}-rc%{subver} %patch0 -p1 %patch2 -p1 %patch3 -p1 @@ -136,7 +135,6 @@ pozostawienie plików instalacyjnych mogłoby być niebezpieczne. %patch20 -p1 %patch21 -p1 %patch22 -p1 -%patch23 -p1 %patch66 -p1 @@ -272,7 +270,6 @@ exit 0 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/lighttpd.conf %attr(640,root,http) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mediameta.php -%attr(640,root,http) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/msg %attr(640,root,http) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/words.aspell %attr(660,root,http) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/scheme.conf @@ -310,6 +307,7 @@ exit 0 %dir %{_appdir}/bin %attr(755,root,root) %{_appdir}/bin/dwpage.php %attr(755,root,root) %{_appdir}/bin/indexer.php +%attr(755,root,root) %{_appdir}/bin/render.php %attr(755,root,root) %{_appdir}/bin/wantedpages.php %dir %{_appdir}/inc @@ -360,6 +358,8 @@ exit 0 %attr(660,root,http) %config(noreplace,missingok) %verify(not md5 mtime size) %{_localstatedir}/pages/wiki/dokuwiki.txt %attr(660,root,http) %config(noreplace,missingok) %verify(not md5 mtime size) %{_localstatedir}/pages/wiki/syntax.txt %attr(660,root,http) %config(noreplace,missingok) %verify(not md5 mtime size) %{_localstatedir}/pages/playground/playground.txt +%attr(660,root,http) %config(noreplace,missingok) %verify(not md5 mtime size) %{_localstatedir}/security.png +%attr(660,root,http) %config(noreplace,missingok) %verify(not md5 mtime size) %{_localstatedir}/security.xcf %files setup %defattr(644,root,root,755) diff --git a/fixprivilegeescalationbug.diff b/fixprivilegeescalationbug.diff index 30d46db..a878110 100644 --- a/fixprivilegeescalationbug.diff +++ b/fixprivilegeescalationbug.diff @@ -4,15 +4,13 @@ ## DP: Hotfix for privilege escalation bug. @DPATCH@ -Index: dokuwiki-0.0.20090214/inc/actions.php -=================================================================== ---- dokuwiki-0.0.20090214.orig/inc/actions.php 2009-02-14 13:13:25.000000000 +0100 -+++ dokuwiki-0.0.20090214/inc/actions.php 2009-02-14 19:19:32.000000000 +0100 -@@ -141,6 +141,7 @@ - act_redirect($ID,$preact); - } +--- dokuwiki-rc2010-10-07/inc/actions.php~ 2010-10-07 21:38:37.000000000 +0300 ++++ dokuwiki-rc2010-10-07/inc/actions.php 2010-10-07 21:40:42.379139693 +0300 +@@ -149,6 +149,7 @@ + global $conf; + global $license; -+ $ACT = act_permcheck($ACT); - //call template FIXME: all needed vars available? - $headers[] = 'Content-Type: text/html; charset=utf-8'; - trigger_event('ACTION_HEADERS_SEND',$headers,'act_sendheaders'); ++ $ACT = act_permcheck($ACT); + //call template FIXME: all needed vars available? + $headers[] = 'Content-Type: text/html; charset=utf-8'; + trigger_event('ACTION_HEADERS_SEND',$headers,'act_sendheaders'); diff --git a/simplepie.patch b/simplepie.patch index e94f29a..659f330 100644 --- a/simplepie.patch +++ b/simplepie.patch @@ -1,11 +1,11 @@ ---- dokuwiki/inc/FeedParser.php~ 2009-02-14 14:13:24.000000000 +0200 -+++ dokuwiki/inc/FeedParser.php 2009-08-03 18:14:02.790174263 +0300 -@@ -7,7 +7,7 @@ - - if(!defined('DOKU_INC')) die('meh.'); - require_once(DOKU_INC.'inc/HTTPClient.php'); --require_once(DOKU_INC.'inc/SimplePie.php'); -+require_once 'simplepie.inc'; - - - /** +--- dokuwiki-rc2010-10-07/inc/load.php~ 2010-10-07 21:36:43.000000000 +0300 ++++ dokuwiki-rc2010-10-07/inc/load.php 2010-10-07 21:37:38.245824556 +0300 +@@ -62,7 +62,7 @@ + 'Doku_Event_Handler' => DOKU_INC.'inc/events.php', + 'EmailAddressValidator' => DOKU_INC.'inc/EmailAddressValidator.php', + 'JpegMeta' => DOKU_INC.'inc/JpegMeta.php', +- 'SimplePie' => DOKU_INC.'inc/SimplePie.php', ++ 'SimplePie' => '/usr/share/php/simplepie.inc', + 'FeedParser' => DOKU_INC.'inc/FeedParser.php', + 'IXR_Server' => DOKU_INC.'inc/IXR_Library.php', + 'IXR_Client' => DOKU_INC.'inc/IXR_Library.php', diff --git a/smblink.patch b/smblink.patch deleted file mode 100644 index 7eed9e5..0000000 --- a/smblink.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- dokuwiki/lib/scripts/script.js~ 2010-04-29 15:42:12.000000000 +0300 -+++ dokuwiki/lib/scripts/script.js 2010-04-29 15:43:39.640053591 +0300 -@@ -512,7 +512,7 @@ - for(var i=0; i