diff options
author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2023-10-04 01:35:06 +0200 |
---|---|---|
committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2023-10-04 02:11:48 +0200 |
commit | 1a64deeb894dc95e2645a75771732c6cc53a79ad (patch) | |
tree | 1b9df4838f894577a09b9b260151756272efeb53 /flakes/mypackages/pkgs/webapps/spip | |
parent | fa25ffd4583cc362075cd5e1b4130f33306103f0 (diff) | |
download | Nix-1a64deeb894dc95e2645a75771732c6cc53a79ad.tar.gz Nix-1a64deeb894dc95e2645a75771732c6cc53a79ad.tar.zst Nix-1a64deeb894dc95e2645a75771732c6cc53a79ad.zip |
Squash changes containing private information
There were a lot of changes since the previous commit, but a lot of them
contained personnal information about users. All thos changes got
stashed into a single commit (history is kept in a different place) and
private information was moved in a separate private repository
Diffstat (limited to 'flakes/mypackages/pkgs/webapps/spip')
-rw-r--r-- | flakes/mypackages/pkgs/webapps/spip/default.nix | 32 | ||||
-rw-r--r-- | flakes/mypackages/pkgs/webapps/spip/spip_ldap_patch.patch | 60 | ||||
-rw-r--r-- | flakes/mypackages/pkgs/webapps/spip/spip_mes_options.php | 18 |
3 files changed, 110 insertions, 0 deletions
diff --git a/flakes/mypackages/pkgs/webapps/spip/default.nix b/flakes/mypackages/pkgs/webapps/spip/default.nix new file mode 100644 index 0000000..20d5c8c --- /dev/null +++ b/flakes/mypackages/pkgs/webapps/spip/default.nix | |||
@@ -0,0 +1,32 @@ | |||
1 | { siteName ? "spip" | ||
2 | , siteDir ? runCommand "empty" { preferLocalBuild = true; } "mkdir -p $out" | ||
3 | , environment ? "prod" | ||
4 | , ldap ? false | ||
5 | , varDir ? "/var/lib/${siteName}_${environment}" | ||
6 | , lib, fetchzip, runCommand, stdenv }: | ||
7 | let | ||
8 | app = stdenv.mkDerivation rec { | ||
9 | name = "${siteName}-${environment}-spip-${version}"; | ||
10 | version = "3.2.7"; | ||
11 | src = fetchzip { | ||
12 | url = "https://files.spip.net/spip/archives/SPIP-v${version}.zip"; | ||
13 | sha256 = "0n4kc95nhn524zbb11bpfjs965pm4v026s3m3q44pl8nyms91r33"; | ||
14 | }; | ||
15 | paches = lib.optionals ldap [ ./spip_ldap_patch.patch ]; | ||
16 | buildPhase = '' | ||
17 | rm -rf IMG local tmp config/remove.txt | ||
18 | ln -sf ${./spip_mes_options.php} config/mes_options.php | ||
19 | echo "Require all denied" > "config/.htaccess" | ||
20 | ln -sf ${varDir}/{IMG,local} . | ||
21 | ''; | ||
22 | installPhase = '' | ||
23 | cp -a . $out | ||
24 | cp -a ${siteDir}/* $out | ||
25 | ''; | ||
26 | passthru = { | ||
27 | inherit siteName siteDir environment varDir; | ||
28 | webRoot = app; | ||
29 | spipConfig = ./spip_mes_options.php; | ||
30 | }; | ||
31 | }; | ||
32 | in app | ||
diff --git a/flakes/mypackages/pkgs/webapps/spip/spip_ldap_patch.patch b/flakes/mypackages/pkgs/webapps/spip/spip_ldap_patch.patch new file mode 100644 index 0000000..653c909 --- /dev/null +++ b/flakes/mypackages/pkgs/webapps/spip/spip_ldap_patch.patch | |||
@@ -0,0 +1,60 @@ | |||
1 | --- old/ecrire/auth/ldap.php 2017-06-08 21:58:17.000000000 +0200 | ||
2 | +++ new/ecrire/auth/ldap.php 2017-06-10 02:54:02.687954143 +0200 | ||
3 | @@ -171,24 +171,41 @@ | ||
4 | $desc = isset($ldap['attributes']) && $ldap['attributes'] ? $ldap['attributes'] : $GLOBALS['ldap_attributes'] ; | ||
5 | |||
6 | $logins = is_array($desc['login']) ? $desc['login'] : array($desc['login']); | ||
7 | + if (isset($GLOBALS['ldap_search'])) { | ||
8 | + $search_query = str_replace("%user%", $login_search, $GLOBALS['ldap_search']); | ||
9 | + $result = @ldap_search($ldap_link, $ldap_base, $search_query, array("dn")); | ||
10 | + $info = @ldap_get_entries($ldap_link, $result); | ||
11 | + // Ne pas accepter les resultats si plus d'une entree | ||
12 | + // (on veut un attribut unique) | ||
13 | |||
14 | - // Tenter une recherche pour essayer de retrouver le DN | ||
15 | - foreach ($logins as $att) { | ||
16 | - $result = @ldap_search($ldap_link, $ldap_base, "$att=$login_search", array("dn")); | ||
17 | - $info = @ldap_get_entries($ldap_link, $result); | ||
18 | - // Ne pas accepter les resultats si plus d'une entree | ||
19 | - // (on veut un attribut unique) | ||
20 | + if (is_array($info) and $info['count'] == 1) { | ||
21 | + $dn = $info[0]['dn']; | ||
22 | + if (!$checkpass) { | ||
23 | + return $dn; | ||
24 | + } | ||
25 | + if (@ldap_bind($ldap_link, $dn, $pass)) { | ||
26 | + return $dn; | ||
27 | + } | ||
28 | + } | ||
29 | + } else { | ||
30 | + // Tenter une recherche pour essayer de retrouver le DN | ||
31 | + foreach ($logins as $att) { | ||
32 | + $result = @ldap_search($ldap_link, $ldap_base, "$att=$login_search", array("dn")); | ||
33 | + $info = @ldap_get_entries($ldap_link, $result); | ||
34 | + // Ne pas accepter les resultats si plus d'une entree | ||
35 | + // (on veut un attribut unique) | ||
36 | |||
37 | - if (is_array($info) and $info['count'] == 1) { | ||
38 | - $dn = $info[0]['dn']; | ||
39 | - if (!$checkpass) { | ||
40 | - return $dn; | ||
41 | - } | ||
42 | - if (@ldap_bind($ldap_link, $dn, $pass)) { | ||
43 | - return $dn; | ||
44 | - } | ||
45 | - } | ||
46 | - } | ||
47 | + if (is_array($info) and $info['count'] == 1) { | ||
48 | + $dn = $info[0]['dn']; | ||
49 | + if (!$checkpass) { | ||
50 | + return $dn; | ||
51 | + } | ||
52 | + if (@ldap_bind($ldap_link, $dn, $pass)) { | ||
53 | + return $dn; | ||
54 | + } | ||
55 | + } | ||
56 | + } | ||
57 | + } | ||
58 | |||
59 | if ($checkpass and !isset($dn)) { | ||
60 | // Si echec, essayer de deviner le DN | ||
diff --git a/flakes/mypackages/pkgs/webapps/spip/spip_mes_options.php b/flakes/mypackages/pkgs/webapps/spip/spip_mes_options.php new file mode 100644 index 0000000..8db8389 --- /dev/null +++ b/flakes/mypackages/pkgs/webapps/spip/spip_mes_options.php | |||
@@ -0,0 +1,18 @@ | |||
1 | <?php // /!\ Important: There must be no blank space before <?php or after ?> | ||
2 | // This file was inspired from the spip contrib website | ||
3 | // http://www.spip.net/fr_article3811.html | ||
4 | |||
5 | $config_dir = getenv('SPIP_CONFIG_DIR') . '/'; | ||
6 | $var_dir = getenv('SPIP_VAR_DIR') . '/'; | ||
7 | |||
8 | $cookie_prefix = str_replace('.', '_', getenv("SPIP_SITE")); | ||
9 | $table_prefix = 'spip'; | ||
10 | |||
11 | spip_initialisation( | ||
12 | $config_dir, | ||
13 | _DIR_RACINE . _NOM_PERMANENTS_ACCESSIBLES, | ||
14 | $var_dir . _NOM_TEMPORAIRES_INACCESSIBLES, | ||
15 | _DIR_RACINE . _NOM_TEMPORAIRES_ACCESSIBLES | ||
16 | ); | ||
17 | |||
18 | ?> | ||