From 1a64deeb894dc95e2645a75771732c6cc53a79ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Wed, 4 Oct 2023 01:35:06 +0200 Subject: Squash changes containing private information There were a lot of changes since the previous commit, but a lot of them contained personnal information about users. All thos changes got stashed into a single commit (history is kept in a different place) and private information was moved in a separate private repository --- flakes/mypackages/pkgs/webapps/spip/default.nix | 32 ++++++++++++ .../pkgs/webapps/spip/spip_ldap_patch.patch | 60 ++++++++++++++++++++++ .../pkgs/webapps/spip/spip_mes_options.php | 18 +++++++ 3 files changed, 110 insertions(+) create mode 100644 flakes/mypackages/pkgs/webapps/spip/default.nix create mode 100644 flakes/mypackages/pkgs/webapps/spip/spip_ldap_patch.patch create mode 100644 flakes/mypackages/pkgs/webapps/spip/spip_mes_options.php (limited to 'flakes/mypackages/pkgs/webapps/spip') diff --git a/flakes/mypackages/pkgs/webapps/spip/default.nix b/flakes/mypackages/pkgs/webapps/spip/default.nix new file mode 100644 index 0000000..20d5c8c --- /dev/null +++ b/flakes/mypackages/pkgs/webapps/spip/default.nix @@ -0,0 +1,32 @@ +{ siteName ? "spip" +, siteDir ? runCommand "empty" { preferLocalBuild = true; } "mkdir -p $out" +, environment ? "prod" +, ldap ? false +, varDir ? "/var/lib/${siteName}_${environment}" +, lib, fetchzip, runCommand, stdenv }: +let + app = stdenv.mkDerivation rec { + name = "${siteName}-${environment}-spip-${version}"; + version = "3.2.7"; + src = fetchzip { + url = "https://files.spip.net/spip/archives/SPIP-v${version}.zip"; + sha256 = "0n4kc95nhn524zbb11bpfjs965pm4v026s3m3q44pl8nyms91r33"; + }; + paches = lib.optionals ldap [ ./spip_ldap_patch.patch ]; + buildPhase = '' + rm -rf IMG local tmp config/remove.txt + ln -sf ${./spip_mes_options.php} config/mes_options.php + echo "Require all denied" > "config/.htaccess" + ln -sf ${varDir}/{IMG,local} . + ''; + installPhase = '' + cp -a . $out + cp -a ${siteDir}/* $out + ''; + passthru = { + inherit siteName siteDir environment varDir; + webRoot = app; + spipConfig = ./spip_mes_options.php; + }; + }; +in app diff --git a/flakes/mypackages/pkgs/webapps/spip/spip_ldap_patch.patch b/flakes/mypackages/pkgs/webapps/spip/spip_ldap_patch.patch new file mode 100644 index 0000000..653c909 --- /dev/null +++ b/flakes/mypackages/pkgs/webapps/spip/spip_ldap_patch.patch @@ -0,0 +1,60 @@ +--- old/ecrire/auth/ldap.php 2017-06-08 21:58:17.000000000 +0200 ++++ new/ecrire/auth/ldap.php 2017-06-10 02:54:02.687954143 +0200 +@@ -171,24 +171,41 @@ + $desc = isset($ldap['attributes']) && $ldap['attributes'] ? $ldap['attributes'] : $GLOBALS['ldap_attributes'] ; + + $logins = is_array($desc['login']) ? $desc['login'] : array($desc['login']); ++ if (isset($GLOBALS['ldap_search'])) { ++ $search_query = str_replace("%user%", $login_search, $GLOBALS['ldap_search']); ++ $result = @ldap_search($ldap_link, $ldap_base, $search_query, array("dn")); ++ $info = @ldap_get_entries($ldap_link, $result); ++ // Ne pas accepter les resultats si plus d'une entree ++ // (on veut un attribut unique) + +- // Tenter une recherche pour essayer de retrouver le DN +- foreach ($logins as $att) { +- $result = @ldap_search($ldap_link, $ldap_base, "$att=$login_search", array("dn")); +- $info = @ldap_get_entries($ldap_link, $result); +- // Ne pas accepter les resultats si plus d'une entree +- // (on veut un attribut unique) ++ if (is_array($info) and $info['count'] == 1) { ++ $dn = $info[0]['dn']; ++ if (!$checkpass) { ++ return $dn; ++ } ++ if (@ldap_bind($ldap_link, $dn, $pass)) { ++ return $dn; ++ } ++ } ++ } else { ++ // Tenter une recherche pour essayer de retrouver le DN ++ foreach ($logins as $att) { ++ $result = @ldap_search($ldap_link, $ldap_base, "$att=$login_search", array("dn")); ++ $info = @ldap_get_entries($ldap_link, $result); ++ // Ne pas accepter les resultats si plus d'une entree ++ // (on veut un attribut unique) + +- if (is_array($info) and $info['count'] == 1) { +- $dn = $info[0]['dn']; +- if (!$checkpass) { +- return $dn; +- } +- if (@ldap_bind($ldap_link, $dn, $pass)) { +- return $dn; +- } +- } +- } ++ if (is_array($info) and $info['count'] == 1) { ++ $dn = $info[0]['dn']; ++ if (!$checkpass) { ++ return $dn; ++ } ++ if (@ldap_bind($ldap_link, $dn, $pass)) { ++ return $dn; ++ } ++ } ++ } ++ } + + if ($checkpass and !isset($dn)) { + // Si echec, essayer de deviner le DN diff --git a/flakes/mypackages/pkgs/webapps/spip/spip_mes_options.php b/flakes/mypackages/pkgs/webapps/spip/spip_mes_options.php new file mode 100644 index 0000000..8db8389 --- /dev/null +++ b/flakes/mypackages/pkgs/webapps/spip/spip_mes_options.php @@ -0,0 +1,18 @@ + -- cgit v1.2.3