From 1a64deeb894dc95e2645a75771732c6cc53a79ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Wed, 4 Oct 2023 01:35:06 +0200 Subject: Squash changes containing private information There were a lot of changes since the previous commit, but a lot of them contained personnal information about users. All thos changes got stashed into a single commit (history is kept in a different place) and private information was moved in a separate private repository --- .../websites/tools/tools/landing/ldap_password.php | 140 - .../websites/tools/tools/landing/ldap_ssh_keys.php | 348 - .../private/websites/tools/tools/landing/myip.php | 1 - .../websites/tools/tools/landing/node-packages.nix | 130 - .../tools/tools/landing/report_csp_violation.php | 22 - .../websites/tools/tools/landing/yarn-packages.nix | 9357 -------------------- 6 files changed, 9998 deletions(-) delete mode 100644 modules/private/websites/tools/tools/landing/ldap_password.php delete mode 100644 modules/private/websites/tools/tools/landing/ldap_ssh_keys.php delete mode 100644 modules/private/websites/tools/tools/landing/myip.php delete mode 100644 modules/private/websites/tools/tools/landing/node-packages.nix delete mode 100644 modules/private/websites/tools/tools/landing/report_csp_violation.php delete mode 100644 modules/private/websites/tools/tools/landing/yarn-packages.nix (limited to 'modules/private/websites/tools/tools/landing') diff --git a/modules/private/websites/tools/tools/landing/ldap_password.php b/modules/private/websites/tools/tools/landing/ldap_password.php deleted file mode 100644 index b6079e5..0000000 --- a/modules/private/websites/tools/tools/landing/ldap_password.php +++ /dev/null @@ -1,140 +0,0 @@ - - * @website: http://technology.mattrude.com/2010/11/ldap-php-change-password-webpage/ - * - * - * GNU GENERAL PUBLIC LICENSE - * Version 2, June 1991 - * - * Copyright (C) 1989, 1991 Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - * Everyone is permitted to copy and distribute verbatim copies - * of this license document, but changing it is not allowed. - */ - -$message = array(); -$message_css = ""; - -function changePassword($user,$oldPassword,$newPassword,$newPasswordCnf){ - global $message; - global $message_css; - - $server = "ldaps://ldap.immae.eu"; - - error_reporting(0); - $con = ldap_connect($server); - ldap_set_option($con, LDAP_OPT_PROTOCOL_VERSION, 3); - - $user_dn = "uid=$user,ou=users,dc=immae,dc=eu"; - - if (ldap_bind($con, $user_dn, $oldPassword) === false) { - $user_dn = "uid=$user,ou=group_users,dc=immae,dc=eu"; - if (ldap_bind($con, $user_dn, $oldPassword) === false) { - $message[] = "Error E101 - Current Username or Password is wrong."; - return false; - } - } - if ($newPassword != $newPasswordCnf ) { - $message[] = "Error E102 - Your New passwords do not match!"; - return false; - } - if (strlen($newPassword) < 6 ) { - $message[] = "Error E103 - Your new password is too short.
Your password must be at least 6 characters long."; - return false; - } - - $salt = substr(str_shuffle(str_repeat('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789',4)),0,4); - $encoded_newPassword = "{SSHA}" . base64_encode(pack("H*", sha1($newPassword.$salt)).$salt); - - $user_search = ldap_search($con,"dc=immae,dc=eu","(uid=$user)"); - $auth_entry = ldap_first_entry($con, $user_search); - - $mail_addresses = ldap_get_values($con, $auth_entry, "mail"); - $given_names = ldap_get_values($con, $auth_entry, "givenName"); - $mail_address = $mail_addresses[0]; - $first_name = $given_names[0]; - - /* And Finally, Change the password */ - $entry = array(); - $entry["userPassword"] = "$encoded_newPassword"; - - if (ldap_modify($con,$user_dn,$entry) === false){ - $error = ldap_error($con); - $errno = ldap_errno($con); - $message[] = "E201 - Your password cannot be changed, please contact the administrator."; - $message[] = "$errno - $error"; - } else { - $message_css = "yes"; - mail($mail_address,"Password change notice","Dear $first_name, -Your password on https://tools.immae.eu/ldap_password.php for account $user was just changed. -If you did not make this change, please contact me. -If you were the one who changed your password, you may disregard this message. - -Thanks --- -Immae / Ismaël", "From: " . getenv("CONTACT_EMAIL")); - $message[] = "The password for $user has been changed.
An informational email has been sent to $mail_address.
Your new password is now fully active."; - } -} - -?> - - - -Password Change Page - - - - - - -
-
-

Password Change Page

-'; - changePassword($_POST['username'],$_POST['oldPassword'],$_POST['newPassword1'],$_POST['newPassword2']); - global $message_css; - if ($message_css == "yes") { - echo '
'; - } else { - echo '
'; - $message[] = "Your password was not changed."; - } - foreach ( $message as $one ) { echo "

$one

"; } - ?>
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- -
-
-
-
- - diff --git a/modules/private/websites/tools/tools/landing/ldap_ssh_keys.php b/modules/private/websites/tools/tools/landing/ldap_ssh_keys.php deleted file mode 100644 index 259e28d..0000000 --- a/modules/private/websites/tools/tools/landing/ldap_ssh_keys.php +++ /dev/null @@ -1,348 +0,0 @@ - - - - ImmaeEu Account - - - - - - -
-

Gestion des clés SSH

- $apps, - 'public_key' => $publicKey, - 'comment' => $comment, - ]; - } - - return $keys; -} - -function pushLdapInfos($keys) -{ - $con = doConnect(); - if (!isset($_SESSION["user_dn"])) - return false; - - return ldap_mod_replace($con, $_SESSION["user_dn"], array("immaeSshKey" => $keys)); -} - - -// Script -if (isset($_POST['deconnexion'])) { - $_SESSION = []; -} - -if (isset($_POST['sauvegarder'])) { - $editedKeys = []; - $errors = false; - $keysToSave = []; - foreach($_POST['keys'] as $id => $key) { - $editedKeys[$id] = $key; - if (!checkSshKey($key['public_key'])) { - $editedKeys[$id]['error'] = true; - $errors = true; - } - - if (!isset($key['apps'])) { - $editedKeys[$id]['apps'] = $key['apps'] = []; - - } - foreach ($key['apps'] as $app) { - if (!in_array($app, apps)) { - die("integrity"); - } - } - - if (!isset($editedKeys[$id]['error']) || $editedKeys[$id]['error'] !== true) { - $keysToSave[] = implode('|', $key['apps']) . ' ' . $key['public_key'] . ' ' . $key['comment']; - } - } - - if (!$errors) { - $successSave = pushLdapInfos($keysToSave); - } -} - -$loginErrors = ""; -if (isset($_POST['login'])) { - if (empty($_POST['username']) || empty($_POST['password'])) { - $loginErrors = "Le nom d'utilisateur et le mot de passe sont requis."; - } elseif (!checkLogin($_POST['username'], $_POST['password'])) { - $loginErrors = "Identifiants incorrects."; - } else { - $_SESSION['login'] = $_POST['username']; - } -} - -if (isUserLogged()) : - $keys = isset($editedKeys) ? $editedKeys : getLdapInfo(); -?> -

Connecté en tant que

- -
- -
- - -

Clés enregistrées avec succès.

- - -
- - - $sshKey) : - ?> - - - - - - - - - - - - - - - - - - - -
Description
>
- - - -
- - -
- - -
-

Login

- - -

- - - - - - - - - -
- -
- - - - diff --git a/modules/private/websites/tools/tools/landing/myip.php b/modules/private/websites/tools/tools/landing/myip.php deleted file mode 100644 index 9ec1c6c..0000000 --- a/modules/private/websites/tools/tools/landing/myip.php +++ /dev/null @@ -1 +0,0 @@ - diff --git a/modules/private/websites/tools/tools/landing/node-packages.nix b/modules/private/websites/tools/tools/landing/node-packages.nix deleted file mode 100644 index 9ebf254..0000000 --- a/modules/private/websites/tools/tools/landing/node-packages.nix +++ /dev/null @@ -1,130 +0,0 @@ -# This file has been generated by node2nix 1.8.0. Do not edit! - -{nodeEnv, fetchurl, fetchgit, src, globalBuildInputs ? []}: - -let - sources = { - "@fortawesome/fontawesome-free-5.13.1" = { - name = "_at_fortawesome_slash_fontawesome-free"; - packageName = "@fortawesome/fontawesome-free"; - version = "5.13.1"; - src = fetchurl { - url = "https://registry.npmjs.org/@fortawesome/fontawesome-free/-/fontawesome-free-5.13.1.tgz"; - sha512 = "D819f34FLHeBN/4xvw0HR0u7U2G7RqjPSggXqf7LktsxWQ48VAfGwvMrhcVuaZV2fF069c/619RdgCCms0DHhw=="; - }; - }; - "argparse-1.0.10" = { - name = "argparse"; - packageName = "argparse"; - version = "1.0.10"; - src = fetchurl { - url = "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz"; - sha512 = "o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg=="; - }; - }; - "bulma-0.8.2" = { - name = "bulma"; - packageName = "bulma"; - version = "0.8.2"; - src = fetchurl { - url = "https://registry.npmjs.org/bulma/-/bulma-0.8.2.tgz"; - sha512 = "vMM/ijYSxX+Sm+nD7Lmc1UgWDy2JcL2nTKqwgEqXuOMU+IGALbXd5MLt/BcjBAPLIx36TtzhzBcSnOP974gcqA=="; - }; - }; - "core-js-3.6.5" = { - name = "core-js"; - packageName = "core-js"; - version = "3.6.5"; - src = fetchurl { - url = "https://registry.npmjs.org/core-js/-/core-js-3.6.5.tgz"; - sha512 = "vZVEEwZoIsI+vPEuoF9Iqf5H7/M3eeQqWlQnYa8FSKKePuYTf5MWnxb5SDAzCa60b3JBRS5g9b+Dq7b1y/RCrA=="; - }; - }; - "esprima-4.0.1" = { - name = "esprima"; - packageName = "esprima"; - version = "4.0.1"; - src = fetchurl { - url = "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz"; - sha512 = "eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A=="; - }; - }; - "js-yaml-3.14.0" = { - name = "js-yaml"; - packageName = "js-yaml"; - version = "3.14.0"; - src = fetchurl { - url = "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.0.tgz"; - sha512 = "/4IbIeHcD9VMHFqDR/gQ7EdZdLimOvW2DdcxFjdyyZ9NsbS+ccrXqVWDtab/lRl5AlUqmpBx8EhPaWR+OtY17A=="; - }; - }; - "lodash.merge-4.6.2" = { - name = "lodash.merge"; - packageName = "lodash.merge"; - version = "4.6.2"; - src = fetchurl { - url = "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz"; - sha512 = "0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ=="; - }; - }; - "register-service-worker-1.7.1" = { - name = "register-service-worker"; - packageName = "register-service-worker"; - version = "1.7.1"; - src = fetchurl { - url = "https://registry.npmjs.org/register-service-worker/-/register-service-worker-1.7.1.tgz"; - sha512 = "IdTfUZ4u8iJL8o1w8es8l6UMGPmkwHolUdT+UmM1UypC80IB4KbpuIlvwWVj8UDS7eJwkEYRcKRgfRX+oTmJsw=="; - }; - }; - "sprintf-js-1.0.3" = { - name = "sprintf-js"; - packageName = "sprintf-js"; - version = "1.0.3"; - src = fetchurl { - url = "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz"; - sha1 = "04e6926f662895354f3dd015203633b857297e2c"; - }; - }; - "vue-2.6.11" = { - name = "vue"; - packageName = "vue"; - version = "2.6.11"; - src = fetchurl { - url = "https://registry.npmjs.org/vue/-/vue-2.6.11.tgz"; - sha512 = "VfPwgcGABbGAue9+sfrD4PuwFar7gPb1yl1UK1MwXoQPAw0BKSqWfoYCT/ThFrdEVWoI51dBuyCoiNU9bZDZxQ=="; - }; - }; - }; - args = { - name = "homer"; - packageName = "homer"; - version = "20.06.1"; - inherit src; - dependencies = [ - sources."@fortawesome/fontawesome-free-5.13.1" - sources."argparse-1.0.10" - sources."bulma-0.8.2" - sources."core-js-3.6.5" - sources."esprima-4.0.1" - sources."js-yaml-3.14.0" - sources."lodash.merge-4.6.2" - sources."register-service-worker-1.7.1" - sources."sprintf-js-1.0.3" - sources."vue-2.6.11" - ]; - buildInputs = globalBuildInputs; - meta = { - license = "Apache-2.0"; - }; - production = true; - bypassCache = true; - reconstructLock = true; - }; -in -{ - args = args; - sources = sources; - tarball = nodeEnv.buildNodeSourceDist args; - package = nodeEnv.buildNodePackage args; - shell = nodeEnv.buildNodeShell args; -} diff --git a/modules/private/websites/tools/tools/landing/report_csp_violation.php b/modules/private/websites/tools/tools/landing/report_csp_violation.php deleted file mode 100644 index 30140b2..0000000 --- a/modules/private/websites/tools/tools/landing/report_csp_violation.php +++ /dev/null @@ -1,22 +0,0 @@ -