rpms/phpldapadmin/devel phpldapadmin-0.9.7-config.patch, NONE, 1.1 phpldapadmin-0.9.7-namingcontexts.patch, NONE, 1.1 phpldapadmin-0.9.7-obfuscate.patch, NONE, 1.1 phpldapadmin-0.9.7-session_opt_secret.patch, NONE, 1.1 phpldapadmin-strip-debug.sh, NONE, 1.1 phpldapadmin.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
Dmitry Butskoy (buc)
fedora-extras-commits at redhat.com
Mon Sep 26 21:52:09 UTC 2005
Author: buc
Update of /cvs/extras/rpms/phpldapadmin/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv28306/devel
Modified Files:
.cvsignore sources
Added Files:
phpldapadmin-0.9.7-config.patch
phpldapadmin-0.9.7-namingcontexts.patch
phpldapadmin-0.9.7-obfuscate.patch
phpldapadmin-0.9.7-session_opt_secret.patch
phpldapadmin-strip-debug.sh phpldapadmin.spec
Log Message:
auto-import phpldapadmin-0.9.7-1 on branch devel from phpldapadmin-0.9.7-1.src.rpm
phpldapadmin-0.9.7-config.patch:
--- NEW FILE phpldapadmin-0.9.7-config.patch ---
diff -Nrbu phpldapadmin-20050912/config.php phpldapadmin.NEW/config.php
--- phpldapadmin-20050912/config.php 2005-09-13 17:23:18.000000000 +0400
+++ phpldapadmin.NEW/config.php 2005-09-12 20:14:38.000000000 +0400
@@ -21,6 +21,8 @@
* as many as you like. You can also specify your language, and
* many other options.
*/
+// $config->custom->appearance['language'] = 'en';
+// $config->custom->appearance['show_clear_password'] = true;
/** **/
/** Miscellaneous Configuration overrides **/
@@ -55,16 +57,16 @@
/* A convenient name that will appear in the tree viewer and throughout phpLDAPadmin to
identify this LDAP server to users. */
-$ldapservers->SetValue($i,'server','name','My LDAP Server');
+$ldapservers->SetValue($i,'server','name','Local LDAP Server');
/* Examples:
'ldap.example.com',
'ldaps://ldap.example.com/',
'ldapi://%2fusr%local%2fvar%2frun%2fldapi' (Unix socket at /usr/local/var/run/ldap) */
-// $ldapservers->SetValue($i,'server','host','127.0.0.1');
+$ldapservers->SetValue($i,'server','host','localhost');
/* The port your LDAP server listens on (no quotes). 389 is standard. */
-// $ldapservers->SetValue($i,'server','port','389');
+$ldapservers->SetValue($i,'server','port','389');
/* Array of base DNs of your LDAP server. Leave this blank to have phpLDAPadmin auto-detect it for you. */
// $ldapservers->SetValue($i,'server','base',array(''));
@@ -80,7 +82,7 @@
Choose wisely to protect your authentication information appropriately for your situation. If
you choose 'cookie', your cookie contents will be encrypted using blowfish and the secret your specify
above as session['blowfish']. */
-// $ldapservers->SetValue($i,'server','auth_type','cookie');
+$ldapservers->SetValue($i,'server','auth_type','session');
/* The DN of the user for phpLDAPadmin to bind with. For anonymous binds or 'cookie' or 'session' auth_types,
leave the login_dn and login_pass blank. If you specify a login_attr in conjunction with a cookie or
@@ -100,7 +102,7 @@
/* Default password hashing algorithm. One of md5, ssha, sha, md5crpyt, smd5, blowfish, crypt or
leave blank for now default algorithm. */
-// $ldapservers->SetValue($i,'appearance','password_hash','md5');
+$ldapservers->SetValue($i,'appearance','password_hash','');
/* If you specified 'cookie' or 'session' as the auth_type above, you can optionally specify here an attribute
to use when logging in. If you enter 'uid' and login as 'dsmith', phpLDAPadmin will search for (uid=dsmith)
@@ -108,7 +110,7 @@
LDAP server requires you to login to perform searches, you can enter the DN to use when searching in 'login_dn'
and 'login_pass' above. You may also specify 'string', in which case you can provide a string to use for
logging users in. See 'login_string' directly below. */
-// $ldapservers->SetValue($i,'login','attr','uid');
+$ldapservers->SetValue($i,'login','attr','uid');
/* If you specified 'cookie' or 'session' as the auth_type above, and you specified 'string' for 'login_attr'
above, you must provide a string here for logging users in. If, for example, I have a lot of user entries with
@@ -192,7 +194,7 @@
$i++;
$ldapservers->SetValue($i,'server','name','LDAP Server');
-$ldapservers->SetValue($i,'server','host','127.0.0.1');
+$ldapservers->SetValue($i,'server','host','');
$ldapservers->SetValue($i,'server','port','389');
$ldapservers->SetValue($i,'server','base',array(''));
$ldapservers->SetValue($i,'server','auth_type','cookie');
phpldapadmin-0.9.7-namingcontexts.patch:
--- NEW FILE phpldapadmin-0.9.7-namingcontexts.patch ---
diff -Nrbu phpldapadmin-20050912/server_functions.php phpldapadmin.NEW/server_functions.php
--- phpldapadmin-20050912/server_functions.php 2005-09-11 09:23:19.000000000 +0400
+++ phpldapadmin.NEW/server_functions.php 2005-09-12 19:57:28.000000000 +0400
@@ -339,6 +339,16 @@
return $this->_baseDN;
+ }
+ /* May be there is a bug in php-ldap module -- it cannot handle
+ empty `dn' value (as returned here at least by OpenLdap servers),
+ and fill it by the next attribute value (i.e., `namingcontexts'),
+ and the next attribute disappears...
+ Therefore ugly hacking here.
+ */
+ else if( isset( $r[0]['dn'] ) ) {
+ $this->_baseDN = array ($r[0]['dn']);
+ return $this->_baseDN;
} else {
return array('');
}
phpldapadmin-0.9.7-obfuscate.patch:
--- NEW FILE phpldapadmin-0.9.7-obfuscate.patch ---
diff -Nru phpldapadmin.OLD/compare.php phpldapadmin.NEW/compare.php
--- phpldapadmin.OLD/compare.php 2005-09-04 22:41:54.000000000 +0400
+++ phpldapadmin.NEW/compare.php 2005-09-23 20:18:48.000000000 +0400
@@ -348,7 +348,7 @@
<?php }
- if( $config->GetValue('appearance','obfuscate_password_display') || is_null( $enc_type ) ) {
+ if( obfuscate_password_display( $enc_type ) ) {
echo htmlspecialchars( preg_replace( "/./", "*", $user_password ) );
} else {
echo htmlspecialchars( $user_password );
diff -Nru phpldapadmin.OLD/template_engine.php phpldapadmin.NEW/template_engine.php
--- phpldapadmin.OLD/template_engine.php 2005-09-18 00:43:17.000000000 +0400
+++ phpldapadmin.NEW/template_engine.php 2005-09-23 21:00:50.000000000 +0400
@@ -793,7 +793,12 @@
} ?>
<br />
- <input style="width: 260px" type="password" name="new_values[userpassword]" value="<?php echo htmlspecialchars( $user_password ); ?>" />
+ <input style="width: 260px" type="
+ <?php if (obfuscate_password_display($enc_type))
+ echo "password";
+ else
+ echo "text";
+ ?>" name="new_values[userpassword]" value="<?php echo htmlspecialchars( $user_password ); ?>" />
<?php echo enc_type_select_list($enc_type); ?>
diff -Nru phpldapadmin.OLD/templates/modification/default.php phpldapadmin.NEW/templates/modification/default.php
--- phpldapadmin.OLD/templates/modification/default.php 2005-04-26 13:48:56.000000000 +0400
+++ phpldapadmin.NEW/templates/modification/default.php 2005-09-23 20:55:43.000000000 +0400
@@ -472,7 +472,7 @@
name="old_enc_type"
value="<?php echo ($enc_type==''?'clear':$enc_type); ?>" />
- <?php if( obfuscate_password_display() || is_null( $enc_type ) ) {
+ <?php if( obfuscate_password_display( $enc_type ) ) {
echo htmlspecialchars( preg_replace( "/./", "*", $user_password ) );
} else {
echo htmlspecialchars( $user_password );
@@ -480,7 +480,12 @@
?>
<br />
<input style="width: 260px"
- type="password"
+ type="<?php
+ if( obfuscate_password_display( $enc_type ) )
+ echo 'password';
+ else
+ echo 'text';
+ ?>"
name="new_values[userpassword]"
value="<?php echo htmlspecialchars( $user_password ); ?>" />
diff -Nru phpldapadmin.OLD/update_confirm.php phpldapadmin.NEW/update_confirm.php
--- phpldapadmin.OLD/update_confirm.php 2005-08-27 20:18:52.000000000 +0400
+++ phpldapadmin.NEW/update_confirm.php 2005-09-23 20:45:37.000000000 +0400
@@ -143,7 +143,7 @@
echo nl2br( htmlspecialchars( $v ) ) . "<br />";
else
if( 0 == strcasecmp( $attr, 'userPassword' )
- && ( $config->GetValue('appearance','obfuscate_password_display') || is_null( get_enc_type( $old_values[ $attr ] ) ) ) )
+ && obfuscate_password_display( get_enc_type( $old_values[ $attr ] ) ) )
echo preg_replace( '/./', '*', $old_values[ $attr ] ) . "<br />";
@@ -174,9 +174,9 @@
}
}
- elseif( $new_val != '' )
+ elseif( $new_val != '' )
if( 0 == strcasecmp( $attr, 'userPassword' ) &&
- ( $config->GetValue('appearance','obfuscate_password_display') || is_null( get_enc_type( $new_values[ $attr ] ) ) ) )
+ obfuscate_password_display( get_enc_type( $new_values[ $attr ] ) ) )
echo preg_replace( '/./', '*', $new_val ) . "<br />";
phpldapadmin-0.9.7-session_opt_secret.patch:
--- NEW FILE phpldapadmin-0.9.7-session_opt_secret.patch ---
diff -Nrbu phpldapadmin-0.9.7/functions.php phpldapadmin-0.9.7-OK/functions.php
--- phpldapadmin-0.9.7/functions.php 2005-09-25 20:11:44.000000000 +0400
+++ phpldapadmin-0.9.7-OK/functions.php 2005-09-26 17:50:07.000000000 +0400
@@ -386,8 +386,13 @@
$password = '0';
}
+ if( no_blowfish_secret() ) {
+ $_SESSION[ $sess_var_dn_name ] = $dn;
+ $_SESSION[ $sess_var_pass_name ] = $password;
+ } else {
$_SESSION[ $sess_var_dn_name ] = pla_blowfish_encrypt( $dn );
$_SESSION[ $sess_var_pass_name ] = pla_blowfish_encrypt ( $password );
+ }
return true;
break;
default:
@@ -1385,6 +1390,8 @@
if( $pass == '0' )
return null;
+ else if( no_blowfish_secret() )
+ return $pass;
else
return pla_blowfish_decrypt ( $pass );
break;
@@ -1434,9 +1441,12 @@
case 'session':
$session_var_name = sprintf('pla_login_dn_%s',$ldapserver->server_id);
- if (isset($_SESSION[$session_var_name]))
- $return = pla_blowfish_decrypt($_SESSION[$session_var_name]);
+ if (isset($_SESSION[$session_var_name])) {
+ if (no_blowfish_secret() )
+ $return = $_SESSION[$session_var_name];
else
+ $return = pla_blowfish_decrypt($_SESSION[$session_var_name]);
+ } else
$return = false;
break;
@@ -3629,6 +3639,17 @@
return $return;
}
+function no_blowfish_secret() {
+ global $config;
+
+ $return = $config->GetValue('session','blowfish');
+
+ if (! trim($return))
+ return true;
+
+ return false;
+}
+
/**
* Encryption using blowfish algorithm
*
--- NEW FILE phpldapadmin-strip-debug.sh ---
#!/bin/sh
[ $# -lt 1 ] && exit 1
awk '{
if (cont) {
if ($0 ~ ";") {
sub ("^[^;]*;", "")
cont = 0
if ($0 ~ "^[ ]*$") next
} else
next
}
if ($0 ~ "debug_log[ ]*\\(.*;") {
sub ("debug_log[^;]*;", "")
if ($0 ~ "^[ ]*$") next
}
if ($0 ~ "debug_log[ ]*\\(.*") {
if ($0 ~ "function[ ]*debug_log") {
print $0
next
}
sub ("debug_log.*$", "")
cont = 1
if ($0 ~ "^[ ]*$") next
}
print $0
}' $1 >$1.tmp && mv -f $1.tmp $1
--- NEW FILE phpldapadmin.spec ---
Name: phpldapadmin
Summary: Web-based tool for managing LDAP servers
Version: 0.9.7
Release: 1
Group: Applications/Internet
License: GPL
URL: http://phpldapadmin.sourceforge.net
Source: http://dl.sourceforge.net/sourceforge/phpldapadmin/phpldapadmin-%{version}.tar.gz
Source1: phpldapadmin-strip-debug.sh
# cvs -d:pserver:anonymous at cvs.sourceforge.net:/cvsroot/phpldapadmin login
##Just type Enter as password
# cvs -z3 -d:pserver:anonymous at cvs.sourceforge.net:/cvsroot/phpldapadmin co -P phpldapadmin
# mv phpldapadmin phpldapadmin-YYYYMMDD
# tar -cvf - phpldapadmiin-YYYYMMDD | gzip -c -9 >phpldapadmin-YYYYMMDD.tar.gz
#
#Source: %{name}-%{cvs}.tar.gz
Patch1: phpldapadmin-0.9.7-namingcontexts.patch
Patch2: phpldapadmin-0.9.7-config.patch
Patch3: phpldapadmin-0.9.7-session_opt_secret.patch
Patch4: phpldapadmin-0.9.7-obfuscate.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildArch: noarch
Requires: httpd, php >= 4.1.0, php-ldap
%description
PhpLDAPadmin is a web-based LDAP client.
It provides easy, anywhere-accessible, multi-language administration
for your LDAP server. Its hierarchical tree-viewer and advanced search
functionality make it intuitive to browse and administer your LDAP directory.
Since it is a web application, this LDAP browser works on many platforms,
making your LDAP server easily manageable from any location.
PhpLDAPadmin is the perfect LDAP browser for the LDAP professional
and novice alike. Its user base consists mostly of LDAP administration
professionals.
Edit %{_sysconfdir}/%{name}/config.php to change default (localhost) LDAP server
location and other things. Edit %{_sysconfdir}/httpd/conf.d/%{name}.conf to allow
access by remote web-clients.
%prep
%setup -q -n %{name}-%{version}
cp config.php.example config.php
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%build
# remove all "debug_log()" calls
find . -name "*.php" -exec sh %{SOURCE1} {} \; -print
find . \( -name "*.orig" -o -name "*~" \) -print0 | xargs -0 rm -f
%install
rm -rf $RPM_BUILD_ROOT
install -d -m755 $RPM_BUILD_ROOT/%{_datadir}/%{name}
cp -a * $RPM_BUILD_ROOT/%{_datadir}/%{name}
pushd $RPM_BUILD_ROOT/%{_datadir}/%{name}
rm -rf doc/ INSTALL LICENSE VERSION .cvsignore
popd
install -d -m755 $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}
mv $RPM_BUILD_ROOT/%{_datadir}/%{name}/config.php \
$RPM_BUILD_ROOT/%{_sysconfdir}/%{name}
ln -s ../../../..%{_sysconfdir}/%{name}/config.php \
$RPM_BUILD_ROOT/%{_datadir}/%{name}/config.php
mv $RPM_BUILD_ROOT/%{_datadir}/%{name}/config.php.example \
$RPM_BUILD_ROOT/%{_sysconfdir}/%{name}
mv $RPM_BUILD_ROOT/%{_datadir}/%{name}/templates/template_config.php \
$RPM_BUILD_ROOT/%{_sysconfdir}/%{name}
ln -s ../../../..%{_sysconfdir}/%{name}/template_config.php \
$RPM_BUILD_ROOT/%{_datadir}/%{name}/templates/template_config.php
cat <<EOF >%{name}.conf
#
# %{summary}
#
Alias /%{name} %{_datadir}/%{name}
Alias /ldapadmin %{_datadir}/%{name}
<Directory %{_datadir}/%{name}>
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
</Directory>
EOF
install -d $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d
install -m644 %{name}.conf $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d
%clean
rm -rf $RPM_BUILD_ROOT
%post
if [ $1 -eq 1 ]; then
set @@@ `dd bs=128 count=1 </dev/urandom 2>/dev/null | md5sum`
sed -i -e "/session\['blowfish'\] = '';/ s/'';/'$2'; # Autogenerated for `uname -n`/" %{_sysconfdir}/%{name}/config.php
fi
%files
%defattr(-,root,root)
%config %dir %{_sysconfdir}/%{name}
%attr(640,root,apache) %config(noreplace) %{_sysconfdir}/%{name}/*.php
%attr(640,root,apache) %{_sysconfdir}/%{name}/*.example
%config(noreplace) %{_sysconfdir}/httpd/conf.d/*.conf
%{_datadir}/%{name}
%doc INSTALL LICENSE doc/CREDITS doc/ChangeLog
%changelog
* Tue Sep 27 2005 Dmitry Butskoy <Dmitry at Butskoy.name>
- accepted for Fedora Extras devel
(review by Aurelien Bompard <gauret at free.fr>)
* Mon Sep 26 2005 Dmitry Butskoy <Dmitry at Butskoy.name> - 0.9.7-1
- upgrade to final 0.9.7
- strip debug stuff completely. It gives essential speedup of work.
- Blowfish encryption is considered optional for "session" auth type.
Add patch to allow user to disable it for performance reason
(just specifying the empty key). It was a default behaviour in
previous versions of phpldapadmin.
- add "obfuscate" patch to better handle show_clear_password feature.
- initial install allow connects from localhost only (security reasons).
* Tue Sep 20 2005 Dmitry Butskoy <Dmitry at Butskoy.name> - 0.9.7-0.3.rc3
- upgrade to 0.9.7-rc3
- add post script to generate blowfish secret on initial installations.
* Thu Sep 15 2005 Dmitry Butskoy <Dmitry at Butskoy.name> - 0.9.7-0.2.rc2
- upgrade to 0.9.7-rc2, cvs snapshot no more needed.
* Tue Sep 13 2005 Dmitry Butskoy <Dmitry at Butskoy.name> - 0.9.7-0.1.20050912
- initial release. CVS snapshot is one week later than 0.9.7-rc1 release.
- add namingcontexts patch and config patch
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/phpldapadmin/devel/.cvsignore,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- .cvsignore 26 Sep 2005 21:50:14 -0000 1.1
+++ .cvsignore 26 Sep 2005 21:52:07 -0000 1.2
@@ -0,0 +1 @@
+phpldapadmin-0.9.7.tar.gz
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/phpldapadmin/devel/sources,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- sources 26 Sep 2005 21:50:14 -0000 1.1
+++ sources 26 Sep 2005 21:52:07 -0000 1.2
@@ -0,0 +1 @@
+a9a6f8dd289210a3d732552d38eb2d25 phpldapadmin-0.9.7.tar.gz
More information about the fedora-extras-commits
mailing list