--- rpms/smeserver-gitweb/contribs8/smeserver-gitweb-1.1.0-remove_runtime_access_to_networks_db.patch	2016/06/10 07:19:52	1.1
+++ rpms/smeserver-gitweb/contribs8/smeserver-gitweb-1.1.0-remove_runtime_access_to_networks_db.patch	2016/06/10 15:25:57	1.2
@@ -111,29 +111,6 @@ diff -urN smeserver-gitweb-1.1.0.org/roo
      # Check if the REMOTE_ADDR is within the range of the 'private' address for this server
      my $remote_addr = NetAddr::IP->new( $ENV\{'REMOTE_ADDR'\} );
      if( $remote_addr->within( new NetAddr::IP @network_setting[1], @network_setting[2] ) ) \{
-@@ -105,18 +102,18 @@
- 
-     # For the remaining access from the internet, we need an authorised user
-     # that is allowed to either pull or push this repository.
--    
-+
-     # Check if we have:
-     # a) a user that is listed in the repository pull or push permissions
-     # b) valid credentials i.e password can be validated.
-     if( $ENV\{'HTTP_AUTHORIZATION'\} ) \{
-       my @http_authorisation = split(/ /, $ENV\{'HTTP_AUTHORIZATION'\} );
-       my @http_digest = split( /:/, decode_base64( @http_authorisation[1] ) );
--      
-+
-       # See who the effective users are for this repository. The AccountsDB needs
-       # to have world read permissions to allow this to work.
--      my $effective_pull_users = $git_db->effective_users_list_from( $properties\{'pull_groups'\},  
--                                                                     $properties\{'pull_users'\} ); 
-+      my $effective_pull_users = $git_db->effective_users_list_from( $properties\{'pull_groups'\},
-+                                                                     $properties\{'pull_users'\} );
-       if( @http_digest[0] ~~ $effective_pull_users ) \{
-         # USER IN AUTHORISED LIST -> CHECK PASSWORD
-         if( trypass( @http_digest[0], @http_digest[1] ) == 0 ) \{
 @@ -131,7 +128,7 @@
        return 0; # EXIT NO AUTHORISATION SUPPLIED -> DENY REPOSITORY VIEW
      \}