/[smecontribs]/rpms/smeserver-mediawiki/contribs7/smeserver-mediawiki-1.6.10-1.patch
ViewVC logotype

Annotation of /rpms/smeserver-mediawiki/contribs7/smeserver-mediawiki-1.6.10-1.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (hide annotations) (download)
Sat May 31 15:02:31 2008 UTC (16 years, 5 months ago) by ber_die
Branch: MAIN
CVS Tags: smeserver-mediawiki-1_6_10-9_el4_sme
PwAuth-function added, SME users can login with SME passwords

1 ber_die 1.1 --- smeserver-mediawiki-1.6.10/root/usr/share/doc/mediawiki-1.6.10/Sources/LocalSettings.php.1 2007-10-22 16:50:09.000000000 +0200
2     +++ smeserver-mediawiki-1.6.10/root/usr/share/doc/mediawiki-1.6.10/Sources/LocalSettings.php 2008-05-29 07:35:56.000000000 +0200
3     @@ -129,4 +129,16 @@
4     $configdate = gmdate( 'YmdHis', @filemtime( __FILE__ ) );
5     $wgCacheEpoch = max( $wgCacheEpoch, $configdate );
6    
7     +
8     +#!require_once("./extensions/PwAuthPlugin.php");
9     +#!$wgAuth = new PwAuthPlugin();
10     +
11     +#!$wgGroupPermissions['*']['createaccount'] = false;
12     +#!$wgGroupPermissions['*']['read'] = true;
13     +#!$wgGroupPermissions['*']['edit'] = false;
14     +#!$wgGroupPermissions['*']['createpage'] = false;
15     +#!$wgGroupPermissions['*']['createtalk'] = false;
16     +
17     +#!$wgShowIPinHeader = false; # For non-logged in users
18     +
19     ?>
20     \ Kein Zeilenumbruch am Dateiende.
21     --- smeserver-mediawiki-1.6.10/root/usr/share/doc/mediawiki-1.6.10/Sources/PwAuthPlugin.php.1 2008-05-28 22:32:33.000000000 +0200
22     +++ smeserver-mediawiki-1.6.10/root/usr/share/doc/mediawiki-1.6.10/Sources/PwAuthPlugin.php 2008-05-28 22:32:31.000000000 +0200
23     @@ -0,0 +1,309 @@
24     +<?php
25     +
26     +/**
27     + * Version 1.0
28     + *
29     + * Authentication Plugin for pwauth
30     + * Derived from AuthPlugin.php
31     + *
32     + * Much of the commenting comes straight from AuthPlugin.php
33     + *
34     + * Copyright 2006 Nicholas J. Humfrey
35     + * Released under the GNU General Public License
36     + *
37     + * pwauth is available from http://www.unixpapa.com/pwauth/
38     + *
39     + * LocalSettings configuration:
40     + * require_once("./extensions/PwAuthPlugin.php");
41     + * $wgAuth = new PwAuthPlugin();
42     + *
43     + *
44     + */
45     +
46     +require_once('AuthPlugin.php');
47     +
48     +
49     +$pwauth_email_domain = "";
50     +$pwauth_bin_path = "/usr/lib/httpd/modules/pwauth";
51     +
52     +
53     +error_reporting(E_ALL); // Debug
54     +
55     +
56     +// First check if class has already been defined.
57     +if (!class_exists('AuthPlugin')) {
58     +
59     + /**
60     + * Auth Plugin
61     + *
62     + */
63     + require_once './includes/AuthPlugin.php';
64     +
65     +} // End: if (!class_exists('AuthPlugin')) {
66     +
67     +
68     +
69     +
70     +class PwAuthPlugin extends AuthPlugin {
71     +
72     + /**
73     + * Check whether there exists a user account with the given name.
74     + * The name will be normalized to MediaWiki's requirements, so
75     + * you might need to munge it (for instance, for lowercase initial
76     + * letters).
77     + *
78     + * @param string $username
79     + * @return bool
80     + * @access public
81     + */
82     + function userExists( $username ) {
83     + $user = posix_getpwnam( strtolower($username) );
84     + return is_array($user);
85     + }
86     +
87     + /**
88     + * Check if a username+password pair is a valid login.
89     + * The name will be normalized to MediaWiki's requirements, so
90     + * you might need to munge it (for instance, for lowercase initial
91     + * letters).
92     + *
93     + * @param string $username
94     + * @param string $password
95     + * @return bool
96     + * @access public
97     + */
98     + function authenticate( $username, $password ) {
99     + global $pwauth_bin_path;
100     +
101     + $username = strtolower( $username );
102     +
103     + $handle = popen($pwauth_bin_path, 'w');
104     + if ($handle === FALSE) {
105     + error_log("Error opening pipe to pwauth");
106     + return false;
107     + }
108     +
109     + if (fwrite($handle, "$username\n$password\n") === FALSE) {
110     + error_log("Error writing to pwauth pipe");
111     + return false;
112     + }
113     +
114     + # Is the password valid?
115     + $result = pclose( $handle );
116     + if ($result==0) return TRUE;
117     +
118     + #0 - Login OK.
119     + #1 - Nonexistant login or (for some configurations) incorrect password.
120     + #2 - Incorrect password (for some configurations).
121     + #3 - Uid number is below MIN_UNIX_UID value configured in config.h.
122     + #4 - Login ID has expired.
123     + #5 - Login's password has expired.
124     + #6 - Logins to system have been turned off (usually by /etc/nologin file).
125     + #7 - Limit on number of bad logins exceeded.
126     + #50 - pwauth was not run with real uid SERVER_UID. If you get this
127     + # this error code, you probably have SERVER_UID set incorrectly
128     + # in pwauth's config.h file.
129     + #51 - pwauth was not given a login & password to check. The means
130     + # the passing of data from mod_auth_external to pwauth is messed
131     + # up. Most likely one is trying to pass data via environment
132     + # variables, while the other is trying to pass data via a pipe.
133     + #52 - one of several possible internal errors occured.
134     + error_log("pwauth returned $result for username $username");
135     +
136     + return false;
137     + }
138     +
139     + /**
140     + * Modify options in the login template.
141     + *
142     + * @param UserLoginTemplate $template
143     + * @access public
144     + */
145     + function modifyUITemplate( &$template ) {
146     + $template->set('usedomain', false );
147     + $template->set('useemail', false); // Disable the mail new password box.
148     + $template->set('create', false); // Remove option to create new accounts from the wiki.
149     + }
150     +
151     + /**
152     + * Check to see if the specific domain is a valid domain.
153     + *
154     + * @param string $domain
155     + * @return bool
156     + * @access public
157     + */
158     + function validDomain( $domain ) {
159     + # We ignore domains, so erm, yes?
160     + return true;
161     + }
162     +
163     + /**
164     + * When a user logs in, optionally fill in preferences and such.
165     + * For instance, you might pull the email address or real name from the
166     + * external user database.
167     + *
168     + * The User object is passed by reference so it can be modified; don't
169     + * forget the & on your function declaration.
170     + *
171     + * @param User $user
172     + * @access public
173     + */
174     + function updateUser( &$user ) {
175     + global $pwauth_email_domain;
176     +
177     + // Lookup information about user
178     + $username = strtolower( $user->getName() );
179     + $account = posix_getpwnam( $username );
180     + $gecos = split( ',', $account['gecos'] );
181     +
182     + // Set users real name
183     + $user->setRealName( $gecos[0] );
184     +
185     + // Set email if domain is configured
186     + if (!empty( $pwauth_email_domain ) ) {
187     + // Set the email address
188     + $user->setEmail( $username.'@'.$pwauth_email_domain );
189     +
190     + // We set the email address, therefore it is valid
191     + $user->confirmEmail();
192     + }
193     +
194     + // For security, scramble the password to ensure the user can
195     + // only login using system password.
196     + // This set the password to a 15 byte random string.
197     + $pass = '';
198     + for($i=0; $i<15;++$i) $pass .= chr(mt_rand(0,255));
199     + $user->setPassword($pass);
200     +
201     + return true;
202     + }
203     +
204     +
205     + /**
206     + * Return true if the wiki should create a new local account automatically
207     + * when asked to login a user who doesn't exist locally but does in the
208     + * external auth database.
209     + *
210     + * If you don't automatically create accounts, you must still create
211     + * accounts in some way. It's not possible to authenticate without
212     + * a local account.
213     + *
214     + * This is just a question, and shouldn't perform any actions.
215     + *
216     + * @return bool
217     + * @access public
218     + */
219     + function autoCreate() {
220     + return true;
221     + }
222     +
223     +
224     + /**
225     + * Can users change their passwords?
226     + *
227     + * @return bool
228     + */
229     + function allowPasswordChange() {
230     + # We can't change users system passwords
231     + return false;
232     + }
233     +
234     + /**
235     + * Set the given password in the authentication database.
236     + * Return true if successful.
237     + *
238     + * @param string $password
239     + * @return bool
240     + * @access public
241     + */
242     + function setPassword( $password ) {
243     + # We can't change users system passwords
244     + return false;
245     + }
246     +
247     + /**
248     + * Update user information in the external authentication database.
249     + * Return true if successful.
250     + *
251     + * @param User $user
252     + * @return bool
253     + * @access public
254     + */
255     + function updateExternalDB( $user ) {
256     + # We can't change users details
257     + return false;
258     + }
259     +
260     + /**
261     + * Check to see if external accounts can be created.
262     + * Return true if external accounts can be created.
263     + * @return bool
264     + * @access public
265     + */
266     + function canCreateAccounts() {
267     + # We can't create accounts
268     + return false;
269     + }
270     +
271     + /**
272     + * Add a user to the external authentication database.
273     + * Return true if successful.
274     + *
275     + * @param User $user
276     + * @param string $password
277     + * @return bool
278     + * @access public
279     + */
280     + function addUser( $user, $password ) {
281     + # We can't create accounts
282     + return false;
283     + }
284     +
285     +
286     + /**
287     + * Return true to prevent logins that don't authenticate here from being
288     + * checked against the local database's password fields.
289     + *
290     + * This is just a question, and shouldn't perform any actions.
291     + *
292     + * @return bool
293     + * @access public
294     + */
295     + function strict() {
296     + # Only allow authentication from system database
297     + return true;
298     + }
299     +
300     + /**
301     + * When creating a user account, optionally fill in preferences and such.
302     + * For instance, you might pull the email address or real name from the
303     + * external user database.
304     + *
305     + * The User object is passed by reference so it can be modified; don't
306     + * forget the & on your function declaration.
307     + *
308     + * @param User $user
309     + * @access public
310     + */
311     + function initUser(&$user) {
312     + # We do everything in updateUser
313     + }
314     +
315     +}
316     +
317     +
318     +
319     +/**
320     + * Some extension information init
321     + */
322     +$wgExtensionCredits['other'][] = array(
323     + 'name' => 'PWAuthPlugin',
324     + 'version' => '1.0',
325     + 'author' => 'Nicholas Humfrey',
326     + 'description' => 'Automagic login with system accounts, using pwauth',
327     + 'url' => 'http://www.mediawiki.org/wiki/Extension:PwAuthPlugin'
328     +);
329     +
330     +
331     +
332     +?>
333     --- smeserver-mediawiki-1.6.10/root/usr/share/doc/mediawiki-1.6.10/Sources/DO_NOT_USE_OR_DELETE/MW-Full-Uninstall.sh.1 2007-11-08 10:39:10.000000000 +0100
334     +++ smeserver-mediawiki-1.6.10/root/usr/share/doc/mediawiki-1.6.10/Sources/DO_NOT_USE_OR_DELETE/MW-Full-Uninstall.sh 2008-05-31 16:54:55.000000000 +0200
335     @@ -7,8 +7,9 @@
336     echo " - MediaWiki MySQL database"
337     echo " - MediaWiki MySQL User"
338     echo " - MediaWiki DB entries..."
339     +echo " - MediaWiki SME groups..."
340     echo " - All Install files"
341     -echo -n "ARE YOU SURE YOU WANT TO DELETE PERMANENTLY EGROUPWARE? (y/n) [n] "
342     +echo -n "ARE YOU SURE YOU WANT TO DELETE PERMANENTLY MEDIAWIKI? (y/n) [n] "
343     read del
344     if [ "$del" = "y" -o "$del" = "Y" ]; then
345     echo "Deleting MySQL database..."
346     @@ -18,6 +19,15 @@
347     mysql -u root -e "DROP USER mediawikiuser@localhost;"
348     echo "Removing SME DB entries..."
349     /sbin/e-smith/config delete mediawiki
350     + echo "Removing SME group entries..."
351     +# /sbin/e-smith/db accounts set mw_read deleted
352     +# /sbin/e-smith/db accounts set mw_edit deleted
353     +# /sbin/e-smith/db accounts set mw_createpage deleted
354     +# /sbin/e-smith/db accounts set mw_createtalk deleted
355     +# /sbin/e-smith/signal-event group-delete mw_read
356     +# /sbin/e-smith/signal-event group-delete mw_edit
357     +# /sbin/e-smith/signal-event group-delete mw_createpage
358     +# /sbin/e-smith/signal-event group-delete mw_createtalk
359     echo "Removing Install files..."
360     rm -rf /opt/mediawiki
361     echo "Done!"
362     --- smeserver-mediawiki-1.6.10/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95mediawiki.1 2007-11-09 09:12:26.000000000 +0100
363     +++ smeserver-mediawiki-1.6.10/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95mediawiki 2008-05-31 12:47:31.000000000 +0200
364     @@ -22,6 +22,7 @@
365     my $mwiki = $mediawiki{'PublicAccess'} || "local";
366     if ($mwiki eq "local")
367     {
368     + $OUT .= " deny from all\n";
369     $OUT .= " allow from $localAccess";
370     } else {
371     $OUT .= " allow from all";
372     @@ -37,6 +38,7 @@
373     my $mwiki = $mediawiki{'PublicAccess'} || "local";
374     if ($mwiki eq "local")
375     {
376     + $OUT .= " deny from all\n";
377     $OUT .= " allow from $localAccess";
378     } else {
379     $OUT .= " allow from all";
380     @@ -50,6 +52,7 @@
381     my $mwiki = $mediawiki{'PublicAccess'} || "local";
382     if ($mwiki eq "local")
383     {
384     + $OUT .= " deny from all\n";
385     $OUT .= " allow from $localAccess";
386     } else {
387     $OUT .= " allow from all";
388     @@ -63,6 +66,7 @@
389     my $mwiki = $mediawiki{'PublicAccess'} || "local";
390     if ($mwiki eq "local")
391     {
392     + $OUT .= " deny from all\n";
393     $OUT .= " allow from $localAccess";
394     } else {
395     $OUT .= " allow from all";
396     @@ -76,6 +80,7 @@
397     my $mwiki = $mediawiki{'PublicAccess'} || "local";
398     if ($mwiki eq "local")
399     {
400     + $OUT .= " deny from all\n";
401     $OUT .= " allow from $localAccess";
402     } else {
403     $OUT .= " allow from all";
404     @@ -89,6 +94,7 @@
405     my $mwiki = $mediawiki{'PublicAccess'} || "local";
406     if ($mwiki eq "local")
407     {
408     + $OUT .= " deny from all\n";
409     $OUT .= " allow from $localAccess";
410     } else {
411     $OUT .= " allow from all";
412     @@ -102,6 +108,7 @@
413     my $mwiki = $mediawiki{'PublicAccess'} || "local";
414     if ($mwiki eq "local")
415     {
416     + $OUT .= " deny from all\n";
417     $OUT .= " allow from $localAccess";
418     } else {
419     $OUT .= " allow from all";

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed