/[smecontribs]/rpms/smeserver-mediawiki/contribs7/smeserver-mediawiki-1.6.10-1.patch
ViewVC logotype

Contents of /rpms/smeserver-mediawiki/contribs7/smeserver-mediawiki-1.6.10-1.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Sat May 31 15:02:31 2008 UTC (16 years, 5 months ago) by ber_die
Branch: MAIN
CVS Tags: smeserver-mediawiki-1_6_10-9_el4_sme
PwAuth-function added, SME users can login with SME passwords

1 --- smeserver-mediawiki-1.6.10/root/usr/share/doc/mediawiki-1.6.10/Sources/LocalSettings.php.1 2007-10-22 16:50:09.000000000 +0200
2 +++ smeserver-mediawiki-1.6.10/root/usr/share/doc/mediawiki-1.6.10/Sources/LocalSettings.php 2008-05-29 07:35:56.000000000 +0200
3 @@ -129,4 +129,16 @@
4 $configdate = gmdate( 'YmdHis', @filemtime( __FILE__ ) );
5 $wgCacheEpoch = max( $wgCacheEpoch, $configdate );
6
7 +
8 +#!require_once("./extensions/PwAuthPlugin.php");
9 +#!$wgAuth = new PwAuthPlugin();
10 +
11 +#!$wgGroupPermissions['*']['createaccount'] = false;
12 +#!$wgGroupPermissions['*']['read'] = true;
13 +#!$wgGroupPermissions['*']['edit'] = false;
14 +#!$wgGroupPermissions['*']['createpage'] = false;
15 +#!$wgGroupPermissions['*']['createtalk'] = false;
16 +
17 +#!$wgShowIPinHeader = false; # For non-logged in users
18 +
19 ?>
20 \ Kein Zeilenumbruch am Dateiende.
21 --- smeserver-mediawiki-1.6.10/root/usr/share/doc/mediawiki-1.6.10/Sources/PwAuthPlugin.php.1 2008-05-28 22:32:33.000000000 +0200
22 +++ smeserver-mediawiki-1.6.10/root/usr/share/doc/mediawiki-1.6.10/Sources/PwAuthPlugin.php 2008-05-28 22:32:31.000000000 +0200
23 @@ -0,0 +1,309 @@
24 +<?php
25 +
26 +/**
27 + * Version 1.0
28 + *
29 + * Authentication Plugin for pwauth
30 + * Derived from AuthPlugin.php
31 + *
32 + * Much of the commenting comes straight from AuthPlugin.php
33 + *
34 + * Copyright 2006 Nicholas J. Humfrey
35 + * Released under the GNU General Public License
36 + *
37 + * pwauth is available from http://www.unixpapa.com/pwauth/
38 + *
39 + * LocalSettings configuration:
40 + * require_once("./extensions/PwAuthPlugin.php");
41 + * $wgAuth = new PwAuthPlugin();
42 + *
43 + *
44 + */
45 +
46 +require_once('AuthPlugin.php');
47 +
48 +
49 +$pwauth_email_domain = "";
50 +$pwauth_bin_path = "/usr/lib/httpd/modules/pwauth";
51 +
52 +
53 +error_reporting(E_ALL); // Debug
54 +
55 +
56 +// First check if class has already been defined.
57 +if (!class_exists('AuthPlugin')) {
58 +
59 + /**
60 + * Auth Plugin
61 + *
62 + */
63 + require_once './includes/AuthPlugin.php';
64 +
65 +} // End: if (!class_exists('AuthPlugin')) {
66 +
67 +
68 +
69 +
70 +class PwAuthPlugin extends AuthPlugin {
71 +
72 + /**
73 + * Check whether there exists a user account with the given name.
74 + * The name will be normalized to MediaWiki's requirements, so
75 + * you might need to munge it (for instance, for lowercase initial
76 + * letters).
77 + *
78 + * @param string $username
79 + * @return bool
80 + * @access public
81 + */
82 + function userExists( $username ) {
83 + $user = posix_getpwnam( strtolower($username) );
84 + return is_array($user);
85 + }
86 +
87 + /**
88 + * Check if a username+password pair is a valid login.
89 + * The name will be normalized to MediaWiki's requirements, so
90 + * you might need to munge it (for instance, for lowercase initial
91 + * letters).
92 + *
93 + * @param string $username
94 + * @param string $password
95 + * @return bool
96 + * @access public
97 + */
98 + function authenticate( $username, $password ) {
99 + global $pwauth_bin_path;
100 +
101 + $username = strtolower( $username );
102 +
103 + $handle = popen($pwauth_bin_path, 'w');
104 + if ($handle === FALSE) {
105 + error_log("Error opening pipe to pwauth");
106 + return false;
107 + }
108 +
109 + if (fwrite($handle, "$username\n$password\n") === FALSE) {
110 + error_log("Error writing to pwauth pipe");
111 + return false;
112 + }
113 +
114 + # Is the password valid?
115 + $result = pclose( $handle );
116 + if ($result==0) return TRUE;
117 +
118 + #0 - Login OK.
119 + #1 - Nonexistant login or (for some configurations) incorrect password.
120 + #2 - Incorrect password (for some configurations).
121 + #3 - Uid number is below MIN_UNIX_UID value configured in config.h.
122 + #4 - Login ID has expired.
123 + #5 - Login's password has expired.
124 + #6 - Logins to system have been turned off (usually by /etc/nologin file).
125 + #7 - Limit on number of bad logins exceeded.
126 + #50 - pwauth was not run with real uid SERVER_UID. If you get this
127 + # this error code, you probably have SERVER_UID set incorrectly
128 + # in pwauth's config.h file.
129 + #51 - pwauth was not given a login & password to check. The means
130 + # the passing of data from mod_auth_external to pwauth is messed
131 + # up. Most likely one is trying to pass data via environment
132 + # variables, while the other is trying to pass data via a pipe.
133 + #52 - one of several possible internal errors occured.
134 + error_log("pwauth returned $result for username $username");
135 +
136 + return false;
137 + }
138 +
139 + /**
140 + * Modify options in the login template.
141 + *
142 + * @param UserLoginTemplate $template
143 + * @access public
144 + */
145 + function modifyUITemplate( &$template ) {
146 + $template->set('usedomain', false );
147 + $template->set('useemail', false); // Disable the mail new password box.
148 + $template->set('create', false); // Remove option to create new accounts from the wiki.
149 + }
150 +
151 + /**
152 + * Check to see if the specific domain is a valid domain.
153 + *
154 + * @param string $domain
155 + * @return bool
156 + * @access public
157 + */
158 + function validDomain( $domain ) {
159 + # We ignore domains, so erm, yes?
160 + return true;
161 + }
162 +
163 + /**
164 + * When a user logs in, optionally fill in preferences and such.
165 + * For instance, you might pull the email address or real name from the
166 + * external user database.
167 + *
168 + * The User object is passed by reference so it can be modified; don't
169 + * forget the & on your function declaration.
170 + *
171 + * @param User $user
172 + * @access public
173 + */
174 + function updateUser( &$user ) {
175 + global $pwauth_email_domain;
176 +
177 + // Lookup information about user
178 + $username = strtolower( $user->getName() );
179 + $account = posix_getpwnam( $username );
180 + $gecos = split( ',', $account['gecos'] );
181 +
182 + // Set users real name
183 + $user->setRealName( $gecos[0] );
184 +
185 + // Set email if domain is configured
186 + if (!empty( $pwauth_email_domain ) ) {
187 + // Set the email address
188 + $user->setEmail( $username.'@'.$pwauth_email_domain );
189 +
190 + // We set the email address, therefore it is valid
191 + $user->confirmEmail();
192 + }
193 +
194 + // For security, scramble the password to ensure the user can
195 + // only login using system password.
196 + // This set the password to a 15 byte random string.
197 + $pass = '';
198 + for($i=0; $i<15;++$i) $pass .= chr(mt_rand(0,255));
199 + $user->setPassword($pass);
200 +
201 + return true;
202 + }
203 +
204 +
205 + /**
206 + * Return true if the wiki should create a new local account automatically
207 + * when asked to login a user who doesn't exist locally but does in the
208 + * external auth database.
209 + *
210 + * If you don't automatically create accounts, you must still create
211 + * accounts in some way. It's not possible to authenticate without
212 + * a local account.
213 + *
214 + * This is just a question, and shouldn't perform any actions.
215 + *
216 + * @return bool
217 + * @access public
218 + */
219 + function autoCreate() {
220 + return true;
221 + }
222 +
223 +
224 + /**
225 + * Can users change their passwords?
226 + *
227 + * @return bool
228 + */
229 + function allowPasswordChange() {
230 + # We can't change users system passwords
231 + return false;
232 + }
233 +
234 + /**
235 + * Set the given password in the authentication database.
236 + * Return true if successful.
237 + *
238 + * @param string $password
239 + * @return bool
240 + * @access public
241 + */
242 + function setPassword( $password ) {
243 + # We can't change users system passwords
244 + return false;
245 + }
246 +
247 + /**
248 + * Update user information in the external authentication database.
249 + * Return true if successful.
250 + *
251 + * @param User $user
252 + * @return bool
253 + * @access public
254 + */
255 + function updateExternalDB( $user ) {
256 + # We can't change users details
257 + return false;
258 + }
259 +
260 + /**
261 + * Check to see if external accounts can be created.
262 + * Return true if external accounts can be created.
263 + * @return bool
264 + * @access public
265 + */
266 + function canCreateAccounts() {
267 + # We can't create accounts
268 + return false;
269 + }
270 +
271 + /**
272 + * Add a user to the external authentication database.
273 + * Return true if successful.
274 + *
275 + * @param User $user
276 + * @param string $password
277 + * @return bool
278 + * @access public
279 + */
280 + function addUser( $user, $password ) {
281 + # We can't create accounts
282 + return false;
283 + }
284 +
285 +
286 + /**
287 + * Return true to prevent logins that don't authenticate here from being
288 + * checked against the local database's password fields.
289 + *
290 + * This is just a question, and shouldn't perform any actions.
291 + *
292 + * @return bool
293 + * @access public
294 + */
295 + function strict() {
296 + # Only allow authentication from system database
297 + return true;
298 + }
299 +
300 + /**
301 + * When creating a user account, optionally fill in preferences and such.
302 + * For instance, you might pull the email address or real name from the
303 + * external user database.
304 + *
305 + * The User object is passed by reference so it can be modified; don't
306 + * forget the & on your function declaration.
307 + *
308 + * @param User $user
309 + * @access public
310 + */
311 + function initUser(&$user) {
312 + # We do everything in updateUser
313 + }
314 +
315 +}
316 +
317 +
318 +
319 +/**
320 + * Some extension information init
321 + */
322 +$wgExtensionCredits['other'][] = array(
323 + 'name' => 'PWAuthPlugin',
324 + 'version' => '1.0',
325 + 'author' => 'Nicholas Humfrey',
326 + 'description' => 'Automagic login with system accounts, using pwauth',
327 + 'url' => 'http://www.mediawiki.org/wiki/Extension:PwAuthPlugin'
328 +);
329 +
330 +
331 +
332 +?>
333 --- smeserver-mediawiki-1.6.10/root/usr/share/doc/mediawiki-1.6.10/Sources/DO_NOT_USE_OR_DELETE/MW-Full-Uninstall.sh.1 2007-11-08 10:39:10.000000000 +0100
334 +++ smeserver-mediawiki-1.6.10/root/usr/share/doc/mediawiki-1.6.10/Sources/DO_NOT_USE_OR_DELETE/MW-Full-Uninstall.sh 2008-05-31 16:54:55.000000000 +0200
335 @@ -7,8 +7,9 @@
336 echo " - MediaWiki MySQL database"
337 echo " - MediaWiki MySQL User"
338 echo " - MediaWiki DB entries..."
339 +echo " - MediaWiki SME groups..."
340 echo " - All Install files"
341 -echo -n "ARE YOU SURE YOU WANT TO DELETE PERMANENTLY EGROUPWARE? (y/n) [n] "
342 +echo -n "ARE YOU SURE YOU WANT TO DELETE PERMANENTLY MEDIAWIKI? (y/n) [n] "
343 read del
344 if [ "$del" = "y" -o "$del" = "Y" ]; then
345 echo "Deleting MySQL database..."
346 @@ -18,6 +19,15 @@
347 mysql -u root -e "DROP USER mediawikiuser@localhost;"
348 echo "Removing SME DB entries..."
349 /sbin/e-smith/config delete mediawiki
350 + echo "Removing SME group entries..."
351 +# /sbin/e-smith/db accounts set mw_read deleted
352 +# /sbin/e-smith/db accounts set mw_edit deleted
353 +# /sbin/e-smith/db accounts set mw_createpage deleted
354 +# /sbin/e-smith/db accounts set mw_createtalk deleted
355 +# /sbin/e-smith/signal-event group-delete mw_read
356 +# /sbin/e-smith/signal-event group-delete mw_edit
357 +# /sbin/e-smith/signal-event group-delete mw_createpage
358 +# /sbin/e-smith/signal-event group-delete mw_createtalk
359 echo "Removing Install files..."
360 rm -rf /opt/mediawiki
361 echo "Done!"
362 --- smeserver-mediawiki-1.6.10/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95mediawiki.1 2007-11-09 09:12:26.000000000 +0100
363 +++ smeserver-mediawiki-1.6.10/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95mediawiki 2008-05-31 12:47:31.000000000 +0200
364 @@ -22,6 +22,7 @@
365 my $mwiki = $mediawiki{'PublicAccess'} || "local";
366 if ($mwiki eq "local")
367 {
368 + $OUT .= " deny from all\n";
369 $OUT .= " allow from $localAccess";
370 } else {
371 $OUT .= " allow from all";
372 @@ -37,6 +38,7 @@
373 my $mwiki = $mediawiki{'PublicAccess'} || "local";
374 if ($mwiki eq "local")
375 {
376 + $OUT .= " deny from all\n";
377 $OUT .= " allow from $localAccess";
378 } else {
379 $OUT .= " allow from all";
380 @@ -50,6 +52,7 @@
381 my $mwiki = $mediawiki{'PublicAccess'} || "local";
382 if ($mwiki eq "local")
383 {
384 + $OUT .= " deny from all\n";
385 $OUT .= " allow from $localAccess";
386 } else {
387 $OUT .= " allow from all";
388 @@ -63,6 +66,7 @@
389 my $mwiki = $mediawiki{'PublicAccess'} || "local";
390 if ($mwiki eq "local")
391 {
392 + $OUT .= " deny from all\n";
393 $OUT .= " allow from $localAccess";
394 } else {
395 $OUT .= " allow from all";
396 @@ -76,6 +80,7 @@
397 my $mwiki = $mediawiki{'PublicAccess'} || "local";
398 if ($mwiki eq "local")
399 {
400 + $OUT .= " deny from all\n";
401 $OUT .= " allow from $localAccess";
402 } else {
403 $OUT .= " allow from all";
404 @@ -89,6 +94,7 @@
405 my $mwiki = $mediawiki{'PublicAccess'} || "local";
406 if ($mwiki eq "local")
407 {
408 + $OUT .= " deny from all\n";
409 $OUT .= " allow from $localAccess";
410 } else {
411 $OUT .= " allow from all";
412 @@ -102,6 +108,7 @@
413 my $mwiki = $mediawiki{'PublicAccess'} || "local";
414 if ($mwiki eq "local")
415 {
416 + $OUT .= " deny from all\n";
417 $OUT .= " allow from $localAccess";
418 } else {
419 $OUT .= " allow from all";

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed