aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTBK <tbk@jjtc.eu>2019-05-31 15:58:42 +0200
committerKevin Daudt <kdaudt@alpinelinux.org>2019-06-02 21:11:00 +0000
commitf711231ca669f59173800dc3cad4f84fabe7d50c (patch)
tree96a86fc1200b079907adde313be136ff810cdee0
parent9f41f37ae319d064e9496729d9edfe73c6db2814 (diff)
downloadaports-f711231ca669f59173800dc3cad4f84fabe7d50c.tar.gz
aports-f711231ca669f59173800dc3cad4f84fabe7d50c.tar.bz2
aports-f711231ca669f59173800dc3cad4f84fabe7d50c.tar.xz
community/phpldapadmin: upgrade to 1.2.4
Closes GH-8326
-rw-r--r--community/phpldapadmin/APKBUILD37
-rw-r--r--community/phpldapadmin/CVE-2017-11107.patch31
-rw-r--r--community/phpldapadmin/php72-db8a98c7a5ae6352018e2a2673e3d24df03f3e48.patch40
-rw-r--r--community/phpldapadmin/phpldapadmin-1.2.3-force-ssha512.patch11
-rw-r--r--community/phpldapadmin/phpldapadmin-1.2.3_changed-password_hash-to-pla_password_hash.patch49
-rw-r--r--community/phpldapadmin/phpldapadmin-1.2.3_changed-preg_replace-to-preg_replace-callback.patch38
-rw-r--r--community/phpldapadmin/phpldapadmin-1.2.3_fixed-call-to-renamed-function-pla_password_hash.patch23
-rw-r--r--community/phpldapadmin/phpldapadmin-1.2.3_use-preg_replace_callback.patch34
8 files changed, 10 insertions, 253 deletions
diff --git a/community/phpldapadmin/APKBUILD b/community/phpldapadmin/APKBUILD
index a1291f6b65..3a96eaba39 100644
--- a/community/phpldapadmin/APKBUILD
+++ b/community/phpldapadmin/APKBUILD
@@ -1,12 +1,13 @@
# Maintainer: Leonardo Arena <rnalrd@alpinelinux.org>
_php=php7
pkgname=phpldapadmin
-pkgver=1.2.3
-pkgrel=5
+pkgver=1.2.4
+pkgrel=0
pkgdesc="Web front-end for managing OpenLDAP"
url="http://phpldapadmin.sourceforge.net"
arch="noarch"
-license="GPL-2.0"
+license="GPL-2.0-or-later"
+options="!check" # no test suite
depends="${_php} ${_php}-ldap
${_php}-gettext
${_php}-mbstring
@@ -15,41 +16,23 @@ depends="${_php} ${_php}-ldap
${_php}-session
${_php}-xml
"
-source="https://downloads.sourceforge.net/project/$pkgname/$pkgname-php5/$pkgver/$pkgname-$pkgver.tgz
+source="$pkgname-$pkgver.tar.gz::https://github.com/leenooks/phpLDAPadmin/archive/$pkgver.tar.gz
$pkgname.additional-template
- phpldapadmin-1.2.3-force-ssha512.patch
- phpldapadmin-1.2.3_changed-password_hash-to-pla_password_hash.patch
- phpldapadmin-1.2.3_fixed-call-to-renamed-function-pla_password_hash.patch
- phpldapadmin-1.2.3_changed-preg_replace-to-preg_replace-callback.patch
- phpldapadmin-1.2.3_use-preg_replace_callback.patch
- CVE-2017-11107.patch
- php72-db8a98c7a5ae6352018e2a2673e3d24df03f3e48.patch
"
-options="!check" # no test suite
+builddir="$srcdir"/phpLDAPadmin-$pkgver
# secfixes:
# 1.2.3-r4:
# - CVE-2017-11107
-
-builddir="$srcdir"/$pkgname-$pkgver
-
package() {
- cd "$builddir"
mkdir -p "$pkgdir"/usr/share/webapps/phpldapadmin
mkdir -p "$pkgdir"/etc
- mv * "$pkgdir"/usr/share/webapps/phpldapadmin
+ mv ./* "$pkgdir"/usr/share/webapps/phpldapadmin
mv "$pkgdir"/usr/share/webapps/phpldapadmin/config "$pkgdir"/etc/phpldapadmin
ln -s /etc/phpldapadmin "$pkgdir"/usr/share/webapps/phpldapadmin/config
install -Dm644 ../$pkgname.additional-template \
- "$pkgdir"/usr/share/webapps/phpldapadmin/templates/creation/groupOfNames.xml
+ "$pkgdir"/usr/share/webapps/phpldapadmin/templates/creation/groupOfNames.xml
}
-sha512sums="58a57ca577586685ebd0d7fde7e299b8945d1693018c7803e19239b79f4b9d72a4d207d53c9f284268e32398108038efafcdb434e634619bfe87db3524d267b6 phpldapadmin-1.2.3.tgz
-913cc89bfba3a24064865f091a3bcc6ec88db0824d750e8b3b1f6497b5ac1a1e158ced895f1f85f93607402e9353798b3dd4ccdbb1454713f96937c884456eb7 phpldapadmin.additional-template
-aecbf3699af4ae39426c6c81edd45a738cdd91f9cfc1e8062ade4b6fa11e7530a8d8b4c2730cd648749b87381dbcca1bbe8681b8e45ec7af50b6b74137f89331 phpldapadmin-1.2.3-force-ssha512.patch
-71a0bc987e526401c72b77b36843868099040654c3435e9c2f5b266a49a27b75b007fd949e9981bcd4b9a678f0edd74e988e66647984c882c57fe8dc99a26849 phpldapadmin-1.2.3_changed-password_hash-to-pla_password_hash.patch
-d238e27ed89e400f467ab8282a67920cd1e72e5f52709d086f6b31708960dc65acafc0fe683887ceff0b78b3aa9631e91e2c57f722d9f7e0f057e0f872ae73a2 phpldapadmin-1.2.3_fixed-call-to-renamed-function-pla_password_hash.patch
-0524112c7a3c591eaf4b3e64de26282a786a2c0fa73f1047084f14c4f9093cf31e1b9a36b7b1736d6c6ae89f9940916d42cbbab7081249abf1a963de588aac63 phpldapadmin-1.2.3_changed-preg_replace-to-preg_replace-callback.patch
-57e1d8d861f84f0934a2275d7ba37621c2c19c71bf2c04db918ccbc6df36eaca60986db2ba6b543356ad55eab8d7850267db1d30677d77c96238821c29b99ac9 phpldapadmin-1.2.3_use-preg_replace_callback.patch
-647e8924a302666ebae3090bcf61f82e3a82d19c232beabaf3faae43d0c434b12fb83a3d862fe6ce6a27b2b750c67974ac22e583d4897734f39e26733bdd2580 CVE-2017-11107.patch
-70662456026eabe8043b16798a6233b889a079de18ca52d541b20c672fd4af2b5893e36523afefdefce4d1e50f0ed21a7367aee98fd8ea15788a1b52b511f025 php72-db8a98c7a5ae6352018e2a2673e3d24df03f3e48.patch"
+sha512sums="68e70bef054d7c270958bfb0403e3de1af16092507eb8095e63062c774002031d4569751449551df264f3bc0d6d4062ff38d6f414ccd4002279e2f5e00b25c14 phpldapadmin-1.2.4.tar.gz
+913cc89bfba3a24064865f091a3bcc6ec88db0824d750e8b3b1f6497b5ac1a1e158ced895f1f85f93607402e9353798b3dd4ccdbb1454713f96937c884456eb7 phpldapadmin.additional-template"
diff --git a/community/phpldapadmin/CVE-2017-11107.patch b/community/phpldapadmin/CVE-2017-11107.patch
deleted file mode 100644
index f161d0e46a..0000000000
--- a/community/phpldapadmin/CVE-2017-11107.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-Description: Fix multiple Cross-Site Scripting vulnerabilities in file htdocs/entry_chooser.php.
-Author: Ismail Belkacim <xd4rker@gmail.com>
-Bug-Ubuntu: https://bugs.launchpad.net/bugs/1701731
----
-This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
-Index: phpldapadmin-1.2.2/htdocs/entry_chooser.php
-===================================================================
---- phpldapadmin-1.2.2.orig/htdocs/entry_chooser.php
-+++ phpldapadmin-1.2.2/htdocs/entry_chooser.php
-@@ -15,9 +15,9 @@ $www['page'] = new page();
-
- $request = array();
- $request['container'] = get_request('container','GET');
--$request['form'] = get_request('form','GET');
--$request['element'] = get_request('element','GET');
--$request['rdn'] = get_request('rdn','GET');
-+$request['form'] = htmlspecialchars(addslashes(get_request('form','GET')));
-+$request['element'] = htmlspecialchars(addslashes(get_request('element','GET')));
-+$request['rdn'] = htmlspecialchars(addslashes(get_request('rdn','GET')));
-
- echo '<div class="popup">';
- printf('<h3 class="subtitle">%s</h3>',_('Entry Chooser'));
-@@ -33,7 +33,7 @@ echo '</script>';
- echo '<table class="forminput" width="100%" border="0">';
- if ($request['container']) {
- printf('<tr><td class="heading" colspan="3">%s:</td><td>%s</td></tr>',_('Server'),$app['server']->getName());
-- printf('<tr><td class="heading" colspan="3">%s:</td><td>%s</td></tr>',_('Looking in'),$request['container']);
-+ printf('<tr><td class="heading" colspan="3">%s:</td><td>%s</td></tr>',_('Looking in'),htmlspecialchars($request['container']));
- echo '<tr><td class="blank" colspan="4">&nbsp;</td></tr>';
- }
-
diff --git a/community/phpldapadmin/php72-db8a98c7a5ae6352018e2a2673e3d24df03f3e48.patch b/community/phpldapadmin/php72-db8a98c7a5ae6352018e2a2673e3d24df03f3e48.patch
deleted file mode 100644
index d1bbf2f844..0000000000
--- a/community/phpldapadmin/php72-db8a98c7a5ae6352018e2a2673e3d24df03f3e48.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-diff --git a/lib/functions.php.orig b/lib/functions.php
-index 528c7cc..2ab9999 100644
---- a/lib/functions.php.orig
-+++ b/lib/functions.php
-@@ -51,7 +51,7 @@ if (file_exists(LIBDIR.'functions.custom.php'))
- /**
- * Loads class definition
- */
--function __autoload($className) {
-+spl_autoload_register(function($className) {
- if (file_exists(HOOKSDIR."classes/$className.php"))
- require_once(HOOKSDIR."classes/$className.php");
- elseif (file_exists(LIBDIR."$className.php"))
-@@ -64,7 +64,7 @@ function __autoload($className) {
- 'body'=>sprintf('%s: %s [%s]',
- __METHOD__,_('Called to load a class that cant be found'),$className),
- 'type'=>'error'));
--}
-+});
-
- /**
- * Strips all slashes from the specified array in place (pass by ref).
-@@ -1029,7 +1029,7 @@ function masort(&$data,$sortby,$rev=0) {
- $code .= " } else\n";
- $code .= " \$bb = \$b->$key;\n";
-
-- $code .= " if (\$aa != \$bb)";
-+ $code .= " if (\$aa != \$bb)\n";
- if ($rev)
- $code .= " return (\$aa < \$bb ? 1 : -1);\n";
- else
-@@ -1080,7 +1080,7 @@ function masort(&$data,$sortby,$rev=0) {
-
- $code .= 'return $c;';
-
-- $CACHE[$sortby] = create_function('$a, $b',$code);
-+ $CACHE[$sortby] = function($a, $b) { global $code; eval($code); };
- }
-
- uasort($data,$CACHE[$sortby]);
diff --git a/community/phpldapadmin/phpldapadmin-1.2.3-force-ssha512.patch b/community/phpldapadmin/phpldapadmin-1.2.3-force-ssha512.patch
deleted file mode 100644
index c69096e7fc..0000000000
--- a/community/phpldapadmin/phpldapadmin-1.2.3-force-ssha512.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/lib/functions.php
-+++ b/lib/functions.php
-@@ -2147,7 +2147,7 @@
- if ($_SESSION[APPCONFIG]->getValue('password', 'no_random_crypt_salt'))
- $new_value = sprintf('{CRYPT}%s',crypt($password_clear,substr($password_clear,0,2)));
- else
-- $new_value = sprintf('{CRYPT}%s',crypt($password_clear,random_salt(2)));
-+ $new_value = sprintf('{CRYPT}%s',crypt($password_clear,'$6$'.random_salt(2)));
-
- break;
-
diff --git a/community/phpldapadmin/phpldapadmin-1.2.3_changed-password_hash-to-pla_password_hash.patch b/community/phpldapadmin/phpldapadmin-1.2.3_changed-password_hash-to-pla_password_hash.patch
deleted file mode 100644
index 1408c13184..0000000000
--- a/community/phpldapadmin/phpldapadmin-1.2.3_changed-password_hash-to-pla_password_hash.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From e673df3ba8d690afbbba28f9ec368e475933efe8 Mon Sep 17 00:00:00 2001
-From: Mohamad Elrashidin Bin Sajeli <archayl@gmail.com>
-Date: Thu, 8 May 2014 20:22:30 +0800
-Subject: [PATCH] Changed password_hash to pla_password_hash
-
----
- lib/functions.php | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/lib/functions.php b/lib/functions.php
-index 56d8bf3..ad9ee9f 100644
---- a/lib/functions.php
-+++ b/lib/functions.php
-@@ -2127,7 +2127,7 @@ function password_types() {
- * crypt, ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, sha512, or clear.
- * @return string The hashed password.
- */
--function password_hash($password_clear,$enc_type) {
-+function pla_password_hash($password_clear,$enc_type) {
- if (DEBUG_ENABLED && (($fargs=func_get_args())||$fargs='NOARGS'))
- debug_log('Entered (%%)',1,0,__FILE__,__LINE__,__METHOD__,$fargs);
-
-@@ -2318,7 +2318,7 @@ function password_check($cryptedpassword,$plainpassword,$attribute='userpassword
-
- # SHA crypted passwords
- case 'sha':
-- if (strcasecmp(password_hash($plainpassword,'sha'),'{SHA}'.$cryptedpassword) == 0)
-+ if (strcasecmp(pla_password_hash($plainpassword,'sha'),'{SHA}'.$cryptedpassword) == 0)
- return true;
- else
- return false;
-@@ -2327,7 +2327,7 @@ function password_check($cryptedpassword,$plainpassword,$attribute='userpassword
-
- # MD5 crypted passwords
- case 'md5':
-- if( strcasecmp(password_hash($plainpassword,'md5'),'{MD5}'.$cryptedpassword) == 0)
-+ if( strcasecmp(pla_password_hash($plainpassword,'md5'),'{MD5}'.$cryptedpassword) == 0)
- return true;
- else
- return false;
-@@ -2392,7 +2392,7 @@ function password_check($cryptedpassword,$plainpassword,$attribute='userpassword
-
- # SHA512 crypted passwords
- case 'sha512':
-- if (strcasecmp(password_hash($plainpassword,'sha512'),'{SHA512}'.$cryptedpassword) == 0)
-+ if (strcasecmp(pla_password_hash($plainpassword,'sha512'),'{SHA512}'.$cryptedpassword) == 0)
- return true;
- else
- return false;
diff --git a/community/phpldapadmin/phpldapadmin-1.2.3_changed-preg_replace-to-preg_replace-callback.patch b/community/phpldapadmin/phpldapadmin-1.2.3_changed-preg_replace-to-preg_replace-callback.patch
deleted file mode 100644
index d2fa12a477..0000000000
--- a/community/phpldapadmin/phpldapadmin-1.2.3_changed-preg_replace-to-preg_replace-callback.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From b082cf1742b2310d69b2f278f33f6025e2544acb Mon Sep 17 00:00:00 2001
-From: Mohamad Elrashidin Bin Sajeli <archayl@gmail.com>
-Date: Thu, 8 May 2014 20:40:57 +0800
-Subject: [PATCH] Changed preg_replace to preg_replace callback
-
----
- lib/functions.php | 14 ++++++++++++--
- 1 file changed, 12 insertions(+), 2 deletions(-)
-
-diff --git a/lib/functions.php b/lib/functions.php
-index ad9ee9f..d31e0c1 100644
---- a/lib/functions.php
-+++ b/lib/functions.php
-@@ -2565,12 +2565,22 @@ function dn_unescape($dn) {
- $a = array();
-
- foreach ($dn as $key => $rdn)
-- $a[$key] = preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$rdn);
-+ $a[$key] = preg_replace_callback('/\\\([0-9A-Fa-f]{2})/',
-+ function ($r) {
-+ return "''.chr(hexdec('$r[1]')).''";
-+ },
-+ $rdn
-+ );
-
- return $a;
-
- } else {
-- return preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$dn);
-+ return preg_replace_callback('/\\\([0-9A-Fa-f]{2})/',
-+ function ($r) {
-+ return "''.chr(hexdec('$r[1]')).''";
-+ },
-+ $dn
-+ );
- }
- }
-
diff --git a/community/phpldapadmin/phpldapadmin-1.2.3_fixed-call-to-renamed-function-pla_password_hash.patch b/community/phpldapadmin/phpldapadmin-1.2.3_fixed-call-to-renamed-function-pla_password_hash.patch
deleted file mode 100644
index af9e73b481..0000000000
--- a/community/phpldapadmin/phpldapadmin-1.2.3_fixed-call-to-renamed-function-pla_password_hash.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-From c736ecd8c26b360e4764fbd3a472e2fa4b1b3db6 Mon Sep 17 00:00:00 2001
-From: Ivo van der Meer <ivo@crewtty.ath.cx>
-Date: Wed, 4 Jun 2014 10:48:06 +0200
-Subject: [PATCH] Bugfix: fixed call to renamed function pla_password_hash.
-
----
- lib/PageRender.php | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/lib/PageRender.php b/lib/PageRender.php
-index 7d86a54..6cc571e 100644
---- a/lib/PageRender.php
-+++ b/lib/PageRender.php
-@@ -287,7 +287,7 @@ protected function getPostAttribute($attribute,$i) {
- break;
-
- default:
-- $vals[$i] = password_hash($passwordvalue,$enc);
-+ $vals[$i] = pla_password_hash($passwordvalue,$enc);
- }
-
- $vals = array_unique($vals);
-
diff --git a/community/phpldapadmin/phpldapadmin-1.2.3_use-preg_replace_callback.patch b/community/phpldapadmin/phpldapadmin-1.2.3_use-preg_replace_callback.patch
deleted file mode 100644
index 60c086d197..0000000000
--- a/community/phpldapadmin/phpldapadmin-1.2.3_use-preg_replace_callback.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From 5a7edc892f1b3cccab74ed150f9d6843912a39ee Mon Sep 17 00:00:00 2001
-From: Ben Chavet <ben@chavet.net>
-Date: Thu, 29 May 2014 18:57:44 +0000
-Subject: [PATCH] Use preg_replace_callback instead of /e in preg_replace to
- fix E_DEPRECATED warnings
-
----
- lib/ds_ldap.php | 11 ++++++-----
- 1 file changed, 6 insertions(+), 5 deletions(-)
-
-diff --git a/lib/ds_ldap.php b/lib/ds_ldap.php
-index c346660..8bc1ef8 100644
---- a/lib/ds_ldap.php
-+++ b/lib/ds_ldap.php
-@@ -1116,13 +1116,14 @@ private function unescapeDN($dn) {
-
- if (is_array($dn)) {
- $a = array();
-- foreach ($dn as $key => $rdn)
-- $a[$key] = preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$rdn);
--
-+ foreach ($dn as $key => $rdn) {
-+ $a[$key] = preg_replace_callback('/\\\([0-9A-Fa-f]{2})/', function($m) { return "''.chr(hexdec('${m[1]}')).''"; }, $rdn);
-+ }
- return $a;
-
-- } else
-- return preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$dn);
-+ } else {
-+ return preg_replace_callback('/\\\([0-9A-Fa-f]{2})/', function($m) { return "''.chr(hexdec('${m[1]}')).''"; }, $dn);
-+ }
- }
-
- public function getRootDSE($method=null) {