diff options
-rw-r--r-- | www-apps/mantisbt/ChangeLog | 10 | ||||
-rw-r--r-- | www-apps/mantisbt/Manifest | 6 | ||||
-rw-r--r-- | www-apps/mantisbt/files/mantisbt-1.1.4-r5687:5688.patch (renamed from www-apps/mantisbt/files/mantis-1.1.4-r5702.patch) | 101 | ||||
-rw-r--r-- | www-apps/mantisbt/mantisbt-1.1.4-r2.ebuild (renamed from www-apps/mantisbt/mantisbt-1.1.4-r1.ebuild) | 4 |
4 files changed, 96 insertions, 25 deletions
diff --git a/www-apps/mantisbt/ChangeLog b/www-apps/mantisbt/ChangeLog index 413b9edcfc48..f2158588fbe7 100644 --- a/www-apps/mantisbt/ChangeLog +++ b/www-apps/mantisbt/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for www-apps/mantisbt # Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v 1.71 2008/10/20 20:06:01 pva Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v 1.72 2008/10/24 08:56:15 pva Exp $ + +*mantisbt-1.1.4-r2 (24 Oct 2008) + + 24 Oct 2008; Peter Volkov <pva@gentoo.org> + +files/mantisbt-1.1.4-r5687:5688.patch, -files/mantis-1.1.4-r5702.patch, + -mantisbt-1.1.4-r1.ebuild, +mantisbt-1.1.4-r2.ebuild: + Further fixes from upstream, reset password should work now, bug #243360, + thank Marek Królikowski for report. *mantisbt-1.1.4-r1 (20 Oct 2008) diff --git a/www-apps/mantisbt/Manifest b/www-apps/mantisbt/Manifest index 056497d0a9a1..a9d1d44ae8a5 100644 --- a/www-apps/mantisbt/Manifest +++ b/www-apps/mantisbt/Manifest @@ -1,11 +1,11 @@ -AUX mantis-1.1.4-r5702.patch 5467 RMD160 06d6a0f3df1a81115ce297b343bcecfcdf0d3e3e SHA1 44acd6af6ec855ac7128aa1f8c98e18cec78f416 SHA256 5d2698e145b476095d6c9122119145c6473148c781aa67b72fb284b2bd4b4ea1 AUX mantisbt-1.1.2-svn-5369:5587.patch 13382 RMD160 03554fd4c6eba042f1d1253060ed36bb92b5bb91 SHA1 1a6ea33d529766bc8d6fc6e5de4b3f136c44b4c1 SHA256 ed3ccb362606177c73b8d04d62d2a3c5cf688c0ddb5f350d741e59dd57c1a030 AUX mantisbt-1.1.3-up-to-r5674.patch 2360 RMD160 0d8e21a81ba5da1611bc03cd6e1b752ce6199fb5 SHA1 59984531ad9424b81b165450e45409f564b64a5e SHA256 5db7457deb46ddc932a7f6515b96c966dca45d22a8ab2502577ad13c72a31387 +AUX mantisbt-1.1.4-r5687:5688.patch 7409 RMD160 f299f1743d76835b2ee29cd176e0aa22f876b1bd SHA1 30971f39add7fb97d64a5950b669d60e4bb2d481 SHA256 4227ff9e21c6a251481f543db1c013a401fe2d2b36b8cce9935ec0548c14cde4 AUX postinstall-en-1.0.0.txt 640 RMD160 1e0a077db936ab8c2a6bf06c9091d4b5194b0b9c SHA1 1fb4a3c4e32b7ddca4b37017e8c8101d8d0c83c7 SHA256 af60f6f6be915164f420f5e9ae04fa18d8bf85e73a9a59668ba4a6b7ba41900d DIST mantis-1.1.3.tar.gz 2584361 RMD160 458ec548a44aa3396ce1934f6126b6b96115c2a4 SHA1 65f674eec289fecbf6db79e25fd7bd99d887e87f SHA256 d55acd7274ed36330e218f6b470a51518b4699f288b1efcabe8371670c212e41 DIST mantis-1.1.4.tar.gz 2584719 RMD160 e67d3aa48e65498b7a75909a5976f21db9554d75 SHA1 7e64529508d3e35b98ae49c12b808998e669ef76 SHA256 1a691e720b1992723c4234c0c2a96babff2fa2d09ccd0524a87d3ee554250264 EBUILD mantisbt-1.1.3-r1.ebuild 1367 RMD160 b6a680f3d1c6e6c3cfade5ffc3881306f307f71a SHA1 d200d1d063fd1e9e8302f8c94969ef7c4699b8f5 SHA256 5df0c0917a869edd3a57dbe35e7da370057a1bc3e49234ad39b3b2e7d5b69f13 -EBUILD mantisbt-1.1.4-r1.ebuild 1371 RMD160 be4a52c6abe14c2a872f491e686ca55e1ffa0831 SHA1 08542aed5996849fd4fa866d038434b87d440e91 SHA256 9cff4e5298d53ff4ecb25c487027d0d141d452e2c8897217b674569f82841fcc +EBUILD mantisbt-1.1.4-r2.ebuild 1368 RMD160 f3889013c3862b546fbba1cd5c32500536dcfdf9 SHA1 3127bcef5886dcb81a9a04f9385535fc40c6349c SHA256 6afc954ee21b8c3a8db5f3c635d5e20f0b0f00cd48ee6c1b2198cc58788caa81 EBUILD mantisbt-1.1.4.ebuild 1322 RMD160 af574b629fcdeda4c42a9a8c3911a5dafa0faca1 SHA1 7253d24a864224deddf4116209f17eb603de472d SHA256 62002c23d433073442607395d33fb834019398b25c37aecfc9379281a862929b -MISC ChangeLog 10568 RMD160 608ed6a78ec6acb6c1187e94a25c1f101a57aa48 SHA1 b5121b2db44197d3d32e8663bcd756188964f795 SHA256 48e1fc128c5f585f3814cda8082e126ab34d34b59f56cea3476525c2436a07e2 +MISC ChangeLog 10894 RMD160 37108726ce346381464ce798f1958fa7afb26813 SHA1 e57cbe799f09c116051b31892fec6b87ad16679b SHA256 ff801e66dd1dd817a470649d051ae668cfc38ebf0db3184f16321ebd428fcd52 MISC metadata.xml 246 RMD160 7bde3c3aeda481e076adaab65b51a338aee24fb2 SHA1 9d36ce4b3731cd84f9451c529c737544dc63e66d SHA256 675aa3e54d27d05c15ac139906703b5f0886742fd1ce1468c964ad57ab51085b diff --git a/www-apps/mantisbt/files/mantis-1.1.4-r5702.patch b/www-apps/mantisbt/files/mantisbt-1.1.4-r5687:5688.patch index 8dd544a57cc6..eed4dad1a5e4 100644 --- a/www-apps/mantisbt/files/mantis-1.1.4-r5702.patch +++ b/www-apps/mantisbt/files/mantisbt-1.1.4-r5687:5688.patch @@ -1,9 +1,14 @@ Index: lang/strings_english.txt =================================================================== --- lang/strings_english.txt (revision 5688) -+++ lang/strings_english.txt (working copy) -@@ -301,6 +301,7 @@ - $MANTIS_ERROR[ERROR_SESSION_VAR_NOT_FOUND] = 'Session variable \'%s\' not found.'; ++++ lang/strings_english.txt (revision 5719) +@@ -298,9 +298,11 @@ + $MANTIS_ERROR[ERROR_TAG_ALREADY_ATTACHED] = 'That tag already attached to that bug.'; + $MANTIS_ERROR[ERROR_TOKEN_NOT_FOUND] = 'Token could not be found.'; + $MANTIS_ERROR[ERROR_SESSION_HANDLER_INVALID] = 'Invalid session handler.'; +-$MANTIS_ERROR[ERROR_SESSION_VAR_NOT_FOUND] = 'Session variable \'%s\' not found.'; ++$MANTIS_ERROR[ERROR_SESSION_VAR_NOT_FOUND] = 'Session variable "%s" not found.'; ++$MANTIS_ERROR[ERROR_SESSION_NOT_VALID] = 'Your session has become invalidated.'; $MANTIS_ERROR[ERROR_FORM_TOKEN_INVALID] = 'Invalid form security token. Did you submit the form twice by accident?'; $MANTIS_ERROR[ERROR_INVALID_REQUEST_METHOD] = 'This page cannot be accessed using this method.'; +$MANTIS_ERROR[ERROR_INVALID_SORT_FIELD] = 'Invalid sort field.'; @@ -13,7 +18,7 @@ Index: lang/strings_english.txt Index: account_page.php =================================================================== --- account_page.php (revision 5688) -+++ account_page.php (working copy) ++++ account_page.php (revision 5719) @@ -94,6 +94,9 @@ <div align="center"> <form method="post" action="account_update.php"> @@ -27,7 +32,7 @@ Index: account_page.php Index: core/utility_api.php =================================================================== --- core/utility_api.php (revision 5688) -+++ core/utility_api.php (working copy) ++++ core/utility_api.php (revision 5719) @@ -192,10 +192,20 @@ $t_factor = 1; } @@ -54,7 +59,7 @@ Index: core/utility_api.php Index: core/session_api.php =================================================================== --- core/session_api.php (revision 5688) -+++ core/session_api.php (working copy) ++++ core/session_api.php (revision 5719) @@ -48,7 +48,7 @@ * to PHP's session.* settings in 'php.ini'. */ @@ -76,9 +81,11 @@ Index: core/session_api.php session_start(); $this->id = session_id(); } -@@ -103,12 +108,12 @@ +@@ -102,13 +107,14 @@ + /** * Initialize the appropriate session handler. ++ * @param string Session ID */ -function session_init() { +function session_init( $p_session_id=null ) { @@ -91,7 +98,50 @@ Index: core/session_api.php break; case 'adodb': -@@ -190,4 +195,11 @@ +@@ -119,9 +125,42 @@ + trigger_error( ERROR_SESSION_HANDLER_INVALID, ERROR ); + break; + } ++ ++ session_validate( $g_session ); + } + + /** ++ * Validate the legitimacy of a session. ++ * Checks may include last-known IP address, or more. ++ * Triggers an error when the session is invalid. ++ * @param object Session object ++ */ ++function session_validate( $p_session ) { ++ $t_user_ip = ''; ++ if ( isset( $_SERVER['REMOTE_ADDR'] ) ) { ++ $t_user_ip = trim( $_SERVER['REMOTE_ADDR'] ); ++ } ++ ++ if ( is_null( $t_last_ip = $p_session->get( 'last_ip', null ) ) ) { ++ # First session usage ++ $p_session->set( 'last_ip', $t_user_ip ); ++ ++ } else { ++ # Check a continued session request ++ if ( $t_user_ip != $t_last_ip ) { ++ session_clean(); ++ ++ trigger_error( ERROR_SESSION_NOT_VALID, WARNING ); ++ ++ $t_url = config_get_global( 'path' ) . config_get_global( 'default_home_page' ); ++ echo "\t<meta http-equiv=\"Refresh\" content=\"4;URL=$t_url\" />\n"; ++ ++ die(); ++ } ++ } ++} ++ ++/** + * Get arbitrary data from the session. + * @param string Session variable name + * @param mixed Default value +@@ -190,4 +229,11 @@ ##### Initialize the session @@ -107,7 +157,7 @@ Index: core/session_api.php Index: core/constant_inc.php =================================================================== --- core/constant_inc.php (revision 5688) -+++ core/constant_inc.php (working copy) ++++ core/constant_inc.php (revision 5719) @@ -195,6 +195,7 @@ define( 'ERROR_HANDLER_ACCESS_TOO_LOW', 17 ); define( 'ERROR_PAGE_REDIRECTION', 18 ); @@ -116,22 +166,35 @@ Index: core/constant_inc.php # ERROR_CONFIG_* define( 'ERROR_CONFIG_OPT_NOT_FOUND', 100 ); +@@ -326,6 +327,7 @@ + # ERROR_SESSION_* + define ( 'ERROR_SESSION_HANDLER_INVALID', 2700); + define ( 'ERROR_SESSION_VAR_NOT_FOUND', 2701); ++ define ( 'ERROR_SESSION_NOT_VALID', 2702); + + # ERROR_FORM_* + define ( 'ERROR_FORM_TOKEN_INVALID', 2800 ); +@@ -422,4 +424,3 @@ + define( 'SPONSORSHIP_REQUESTED', 1 ); + define( 'SPONSORSHIP_PAID', 2 ); + +-?> Index: verify.php =================================================================== --- verify.php (revision 5688) -+++ verify.php (working copy) -@@ -42,6 +42,11 @@ ++++ verify.php (revision 5719) +@@ -40,6 +40,11 @@ + # force logout on the current user if already authenticated + if( auth_is_user_authenticated() ) { auth_logout(); ++ ++ # (Re)initialize session ++ session_regenerate_id(); ++ session_init(); ++ $g_session_pass_id = ON; } -+ # (Re)initialize session -+ session_regenerate_id() -+ session_init( session_id() ); -+ $g_session_pass_id = ON; -+ $t_calculated_confirm_hash = auth_generate_confirm_hash( $f_user_id ); - - if ( $f_confirm_hash != $t_calculated_confirm_hash ) { @@ -49,7 +54,6 @@ } @@ -149,7 +212,7 @@ Index: verify.php Index: core.php =================================================================== --- core.php (revision 5688) -+++ core.php (working copy) ++++ core.php (revision 5719) @@ -145,7 +145,7 @@ require_once( $t_core_path.'database_api.php' ); diff --git a/www-apps/mantisbt/mantisbt-1.1.4-r1.ebuild b/www-apps/mantisbt/mantisbt-1.1.4-r2.ebuild index fcc9a32c00b3..7b43f8a29eea 100644 --- a/www-apps/mantisbt/mantisbt-1.1.4-r1.ebuild +++ b/www-apps/mantisbt/mantisbt-1.1.4-r2.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2008 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/mantisbt-1.1.4-r1.ebuild,v 1.1 2008/10/20 20:06:01 pva Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/mantisbt-1.1.4-r2.ebuild,v 1.1 2008/10/24 08:56:15 pva Exp $ inherit eutils webapp depend.php @@ -31,7 +31,7 @@ src_unpack() { unpack ${A} cd "${S}" rm -r "${S}/core/adodb/" # We use external adodb - epatch "${FILESDIR}/mantis-1.1.4-r5702.patch" + epatch "${FILESDIR}/${P}-r5687:5688.patch" } src_install() { |