Merge branch 'master' into tova
commit
9d5c9ce258
|
@ -245,11 +245,11 @@ sub prune ($) { #{{{
|
||||||
} #}}}
|
} #}}}
|
||||||
|
|
||||||
sub refresh () { #{{{
|
sub refresh () { #{{{
|
||||||
# security check, avoid following symlinks in the srcdir path
|
# security check, avoid following symlinks in the srcdir path by default
|
||||||
my $test=$config{srcdir};
|
my $test=$config{srcdir};
|
||||||
while (length $test) {
|
while (length $test) {
|
||||||
if (-l $test) {
|
if (-l $test && ! $config{allow_symlinks_before_srcdir}) {
|
||||||
error("symlink found in srcdir path ($test)");
|
error("symlink found in srcdir path ($test) -- set allow_symlinks_before_srcdir to allow this");
|
||||||
}
|
}
|
||||||
unless ($test=~s/\/+$//) {
|
unless ($test=~s/\/+$//) {
|
||||||
$test=dirname($test);
|
$test=dirname($test);
|
||||||
|
|
|
@ -4,14 +4,14 @@ package IkiWiki;
|
||||||
|
|
||||||
use warnings;
|
use warnings;
|
||||||
use strict;
|
use strict;
|
||||||
use Cwd q{abs_path};
|
use File::Spec;
|
||||||
use Data::Dumper;
|
use Data::Dumper;
|
||||||
use IkiWiki;
|
use IkiWiki;
|
||||||
|
|
||||||
sub gen_wrapper () { #{{{
|
sub gen_wrapper () { #{{{
|
||||||
$config{srcdir}=abs_path($config{srcdir});
|
$config{srcdir}=File::Spec->rel2abs($config{srcdir});
|
||||||
$config{destdir}=abs_path($config{destdir});
|
$config{destdir}=File::Spec->rel2abs($config{destdir});
|
||||||
my $this=abs_path($0);
|
my $this=File::Spec->rel2abs($0);
|
||||||
if (! -x $this) {
|
if (! -x $this) {
|
||||||
error(sprintf(gettext("%s doesn't seem to be executable"), $this));
|
error(sprintf(gettext("%s doesn't seem to be executable"), $this));
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,6 +10,10 @@ ikiwiki (2.55) UNRELEASED; urgency=low
|
||||||
(Simon McVittie)
|
(Simon McVittie)
|
||||||
* Really fix bug with links to pages with names containing colons.
|
* Really fix bug with links to pages with names containing colons.
|
||||||
Previous fix mised a few cases.
|
Previous fix mised a few cases.
|
||||||
|
* Avoid troublesome abs_path calls in wrapper setup.
|
||||||
|
* Add allow_symlinks_before_srcdir config setting that can be used to avoid
|
||||||
|
a security check that is a good safe default, but problimatic overkill in
|
||||||
|
some situations.
|
||||||
|
|
||||||
-- Joey Hess <joeyh@debian.org> Mon, 21 Jul 2008 11:35:46 -0400
|
-- Joey Hess <joeyh@debian.org> Mon, 21 Jul 2008 11:35:46 -0400
|
||||||
|
|
||||||
|
|
|
@ -80,6 +80,8 @@ Is there a huge objection to this patch?
|
||||||
> the `srcdir`.
|
> the `srcdir`.
|
||||||
> --[[Joey]]
|
> --[[Joey]]
|
||||||
|
|
||||||
|
>> Slightly modified version of patch applied. --[[Joey]]
|
||||||
|
|
||||||
>> Ok, I'll try to get it cleaned up and documented.
|
>> Ok, I'll try to get it cleaned up and documented.
|
||||||
|
|
||||||
There is a second location where this can be an issue. That is in the
|
There is a second location where this can be an issue. That is in the
|
||||||
|
@ -132,6 +134,6 @@ like this being accepted before I bothered.
|
||||||
>> hrm. I might see if <code> File::Spec->rel2abs( $path ) ; </code> will give absolute an path without expanding symlinks.
|
>> hrm. I might see if <code> File::Spec->rel2abs( $path ) ; </code> will give absolute an path without expanding symlinks.
|
||||||
>>> Patch using rel2abs() works well - it no longer expands symlinks.
|
>>> Patch using rel2abs() works well - it no longer expands symlinks.
|
||||||
|
|
||||||
> I suppose you could do the same thing with `$this`, but it does not sound
|
>>>> That patch is applied now. --[[Joey]]
|
||||||
> like it has caused you problems anyway.
|
|
||||||
> --[[Joey]]
|
[[tag done]]
|
|
@ -20,3 +20,10 @@ I think things could be improved if a clear decision was made here. Most of the
|
||||||
svnpath => "trunk", #default
|
svnpath => "trunk", #default
|
||||||
|
|
||||||
What do others think?
|
What do others think?
|
||||||
|
|
||||||
|
> I agree, and I'll take a patch.
|
||||||
|
>
|
||||||
|
> I may not work on it myself, since I have some
|
||||||
|
> [[interesting_ideas|online_configuration]] that would let ikiwiki
|
||||||
|
> generate a setup file for you, rather than having to keep maintain the
|
||||||
|
> current example. --[[Joey]]
|
||||||
|
|
|
@ -14,6 +14,13 @@ follows) ?
|
||||||
|
|
||||||
--[[/users/bbb]]
|
--[[/users/bbb]]
|
||||||
|
|
||||||
|
> Inline here is ok; git-am by mail is ok; a git repo I can pull from also
|
||||||
|
> ok.
|
||||||
|
>
|
||||||
|
> This looks pretty acceptable as-is, but you need to put a copyright and
|
||||||
|
> license statement at the top. I have a few questions that I'll insert
|
||||||
|
> inline with the patch below. --[[Joey]]
|
||||||
|
|
||||||
------------------------------------------------------------------------------
|
------------------------------------------------------------------------------
|
||||||
diff --git a/IkiWiki/Plugin/cas.pm b/IkiWiki/Plugin/cas.pm
|
diff --git a/IkiWiki/Plugin/cas.pm b/IkiWiki/Plugin/cas.pm
|
||||||
new file mode 100644
|
new file mode 100644
|
||||||
|
@ -29,17 +36,31 @@ follows) ?
|
||||||
+use strict;
|
+use strict;
|
||||||
+use IkiWiki 2.00;
|
+use IkiWiki 2.00;
|
||||||
+use AuthCAS; # http://search.cpan.org/~osalaun/AuthCAS-1.3.1/
|
+use AuthCAS; # http://search.cpan.org/~osalaun/AuthCAS-1.3.1/
|
||||||
|
|
||||||
|
> In ikiwiki we generally deman-load perl modules only when they're used.
|
||||||
|
> This avoids loading expensive modules when the CGI isn't doing
|
||||||
|
> authentication. Can you do that with AuthCAS? Something like this before
|
||||||
|
> the use of it: `eval q{use AuthCAS}; error $@ if $@`
|
||||||
|
|
||||||
+
|
+
|
||||||
+sub import { #{{{
|
+sub import { #{{{
|
||||||
+ hook(type => "getopt", id => "cas", call => \&getopt);
|
+ hook(type => "getopt", id => "cas", call => \&getopt);
|
||||||
+ hook(type => "auth", id => "cas", call => \&auth);
|
+ hook(type => "auth", id => "cas", call => \&auth);
|
||||||
+ hook(type => "formbuilder_setup", id => "cas", call => \&formbuilder_setup);
|
+ hook(type => "formbuilder_setup", id => "cas", call => \&formbuilder_setup);
|
||||||
+} # }}}
|
+} # }}}
|
||||||
+
|
|
||||||
|
> Could you please use tabs for indentation of program flow?
|
||||||
|
|
||||||
+# FIXME: We should check_config to ensure that :
|
+# FIXME: We should check_config to ensure that :
|
||||||
+# * cas_url and ca_file are present
|
+# * cas_url and ca_file are present
|
||||||
|
|
||||||
|
> Please fix that..
|
||||||
|
|
||||||
+# * no other auth plugin are present (at least passwordauth and openid)
|
+# * no other auth plugin are present (at least passwordauth and openid)
|
||||||
+
|
|
||||||
|
> Why would you want to make other auth plugins not work? Could a site not
|
||||||
|
> legitimatly chose to use this and another auth method?
|
||||||
|
|
||||||
+sub getopt () { #{{{
|
+sub getopt () { #{{{
|
||||||
+ eval q{use Getopt::Long};
|
+ eval q{use Getopt::Long};
|
||||||
+ error($@) if $@;
|
+ error($@) if $@;
|
||||||
|
@ -130,13 +151,20 @@ follows) ?
|
||||||
+into the wiki.
|
+into the wiki.
|
||||||
+
|
+
|
||||||
+The plugin needs the [[!cpan AuthCAS-1.3.1]] perl module.
|
+The plugin needs the [[!cpan AuthCAS-1.3.1]] perl module.
|
||||||
|
|
||||||
|
> Does it really need that specific version? I think you should lose the
|
||||||
|
> version part.
|
||||||
|
|
||||||
+
|
+
|
||||||
+This plugin has two mandatory configuration option. You **must** set `--cas_url`
|
+This plugin has two mandatory configuration option. You **must** set `--cas_url`
|
||||||
+to the url of a server offering CAS 2.0 authentication. You must also set the
|
+to the url of a server offering CAS 2.0 authentication. You must also set the
|
||||||
+`--ca_file` to an absolute path to the file containing CA certificates used by
|
+`--ca_file` to an absolute path to the file containing CA certificates used by
|
||||||
+the server (generally, aka under Debian, fixing that value to
|
+the server (generally, aka under Debian, fixing that value to
|
||||||
+`/etc/ssl/certs/ca-certificates.crt` is sufficient).
|
+`/etc/ssl/certs/ca-certificates.crt` is sufficient).
|
||||||
+
|
|
||||||
|
> It would be good to add commented-out examples of these to
|
||||||
|
> [[ikiwiki.setup]] as well.
|
||||||
|
|
||||||
+This plugin is not enabled by default. It can not be used with other
|
+This plugin is not enabled by default. It can not be used with other
|
||||||
+authentication plugin, such as [[passwordauth]] or [[openid]].
|
+authentication plugin, such as [[passwordauth]] or [[openid]].
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue