lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix ignore file integrity check on filefunc.inc.php for deb/rpm package

Browse Source
This commit is contained in:
Laurent Destailleur 2018-02-16 22:00:34 +01:00
parent b3e567c310
commit 9bed2ce8e2
9 changed files with 54 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
build/debian/patches/use-etc-dolibarr-conf.patch
View File

@ -9,6 +9,19 @@ Forwarded: not-needed
Last-Update: 2013-07-29
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- a/htdocs/filefunc.inc.php
+++ b/htdocs/filefunc.inc.php
@@ -63,8 +63,8 @@ $conffiletoshowshort = "conf.php";
$conffile = "conf/conf.php";
$conffiletoshow = "htdocs/conf/conf.php";
// For debian/redhat like systems
-//$conffile = "/etc/dolibarr/conf.php";
-//$conffiletoshow = "/etc/dolibarr/conf.php";
+$conffile = "/etc/dolibarr/conf.php";
+$conffiletoshow = "/etc/dolibarr/conf.php";
// Include configuration
--- a/htdocs/install/inc.php
+++ b/htdocs/install/inc.php
@@ -73,8 +73,8 @@ $conffiletoshowshort = "conf.php";

14
build/rpm/dolibarr-forrpm.patch
View File

@ -1,3 +1,17 @@
diff -up htdocs/filefunc.inc.php.patch htdocs/filefunc.inc.php
--- htdocs/filefunc.inc.php.patch 2011-09-03 02:32:48.666952000 +0200
+++ htdocs/filefunc.inc.php 2011-09-03 02:33:00.510952001 +0200
@@ -63,8 +63,8 @@
$conffile = "conf/conf.php";
$conffiletoshow = "htdocs/conf/conf.php";
// For debian/redhat like systems
-//$conffile = "/etc/dolibarr/conf.php";
-//$conffiletoshow = "/etc/dolibarr/conf.php";
+$conffile = "/etc/dolibarr/conf.php";
+$conffiletoshow = "/etc/dolibarr/conf.php";
// Include configuration
diff -up htdocs/install/inc.php.patch htdocs/install/inc.php
--- htdocs/install/inc.php.patch 2011-09-03 02:33:26.450952000 +0200
+++ htdocs/install/inc.php 2011-09-03 02:33:36.286952001 +0200

1
build/rpm/dolibarr_fedora.spec
View File

@ -215,6 +215,7 @@ done >>%{name}.lang
%_datadir/dolibarr/htdocs/webservices
%_datadir/dolibarr/htdocs/website
%_datadir/dolibarr/htdocs/*.ico
%_datadir/dolibarr/htdocs/*.patch
%_datadir/dolibarr/htdocs/*.php
%_datadir/dolibarr/htdocs/*.txt

1
build/rpm/dolibarr_generic.spec
View File

@ -295,6 +295,7 @@ done >>%{name}.lang
%_datadir/dolibarr/htdocs/webservices
%_datadir/dolibarr/htdocs/website
%_datadir/dolibarr/htdocs/*.ico
%_datadir/dolibarr/htdocs/*.patch
%_datadir/dolibarr/htdocs/*.php
%_datadir/dolibarr/htdocs/*.txt

1
build/rpm/dolibarr_mandriva.spec
View File

@ -212,6 +212,7 @@ done >>%{name}.lang
%_datadir/dolibarr/htdocs/webservices
%_datadir/dolibarr/htdocs/website
%_datadir/dolibarr/htdocs/*.ico
%_datadir/dolibarr/htdocs/*.patch
%_datadir/dolibarr/htdocs/*.php
%_datadir/dolibarr/htdocs/*.txt

1
build/rpm/dolibarr_opensuse.spec
View File

@ -223,6 +223,7 @@ done >>%{name}.lang
%_datadir/dolibarr/htdocs/webservices
%_datadir/dolibarr/htdocs/website
%_datadir/dolibarr/htdocs/*.ico
%_datadir/dolibarr/htdocs/*.patch
%_datadir/dolibarr/htdocs/*.php
%_datadir/dolibarr/htdocs/*.txt

2
htdocs/admin/system/dolibarr.php
View File

@ -49,7 +49,7 @@ $version='0.0';
if ($action == 'getlastversion')
{
$result = getURLContent('http://sourceforge.net/projects/dolibarr/rss');
$result = getURLContent('https://sourceforge.net/projects/dolibarr/rss');
//var_dump($result['content']);
$sfurl = simplexml_load_string($result['content']);
}

22
htdocs/core/lib/files.lib.php
View File

@ -2777,28 +2777,42 @@ function dol_readcachefile($directory, $filename)
*/
function getFilesUpdated(&$file_list, SimpleXMLElement $dir, $path = '', $pathref = '', &$checksumconcat = array())
{
global $conffile;
$exclude = 'install';
foreach ($dir->md5file as $file) // $file is a simpleXMLElement
{
$filename = $path.$file['name'];
$file_list['insignature'][] = $filename;
$expectedmd5 = (string) $file;
//if (preg_match('#'.$exclude.'#', $filename)) continue;
if (!file_exists($pathref.'/'.$filename))
{
$file_list['missing'][] = array('filename'=>$filename, 'expectedmd5'=>(string) $file);
$file_list['missing'][] = array('filename'=>$filename, 'expectedmd5'=>$expectedmd5);
}
else
{
$md5_local = md5_file($pathref.'/'.$filename);
if ($md5_local != (string) $file) $file_list['updated'][] = array('filename'=>$filename, 'expectedmd5'=>(string) $file, 'md5'=>(string) $md5_local);
$checksumconcat[] = $md5_local;
if ($conffile == '/etc/dolibarr/conf.php' && $filename == '/filefunc.inc.php') // For install with deb or rpm, we ignore test on filefunc.inc.php that was modified by package
{
$checksumconcat[] = $expectedmd5;
}
else
{
if ($md5_local != $expectedmd5) $file_list['updated'][] = array('filename'=>$filename, 'expectedmd5'=>$expectedmd5, 'md5'=>(string) $md5_local);
$checksumconcat[] = $md5_local;
}
}
}
foreach ($dir->dir as $subdir) getFilesUpdated($file_list, $subdir, $path.$subdir['name'].'/', $pathref, $checksumconcat);
foreach ($dir->dir as $subdir) // $subdir['name'] is '' or '/accountancy/admin' for example
{
getFilesUpdated($file_list, $subdir, $path.$subdir['name'].'/', $pathref, $checksumconcat);
}
return $file_list;
}

22
htdocs/filefunc.inc.php
View File

@ -62,30 +62,16 @@ $conffiletoshowshort = "conf.php";
$conffile = "conf/conf.php";
$conffiletoshow = "htdocs/conf/conf.php";
// For debian/redhat like systems
if (! file_exists($conffile))
{
$conffile = "/etc/dolibarr/conf.php";
$conffiletoshow = "/etc/dolibarr/conf.php";
}
//$conffile = "/etc/dolibarr/conf.php";
//$conffiletoshow = "/etc/dolibarr/conf.php";
// Include configuration
// --- End of part replaced by Dolibarr packager makepack-dolibarr
// Replace conf filename with "conf" parameter on url by GET
/* Disabled. This is a serious security hole
if (! empty($_GET['conf']))
{
$confname=basename($_GET['conf']);
setcookie('dolconf', $confname, 0, '/');
$conffile = 'conf/'.$confname.'.php';
} else {
$confname=basename(empty($_COOKIE['dolconf']) ? 'conf' : $_COOKIE['dolconf']);
$conffile = 'conf/'.$confname.'.php';
}
*/
// Include configuration
$result=@include_once $conffile; // Keep @ because with some error reporting this break the redirect
$result=@include_once $conffile; // Keep @ because with some error reporting this break the redirect done when file not found
if (! $result && ! empty($_SERVER["GATEWAY_INTERFACE"])) // If install not done and we are in a web session
{