head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.2.0.8
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2012Q4:1.2.0.6
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2011Q4:1.2.0.4
	pkgsrc-2011Q4-base:1.2
	pkgsrc-2011Q2:1.2.0.2
	pkgsrc-2011Q2-base:1.2
	pkgsrc-2009Q4:1.1.0.4
	pkgsrc-2009Q4-base:1.1
	pkgsrc-2009Q3:1.1.0.2;
locks; strict;
comment	@# @;


1.2
date	2010.02.17.14.43.39;	author taca;	state dead;
branches;
next	1.1;

1.1
date	2009.12.20.04.21.05;	author taca;	state Exp;
branches
	1.1.2.1;
next	;

1.1.2.1
date	2009.12.20.04.21.05;	author tron;	state dead;
branches;
next	1.1.2.2;

1.1.2.2
date	2009.12.20.09.41.38;	author tron;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Since TYPOlight 2.8.0 has released, it's time to remove typolight26
package now.
@
text
@$NetBSD: patch-ad,v 1.1 2009/12/20 04:21:05 taca Exp $

* Security fix:
	http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html

--- typolight/ftp.php.orig	2008-12-13 15:27:05.000000000 +0000
+++ typolight/ftp.php
@@@@ -88,6 +88,9 @@@@ class FtpCheck extends Controller
 		 */
 		if ($this->Input->post('FORM_SUBMIT') == 'tl_login')
 		{
+			$_SESSION['TL_INSTALL_AUTH'] = '';
+			$_SESSION['TL_INSTALL_EXPIRE'] = 0;
+
 			$password =  sha1($this->Input->post('password', true));
 
 			if (strlen($password) && $password != 'da39a3ee5e6b4b0d3255bfef95601890afd80709')
@@@@ -95,7 +98,10 @@@@ class FtpCheck extends Controller
 				// Set cookie
 				if ($password == $GLOBALS['TL_CONFIG']['installPassword'])
 				{
-					$this->setCookie('TL_INSTALL_AUTH', md5($this->Environment->ip.session_id()), (time()+300), $GLOBALS['TL_CONFIG']['websitePath']);
+					$_SESSION['TL_INSTALL_EXPIRE'] = (time() + 300);
+					$_SESSION['TL_INSTALL_AUTH'] = md5(uniqid('', true) . $this->Environment->ip . session_id());
+
+					$this->setCookie('TL_INSTALL_AUTH', $_SESSION['TL_INSTALL_AUTH'], $_SESSION['TL_INSTALL_EXPIRE'], $GLOBALS['TL_CONFIG']['websitePath']);
 					$this->Config->update("\$GLOBALS['TL_CONFIG']['installCount']", 0);
 
 					$this->reload();
@@@@ -109,14 +115,20 @@@@ class FtpCheck extends Controller
 		}
 
 		// Check cookie
-		if (!$this->Input->cookie('TL_INSTALL_AUTH'))
+		if (!$this->Input->cookie('TL_INSTALL_AUTH') || $_SESSION['TL_INSTALL_AUTH'] == '' || $this->Input->cookie('TL_INSTALL_AUTH') != $_SESSION['TL_INSTALL_AUTH'] || $_SESSION['TL_INSTALL_EXPIRE'] < time())
 		{
 			$this->Template->login = true;
 			$this->outputAndExit();
 		}
 
 		// Renew cookie
-		$this->setCookie('TL_INSTALL_AUTH', md5($this->Environment->ip.session_id()), (time()+300), $GLOBALS['TL_CONFIG']['websitePath']);
+		else
+		{
+			$_SESSION['TL_INSTALL_EXPIRE'] = (time() + 300);
+			$_SESSION['TL_INSTALL_AUTH'] = md5(uniqid('', true) . $this->Environment->ip . session_id());
+
+			$this->setCookie('TL_INSTALL_AUTH', $_SESSION['TL_INSTALL_AUTH'], $_SESSION['TL_INSTALL_EXPIRE'], $GLOBALS['TL_CONFIG']['websitePath']);
+		}
 
 
 		/**
@


1.1
log
@Add security fix patches, refering http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html.

Bump PKGREVISION.
@
text
@d1 1
a1 1
$NetBSD$
@


1.1.2.1
log
@file patch-ad was added on branch pkgsrc-2009Q3 on 2009-12-20 09:41:38 +0000
@
text
@d1 52
@


1.1.2.2
log
@Pullup ticket #2952 - requested by taca
typolight26: security update
typolight26-example: security update
typolight27: security update
typolight27-example: security update

Revisions pulled up:
- www/typolight/Makefile.common			1.14
- www/typolight26-example/Makefile		1.2
- www/typolight26-translations/Makefile		1.3
- www/typolight26/DEINSTALL			1.2
- www/typolight26/Makefile			1.3-1.5
- www/typolight26/distinfo			1.3
- www/typolight26/patches/patch-ad		1.1
- www/typolight26/patches/patch-ae		1.1
- www/typolight27-example/Makefile		1.2
- www/typolight27-translations/Makefile		1.33
- www/typolight27/DEINSTALL			1.2
- www/typolight27/Makefile			1.10-1.12
- www/typolight27/Makefile.version		1.8
- www/typolight27/distinfo			1.9
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Sun Nov 22 16:18:00 UTC 2009

Modified Files:
	pkgsrc/www/typolight: Makefile.common
	pkgsrc/www/typolight26: Makefile
	pkgsrc/www/typolight26-example: Makefile
	pkgsrc/www/typolight26-translations: Makefile
	pkgsrc/www/typolight27: Makefile
	pkgsrc/www/typolight27-example: Makefile
	pkgsrc/www/typolight27-translations: Makefile

Log Message:
Move LICENSE from typolight/Makefile.common to each Makefiles for
license change of forthcoming TYPOlihght 2.8(.RC1).
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Sun Nov 29 06:46:21 UTC 2009

Modified Files:
	pkgsrc/www/typolight26: DEINSTALL Makefile

Log Message:
o DEINSTALL: remove .htacces under plugins/tcpdf/cache.
o make plugins/tcpdf/cache writable to web server.

Bump PKGREVISION.
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Sun Nov 29 06:46:37 UTC 2009

Modified Files:
	pkgsrc/www/typolight27: DEINSTALL Makefile

Log Message:
o DEINSTALL: remove .htacces under plugins/tcpdf/cache.
o make plugins/tcpdf/cache writable to web server.

Bump PKGREVISION.
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Sun Dec 20 04:21:05 UTC 2009

Modified Files:
	pkgsrc/www/typolight26: Makefile distinfo
Added Files:
	pkgsrc/www/typolight26/patches: patch-ad patch-ae

Log Message:
Add security fix patches, refering http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html.

Bump PKGREVISION.
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Sun Dec 20 04:22:04 UTC 2009

Modified Files:
	pkgsrc/www/typolight27: Makefile Makefile.version distinfo

Log Message:
Update to TYPOlight 2.7.6.

Only security updates: http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html.
@
text
@a0 52
$NetBSD: patch-ad,v 1.1 2009/12/20 04:21:05 taca Exp $

* Security fix:
	http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html

--- typolight/ftp.php.orig	2008-12-13 15:27:05.000000000 +0000
+++ typolight/ftp.php
@@@@ -88,6 +88,9 @@@@ class FtpCheck extends Controller
 		 */
 		if ($this->Input->post('FORM_SUBMIT') == 'tl_login')
 		{
+			$_SESSION['TL_INSTALL_AUTH'] = '';
+			$_SESSION['TL_INSTALL_EXPIRE'] = 0;
+
 			$password =  sha1($this->Input->post('password', true));
 
 			if (strlen($password) && $password != 'da39a3ee5e6b4b0d3255bfef95601890afd80709')
@@@@ -95,7 +98,10 @@@@ class FtpCheck extends Controller
 				// Set cookie
 				if ($password == $GLOBALS['TL_CONFIG']['installPassword'])
 				{
-					$this->setCookie('TL_INSTALL_AUTH', md5($this->Environment->ip.session_id()), (time()+300), $GLOBALS['TL_CONFIG']['websitePath']);
+					$_SESSION['TL_INSTALL_EXPIRE'] = (time() + 300);
+					$_SESSION['TL_INSTALL_AUTH'] = md5(uniqid('', true) . $this->Environment->ip . session_id());
+
+					$this->setCookie('TL_INSTALL_AUTH', $_SESSION['TL_INSTALL_AUTH'], $_SESSION['TL_INSTALL_EXPIRE'], $GLOBALS['TL_CONFIG']['websitePath']);
 					$this->Config->update("\$GLOBALS['TL_CONFIG']['installCount']", 0);
 
 					$this->reload();
@@@@ -109,14 +115,20 @@@@ class FtpCheck extends Controller
 		}
 
 		// Check cookie
-		if (!$this->Input->cookie('TL_INSTALL_AUTH'))
+		if (!$this->Input->cookie('TL_INSTALL_AUTH') || $_SESSION['TL_INSTALL_AUTH'] == '' || $this->Input->cookie('TL_INSTALL_AUTH') != $_SESSION['TL_INSTALL_AUTH'] || $_SESSION['TL_INSTALL_EXPIRE'] < time())
 		{
 			$this->Template->login = true;
 			$this->outputAndExit();
 		}
 
 		// Renew cookie
-		$this->setCookie('TL_INSTALL_AUTH', md5($this->Environment->ip.session_id()), (time()+300), $GLOBALS['TL_CONFIG']['websitePath']);
+		else
+		{
+			$_SESSION['TL_INSTALL_EXPIRE'] = (time() + 300);
+			$_SESSION['TL_INSTALL_AUTH'] = md5(uniqid('', true) . $this->Environment->ip . session_id());
+
+			$this->setCookie('TL_INSTALL_AUTH', $_SESSION['TL_INSTALL_AUTH'], $_SESSION['TL_INSTALL_EXPIRE'], $GLOBALS['TL_CONFIG']['websitePath']);
+		}
 
 
 		/**
@