diff options
author | http://schmonz.livejournal.com/ <http://schmonz.livejournal.com/@web> | 2009-04-14 23:42:53 -0400 |
---|---|---|
committer | Joey Hess <joey@kitenet.net> | 2009-04-14 23:42:53 -0400 |
commit | 5c0f69812103693a51391f82767b023b01bc1534 (patch) | |
tree | abafca7e5aa5d7fb8c7b705e5377f76541432f97 /doc/plugins | |
parent | 825366a007a1145b9487cb3cd7e0180c96709fd8 (diff) | |
download | ikiwiki-5c0f69812103693a51391f82767b023b01bc1534.tar ikiwiki-5c0f69812103693a51391f82767b023b01bc1534.tar.gz |
patching Wrapper.pm no longer necessary as of 2.67
Diffstat (limited to 'doc/plugins')
-rw-r--r-- | doc/plugins/contrib/unixauth.mdwn | 20 |
1 files changed, 2 insertions, 18 deletions
diff --git a/doc/plugins/contrib/unixauth.mdwn b/doc/plugins/contrib/unixauth.mdwn index 76a847744..6108ebfae 100644 --- a/doc/plugins/contrib/unixauth.mdwn +++ b/doc/plugins/contrib/unixauth.mdwn @@ -14,25 +14,9 @@ Config variables that affect the behavior of `unixauth`: __Security__: [As with passwordauth](/security/#index14h2), be wary of sending usernames and passwords in cleartext. Unlike passwordauth, sniffing `unixauth` credentials can get an attacker much further than mere wiki access. Therefore, this plugin defaults to not even _displaying_ the login form fields unless we're running under SSL. Nobody should be able to do anything remotely dumb until the admin has done at least a little thinking. After that, dumb things are always possible. ;-) -`unixauth` tests for the presence of the `HTTPS` environment variable. `Wrapper.pm` needs to be tweaked to pass it through; without that, the plugin fails closed. +`unixauth` needs the `HTTPS` environment variable, available in ikiwiki 2.67 or later (fixed in #[502047](http://bugs.debian.org/502047)), without which it fails closed. -[[!toggle id="diff" text="Wrapper.pm.diff"]] - -[[!toggleable id="diff" text=""" - - --- Wrapper.pm.orig 2008-07-29 00:09:10.000000000 -0400 - +++ Wrapper.pm - @@ -28,7 +28,7 @@ sub gen_wrapper () { - my @envsave; - push @envsave, qw{REMOTE_ADDR QUERY_STRING REQUEST_METHOD REQUEST_URI - CONTENT_TYPE CONTENT_LENGTH GATEWAY_INTERFACE - - HTTP_COOKIE REMOTE_USER} if $config{cgi}; - + HTTP_COOKIE REMOTE_USER HTTPS} if $config{cgi}; - my $envsave=""; - foreach my $var (@envsave) { - $envsave.=<<"EOF" - -"""]] +The plugin has not been tested with newer versions of ikiwiki. [[schmonz]] hopes to have time to polish this plugin soon. [[!toggle id="code" text="unixauth.pm"]] |