port patches

2024-05-26 13:45:38 +02:00 · 2024-05-26 13:45:38 +02:00 · 7d885acd89
commit 7d885acd89
parent db06578537
6 changed files with 60 additions and 80 deletions
--- a/patches/0001-remove-IP-logging.patch
+++ b/patches/0001-remove-IP-logging.patch
@ -1,6 +1,6 @@
-From 624eaa7e48699566497bfe45e8e40ea3285f9cad Mon Sep 17 00:00:00 2001
+From 8b8a7c12ee3c9a87623effc46eb75c44438fe1ee Mon Sep 17 00:00:00 2001
 From: chris <cg@zknt.org>
-Date: Sat, 20 Apr 2024 16:19:49 +0200
+Date: Sun, 26 May 2024 13:42:01 +0200
 Subject: [PATCH 1/6] remove IP logging

 Replace unneeded logging of IPs and User-Agent strings with hashed data.
@ -18,56 +18,56 @@ Replace unneeded logging of IPs and User-Agent strings with hashed data.
 10 files changed, 24 insertions(+), 24 deletions(-)

 diff --git a/app/Http/Controllers/Api/ApiV1Dot1Controller.php b/app/Http/Controllers/Api/ApiV1Dot1Controller.php
-index 6d051866..7c2e0b9d 100644
+index 59fb1c93..9a124025 100644
 --- a/app/Http/Controllers/Api/ApiV1Dot1Controller.php
 +++ b/app/Http/Controllers/Api/ApiV1Dot1Controller.php
-@@ -285,8 +285,8 @@ class ApiV1Dot1Controller extends Controller
- 		$log->action = 'account.edit.password';
- 		$log->message = 'Password changed';
- 		$log->link = null;
-		$log->ip_address = $request->ip();
-		$log->user_agent = $request->userAgent();
-+		$log->ip_address = sha1($request->ip());
-+		$log->user_agent = sha1($request->userAgent());
- 		$log->save();
+@@ -283,8 +283,8 @@ class ApiV1Dot1Controller extends Controller
+         $log->action = 'account.edit.password';
+         $log->message = 'Password changed';
+         $log->link = null;
+-        $log->ip_address = $request->ip();
+-        $log->user_agent = $request->userAgent();
+        $log->ip_address = sha1($request->ip());
+        $log->user_agent = sha1($request->userAgent());
+         $log->save();
 
- 		Mail::to($request->user())->send(new PasswordChange($user));
-@@ -310,7 +310,7 @@ class ApiV1Dot1Controller extends Controller
- 			abort_if(BouncerService::checkIp($request->ip()), 404);
- 		}
- 		$agent = new Agent();
-		$currentIp = $request->ip();
-+		$currentIp = sha1($request->ip());
+         Mail::to($request->user())->send(new PasswordChange($user));
+@@ -308,7 +308,7 @@ class ApiV1Dot1Controller extends Controller
+             abort_if(BouncerService::checkIp($request->ip()), 404);
+         }
+         $agent = new Agent();
+-        $currentIp = $request->ip();
+        $currentIp = sha1($request->ip());
 
- 		$activity = AccountLog::whereUserId($user->id)
- 			->whereAction('auth.login')
+         $activity = AccountLog::whereUserId($user->id)
+             ->whereAction('auth.login')
@@ -487,7 +487,7 @@ class ApiV1Dot1Controller extends Controller
- 			abort_if(BouncerService::checkIp($request->ip()), 404);
- 		}
+             abort_if(BouncerService::checkIp($request->ip()), 404);
+         }
 
-		$rl = RateLimiter::attempt('pf:apiv1.1:iar:'.$request->ip(), config('pixelfed.app_registration_rate_limit_attempts', 3), function(){}, config('pixelfed.app_registration_rate_limit_decay', 1800));
-+		$rl = RateLimiter::attempt('pf:apiv1.1:iar:'.sha1($request->ip()), config('pixelfed.app_registration_rate_limit_attempts', 3), function(){}, config('pixelfed.app_registration_rate_limit_decay', 1800));
- 		abort_if(!$rl, 400, 'Too many requests');
+-        $rl = RateLimiter::attempt('pf:apiv1.1:iar:'.$request->ip(), config('pixelfed.app_registration_rate_limit_attempts', 3), function () {
+        $rl = RateLimiter::attempt('pf:apiv1.1:iar:'.sha1($request->ip()), config('pixelfed.app_registration_rate_limit_attempts', 3), function () {
+         }, config('pixelfed.app_registration_rate_limit_decay', 1800));
+         abort_if(! $rl, 400, 'Too many requests');
 
- 		$this->validate($request, [
-@@ -559,7 +559,7 @@ class ApiV1Dot1Controller extends Controller
- 		$user->email = $email;
- 		$user->password = Hash::make($password);
- 		$user->register_source = 'app';
-		$user->app_register_ip = $request->ip();
-+		$user->app_register_ip = sha1($request->ip());
- 		$user->app_register_token = Str::random(40);
- 		$user->save();
+@@ -560,7 +560,7 @@ class ApiV1Dot1Controller extends Controller
+         $user->email = $email;
+         $user->password = Hash::make($password);
+         $user->register_source = 'app';
+-        $user->app_register_ip = $request->ip();
+        $user->app_register_ip = sha1($request->ip());
+         $user->app_register_token = Str::random(40);
+         $user->save();
 
-@@ -616,7 +616,7 @@ class ApiV1Dot1Controller extends Controller
- 			abort_if(BouncerService::checkIp($request->ip()), 404);
- 		}
+@@ -618,7 +618,7 @@ class ApiV1Dot1Controller extends Controller
+             abort_if(BouncerService::checkIp($request->ip()), 404);
+         }
 
-		$rl = RateLimiter::attempt('pf:apiv1.1:iarc:'.$request->ip(), config('pixelfed.app_registration_confirm_rate_limit_attempts', 20), function(){}, config('pixelfed.app_registration_confirm_rate_limit_decay', 1800));
-+		$rl = RateLimiter::attempt('pf:apiv1.1:iarc:'.sha1($request->ip()), config('pixelfed.app_registration_confirm_rate_limit_attempts', 20), function(){}, config('pixelfed.app_registration_confirm_rate_limit_decay', 1800));
- 		abort_if(!$rl, 429, 'Too many requests');
+-        $rl = RateLimiter::attempt('pf:apiv1.1:iarc:'.$request->ip(), config('pixelfed.app_registration_confirm_rate_limit_attempts', 20), function () {
+        $rl = RateLimiter::attempt('pf:apiv1.1:iarc:'.sha1($request->ip()), config('pixelfed.app_registration_confirm_rate_limit_attempts', 20), function () {
+         }, config('pixelfed.app_registration_confirm_rate_limit_decay', 1800));
+         abort_if(! $rl, 429, 'Too many requests');
 
- 		$this->validate($request, [
 diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
 index 86ee52c8..3e6a9c4f 100644
 --- a/app/Http/Controllers/Auth/LoginController.php
@ -218,5 +218,5 @@ index c6ba3305..eff0cf71 100644
     }
 }
 -- 
-2.44.0
+2.45.0

--- a/patches/0002-hardcode-discovery-settings.patch
+++ b/patches/0002-hardcode-discovery-settings.patch
@ -1,6 +1,6 @@
-From d23c34e13c340d7181306edb85de456d3c3dc8fd Mon Sep 17 00:00:00 2001
+From bbedc315c31eab590f7a680e5f68277cfc540e9d Mon Sep 17 00:00:00 2001
 From: chris <cg@zknt.org>
-Date: Sat, 20 Apr 2024 16:20:10 +0200
+Date: Sun, 26 May 2024 13:42:23 +0200
 Subject: [PATCH 2/6] hardcode discovery settings

 force enable discovery (as dynamic settings are not saved properly)
@ -34,5 +34,5 @@ index c9e93eec..ffeb34b4 100644
             'server' => [
                 'enabled' => false,
 -- 
-2.44.0
+2.45.0

--- a/patches/0003-point-to-modified-sourcecode.patch
+++ b/patches/0003-point-to-modified-sourcecode.patch
@ -1,33 +1,13 @@
-From 507d1947f4a006edf3b0698ef63a7537be9bf739 Mon Sep 17 00:00:00 2001
+From 3561bc5f8fe01993aceeba2ced7266f4df5ceb90 Mon Sep 17 00:00:00 2001
 From: chris <cg@zknt.org>
-Date: Sat, 20 Apr 2024 16:20:26 +0200
+Date: Sun, 26 May 2024 13:42:41 +0200
 Subject: [PATCH 3/6] point to modified sourcecode

 as per AGPL license of original source, modifications must be disclosed.
 ---
- .gitattributes                            | 12 ------------
- resources/views/site/opensource.blade.php |  2 +-
- 2 files changed, 1 insertion(+), 13 deletions(-)
- delete mode 100644 .gitattributes
+ resources/views/site/opensource.blade.php | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)

-diff --git a/.gitattributes b/.gitattributes
-deleted file mode 100644
-index 25c1b1b6..00000000
--- a/.gitattributes
-+++ /dev/null
-@@ -1,12 +0,0 @@
-* text=auto
-*.css linguist-vendored
-*.scss linguist-vendored
-*.js linguist-vendored
-CHANGELOG.md export-ignore
-
-# Collapse diffs for generated files:
-public/**/*.js text -diff
-public/**/*.json text -diff
-public/**/*.css text -diff
-public/img/* binary -diff
-public/fonts/* binary -diff
 diff --git a/resources/views/site/opensource.blade.php b/resources/views/site/opensource.blade.php
 index cb2e7c77..63645f0c 100644
 --- a/resources/views/site/opensource.blade.php
@ -42,5 +22,5 @@ index cb2e7c77..63645f0c 100644
 @endsection
 
 -- 
-2.44.0
+2.45.0

--- a/patches/0004-disable-beagle-service.patch
+++ b/patches/0004-disable-beagle-service.patch
@ -1,6 +1,6 @@
-From ff60dcd7310d164900ab6d667a74e0514143eff2 Mon Sep 17 00:00:00 2001
+From ab63598acd2b29b19ed1a52380b6dae71b509ff3 Mon Sep 17 00:00:00 2001
 From: chris <cg@zknt.org>
-Date: Sat, 20 Apr 2024 16:20:41 +0200
+Date: Sun, 26 May 2024 13:43:19 +0200
 Subject: [PATCH 4/6] disable beagle service

 beagle is a remote API service provided by dansup and used for centralised lookups.
@ -58,5 +58,5 @@ index 60a4f78e..f8c9442c 100644
             try {
                 $res = Http::withOptions(['allow_redirects' => false])
 -- 
-2.44.0
+2.45.0

--- a/patches/0005-allow-30-char-usernames.patch
+++ b/patches/0005-allow-30-char-usernames.patch
@ -1,6 +1,6 @@
-From 069e9cbab95d94aa77e7fd6436896a5e3e60b068 Mon Sep 17 00:00:00 2001
+From a3c06f038fd3ff5602bbf0a4e59c614ff186c722 Mon Sep 17 00:00:00 2001
 From: chris <cg@zknt.org>
-Date: Sat, 20 Apr 2024 16:21:03 +0200
+Date: Sun, 26 May 2024 13:43:34 +0200
 Subject: [PATCH 5/6] allow 30 char usernames

 raise maximum username length, because why not?
@ -22,5 +22,5 @@ index 72c8b741..2c8a26b4 100644
 			function ($attribute, $value, $fail) {
 				$dash = substr_count($value, '-');
 -- 
-2.44.0
+2.45.0

--- a/patches/0006-Link-legal-notice.patch
+++ b/patches/0006-Link-legal-notice.patch
@ -1,6 +1,6 @@
-From a1c22f1f82437fe6d488154b7f520f58583193a0 Mon Sep 17 00:00:00 2001
+From 952b84c634d64f003c06aab3ed871c4dae580f79 Mon Sep 17 00:00:00 2001
 From: chris <cg@zknt.org>
-Date: Sat, 20 Apr 2024 16:22:37 +0200
+Date: Sun, 26 May 2024 13:43:52 +0200
 Subject: [PATCH 6/6] Link legal notice

 local jurisdiction requires a prominent link to a legal notice at the frontpage.
@ -48,5 +48,5 @@ index 5fb4e27d..6188d2f3 100644
         <p class="text-center text-muted small mb-0">
           <span class="text-muted">© {{date('Y')}} {{config('pixelfed.domain.app')}}</span>
 -- 
-2.44.0
+2.45.0