port patches

2025-01-06 23:08:06 +01:00 · 2025-01-06 23:08:06 +01:00 · 8549d5b8cc
commit 8549d5b8cc
parent b9c94ebc84
6 changed files with 38 additions and 38 deletions
--- a/patches/0001-remove-IP-logging.patch
+++ b/patches/0001-remove-IP-logging.patch
@ -1,6 +1,6 @@
-From 08a91732cd39a087c2471f63c108b172943d5dbb Mon Sep 17 00:00:00 2001
-From: chris <cg@zknt.org>
-Date: Mon, 18 Nov 2024 13:43:42 +0100
+From 617c05021d3d9de56eee9c5f5099a10899fde331 Mon Sep 17 00:00:00 2001
+From: chris <cg@ritona.int.zknt.org>
+Date: Mon, 6 Jan 2025 23:00:04 +0100
 Subject: [PATCH 1/6] remove IP logging

 Replace unneeded logging of IPs and User-Agent strings with hashed data.
@ -38,7 +38,7 @@ index 25c1b1b6..00000000
 -public/img/* binary -diff
 -public/fonts/* binary -diff
 diff --git a/app/Http/Controllers/Api/ApiV1Dot1Controller.php b/app/Http/Controllers/Api/ApiV1Dot1Controller.php
-index 38550e5f..79ed50fe 100644
+index 456f22da..72331447 100644
 --- a/app/Http/Controllers/Api/ApiV1Dot1Controller.php
 +++ b/app/Http/Controllers/Api/ApiV1Dot1Controller.php
@@ -295,8 +295,8 @@ class ApiV1Dot1Controller extends Controller
@ -79,15 +79,15 @@ index 38550e5f..79ed50fe 100644
         $user->app_register_token = Str::random(40);
         $user->save();
 
-@@ -629,7 +629,7 @@ class ApiV1Dot1Controller extends Controller
-             abort_if(BouncerService::checkIp($request->ip()), 404);
-         }
+@@ -963,7 +963,7 @@ class ApiV1Dot1Controller extends Controller
+         if ($ipRateLimiting) {
+             $userLimit = (int) config_cache('api.rate-limits.v1Dot1.accounts.usernameToId.ip_limit');
+             $userDecay = (int) config_cache('api.rate-limits.v1Dot1.accounts.usernameToId.ip_decay');
+-            $userKey = 'pf:apiv1.1:acctU2ID:byIp:'.$request->ip();
+            $userKey = 'pf:apiv1.1:acctU2ID:byIp:'.sha1($request->ip());
 
-        $rl = RateLimiter::attempt('pf:apiv1.1:iarc:'.$request->ip(), config('pixelfed.app_registration_confirm_rate_limit_attempts', 20), function () {}, config('pixelfed.app_registration_confirm_rate_limit_decay', 1800));
-+        $rl = RateLimiter::attempt('pf:apiv1.1:iarc:'.sha1($request->ip()), config('pixelfed.app_registration_confirm_rate_limit_attempts', 20), function () {}, config('pixelfed.app_registration_confirm_rate_limit_decay', 1800));
-         abort_if(! $rl, 429, 'Too many requests');
- 
-         $request->validate([
+             if (RateLimiter::tooManyAttempts($userKey, $userLimit)) {
+                 $limits = [
 diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
 index 86ee52c8..3e6a9c4f 100644
 --- a/app/Http/Controllers/Auth/LoginController.php
@ -238,5 +238,5 @@ index c6ba3305..eff0cf71 100644
     }
 }
 -- 
-2.44.1
+2.47.0

--- a/patches/0002-hardcode-discovery-settings.patch
+++ b/patches/0002-hardcode-discovery-settings.patch
@ -1,6 +1,6 @@
-From 295702b9a7f4b3236bc68bbf5bc453956f5f4978 Mon Sep 17 00:00:00 2001
-From: chris <cg@zknt.org>
-Date: Mon, 18 Nov 2024 13:44:07 +0100
+From 6c3084cd157fabc17adf20a86fd7c5eafdaa3e73 Mon Sep 17 00:00:00 2001
+From: chris <cg@ritona.int.zknt.org>
+Date: Mon, 6 Jan 2025 23:00:35 +0100
 Subject: [PATCH 2/6] hardcode discovery settings

 force enable discovery (as dynamic settings are not saved properly)
@ -34,5 +34,5 @@ index b3047ff7..824e0308 100644
             'server' => [
                 'enabled' => false,
 -- 
-2.44.1
+2.47.0

--- a/patches/0003-point-to-modified-sourcecode.patch
+++ b/patches/0003-point-to-modified-sourcecode.patch
@ -1,6 +1,6 @@
-From 09fae8ec220547ddf369122a1ddf687667705187 Mon Sep 17 00:00:00 2001
-From: chris <cg@zknt.org>
-Date: Mon, 18 Nov 2024 13:44:36 +0100
+From 33b14e380de2bfd1fa1133fa4387e4bcbbfc4346 Mon Sep 17 00:00:00 2001
+From: chris <cg@ritona.int.zknt.org>
+Date: Mon, 6 Jan 2025 23:02:01 +0100
 Subject: [PATCH 3/6] point to modified sourcecode

 as per AGPL license of original source, modifications must be disclosed.
@ -9,18 +9,18 @@ as per AGPL license of original source, modifications must be disclosed.
 1 file changed, 1 insertion(+), 1 deletion(-)

 diff --git a/resources/views/site/opensource.blade.php b/resources/views/site/opensource.blade.php
-index cb2e7c77..63645f0c 100644
+index b764f201..b99cbeab 100644
 --- a/resources/views/site/opensource.blade.php
 +++ b/resources/views/site/opensource.blade.php
@@ -7,7 +7,7 @@
   </div>
   <hr>
   <section>
-    <p class="lead">The software that powers this website is called <a href="https://pixelfed.org">Pixelfed</a> and anyone can <a href="https://github.com/pixelfed/pixelfed">download</a> or <a href="https://github.com/pixelfed/pixelfed">view</a> the source code and run their own instance!</p>
+-    <p class="lead">{{__('site.the_software_that_powers_this_website_is_called')}} <a href="https://pixelfed.org">Pixelfed</a> {{__('site.and_anyone_can')}} <a href="https://github.com/pixelfed/pixelfed">{{__('site.download')}}</a> {{__('site.opensource.or')}} <a href="https://github.com/pixelfed/pixelfed">{{__('site.view')}}</a> {{__('site.the_source_code_and_run_their_own_instance')}}</p>
 +    <p class="lead">This website runs a modified version of the Pixelfed software, which you can find on <a href="https://git.zknt.org/chris/pixelfed/">Git</a> (original, unmodified software: <a href="https://github.com/pixelfed/pixelfed/">here on Github</a></p>
   </section>
 @endsection
 
 -- 
-2.44.1
+2.47.0

--- a/patches/0004-allow-30-char-usernames.patch
+++ b/patches/0004-allow-30-char-usernames.patch
@ -1,6 +1,6 @@
-From e8dda2d6347b6c3bd88b4befa97d68e949ae2cf3 Mon Sep 17 00:00:00 2001
-From: chris <cg@zknt.org>
-Date: Mon, 18 Nov 2024 13:44:59 +0100
+From 8c705c51b2efb7610aa006ed16584144890779c8 Mon Sep 17 00:00:00 2001
+From: chris <cg@ritona.int.zknt.org>
+Date: Mon, 6 Jan 2025 23:02:23 +0100
 Subject: [PATCH 4/6] allow 30 char usernames

 raise maximum username length, because why not?
@ -22,5 +22,5 @@ index 1d0e415c..3150ddba 100644
             function ($attribute, $value, $fail) {
                 $dash = substr_count($value, '-');
 -- 
-2.44.1
+2.47.0

--- a/patches/0005-disable-beagle.patch
+++ b/patches/0005-disable-beagle.patch
@ -1,6 +1,6 @@
-From b32f213bd3ef168f5c39420ff1afc8cfc58ca215 Mon Sep 17 00:00:00 2001
-From: chris <cg@zknt.org>
-Date: Mon, 18 Nov 2024 13:45:58 +0100
+From 9f96a816b414e6f46c1ded50bfdc58202f29dab9 Mon Sep 17 00:00:00 2001
+From: chris <cg@ritona.int.zknt.org>
+Date: Mon, 6 Jan 2025 23:02:41 +0100
 Subject: [PATCH 5/6] disable beagle

 beagle is a remote API service provided by dansup and used for centralised lookups.
@ -39,5 +39,5 @@ index 4412352a..abab2151 100644
             $url = 'https://beagle.pixelfed.net/api/v1/raa/submit';
             $res = Http::throw()->timeout(10)->get($url, [
 -- 
-2.44.1
+2.47.0

--- a/patches/0006-Link-legal-notice.patch
+++ b/patches/0006-Link-legal-notice.patch