Pullup ticket 737 - requested by Adrian Portelli

security fix for phpldapadmin

Revisions pulled up:
- pkgsrc/databases/phpldapadmin/Makefile		1.11, 1.12, 1.13
- pkgsrc/databases/phpldapadmin/distinfo		1.6, 1.7
- pkgsrc/databases/phpldapadmin/patches/patch-ab	1.1
- pkgsrc/databases/phpldapadmin/patches/patch-aa	1.2

   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Sat Sep  3 16:14:18 UTC 2005

   Modified Files:
   	pkgsrc/databases/phpldapadmin: Makefile distinfo
   Added Files:
   	pkgsrc/databases/phpldapadmin/patches: patch-ab

   Log Message:
   Security fix for http://secunia.com/advisories/16617/
   Bump to nb4
---
   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Sat Sep  3 17:00:08 UTC 2005

   Modified Files:
   	pkgsrc/databases/phpldapadmin: Makefile distinfo
   	pkgsrc/databases/phpldapadmin/patches: patch-aa

   Log Message:
   Add updated patch-aa for a missed diff on login.php for the last
   security fix
   Re-do how .orig files are handled by pax as this wasn't working as
   expected
   Ride the previous package bump
---
   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Sun Sep  4 10:08:14 UTC 2005

   Modified Files:
   	pkgsrc/databases/phpldapadmin: Makefile

   Log Message:
   Use PAX options instead of ${FIND} and ${RM} to kill files that we don't
    want to install.  Patch from salo@ in private email.
   No functional change.

databases/phpldapadmin/Makefile

@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.7.2.1 2005/09/03 13:20:00 salo Exp $
+# $NetBSD: Makefile,v 1.7.2.2 2005/09/04 13:40:40 salo Exp $
 
 DISTNAME=	phpldapadmin-${VERSION}
-PKGREVISION=	3
+PKGREVISION=	4
 CATEGORIES=	databases www
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=phpldapadmin/}
 
@@ -19,7 +19,7 @@ APACHE_USER?=	www
 CONF_FILES=	${PREFIX}/share/examples/phpldapadmin/config.php.example \
 		${PREFIX}/share/phpldapadmin/config.php
 CONF_FILES+=	${PREFIX}/share/examples/phpldapadmin/phpldapadmin.conf \
-		${PKG_SYSCONFDIR}/httpd/phpldapadmin.conf		
+		${PKG_SYSCONFDIR}/httpd/phpldapadmin.conf
 SPECIAL_PERMS=	${PREFIX}/share/phpldapadmin/config.php \
 		${APACHE_USER} wheel 0600
 
@@ -37,13 +37,12 @@ do-install:
 	${INSTALL_DATA} ${WRKDIR}/phpldapadmin.conf \
 		${PREFIX}/share/examples/phpldapadmin
 
-	@${RM} ${WRKSRC}/config.php.example
-
 	${INSTALL_DATA_DIR} ${PREFIX}/share/phpldapadmin
 	cd ${WRKSRC} && ${PAX}		\
 		-s /\.#//		\
 		-s /\.cvsignore//	\
-		-s /\.orig//		\
+		-s /\.\*.orig//		\
+		-s /\.\*.example//	\
 		-rwppm . ${PREFIX}/share/phpldapadmin
 
 .include "../../mk/apache.mk"

databases/phpldapadmin/distinfo

@@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.4.2.1 2005/09/03 13:20:00 salo Exp $
+$NetBSD: distinfo,v 1.4.2.2 2005/09/04 13:40:40 salo Exp $
 
 SHA1 (phpldapadmin-0.9.6c.tar.gz) = 52d094ec62892409d766629c42a32e076076bd97
 RMD160 (phpldapadmin-0.9.6c.tar.gz) = 29280777527af4531119ecfa5365cce7d899cd50
 Size (phpldapadmin-0.9.6c.tar.gz) = 707109 bytes
-SHA1 (patch-aa) = b921f4574b5613e0182456891eec7e5001ddc1a6
+SHA1 (patch-aa) = fa37fe2172ec3d068fe3280fe1ecefa5a68d2dcf
+SHA1 (patch-ab) = f4981f2e8cb6858e9ff8a407667509c177a35b47

databases/phpldapadmin/patches/patch-aa

@@ -1,4 +1,4 @@
-$NetBSD: patch-aa,v 1.1.2.2 2005/09/03 13:20:00 salo Exp $
+$NetBSD: patch-aa,v 1.1.2.3 2005/09/04 13:40:40 salo Exp $
 
 --- login.php.orig	2005-04-15 14:16:59.000000000 +0100
 +++ login.php
@@ -13,3 +13,13 @@ $NetBSD: patch-aa,v 1.1.2.2 2005/09/03 13:20:00 salo Exp $
 
  if( ! $anon_bind )
  	strlen($pass) or pla_error( $lang['password_blank'] );
+@@ -149,9 +151,6 @@ include realpath( 'header.php' );
+ 		parent.left_frame.location.reload();
+ 	<?php } ?>
+
+-	<?php if ( isset($custom_welcome_page) and $custom_welcome_page ) { ?>
+-		parent.right_frame.location.href='welcome.php';
+-	<?php } ?>
+ </script>
+
+ <center>

databases/phpldapadmin/patches/patch-ab

@@ -0,0 +1,15 @@
+$NetBSD: patch-ab,v 1.1.2.2 2005/09/04 13:40:40 salo Exp $
+
+--- welcome.php.orig	2005-09-03 16:53:02.000000000 +0100
++++ welcome.php
+@@ -10,10 +10,6 @@
+ 	include './header.php'; 
+ //	include './config.php'; 
+
+-if ( isset($custom_welcome_page) && $custom_welcome_page ) {
+-    include_once $custom_welcome_page;
+-
+-} else {
+     // Close the session for faster page loading
+     pla_session_close();
+ ?>