update patches

master
Astra 2024-02-25 13:47:20 +00:00
parent f8ec9c4305
commit 2964d27bbf
6 changed files with 179 additions and 67 deletions

View File

@ -1,21 +1,87 @@
From 983309a3f92c3cc40d70f46d0eb0ba8eb752d7ff Mon Sep 17 00:00:00 2001 From abfddd90073a3f3056526429b1b9dc4aa5c252b9 Mon Sep 17 00:00:00 2001
From: hnrd <cg@zknt.org> From: chris <cg@zknt.org>
Date: Sat, 27 May 2023 11:27:56 +0200 Date: Wed, 24 Jan 2024 13:00:53 +0100
Subject: [PATCH 1/6] remove IP logging Subject: [PATCH 1/6] remove IP logging
Replace unneeded logging of IPs and User-Agent strings with meaningless static data. Replace unneeded logging of IPs and User-Agent strings with meaningless static data.
--- ---
app/Http/Controllers/Auth/LoginController.php | 4 ++-- app/Http/Controllers/Api/ApiV1Dot1Controller.php | 16 ++++++++--------
app/Http/Controllers/Settings/HomeSettings.php | 8 ++++---- app/Http/Controllers/Auth/LoginController.php | 4 ++--
app/Listeners/AuthLogin.php | 4 ++-- app/Http/Controllers/RemoteAuthController.php | 4 ++--
app/Listeners/LogFailedLogin.php | 4 ++-- app/Http/Controllers/SeasonalController.php | 4 ++--
4 files changed, 10 insertions(+), 10 deletions(-) app/Http/Controllers/Settings/HomeSettings.php | 8 ++++----
.../Controllers/UserEmailForgotController.php | 4 ++--
app/Listeners/AuthLogin.php | 4 ++--
app/Listeners/LogFailedLogin.php | 4 ++--
8 files changed, 24 insertions(+), 24 deletions(-)
diff --git a/app/Http/Controllers/Api/ApiV1Dot1Controller.php b/app/Http/Controllers/Api/ApiV1Dot1Controller.php
index 75d0fe98..88948276 100644
--- a/app/Http/Controllers/Api/ApiV1Dot1Controller.php
+++ b/app/Http/Controllers/Api/ApiV1Dot1Controller.php
@@ -280,8 +280,8 @@ class ApiV1Dot1Controller extends Controller
$log->action = 'account.edit.password';
$log->message = 'Password changed';
$log->link = null;
- $log->ip_address = $request->ip();
- $log->user_agent = $request->userAgent();
+ $log->ip_address = "127.0.0.23";
+ $log->user_agent = "Pixelfed.de";
$log->save();
Mail::to($request->user())->send(new PasswordChange($user));
@@ -303,7 +303,7 @@ class ApiV1Dot1Controller extends Controller
abort_if(BouncerService::checkIp($request->ip()), 404);
}
$agent = new Agent();
- $currentIp = $request->ip();
+ $currentIp = "127.0.0.23";
$activity = AccountLog::whereUserId($user->id)
->whereAction('auth.login')
@@ -316,8 +316,8 @@ class ApiV1Dot1Controller extends Controller
return [
'id' => $item->id,
'action' => $item->action,
- 'ip' => $item->ip_address,
- 'ip_current' => $item->ip_address === $currentIp,
+ 'ip' => "127.0.0.23",
+ 'ip_current' => "127.0.0.23" === $currentIp,
'is_mobile' => $agent->isMobile(),
'device' => $agent->device(),
'browser' => $agent->browser(),
@@ -474,7 +474,7 @@ class ApiV1Dot1Controller extends Controller
abort_if(BouncerService::checkIp($request->ip()), 404);
}
- $rl = RateLimiter::attempt('pf:apiv1.1:iar:'.$request->ip(), config('pixelfed.app_registration_rate_limit_attempts', 3), function(){}, config('pixelfed.app_registration_rate_limit_decay', 1800));
+ $rl = RateLimiter::attempt('pf:apiv1.1:iar:'.Str::Random(10), config('pixelfed.app_registration_rate_limit_attempts', 3), function(){}, config('pixelfed.app_registration_rate_limit_decay', 1800));
abort_if(!$rl, 400, 'Too many requests');
$this->validate($request, [
@@ -546,7 +546,7 @@ class ApiV1Dot1Controller extends Controller
$user->email = $email;
$user->password = Hash::make($password);
$user->register_source = 'app';
- $user->app_register_ip = $request->ip();
+ $user->app_register_ip = "127.0.0.23";
$user->app_register_token = Str::random(40);
$user->save();
@@ -603,7 +603,7 @@ class ApiV1Dot1Controller extends Controller
abort_if(BouncerService::checkIp($request->ip()), 404);
}
- $rl = RateLimiter::attempt('pf:apiv1.1:iarc:'.$request->ip(), config('pixelfed.app_registration_confirm_rate_limit_attempts', 20), function(){}, config('pixelfed.app_registration_confirm_rate_limit_decay', 1800));
+ $rl = RateLimiter::attempt('pf:apiv1.1:iarc:'.Str::Random(10), config('pixelfed.app_registration_confirm_rate_limit_attempts', 20), function(){}, config('pixelfed.app_registration_confirm_rate_limit_decay', 1800));
abort_if(!$rl, 429, 'Too many requests');
$this->validate($request, [
diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
index 3861d327..e6b345a6 100644 index 627a879c..1d7af486 100644
--- a/app/Http/Controllers/Auth/LoginController.php --- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php +++ b/app/Http/Controllers/Auth/LoginController.php
@@ -108,8 +108,8 @@ class LoginController extends Controller @@ -109,8 +109,8 @@ class LoginController extends Controller
$log->action = 'auth.login'; $log->action = 'auth.login';
$log->message = 'Account Login'; $log->message = 'Account Login';
$log->link = null; $log->link = null;
@ -26,34 +92,86 @@ index 3861d327..e6b345a6 100644
$log->save(); $log->save();
} }
diff --git a/app/Http/Controllers/RemoteAuthController.php b/app/Http/Controllers/RemoteAuthController.php
index e068f5d7..37e4dfad 100644
--- a/app/Http/Controllers/RemoteAuthController.php
+++ b/app/Http/Controllers/RemoteAuthController.php
@@ -320,7 +320,7 @@ class RemoteAuthController extends Controller
'webfinger' => $res['_webfinger'],
], [
'software' => 'mastodon',
- 'ip_address' => $request->ip(),
+ 'ip_address' => "127.0.0.23",
'bearer_token' => $token,
'verify_credentials' => $res,
'last_verify_credentials_at' => now(),
@@ -702,7 +702,7 @@ class RemoteAuthController extends Controller
'email' => $data['email'],
'password' => Hash::make($data['password']),
'email_verified_at' => config('remote-auth.mastodon.contraints.skip_email_verification') ? now() : null,
- 'app_register_ip' => request()->ip(),
+ 'app_register_ip' => "127.0.0.23",
'register_source' => 'mastodon'
])));
diff --git a/app/Http/Controllers/SeasonalController.php b/app/Http/Controllers/SeasonalController.php
index a9f1f98c..c3c4cc43 100644
--- a/app/Http/Controllers/SeasonalController.php
+++ b/app/Http/Controllers/SeasonalController.php
@@ -230,8 +230,8 @@ class SeasonalController extends Controller
'action' => 'seasonal.my2020.view'
],
[
- 'ip_address' => $request->ip(),
- 'user_agent' => $request->userAgent()
+ 'ip_address' => "127.0.0.23",
+ 'user_agent' => "Pixelfed.de"
]
]);
return response()->json(200);
diff --git a/app/Http/Controllers/Settings/HomeSettings.php b/app/Http/Controllers/Settings/HomeSettings.php diff --git a/app/Http/Controllers/Settings/HomeSettings.php b/app/Http/Controllers/Settings/HomeSettings.php
index 082a72af..63448905 100644 index 99326c09..6fc5030b 100644
--- a/app/Http/Controllers/Settings/HomeSettings.php --- a/app/Http/Controllers/Settings/HomeSettings.php
+++ b/app/Http/Controllers/Settings/HomeSettings.php +++ b/app/Http/Controllers/Settings/HomeSettings.php
@@ -139,8 +139,8 @@ trait HomeSettings @@ -139,8 +139,8 @@ trait HomeSettings
$log->action = 'account.edit.password'; $log->action = 'account.edit.password';
$log->message = 'Password changed'; $log->message = 'Password changed';
$log->link = null; $log->link = null;
- $log->ip_address = $request->ip(); - $log->ip_address = $request->ip();
- $log->user_agent = $request->userAgent(); - $log->user_agent = $request->userAgent();
+ $log->ip_address = "127.0.0.23"; + $log->ip_address = "127.0.0.23";
+ $log->user_agent = "Pixelfed.de"; + $log->user_agent = "Pixelfed.de";
$log->save(); $log->save();
Mail::to($request->user())->send(new PasswordChange($user)); Mail::to($request->user())->send(new PasswordChange($user));
@@ -185,8 +185,8 @@ trait HomeSettings @@ -186,8 +186,8 @@ trait HomeSettings
$log->action = 'account.edit.email'; $log->action = 'account.edit.email';
$log->message = 'Email changed'; $log->message = 'Email changed';
$log->link = null; $log->link = null;
- $log->ip_address = $request->ip(); - $log->ip_address = $request->ip();
- $log->user_agent = $request->userAgent(); - $log->user_agent = $request->userAgent();
+ $log->ip_address = "127.0.0.23"; + $log->ip_address = "127.0.0.23";
+ $log->user_agent = "Pixelfed.de"; + $log->user_agent = "Pixelfed.de";
$log->save(); $log->save();
} }
diff --git a/app/Http/Controllers/UserEmailForgotController.php b/app/Http/Controllers/UserEmailForgotController.php
index 33378c4d..e6f1be45 100644
--- a/app/Http/Controllers/UserEmailForgotController.php
+++ b/app/Http/Controllers/UserEmailForgotController.php
@@ -80,8 +80,8 @@ class UserEmailForgotController extends Controller
{
UserEmailForgot::create([
'user_id' => $user->id,
- 'ip_address' => $request->ip(),
- 'user_agent' => $request->userAgent(),
+ 'ip_address' => "127.0.0.23",
+ 'user_agent' => "Pixelfed.de",
'email_sent_at' => now()
]);
diff --git a/app/Listeners/AuthLogin.php b/app/Listeners/AuthLogin.php diff --git a/app/Listeners/AuthLogin.php b/app/Listeners/AuthLogin.php
index 90806965..d0261ecc 100644 index 90806965..ffc67d79 100644
--- a/app/Listeners/AuthLogin.php --- a/app/Listeners/AuthLogin.php
+++ b/app/Listeners/AuthLogin.php +++ b/app/Listeners/AuthLogin.php
@@ -122,8 +122,8 @@ class AuthLogin @@ -122,8 +122,8 @@ class AuthLogin
@ -63,7 +181,7 @@ index 90806965..d0261ecc 100644
- 'ip' => request()->ip(), - 'ip' => request()->ip(),
- 'user_agent' => str_limit(request()->userAgent(), 180), - 'user_agent' => str_limit(request()->userAgent(), 180),
+ 'ip' => "127.0.0.23", + 'ip' => "127.0.0.23",
+ 'user_agent' => "Pixelfed.de", + 'user_agent' => "Pixelfed.de",
]); ]);
}); });
} }
@ -83,5 +201,4 @@ index c6ba3305..9442bfd0 100644
} }
} }
-- --
2.42.0 2.43.0

View File

@ -1,6 +1,6 @@
From 2e602bea61489ff59c8084a24de4bc33f44971ad Mon Sep 17 00:00:00 2001 From 642ea8df27cd7c3ddb2c36cf0ba30f4ba0d94e40 Mon Sep 17 00:00:00 2001
From: hnrd <cg@zknt.org> From: chris <cg@zknt.org>
Date: Mon, 10 Apr 2023 18:04:17 +0200 Date: Wed, 24 Jan 2024 13:02:16 +0100
Subject: [PATCH 2/6] hardcode discovery settings Subject: [PATCH 2/6] hardcode discovery settings
force enable discovery (as dynamic settings are not saved properly) force enable discovery (as dynamic settings are not saved properly)
@ -34,5 +34,4 @@ index 4bb7277a..41251adb 100644
'server' => [ 'server' => [
'enabled' => false, 'enabled' => false,
-- --
2.42.0 2.43.0

View File

@ -1,6 +1,6 @@
From 812e130d0ec6841bc822a3506485147eeae381d6 Mon Sep 17 00:00:00 2001 From 0a410cf815d7a66a4544b9c5915dfa38468ec379 Mon Sep 17 00:00:00 2001
From: hnrd <cg@zknt.org> From: chris <cg@zknt.org>
Date: Mon, 10 Apr 2023 18:35:40 +0200 Date: Wed, 24 Jan 2024 13:04:05 +0100
Subject: [PATCH 3/6] point to modified sourcecode Subject: [PATCH 3/6] point to modified sourcecode
as per AGPL license of original source, modifications must be disclosed. as per AGPL license of original source, modifications must be disclosed.
@ -22,5 +22,4 @@ index cb2e7c77..63645f0c 100644
@endsection @endsection
-- --
2.42.0 2.43.0

View File

@ -1,6 +1,6 @@
From 13995f061214886fa9dda3f64341b543c2df5646 Mon Sep 17 00:00:00 2001 From c6c208aef154d2ab683d794bb5b95fa508c757da Mon Sep 17 00:00:00 2001
From: hnrd <cg@zknt.org> From: chris <cg@zknt.org>
Date: Mon, 17 Jul 2023 10:47:39 +0200 Date: Wed, 24 Jan 2024 13:05:34 +0100
Subject: [PATCH 4/6] disable beagle service Subject: [PATCH 4/6] disable beagle service
beagle is a remote API service provided by dansup and used for centralised lookups. beagle is a remote API service provided by dansup and used for centralised lookups.
@ -11,14 +11,14 @@ As it's not configurable at the moment this patch disables remote communication
1 file changed, 3 insertions(+) 1 file changed, 3 insertions(+)
diff --git a/app/Services/Account/RemoteAuthService.php b/app/Services/Account/RemoteAuthService.php diff --git a/app/Services/Account/RemoteAuthService.php b/app/Services/Account/RemoteAuthService.php
index 4412352a..14b4d625 100644 index 4412352a..667265be 100644
--- a/app/Services/Account/RemoteAuthService.php --- a/app/Services/Account/RemoteAuthService.php
+++ b/app/Services/Account/RemoteAuthService.php +++ b/app/Services/Account/RemoteAuthService.php
@@ -120,6 +120,7 @@ class RemoteAuthService @@ -120,6 +120,7 @@ class RemoteAuthService
} }
return Cache::remember(self::CACHE_KEY . 'domain-compatible:' . $domain, 14400, function() use($domain) { return Cache::remember(self::CACHE_KEY . 'domain-compatible:' . $domain, 14400, function() use($domain) {
+ return true; + return true;
try { try {
$res = Http::timeout(20)->retry(3, 750)->get('https://beagle.pixelfed.net/api/v1/raa/domain?domain=' . $domain); $res = Http::timeout(20)->retry(3, 750)->get('https://beagle.pixelfed.net/api/v1/raa/domain?domain=' . $domain);
if(!$res->ok()) { if(!$res->ok()) {
@ -26,7 +26,7 @@ index 4412352a..14b4d625 100644
public static function lookupWebfingerUses($wf) public static function lookupWebfingerUses($wf)
{ {
+ return 0; + return 0;
try { try {
$res = Http::timeout(20)->retry(3, 750)->get('https://beagle.pixelfed.net/api/v1/raa/lookup?webfinger=' . $wf); $res = Http::timeout(20)->retry(3, 750)->get('https://beagle.pixelfed.net/api/v1/raa/lookup?webfinger=' . $wf);
if(!$res->ok()) { if(!$res->ok()) {
@ -34,10 +34,9 @@ index 4412352a..14b4d625 100644
public static function submitToBeagle($ow, $ou, $dw, $du) public static function submitToBeagle($ow, $ou, $dw, $du)
{ {
+ return; + return;
try { try {
$url = 'https://beagle.pixelfed.net/api/v1/raa/submit'; $url = 'https://beagle.pixelfed.net/api/v1/raa/submit';
$res = Http::throw()->timeout(10)->get($url, [ $res = Http::throw()->timeout(10)->get($url, [
-- --
2.42.0 2.43.0

View File

@ -1,6 +1,6 @@
From e860abb64b9f5f29b519dd85c976918152878437 Mon Sep 17 00:00:00 2001 From 2eaeb254502b00f9d25eeaec607f10f8692e96a2 Mon Sep 17 00:00:00 2001
From: hnrd <cg@zknt.org> From: chris <cg@zknt.org>
Date: Thu, 27 Jul 2023 12:49:01 +0200 Date: Wed, 24 Jan 2024 13:06:07 +0100
Subject: [PATCH 5/6] allow 30 char usernames Subject: [PATCH 5/6] allow 30 char usernames
raise maximum username length, because why not? raise maximum username length, because why not?
@ -9,7 +9,7 @@ raise maximum username length, because why not?
1 file changed, 1 insertion(+), 1 deletion(-) 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php
index 5eb1159f..227bf06d 100644 index 8c10e5d0..12b8c1b3 100644
--- a/app/Http/Controllers/Auth/RegisterController.php --- a/app/Http/Controllers/Auth/RegisterController.php
+++ b/app/Http/Controllers/Auth/RegisterController.php +++ b/app/Http/Controllers/Auth/RegisterController.php
@@ -70,7 +70,7 @@ class RegisterController extends Controller @@ -70,7 +70,7 @@ class RegisterController extends Controller
@ -22,5 +22,4 @@ index 5eb1159f..227bf06d 100644
function ($attribute, $value, $fail) { function ($attribute, $value, $fail) {
$dash = substr_count($value, '-'); $dash = substr_count($value, '-');
-- --
2.42.0 2.43.0

File diff suppressed because one or more lines are too long