This functionality broke in recent updates to the cookie handling. This
patch makes it work again.
Binding to the session is now a functionality of auth_cookiesalt()

This avoids having the blowfish encrypted pass stored together with the
decryption key on the same server.

this splits the long auth_cryptPassword() function into many member
functions of a new class PassHash which should make it more
maintainable and reusable for other projects.

This also adds two new methods djangomd5 and djangosha1 as used by the
popular python framework Django.

Maybe the auth_cryptPassword() and auth_verifyPassword() functions
should be deprecated in favor of using the class directly?

Sometimes (when using rewriting with the workaround for CGI mode
described at
http://www.besthostratings.com/articles/http-auth-php-cgi.html) the
HTTP_AUTHORIZATION variable is renamed, this change detects this
renaming and uses the renamed variable.

If $conf['cookiedir'] is set, use this setting instead of DOKU_REL.

Like ids namespaces are now preg_quoted in the acl check (and therefore
the escaping of "*" has been removed). When plugins call the ACL check
function with strange ids the regex fails otherwise (in the case of the
include plugin errors like "Warning: preg_grep() [function.preg-grep]:
Compilation failed: missing terminating ] for character class at offset
47" have been reported by two users).

I've run the acl tests after this change and everything passes so this
shouldn't break anything but please test this especially with protected
wikis as this change modifies the code that handles namespace
permissions. Furthermore permissions for a namespace foobar are no
longer applied to namespaces with names like foo.ar, I hope nobody has
used that "feature".

When you are using per-user namespaces, user registration is open and
either write or read protection for these namespaces is important to
you this is a security fix for you: When someone wants to get access to
the namespace of a user "foo.bar" he can register as "fooxbar" (where
"x" is an arbitrary character) and will have access to the user
namespace of the user "foo.bar" as when a page in "foo.bar" is checked
it will match the rule for "fooxbar".

This function abstracts checking a given user and her groups against a
given member list (as used in the superuser and manager options).

It is also used in auth_isManager() and auth_isAdmin(), unlike the
previous function, this one skips the nameencode step as it should be
unnessary here (all input is given decoded).

The test cases where extended by some non-ID user and group names.

People with non-plain auth backends should check that their
administrator and manager setups still work as expected

As of VIM 7.3 it is no longer possible to specify the encoding in the
modeline. This gives an error message whenever such a file is opened,
thus this commit removes the enc setting from the modeline.

This patch also removes legacy support for @USER@. Only %USER% is valid
now.

This patch implements what Adrian's patch "Hide logout button if auth
backend cannot logout" intended to do.

The 'logoff' capability was used to decide if a special method called
$auth->logOff() should be called when the user logs out, not if the
backend supports logouts at all. This was a superflous capability since
an empty logOff() method is implemented in the base class anyway - it
doesn't hurt to always call the method.

The 'logoff' capability is now deprecated. Backends who want to do
actions on logout simply need to overwrite logOff().

A new capability 'logout' was added which defaults to true. Backends
that can't logoff the user (eg. because they use some automatic
login/logoff mechanism) can set this to false.

Probably makes sense to add a 'login' capability as well...

Classes are loaded throug PHP5's class autoloader, all other
includes are just loaded by default. This skips a lot of
require_once calls.

Parser and Plugin stuff isn't handled by the class loader yet.

Ignore-this: 804d0837b9a04e4f82e6b54765f453cf

darcs-hash:20091215095430-e4919-19c61854c27fdade90caeed035445ee3396b0095.gz

Ignore-this: fb853b40911201a41c237d69d91f7d24

darcs-hash:20091128111547-6ad63-0432d3b190946b2b8f7c292119e034cdcdae3a00.gz

darcs-hash:20091124152419-e4919-b4d55158c15d637a453b082eae6a80a828818934.gz

Ignore-this: 3591e5a36126c72bd9b931e4aa832da8

darcs-hash:20091115141725-7ad00-7c2fc662d1999731660673d05299c4f357b797b3.gz

Ignore-this: b824c2941d3631bdf83350e325606d3e

darcs-hash:20091114123517-7ad00-d32833a88cb5f654a8874542d4d59f1f401d4453.gz

Ignore-this: 26392125523d2c822580346074330ebe

darcs-hash:20091113102249-7ad00-4cede040a940d739bd34d548e12956e8d8609cfa.gz

  Changes of behaviour are:
  * Allow the user name, title & description \e2\80\9c0\e2\80\9d
  * Default to Port 443 if using HTTPS
  * Set $INFO['isadmin'] and $INFO['ismanager'] to \e2\80\9cfalse\e2\80\9d even if no user is
    logged in
  * Do not pass empty fragment field in the event data for event
    ACTION_SHOW_REDIRECT
  * Handle chunked encoding in HTTPClient

darcs-hash:20091104100115-e4919-5cf6397d4a457e3f98a8ca49fbdab03f2147721d.gz

darcs-hash:20091023085601-e4919-5c800a07bcf70c34720a39e7bca9a1250b973b32.gz

Ignore-this: 259cb5773c3144c6c706d87298dcf674

darcs-hash:20091020212338-7ad00-6bf1c5c403491f136a1c02af5ecd9f84d7227107.gz

Ignore-this: c809bd207504f78e84685612b0a668a7

This is a MD5 based hashing method used in the Unclassified NewsBoard forum
software (which is used for DokuWiki's supprt forum)

darcs-hash:20091015184330-7ad00-38680848952bdb46052dcf3597fa5e91f892ca51.gz

Ignore-this: c9b92b33e2a3a3418fd0730bf4971b7e

darcs-hash:20091004135409-7ad00-51c902a832fef7486a9afca9e9481b172a6894e1.gz

Ignore-this: 3e0ad635a6f8536ed05871704a29e1e2

This patch adds a small notice to the comment that the id given to
auth_(quick)aclcheck needs to be resolved and cleaned.

darcs-hash:20091004093316-074e0-a4095962c52c16918d617d2ffecc783ba8fd0202.gz

darcs-hash:20090528215438-6942e-bf1b875e689ade6bd1a17e3d812ce16bf35c84a6.gz

Ignore-this: 13616da575fbe56064b2aa3d1d803bf5

darcs-hash:20090410181613-7ad00-b74c82c1f9296a2cb0d00b03316141b19821bda1.gz

Ignore-this: ad04520c987ab71b4dcec5e5b38fae8a

darcs-hash:20090407172723-7ad00-81d06920a678c7aab73778e2ce4f8f1f44faf314.gz

Ignore-this: 9ffd0327c318a633e33a60e0a8ecf7f5

darcs-hash:20090312224454-b7b7f-12b7fa78c0b638c1795f6d5e1b1c1aa2cbab64d4.gz