Age | Commit message (Collapse) | Author | |
---|---|---|---|
2019-02-25 | Wytzes emergency changebug-1459 | Bernhard Fröhlich | |
2018-10-22 | Bugfix proposed by Wytze, see https://bugs.cacert.org/view.php?id=1430 | Bernhard Fröhlich | |
2015-08-26 | Merge branch 'bug-1389' into release | Benny Baumann | |
2015-07-29 | bug 1389: Consistent indentationbug-1389 | Benny Baumann | |
2015-07-26 | bug 1392: correct a variable mixup causing all SANs in CSRs to be rejectedbug-1392 | Benny Baumann | |
2015-07-25 | bug 1392: Check domain names in CN/SAN to at least basically comply to RFC | Benny Baumann | |
2015-07-22 | bug 1389: rename the parameter 'extra' to 'use_utf8' everywhere | Felix Dörre | |
2015-07-21 | bug 1389: send all mails correct in quoted-prinable | Felix Dörre | |
caller should now send plain utf-8 or html-encoded | |||
2014-12-16 | Merge branch 'release' into bug-1131bug-1131 | Benny Baumann | |
Conflicts: pages/wot/6.php www/policy/CAcertCommunityAgreement.php The conflict in the CCA document page was introduced due to the rename of the file. This instance can be safely ignored, as bug 1131 introduces a new version superseeding the old document. The instance in pages/wot/6.php is a bit more complicated, but basically results from a change of bug 1137 and the modified paths to the policy documents. | |||
2014-12-05 | Merge remote-tracking branch 'origin/bug-790' into release | Michael Tänzer | |
2014-12-05 | Merge remote-tracking branch 'origin/bug-1318' into release | Michael Tänzer | |
2014-11-30 | bug 1318: Minor typobug-1318 | Benny Baumann | |
2014-11-30 | bug 1318: Variable name typo | Benny Baumann | |
2014-11-30 | bug 1288: Some cleanup as this is never used anywaybug-1288 | Benny Baumann | |
2014-11-30 | bug 1288: Accept STARTTLS as last option | Benny Baumann | |
2014-11-29 | bug 1318: typo in variable names | Benny Baumann | |
2014-11-29 | bug 1318: Actually sort by priority | Benny Baumann | |
2014-11-29 | bug 1318: Fix a check for if there were any servers | Benny Baumann | |
2014-11-29 | bug 1318: Request the array containing the priorities to sort entries propoerly | Benny Baumann | |
2014-11-29 | bug 1288: Actually request encryption for the connection before activating | Benny Baumann | |
2014-11-29 | bug 1288: EHLO returns 250 on success | Benny Baumann | |
2014-11-29 | bug 1318: Typo in control structure | Benny Baumann | |
2014-11-29 | bug 1288: Do STARTTLS whenever offered by the server | Benny Baumann | |
2014-11-29 | bug 1318: Properly order MX records by order given in RFC 5321 | Benny Baumann | |
2014-11-23 | Merge branch 'bug-28' into release | Benny Baumann | |
Conflicts: includes/account.php scripts/cron/warning.php www/disputes.php www/wot.php | |||
2014-11-23 | Merge branch 'bug-1273' into release | Benny Baumann | |
2014-11-23 | Merge branch 'bug-1192' into release | Benny Baumann | |
2014-11-18 | Merge branch 'bug-1339' into release | Benny Baumann | |
2014-11-15 | bug-1339: remove all traces of OTPbug-1339 | Felix Dörre | |
2014-10-07 | bug-790: change PEM-Armor-striping code to not break correct CSRs | Felix Dörre | |
(copied from somewhere above) | |||
2014-09-23 | bug-709: change spkac-text, wrap crt with <pre>s | Felix Dörre | |
2014-09-23 | bug-790: do translation, fix cert download | Felix Dörre | |
2014-09-23 | bug-790: implement that thing. | Felix Dörre | |
2014-08-30 | bug 1301: Fix issue with missing default for the encodingbug-1301 | Benny Baumann | |
2014-08-20 | Merge branch 'bug-1297' into release | Benny Baumann | |
2014-08-20 | Merge branch 'bug-1292' into release | Benny Baumann | |
2014-08-09 | bug-1297: update openssl regexes to openssl 1.0.1bug-1297 | Felix Dörre | |
Some keywords in the "req"-output have changed. | |||
2014-07-27 | bug 1291: Fix XSS in WoT 15 | Felix Dörre | |
2014-07-27 | bug-1292: prohibit keys with public exponent smaller than 65536bug-1292 | Felix Dörre | |
This is in accordance to what is recommended on the referenced wiki page: http://wiki.cacert.org/WeakKeys#SmallExponent | |||
2014-07-15 | Merge branch 'bug-1226' into release | Benny Baumann | |
2014-07-15 | Merge branch 'bug-1280' into release | Benny Baumann | |
2014-06-21 | bug 1280: Implement normalisation in of language codes in the L10n classbug-1280 | Michael Tänzer | |
and use it (in set_translation() and the Assurer contact form) Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-06-21 | bug 1280: Remove trailing white space | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-06-21 | Revert "bug-1280: Handle more different types of "languages":" | Michael Tänzer | |
This reverts commit 0730c9df3eb440205d7963e3c0762765d9b47031. | |||
2014-06-15 | bug 1273: Move the one "escapeshellarg" in a new row. | Felix Dörre | |
2014-06-15 | bug 1273: use runCommand where former "echo"-syntax was used | Felix Dörre | |
2014-06-15 | bug 1273: replace backtick operators with shell_exec | Felix Dörre | |
+ fix 1 missing escapeshellarg Commands used to locate: 1. find includes -type f -name '*.php' -exec cat {} \; \ | tr '\n' '?' | sed 's/\(\$query .\?= \|\ mysql_query(\|query_init (\)"\([^"]\|".\(\(intval\|mysql_real_escape_string\)\ (\$[^\$)]\+)\|\$_SESSION\(\['_config'\]\['user'\]\['Q[1-5]'\]\ \|['_config']['disablelogin']\)\)[ ?]*."\)*"/mysql-substitute/g'\ | tr '?' '\n' | grep --color=always "\`"|less -r and reviewing the queries by hand. This command replaces out strings obviously looking like sql_queries and then outputting al remaining backticks: starting with "$query = ,mysql_query, ..." and are only interrupted by "safe" calls: - mysql_real_escape_string - intval - pre_escaped session variables (This command may also be used for locating bad escaped sql_queries) 2. grep -r "\`\(grep\|/\|echo\|dig\|openssl\|gpg\|rm\|../\)" www includes pages \ | grep -v '\(from\|update\|into\) `gpg' | |||
2014-06-13 | Merge branch 'release' into bug-807 | Benny Baumann | |
Conflicts: includes/account.php includes/lib/account.php pages/account/16.php | |||
2014-06-11 | bug-1280: Handle more different types of "languages": | Felix Dörre | |
- zh_CN => zh-cn (in various cases: ZH_cn, zh_cn, ...) - de => de (what the current GUI produces) - de_DE => de, en_AU => en, EN_AU => en (what may be left in the database) ... and more creative upper/lower-cases | |||
2014-06-07 | Merge branch 'bug-929' into release | Benny Baumann | |