Benny Baumann [Fri, 29 Aug 2014 22:53:41 +0000 (00:53 +0200)]
bug 1301: Fix issue with missing default for the encoding
Benny Baumann [Thu, 28 Aug 2014 07:22:31 +0000 (09:22 +0200)]
Merge branch 'bug-1293' into release
Benny Baumann [Wed, 20 Aug 2014 20:34:25 +0000 (22:34 +0200)]
Merge branch 'bug-1297' into release
Benny Baumann [Wed, 20 Aug 2014 20:34:10 +0000 (22:34 +0200)]
Merge branch 'bug-1298' into release
Benny Baumann [Wed, 20 Aug 2014 20:30:21 +0000 (22:30 +0200)]
Merge branch 'bug-1292' into release
Benny Baumann [Wed, 20 Aug 2014 20:29:44 +0000 (22:29 +0200)]
Merge branch 'bug-1276' into release
Benny Baumann [Tue, 19 Aug 2014 20:48:03 +0000 (22:48 +0200)]
bug 1293: Additional changes to CCA by Benedikt
Benny Baumann [Tue, 19 Aug 2014 20:09:35 +0000 (22:09 +0200)]
bug 1293: Updated latest CCA version by Benedikt 2014-08-19 20:56
Benny Baumann [Mon, 18 Aug 2014 05:18:19 +0000 (07:18 +0200)]
bug 1293: Renewed version provided by the Editor
Benny Baumann [Sun, 17 Aug 2014 21:47:37 +0000 (23:47 +0200)]
Updated Policy document by the Editor
Benny Baumann [Sun, 17 Aug 2014 15:33:33 +0000 (17:33 +0200)]
bug 1293: Remove the icon according to W3C guidelines
This change is as we currently do not pass validation and
therefore would be infridging on the usage rights.
Benny Baumann [Wed, 13 Aug 2014 22:10:03 +0000 (00:10 +0200)]
bug 1293: Replace DOCTYPE by HTML5 declaration to avoid conflicts with PHP and the XML declaration for XHTML 1.1
Benny Baumann [Sat, 9 Aug 2014 08:56:14 +0000 (10:56 +0200)]
Merge branch 'bug-1291' into release
Felix Dörre [Fri, 8 Aug 2014 23:31:43 +0000 (01:31 +0200)]
bug-1298: Update the used SHA-import in the commmodule
As already suggested in the bug report.
Felix Dörre [Fri, 8 Aug 2014 23:27:10 +0000 (01:27 +0200)]
bug-1297: update openssl regexes to openssl 1.0.1
Some keywords in the "req"-output have changed.
Benny Baumann [Tue, 29 Jul 2014 21:29:14 +0000 (23:29 +0200)]
bug 1291: Update wothash calculation for modified behaviour
Benny Baumann [Tue, 29 Jul 2014 21:09:50 +0000 (23:09 +0200)]
bug 1293: Add new DRAFT version of current CCA as of 2014-ß7-27
Benny Baumann [Sun, 27 Jul 2014 14:25:24 +0000 (16:25 +0200)]
bug 1291: Another XSS
Felix Dörre [Sun, 27 Jul 2014 10:49:28 +0000 (12:49 +0200)]
bug 1291: Fix XSS in WoT 15
Felix Dörre [Sat, 26 Jul 2014 22:54:34 +0000 (00:54 +0200)]
bug-1292: prohibit keys with public exponent smaller than 65536
This is in accordance to what is recommended on the referenced
wiki page: http://wiki.cacert.org/WeakKeys#SmallExponent
Benny Baumann [Tue, 15 Jul 2014 18:26:08 +0000 (20:26 +0200)]
Merge branch 'bug-1226' into release
Benny Baumann [Tue, 15 Jul 2014 18:25:46 +0000 (20:25 +0200)]
Merge branch 'bug-1283' into release
Benny Baumann [Tue, 15 Jul 2014 18:25:29 +0000 (20:25 +0200)]
Merge branch 'bug-1281' into release
Benny Baumann [Tue, 15 Jul 2014 18:24:39 +0000 (20:24 +0200)]
Merge branch 'bug-1280' into release
Benny Baumann [Sat, 21 Jun 2014 22:45:15 +0000 (00:45 +0200)]
bug 1226: Only consider values above 1900 as the year when returning a pre-filled form
Michael Tänzer [Sat, 21 Jun 2014 21:58:45 +0000 (23:58 +0200)]
bug 1226: Properly use sprintf
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Sat, 21 Jun 2014 21:56:28 +0000 (23:56 +0200)]
bug 1226: Treat the date values as integer
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Sat, 21 Jun 2014 21:55:43 +0000 (23:55 +0200)]
bug 1226: Remove really redundant code
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Sat, 21 Jun 2014 17:15:48 +0000 (19:15 +0200)]
bug 1280: Implement normalisation in of language codes in the L10n class
and use it (in set_translation() and the Assurer contact form)
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Sat, 21 Jun 2014 17:03:39 +0000 (19:03 +0200)]
bug 1280: Remove trailing white space
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Sat, 21 Jun 2014 15:37:54 +0000 (17:37 +0200)]
Revert "bug-1280: Parse the language code from the locale."
This reverts commit
f3885b3bc9ff61da78fb541151f16b0ecfdf62eb.
Michael Tänzer [Sat, 21 Jun 2014 15:37:53 +0000 (17:37 +0200)]
Revert "bug-1280: Handle more different types of "languages":"
This reverts commit
0730c9df3eb440205d7963e3c0762765d9b47031.
Michael Tänzer [Sat, 21 Jun 2014 15:37:44 +0000 (17:37 +0200)]
Revert "bug-1280: Variable naming, formatting, php-syntax-error"
This reverts commit
6b1cd2a57b0aaa88374b1098df40cc6f73cdff5d.
Benny Baumann [Fri, 13 Jun 2014 07:20:43 +0000 (09:20 +0200)]
Merge branch 'bug-807' into release
Benny Baumann [Fri, 13 Jun 2014 07:19:57 +0000 (09:19 +0200)]
Merge branch 'release' into bug-807
Conflicts:
includes/account.php
includes/lib/account.php
pages/account/16.php
Felix Dörre [Wed, 11 Jun 2014 17:49:42 +0000 (19:49 +0200)]
bug-1280: Variable naming, formatting, php-syntax-error
Felix Dörre [Wed, 11 Jun 2014 15:04:12 +0000 (17:04 +0200)]
bug-1280: Handle more different types of "languages":
- zh_CN => zh-cn (in various cases: ZH_cn, zh_cn, ...)
- de => de (what the current GUI produces)
- de_DE => de, en_AU => en, EN_AU => en (what may be left in the database)
... and more creative upper/lower-cases
Felix Dörre [Tue, 10 Jun 2014 22:20:43 +0000 (00:20 +0200)]
bug-1280: Parse the language code from the locale.
Splitting the string at "_" and lowering the characters.
Felix Dörre [Tue, 10 Jun 2014 21:36:17 +0000 (23:36 +0200)]
bug 1283: remove double encoding
The locales are already encoded in the Database.
Benny Baumann [Sun, 8 Jun 2014 20:10:19 +0000 (22:10 +0200)]
bug 1281: Fix syntax error in SQL statement
Benny Baumann [Sun, 8 Jun 2014 19:54:12 +0000 (21:54 +0200)]
bug 1281: Convert to Unix Line Endings
Benny Baumann [Sat, 7 Jun 2014 08:07:53 +0000 (10:07 +0200)]
Merge branch 'bug-929' into release
Benny Baumann [Fri, 6 Jun 2014 21:50:49 +0000 (23:50 +0200)]
Merge branch 'bug-1172' into release
Benny Baumann [Fri, 6 Jun 2014 20:58:42 +0000 (22:58 +0200)]
Merge branch 'bug-1138' into release
Benny Baumann [Fri, 6 Jun 2014 17:55:39 +0000 (19:55 +0200)]
Merge branch 'bug-1275' into release
Benny Baumann [Fri, 6 Jun 2014 17:54:51 +0000 (19:54 +0200)]
Merge branch 'bug-372' into release
Benny Baumann [Fri, 6 Jun 2014 16:58:04 +0000 (18:58 +0200)]
Merge branch 'bug-413' into bug-1138
Conflicts:
pages/account/12.php
pages/account/5.php
Benny Baumann [Tue, 27 May 2014 21:12:43 +0000 (23:12 +0200)]
bug 413: Port same change as for 5.php over to 12.php
Benny Baumann [Tue, 27 May 2014 20:56:58 +0000 (22:56 +0200)]
bug 413: Backport changes from
7aced740 by Michael Tänzer to avoid conflicts when integrating both together
Michael Tänzer [Mon, 26 May 2014 22:09:12 +0000 (00:09 +0200)]
bug 1138: that "if" should contain a block
goto fail;
Signed-off-by: Michael Tänzer <neo@nhng.de>
Benny Baumann [Tue, 20 May 2014 20:46:26 +0000 (22:46 +0200)]
bug 1138: fix double-escaping in wot/10
Alex English [Sun, 11 May 2014 17:24:34 +0000 (19:24 +0200)]
bug 1276: Allow more name variants according to PracticeOnNames when signing a PGP key
Signed-off-by: Benny Baumann <BenBE@geshi.org>
Michael Tänzer [Wed, 30 Apr 2014 23:54:51 +0000 (01:54 +0200)]
bug 1138: $verified is a string that is directly filled with data from the
translation system => do not intval()
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Wed, 30 Apr 2014 23:31:19 +0000 (01:31 +0200)]
bug 1138: This is an int, no need to mysql_real_escape()
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Wed, 30 Apr 2014 23:05:17 +0000 (01:05 +0200)]
bug 1138: Avoid double escaping of $_SESSION['_config']['OU'] and fix XSS
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Wed, 30 Apr 2014 21:47:33 +0000 (23:47 +0200)]
bug 1138: Avoid double escaping.
These session variables should be local variables as they aren't needed
anywhere else
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Wed, 30 Apr 2014 21:36:56 +0000 (23:36 +0200)]
bug 1138: Avoid double escaping in `description` which was stored into the
session mysql_real_escaped
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Wed, 30 Apr 2014 21:29:24 +0000 (23:29 +0200)]
bug 1138: Avoid double escaping
Yes it's ugly but should be fixed in a separate bug
Signed-off-by: Michael Tänzer <neo@nhng.de>
Benny Baumann [Wed, 30 Apr 2014 22:17:08 +0000 (00:17 +0200)]
Merge branch 'release' into bug-1138
Benny Baumann [Tue, 29 Apr 2014 21:26:27 +0000 (23:26 +0200)]
bug 1138: additional brackets for better readability
Benny Baumann [Tue, 29 Apr 2014 20:55:02 +0000 (22:55 +0200)]
bug 1138: Reorder fields to better show which variables belong together
Benny Baumann [Wed, 30 Apr 2014 16:30:20 +0000 (18:30 +0200)]
bug 1138: Whitespace changes and code formatting
Benny Baumann [Wed, 30 Apr 2014 18:13:28 +0000 (20:13 +0200)]
bug 1138: And yet another bunch of escaping
Benny Baumann [Wed, 30 Apr 2014 16:44:40 +0000 (18:44 +0200)]
bug 1138: Some escaping for the GnuPG code
Benny Baumann [Wed, 30 Apr 2014 16:27:23 +0000 (18:27 +0200)]
bug 1138: And yet another bunch of missing escapes
Benny Baumann [Wed, 30 Apr 2014 15:24:21 +0000 (17:24 +0200)]
bug 1138: And yet some more sanitizing of database query arguments
Benny Baumann [Tue, 29 Apr 2014 23:14:53 +0000 (01:14 +0200)]
bug 1138: Add some more mising escaping for values from the database
Benny Baumann [Tue, 29 Apr 2014 22:56:23 +0000 (00:56 +0200)]
bug 1138: Add some more mising escaping for values from the database
Benny Baumann [Tue, 29 Apr 2014 22:48:42 +0000 (00:48 +0200)]
bug 1138: Add some mising escaping for values from the database
Benny Baumann [Tue, 29 Apr 2014 22:42:23 +0000 (00:42 +0200)]
bug 1138: Add quite some instances of mising escaping
Benny Baumann [Tue, 29 Apr 2014 21:43:46 +0000 (23:43 +0200)]
bug 1138: Be more paranoid regarding database query parameters
Benny Baumann [Tue, 29 Apr 2014 21:07:33 +0000 (23:07 +0200)]
bug 1138: Properly bail out to remark on missing ticket number
Michael Tänzer [Tue, 29 Apr 2014 21:34:21 +0000 (23:34 +0200)]
bug 372: `orgdomlink` has no `id` field
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Tue, 29 Apr 2014 21:20:10 +0000 (23:20 +0200)]
bug 1275: Fix #1275
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Tue, 29 Apr 2014 19:53:08 +0000 (21:53 +0200)]
bug 1138: Implement log parameter for output_assurances*() and use it for
data summary
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Tue, 29 Apr 2014 18:47:49 +0000 (20:47 +0200)]
bug 1138: Move rendering of the email addresses and such for each assurance
into output_assurances_row()
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Tue, 29 Apr 2014 16:40:10 +0000 (18:40 +0200)]
bug 1138: Store the calculated awarded points in the row array to avoid
parameters to the output_assurances_row()
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Tue, 29 Apr 2014 16:07:01 +0000 (18:07 +0200)]
bug 1138: Reduce number of parameters for output_assurances_row()
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Tue, 29 Apr 2014 15:25:34 +0000 (17:25 +0200)]
bug 1138: Only revoke assurance if we actually found one
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Tue, 29 Apr 2014 14:13:59 +0000 (16:13 +0200)]
Merge branch 'bug-1221' into bug-1138
Conflicts:
includes/account.php
includes/general.php
includes/loggedin.php
includes/notary.inc.php
pages/account/43.php
pages/account/55.php
pages/wot/10.php
www/index.php
www/wot.php
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Tue, 22 Apr 2014 00:39:14 +0000 (02:39 +0200)]
bug 1221: Adjust the interface of calc_assurances() to be consistent and
use the `deleted` column for the Thawte revocation
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Mon, 21 Apr 2014 23:25:15 +0000 (01:25 +0200)]
bug 1221: Reduce number of parameters for calc_experience() and document it
also respect revoked assurances and use calc_awarded()
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Mon, 21 Apr 2014 23:01:35 +0000 (01:01 +0200)]
bug 1221: Add comments and restrict TTP assurances
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Mon, 21 Apr 2014 22:17:12 +0000 (00:17 +0200)]
bug 1221: Put the assurance method independent logic in one place
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Mon, 21 Apr 2014 22:08:09 +0000 (00:08 +0200)]
bug 1221: Rename function to better reflect its use
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Mon, 21 Apr 2014 21:34:39 +0000 (23:34 +0200)]
bug 1221: Move calc_points() up to the other point calculation functions
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Mon, 21 Apr 2014 18:07:52 +0000 (20:07 +0200)]
Merge branch 'tarballs' into release
Michael Tänzer [Mon, 21 Apr 2014 18:07:00 +0000 (20:07 +0200)]
Source code taken from cacert-
20140419.tar.bz2
Benny Baumann [Fri, 18 Apr 2014 23:37:24 +0000 (01:37 +0200)]
bug 1272: Fix for a typo
Benny Baumann [Fri, 18 Apr 2014 22:45:25 +0000 (00:45 +0200)]
bug 1272: Properly escape the filename passed to OpenSSL
Benny Baumann [Tue, 15 Apr 2014 21:50:38 +0000 (23:50 +0200)]
Merge branch 'bug-1184' into release
Benny Baumann [Tue, 15 Apr 2014 21:07:55 +0000 (23:07 +0200)]
Merge branch 'bug-1266' into release
Michael Tänzer [Mon, 14 Apr 2014 23:07:21 +0000 (01:07 +0200)]
bug 1221: remove redundant line
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Mon, 14 Apr 2014 22:52:07 +0000 (00:52 +0200)]
bug 1221: properly name the other part of the assurance
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Mon, 14 Apr 2014 11:39:41 +0000 (13:39 +0200)]
bug 1138: Require number suffix for valid ticket numbers
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Fri, 11 Apr 2014 21:57:11 +0000 (23:57 +0200)]
bug 1138: Set $oldid
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Fri, 11 Apr 2014 21:51:35 +0000 (23:51 +0200)]
bug 1138: Always provide a back link
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Fri, 11 Apr 2014 21:43:10 +0000 (23:43 +0200)]
bug 1138: correct colspan for cert tables
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Fri, 11 Apr 2014 21:38:34 +0000 (23:38 +0200)]
bug 1138: Only use support engineer mode if not viewing own history
Signed-off-by: Michael Tänzer <neo@nhng.de>
Michael Tänzer [Fri, 11 Apr 2014 21:25:08 +0000 (23:25 +0200)]
bug 1138: Code style
Signed-off-by: Michael Tänzer <neo@nhng.de>