cacert
/
cacert-webdb
8
0
Fork 0
Code Issues Pull Requests 7 Projects Releases 2 Wiki Activity
1,337 Commits
8 Branches
2 Tags
49 MiB
bug-1537
add-quality-check-script
bug-1562
bug-1561
bug-1560
bug-1559
main
fix/bug-1550
v2023.09.16
v2024.05.20
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
Commit Graph

386 Commits (main)

Author SHA1 Message Date
Jan Dittberner c61f0c4519 Merge branch 'main' into use-https-for-verification-links 2 months ago
Jan Dittberner 844eb0fbf3 Merge branch 'main' into fix-client-cert-issues 2 months ago
Jan Dittberner 9626e7f6fc Fix initial index for email SAN lookup 3 months ago
Jan Dittberner 5f89d48036 Remove leftover header call 3 months ago
Jan Dittberner 0f75bdcdac Use https links instead of http 3 months ago
Jan Dittberner 9a672e9bf9 Improve client certificate issuing 
- add more comprehensive message when a user does not select an email address or the SSO flag
- fix missing value for coll_found in emailcerts INSERT query
- handle database errors when the emailcerts INSERT query fails
 3 months ago
Jan Dittberner 560be526c4 Fix client certificate login 
This change fixes the client certificate login for cases where duplicate
serial numbers have been issued and recorded in the emailcerts table.

Email addresses from the client certificate are used as an additional
matching parameter.

- includes/lib/general.php got a new function
  get_email_addresses_from_client_cert to create an array of email
  addresses from the environment variables set by Apache httpd
- includes/loggedin.php and www/index.php use the new function to pass
  email addresses to the get_user_id_from_cert function
- get_user_id_from_cert in includes/lib/general.php has been enhanced to
  use a JOIN over the emailcerts, root_certs and email tables. All
  parameters are escaped via mysql_real_escape_string
- SQL errors in get_user_id_from_cert are now handled
- a match from get_user_id_from_cert is only returned when there is
  exactly one row in the result set

The code and the used query have been tested with Apache 2.4.10 and PHP
5.6 from Debian Jessie and a MariaDB 10.11 in strict mode using a
container based test setup to match the current production setup as
close as possible.
 3 months ago
Jan Dittberner f6831c82af Remove opinionated comments on hash algorithms 10 months ago
Jan Dittberner 3e25be237d Remove old sponsoring links 
fixes https://bugs.cacert.org/view.php?id=1423
 10 months ago
Jan Dittberner bdb30f8898 Use integer values for type when inserting into ordomaincerts 
MySQL tolerated INSERTs of an empty string in the type column of the
ordomaincerts table. This commit uses an integer value of 0 as default
instead to ensure that MariaDB with strict settings accepts the INSERT
too.
 1 year ago
Jan Dittberner 687497c82f Fix l10n handling on Debian 11 
Fixes bug #1542
 2 years ago
Jan Dittberner 9140217aa7 Change outgoing mail hostname to ping.cacert.org 
Fixes bug #1541
 2 years ago
Dirk Astrath bf7dcbd080 Bug 1440 3 years ago
Wytze van der Raay 62a2d72a07 Emergency fix for https://bugs.cacert.org/view.php?id=1459 
"e-mail verification fails for many addresses since upgrade from PHP 5.5 to PHP 5.6"
 6 years ago
Wytze van der Raay f6b81bfed9 Fix for https://bugs.cacert.org/view.php?id=1430 6 years ago
Wytze van der Raay 1f7b668f1b Fix for https://bugs.cacert.org/view.php?id=1389 
Wrong encoding for mails sent with function sendmail()
 9 years ago
Wytze van der Raay 9464b4e07a Additional patch for https://bugs.cacert.org/view.php?id=1392 
Issue of certificates to arbitrary domains.
 9 years ago
Wytze van der Raay edae6c8e40 Fix for https://bugs.cacert.org/view.php?id=1392 
Issue of certificates to arbitrary domains
 9 years ago
Wytze van der Raay e2de6e8f7e Fix for https://bugs.cacert.org/view.php?id=1131 
"Rename _all_ Policies from .php to .html and fix all links (was: Rename
PolicyOnPolicy.php to .html)"
 10 years ago
Wytze van der Raay cf5a6ce0a3 Fix for https://bugs.cacert.org/view.php?id=790 
"Creating organisation client certs by pasted CSR"
 10 years ago
Wytze van der Raay 2ca78a2eb2 Fix for https://bugs.cacert.org/view.php?id=1318 
"E-Mail Probe does not consider mx priorities"
 10 years ago
Wytze van der Raay 8477354c33 Fix for https://bugs.cacert.org/view.php?id=1288 
"Support STARTTLS when doing a ping mail"
 10 years ago
Wytze van der Raay add8566161 Fix for https://bugs.cacert.org/view.php?id=28 
"Wrong language for ''you've been assured'' & ''[CAcert.org] Client Certificate'' emails"
 10 years ago
Wytze van der Raay 4f70392a23 Fix for https://bugs.cacert.org/view.php?id=1273 
"Replace all backtick operators with calls to runCommand() or shell_exec()"
 10 years ago
Wytze van der Raay ca2fe0bc16 Fix for https://bugs.cacert.org/view.php?id=1192 
"Check on log into the account if user aggreed to CCA, if not prompt him an acception form"
 10 years ago
Mendel Mobach 8be54e45e9 Fix for https://bugs.cacert.org/view.php?id=1339 10 years ago
Wytze van der Raay 4e0598a6c2 Fix for https://bugs.cacert.org/view.php?id=1301 
sanitizeHTML function converts input which contains non-ascii characters to an empty string
 10 years ago
Wytze van der Raay 46e866f0aa Fix for https://bugs.cacert.org/view.php?id=1297 
"includes/lib/check_weak_key.php is broken after upgrade to Debian Wheezy with openssl 1.0"
 10 years ago
Wytze van der Raay 69eee6b7b4 Fix for https://bugs.cacert.org/view.php?id=1292 
"Issuing Certificates with "Public Exponent: 1 (0x1)""
 10 years ago
Wytze van der Raay e2e8259c68 Fix for https://bugs.cacert.org/view.php?id=1291 
"Executable code can be entered in location field, executable on wot15"
 10 years ago
Wytze van der Raay 5c7e14e915 Fix for https://bugs.cacert.org/view.php?id=1226 
"Ädd DoB to selection of assuree"
 10 years ago
Wytze van der Raay 73daac8e42 Fix for https://bugs.cacert.org/view.php?id=1280 
"WOT: Contact Assurer form does not print preferred language"
 10 years ago
Wytze van der Raay 924e6b0337 Intermediate patch for https://bugs.cacert.org/view.php?id=807 
"CAcert ignores signature algorithm from csr".

This patch introduces the UI for our members to choose which signature
algorithm they want their certificates signed with. Among the choices
are SHA-256, SHA-384 and SHA-512. Further choices may be included as our
signer and web frontend permit.
 10 years ago
Wytze van der Raay bfbd218aac Fix for https://bugs.cacert.org/view.php?id=929 
"GPG/PGP menu items expand the wrong root"
 10 years ago
Wytze van der Raay ccc2a6f534 Combined fixes for 
- https://bugs.cacert.org/view.php?id=413
  "Add a web page indicating the certificate request is still pending"
- https://bugs.cacert.org/view.php?id=1138
  "Implement to log the SE activity"
- https://bugs.cacert.org/view.php?id=1221
  "Inconsistency in Assurance Management"
 10 years ago
Wytze van der Raay 42f16aab95 Combined fixes for 
- https://bugs.cacert.org/view.php?id=413
  "Add a web page indicating the certificate request is still pending"
- https://bugs.cacert.org/view.php?id=1138
  "Implement to log the SE activity"
- https://bugs.cacert.org/view.php?id=1221
  "Inconsistency in Assurance Management"
 10 years ago
Wytze van der Raay 14aafe2212 Fix for https://bugs.cacert.org/view.php?id=1275 
"Missing quotes around"masteracc" array index"
 10 years ago
Wytze van der Raay b740a14b10 Fix for https://bugs.cacert.org/view.php?id=372 
"Renewing certificates fails to update links between domains and the certificate
 properly which causes issues"
 10 years ago
Mendel Mobach 1112d76dd5 fix for https://bugs.cacert.org/view.php?id=1272 
"Arbitrary Code Execution via SQL injection on certain database fields"
 10 years ago
Mendel Mobach ea8c675168 fix for https://bugs.cacert.org/view.php?id=1266 
"Second-order SQL injection in Certificate-related queries"
 10 years ago
Mendel Mobach 365a7272cf fix for https://bugs.cacert.org/view.php?id=1184 
"hex2bin function"
 10 years ago
Wytze van der Raay 26fc6dd1f5 Additional fix for for http://bugs.cacert.org/view.php?id=1070 
"Certain account passwords are logged in web server error log."
 10 years ago
Wytze van der Raay eff4f484ff Fix for https://bugs.cacert.org/view.php?id=448 
"when revoking a certificate, confusing info is given to the user"
 10 years ago
Wytze van der Raay 4937cf6038 Fix for https://bugs.cacert.org/view.php?id=1255 
"DSA certificate issuing ignores key strength"
 11 years ago
Wytze van der Raay 1b49547d06 Fix for https://bugs.cacert.org/view.php?id=440 
"Problem with subjectAltName"
 11 years ago
Wytze van der Raay c68de86c6d Fix for https://bugs.cacert.org/view.php?id=1137 
"Record the CCA acception for entering an assurance"
 11 years ago
Wytze van der Raay 0d230706fc Fix for https://bugs.cacert.org/view.php?id=1195 
"Take out change ability on pages/account/6.php"
 11 years ago
Wytze van der Raay 3b79d4bd1b Fix for https://bugs.cacert.org/view.php?id=1236 
"Security questions rejected invalid on adding middle name"
 11 years ago
Wytze van der Raay 3ac5042e96 Fix for https://bugs.cacert.org/view.php?id=1010 
"Reorder the view on organisation certificates"
 11 years ago
Wytze van der Raay fc979343e1 Fix for https://bugs.cacert.org/view.php?id=569 
"output order when removing email address"
 11 years ago