560be526c4
Fix client certificate login
...
This change fixes the client certificate login for cases where duplicate
serial numbers have been issued and recorded in the emailcerts table.
Email addresses from the client certificate are used as an additional
matching parameter.
- includes/lib/general.php got a new function
get_email_addresses_from_client_cert to create an array of email
addresses from the environment variables set by Apache httpd
- includes/loggedin.php and www/index.php use the new function to pass
email addresses to the get_user_id_from_cert function
- get_user_id_from_cert in includes/lib/general.php has been enhanced to
use a JOIN over the emailcerts, root_certs and email tables. All
parameters are escaped via mysql_real_escape_string
- SQL errors in get_user_id_from_cert are now handled
- a match from get_user_id_from_cert is only returned when there is
exactly one row in the result set
The code and the used query have been tested with Apache 2.4.10 and PHP
5.6 from Debian Jessie and a MariaDB 10.11 in strict mode using a
container based test setup to match the current production setup as
close as possible.
2024-05-05 20:08:53 +02:00
6e3549c21a
Add class 3 certificates signed in 2021
...
These files have been referenced in pages/index/3.php since commit
bf7dcbd0
2024-05-03 19:58:42 +02:00
62dc71fb4d
Redirect to code.cacert.org for source code
2023-09-17 11:11:03 +02:00
Wytze van der Raay
9240496af8
Fixes for https://bugs.cacert.org/view.php?id=1305 :
...
CAcert Class1 root certificate needs to be reissued with
an updated CDP and a SHA-based signature.
See the message thread preserved in
https://lists.cacert.org/wws/arc/cacert-systemlog/2016-03/
for more information on the re-signed root certificates
installed and enabled by this commit.
2019-04-10 09:39:33 +00:00
Wytze van der Raay
21ffacf9f2
Fixes for https://bugs.cacert.org/view.php?id=1305 :
...
CAcert Class1 root certificate needs to be reissued with
an updated CDP and a SHA-based signature.
See the message thread preserved in
https://lists.cacert.org/wws/arc/cacert-systemlog/2016-03/
for more information on the re-signed root certificates
installed and enabled by this commit.
2019-04-10 09:37:24 +00:00
Wytze van der Raay
44a3943358
Fix for https://bugs.cacert.org/view.php?id=1341
...
"Rate limit for login attempts"
2015-03-13 09:02:26 +00:00
Wytze van der Raay
cd4a66bd06
Fix for https://bugs.cacert.org/view.php?id=1345
...
"replace DRAFT CCA with POLICY CCA"
2015-01-15 10:50:06 +00:00
Wytze van der Raay
86e2a3cb72
Re-instate NRPDisclaimerAndLicence.php which was indavertently removed by the previous
...
commit for https://bugs.cacert.org/view.php?id=1131
2015-01-09 10:17:54 +00:00
Wytze van der Raay
e2de6e8f7e
Fix for https://bugs.cacert.org/view.php?id=1131
...
"Rename _all_ Policies from .php to .html and fix all links (was: Rename
PolicyOnPolicy.php to .html)"
2015-01-08 15:02:47 +00:00
Wytze van der Raay
ca85a98ce1
Fix for https://bugs.cacert.org/view.php?id=1131
...
"Rename _all_ Policies from .php to .html and fix all links (was: Rename
PolicyOnPolicy.php to .html)"
2015-01-08 14:56:23 +00:00
Wytze van der Raay
add8566161
Fix for https://bugs.cacert.org/view.php?id=28
...
"Wrong language for ''you've been assured'' & ''[CAcert.org] Client Certificate'' emails"
2014-11-24 09:59:19 +00:00
Wytze van der Raay
4f70392a23
Fix for https://bugs.cacert.org/view.php?id=1273
...
"Replace all backtick operators with calls to runCommand() or shell_exec()"
2014-11-24 09:56:38 +00:00
Wytze van der Raay
ca2fe0bc16
Fix for https://bugs.cacert.org/view.php?id=1192
...
"Check on log into the account if user aggreed to CCA, if not prompt him an acception form"
2014-11-24 09:54:09 +00:00
Mendel Mobach
8be54e45e9
Fix for https://bugs.cacert.org/view.php?id=1339
2014-11-18 22:08:23 +00:00
Wytze van der Raay
87ee92e634
Fix for https://bugs.cacert.org/view.php?id=1293
...
"Replace CCA document with new DRAFT version"
2014-08-29 14:39:28 +00:00
Wytze van der Raay
0ea8880f4f
Fix for https://bugs.cacert.org/view.php?id=1276
...
"Middle Initial Matching for uid on GPG identities"
2014-08-21 14:33:59 +00:00
Wytze van der Raay
e2e8259c68
Fix for https://bugs.cacert.org/view.php?id=1291
...
"Executable code can be entered in location field, executable on wot15"
2014-08-09 09:13:02 +00:00
Wytze van der Raay
f032d1f013
Fix for https://bugs.cacert.org/view.php?id=1226
...
"Add DoB to selection of assuree"
2014-07-16 10:36:31 +00:00
Wytze van der Raay
924e6b0337
Intermediate patch for https://bugs.cacert.org/view.php?id=807
...
"CAcert ignores signature algorithm from csr".
This patch introduces the UI for our members to choose which signature
algorithm they want their certificates signed with. Among the choices
are SHA-256, SHA-384 and SHA-512. Further choices may be included as our
signer and web frontend permit.
2014-06-13 16:00:16 +00:00
Wytze van der Raay
81932bfd0a
Combined fixes for
...
- https://bugs.cacert.org/view.php?id=413
"Add a web page indicating the certificate request is still pending"
- https://bugs.cacert.org/view.php?id=1138
"Implement to log the SE activity"
- https://bugs.cacert.org/view.php?id=1221
"Inconsistency in Assurance Management"
2014-06-07 09:14:52 +00:00
Mendel Mobach
1112d76dd5
fix for https://bugs.cacert.org/view.php?id=1272
...
"Arbitrary Code Execution via SQL injection on certain database fields"
2014-04-19 07:32:11 +00:00
Mendel Mobach
365a7272cf
fix for https://bugs.cacert.org/view.php?id=1184
...
"hex2bin function"
2014-04-18 08:10:17 +00:00
Wytze van der Raay
35e318c03c
Fix for https://bugs.cacert.org/view.php?id=1218
...
"client cert issued no longer exportable with private key (class3). IE10
certs usage broken"
2014-02-06 15:52:57 +00:00
Wytze van der Raay
c68de86c6d
Fix for https://bugs.cacert.org/view.php?id=1137
...
"Record the CCA acception for entering an assurance"
2014-01-15 15:55:29 +00:00
Wytze van der Raay
32fca654cb
Fix for https://bugs.cacert.org/view.php?id=1004
...
"performance of CAcert webserver is hampered by simultaneous stats.php
execution"
2013-11-20 16:05:13 +00:00
Wytze van der Raay
82b3c5f6a9
Fix for http://bugs.cacert.org/view.php?id=1199
...
"arbitrary code injection"
2013-10-16 10:43:34 +00:00
Wytze van der Raay
ae8f9f152b
Fix for http://bugs.cacert.org/view.php?id=1182
...
"Fix Deprecation messages sqldump.php"
2013-10-16 10:42:36 +00:00
Wytze van der Raay
b57d4d8b17
Fix for http://bugs.cacert.org/view.php?id=1208
...
Improve readability of "Assure someone" page.
2013-10-16 10:41:21 +00:00
Wytze van der Raay
3dfac78f84
Jumbo patch for the following issues:
...
https://bugs.cacert.org/view.php?id=893
Extend Delete account feature for support
https://bugs.cacert.org/view.php?id=1123
Add the Check CCA acception to all certificate creation processes
https://bugs.cacert.org/view.php?id=1136
Extend SE console with the functionality to revoke all user certificates of an user account
https://bugs.cacert.org/view.php?id=1137
Record the CCA acception for entering an assurance
https://bugs.cacert.org/view.php?id=1177
Combine wot.inc.php, notary.inc.php and temp-function.php
2013-09-06 15:21:06 +00:00
Wytze van der Raay
fe56243336
Fix for https://bugs.cacert.org/view.php?id=1198
...
"Change membership fee currency from USD to EUR"
2013-08-29 10:18:16 +00:00
Wytze van der Raay
715d1d7184
Fix for https://bugs.cacert.org/view.php?id=1199
...
"arbitrary code injection"
and for https://bugs.cacert.org/view.php?id=1200
"uses configuration files from world-writable directory"
2013-08-29 10:08:59 +00:00
root
47d3b2b0a2
Fix for http://bugs.cacert.org/view.php?id=782
...
Add "notes" field to certificate information.
2013-07-17 08:19:05 +00:00
Wytze van der Raay
e3836dd5cc
Fix for http://bugs.cacert.org/view.php?id=1173
...
While email or domain dispute check if the request belongs to a locked account
and stop the process.
2013-07-15 08:38:31 +00:00
Wytze van der Raay
868ff702d5
Fix for http://bugs.cacert.org/view.php?id=1134
...
"Delete the board flag thourougly in all parts of our software"
2013-06-26 11:00:43 +00:00
Wytze van der Raay
98c8c419c8
Fix for https://bugs.cacert.org/view.php?id=1121
...
"Record the CCA acception for the account creation"
2013-05-15 09:37:21 +00:00
Wytze van der Raay
b07a80b336
Fix for https://bugs.cacert.org/view.php?id=1094
...
"Wrong information shown when disputing a domain that is part of a organisation account."
2013-05-14 09:05:11 +00:00
Wytze van der Raay
8c6630a282
Fix for https://bugs.cacert.org/view.php?id=1112
...
"Exchange the text on the TTP page according to the new TTP program"
2013-04-24 13:13:08 +00:00
Wytze van der Raay
a5c21831f9
Fix for https://bugs.cacert.org/view.php?id=1099
...
"Automatic CAcert's root certificate install on Windows via Internet Explorer"
2013-04-24 12:43:12 +00:00
Wytze van der Raay
b44c5dd1ca
Fix for https://bugs.cacert.org/view.php?id=964
...
"VBscript, Weak Keys script 4.php, 17.php to combine / select box key
size and lower limit to 2048" (Codename: Blackjack)
2013-02-27 10:30:49 +00:00
Wytze van der Raay
ac71b58807
Fix for https://bugs.cacert.org/view.php?id=795
...
"contact form does not signal whether filed request is senstive or open"
2013-01-17 15:08:07 +00:00
Wytze van der Raay
aff3516579
Fix for https://bugs.cacert.org/view.php?id=1133
...
"It should not be possible to assure a blocked account"
2013-01-17 15:06:35 +00:00
Wytze van der Raay
94e48cff5a
Fix for https://bugs.cacert.org/view.php?id=1130
...
"Replace DisputeResolutionPolicy.html with rev p20121213"
2013-01-17 14:59:30 +00:00
Wytze van der Raay
825953e6b4
Fix for https://bugs.cacert.org/view.php?id=1009
...
"Exchange OA policy in the WebDB with the one in SVN (rev p20080401.1)"
2013-01-17 14:58:27 +00:00
Wytze van der Raay
2540dc0f86
Fix for http://bugs.cacert.org/view.php?id=888
...
"to add new assurance method TTP"
2013-01-17 14:55:28 +00:00
Wytze van der Raay
a63441653e
Fix for https://bugs.cacert.org/view.php?id=1114
...
"Change CAcert postal address to the current one on index/11.php"
2012-12-11 14:33:11 +00:00
Wytze van der Raay
27236c1388
Fix for https://bugs.cacert.org/view.php?id=860
...
"someone accessed your password and secret questions page, plz change pwd translation mixed and garbled, text is tanslated in TL"
2012-11-01 13:57:40 +00:00
Wytze van der Raay
316ef65915
Fix for https://bugs.cacert.org/view.php?id=978
...
"Invalid SPKAC requests are not properly validated"
2012-10-31 10:03:33 +00:00
Wytze van der Raay
9bde006b4d
Fix for https://bugs.cacert.org/view.php?id=1091
...
"Improve message to assurer"
2012-10-13 13:53:59 +00:00
Wytze van der Raay
53a8c36859
Fix for https://bugs.cacert.org/view.php?id=1019
...
"Contact form does not work when logged in!"
2012-09-17 08:46:43 +00:00
Wytze van der Raay
69d5019f12
Fix for https://bugs.cacert.org/view.php?id=540
...
No key usage attribute in cacert org certs anymore?
2012-07-27 16:00:29 +00:00